carolcoleman8353
-
Posts
12 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by carolcoleman8353
-
-
i have been doing all this for the past 3 hours. I now have to get dinner,good job I'm retired eh?
-
Oh Wow this is so much better-thanks.
I can now open a couple of websites that were blocked before- ones that my friends had no trouble with.
Brilliant and thank you so much for your help.
Carol
-
Should I notice sometthing different then?
I'll check.
Thanks.
-
Oh well here we go again !!! LOL
Hope this all means something to you?
ComboFix 12-11-06.03 - Owner 07/11/2012 17:23:37.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.990.372 [GMT 0:00]
Running from: c:\documents and settings\Owner\My Documents\ComboFix.exe
AV: BullGuard Antivirus *Enabled/Updated* {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}
FW: BullGuard Firewall *Disabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc10.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc11.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc12.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc120.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc13.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc139.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc13B.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc13F.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc147.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc14F.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc16A.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc16C.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc183.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc189.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc1D6.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc1E5.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc1FE.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc222.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc22B.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc23.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc26.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2A.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2B.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2B9.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2BF.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2D6.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2E.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc2F.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc3.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc311.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc32F.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc35.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc36.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc37.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc39D.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc3B.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc3D.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc40.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc41.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc43.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc44.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc45.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc47C.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4A.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4B.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4C.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc4C1.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc51.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc5C.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc60.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc67.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc7.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc79.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc8.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc9.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc90.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc91.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc92.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc93.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc95.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc9E.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mcc9F.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccA.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccA0.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccB.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccB3.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccB4.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccBC.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccBE.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccC.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccC2.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccC3.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccCD.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccD.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccD1.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccD7.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccF.tmp
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\mccF0.tmp
c:\documents and settings\Owner\WINDOWS
c:\windows\AutoRun.ini
c:\windows\system\oeminfo.ini
.
.
((((((((((((((((((((((((( Files Created from 2012-10-07 to 2012-11-07 )))))))))))))))))))))))))))))))
.
.
2012-10-25 11:55 . 2012-10-25 11:55 -------- d-----w- c:\documents and settings\Owner\Application Data\EPSON
2012-10-17 08:44 . 2012-10-17 08:44 -------- d-----w- c:\program files\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 21:58 . 2012-03-30 05:59 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 21:58 . 2011-05-18 06:13 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-29 18:54 . 2009-12-28 12:48 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-24 14:32 . 2012-07-03 15:23 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-24 14:32 . 2010-04-20 08:36 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-24 12:51 . 2012-07-03 15:23 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-28 15:14 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-08-27 11:29 . 2010-03-18 16:03 100216 ----a-w- c:\windows\system32\BgGamingMonitor.dll
2012-08-24 13:53 . 2004-08-04 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:29 . 2004-08-04 12:00 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58 . 2004-08-03 22:59 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-17 16:33 . 2010-04-19 12:16 54624 ----a-w- c:\windows\system32\BGLsp.dll
2012-10-27 16:40 . 2012-10-27 16:39 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"="SiSPower.dll" [2005-05-13 49152]
"BullGuard"="c:\program files\BullGuard Ltd\BullGuard\BullGuard.exe" [2012-09-11 1756512]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2011-02-07 18:52 16680 ----a-w- c:\program files\Citrix\GoToAssist\570\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\BgGamingMonitor.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-11 19:00 919008 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\btbb_McciTrayApp]
2012-07-05 05:58 1988608 ----a-w- c:\program files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2006-07-07 23:15 600896 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2006-07-07 23:14 576320 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-03-10 17:47 385024 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-09-17 11:41 254896 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\BT Broadband Desktop Help\\btbb\\BTHelpBrowser.exe"=
"c:\\Program Files\\BT Broadband Desktop Help\\btbb\\BTHelpNotifier.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
.
R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [12/03/2010 09:34 64608]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [27/01/2011 07:13 789960]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [27/01/2011 07:13 19272]
R2 BsBackup;BullGuard backup service;c:\windows\System32\SvcHost.exe -k BullGuard_Backup [04/08/2004 12:00 14336]
R2 BsBhvScan;BullGuard Behavioural Detection;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [27/01/2011 07:13 321376]
R2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe -k BullGuard [04/08/2004 12:00 14336]
R2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe -k BullGuard [04/08/2004 12:00 14336]
R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe -k BullGuard_Proxy [04/08/2004 12:00 14336]
R2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe -k BullGuard_Main [04/08/2004 12:00 14336]
R2 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [03/03/2010 20:07 178528]
R2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [27/08/2012 11:26 304480]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [18/09/2012 17:22 399432]
R2 pcCMService;pcCMService;c:\program files\Common Files\Motive\pcCMService.exe [31/07/2012 07:21 361472]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\Afw.sys [04/12/2009 10:00 32512]
R3 afwcore;afwcore;c:\windows\system32\drivers\AfwCore.sys [04/12/2009 10:00 284928]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [28/12/2009 12:48 676936]
S2 ScanDrv;ScanDrv; [x]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [28/12/2009 12:48 22856]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - uphcleanhlp
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
BullGuard_Main REG_MULTI_SZ BsMain
BullGuard REG_MULTI_SZ BsFileScan BsFire
BullGuard_LowPriv REG_MULTI_SZ BsBrowser
BullGuard_Backup REG_MULTI_SZ BsBackup
BullGuard_Proxy REG_MULTI_SZ BsMailProxy
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 04:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 21:58]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-08 16:52]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-08 16:52]
.
2012-11-06 c:\windows\Tasks\User_Feed_Synchronization-{ECE78649-45F4-47A2-A1F7-0CF98E5AC97F}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 04:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
mStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.1.254
DPF: {071582AE-C7F9-11D2-A742-0080C8129F3E} - hxxp://traptestsrv.east-northamptonshire.gov.uk/trpzx1.cab
DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} - hxxp://contacts.orange.co.uk/wuk_webab/VoxsyncX.cab
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll
DPF: {71057C18-0507-4747-86BC-E11CE7512C5F} - hxxps://register.btinternet.com/templates/btmailcontrol013.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\uorzh9uj.default\
FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/
FF - ExtSQL: 2012-10-17 09:43; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
MSConfigStartUp-Loaris Trojan Remover - c:\program files\Loaris Trojan Remover\TrojanRemover.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-07 17:37
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(416)
c:\windows\system32\BgGamingMonitor.dll
c:\program files\Citrix\GoToAssist\570\G2AWinLogon.dll
.
- - - - - - - > 'lsass.exe'(472)
c:\windows\system32\BgGamingMonitor.dll
.
Completion time: 2012-11-07 17:41:18
ComboFix-quarantined-files.txt 2012-11-07 17:41
.
Pre-Run: 59,311,816,704 bytes free
Post-Run: 59,534,917,632 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 3F538FADE40CF55512041C25685DF71B
-
Is this it?
07:42:54.0281 2396 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
07:42:55.0250 2396 ============================================================
07:42:55.0250 2396 Current date / time: 2012/11/07 07:42:55.0250
07:42:55.0250 2396 SystemInfo:
07:42:55.0250 2396
07:42:55.0250 2396 OS Version: 5.1.2600 ServicePack: 3.0
07:42:55.0250 2396 Product type: Workstation
07:42:55.0250 2396 ComputerName: OFFICE
07:42:55.0250 2396 UserName: Owner
07:42:55.0250 2396 Windows directory: C:\WINDOWS
07:42:55.0250 2396 System windows directory: C:\WINDOWS
07:42:55.0250 2396 Processor architecture: Intel x86
07:42:55.0250 2396 Number of processors: 1
07:42:55.0250 2396 Page size: 0x1000
07:42:55.0250 2396 Boot type: Normal boot
07:42:55.0250 2396 ============================================================
07:42:57.0968 2396 Drive \Device\Harddisk0\DR0 - Size: 0x132C570000 (76.69 Gb), SectorSize: 0x200, Cylinders: 0x271B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
07:42:58.0031 2396 ============================================================
07:42:58.0031 2396 \Device\Harddisk0\DR0:
07:42:58.0031 2396 MBR partitions:
07:42:58.0031 2396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x996051C
07:42:58.0031 2396 ============================================================
07:42:58.0078 2396 C: <-> \Device\Harddisk0\DR0\Partition1
07:42:58.0078 2396 ============================================================
07:42:58.0078 2396 Initialize success
07:42:58.0078 2396 ============================================================
07:43:41.0828 3004 ============================================================
07:43:41.0828 3004 Scan started
07:43:41.0828 3004 Mode: Manual; TDLFS;
07:43:41.0828 3004 ============================================================
07:43:43.0250 3004 ================ Scan system memory ========================
07:43:45.0828 3004 System memory - ok
07:43:45.0828 3004 ================ Scan services =============================
07:43:45.0953 3004 Abiosdsk - ok
07:43:45.0968 3004 abp480n5 - ok
07:43:46.0031 3004 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:43:46.0046 3004 ACPI - ok
07:43:46.0093 3004 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
07:43:46.0093 3004 ACPIEC - ok
07:43:46.0234 3004 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:43:46.0250 3004 AdobeFlashPlayerUpdateSvc - ok
07:43:46.0265 3004 adpu160m - ok
07:43:46.0328 3004 [ 9F59AE2DE835641FBB0C6AFD80D8FA9B ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
07:43:46.0328 3004 aeaudio - ok
07:43:46.0390 3004 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
07:43:46.0406 3004 aec - ok
07:43:46.0468 3004 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
07:43:46.0468 3004 AFD - ok
07:43:46.0515 3004 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys
07:43:46.0531 3004 AFS2K - ok
07:43:46.0578 3004 [ F20D3CEAE69F409A7775A8B8B36CEC58 ] afw C:\WINDOWS\system32\DRIVERS\afw.sys
07:43:46.0578 3004 afw - ok
07:43:46.0625 3004 [ 335A00B9B984069AF6C10EC9C6340324 ] afwcore C:\WINDOWS\system32\DRIVERS\afwcore.sys
07:43:46.0625 3004 afwcore - ok
07:43:46.0640 3004 Aha154x - ok
07:43:46.0671 3004 aic78u2 - ok
07:43:46.0687 3004 aic78xx - ok
07:43:46.0734 3004 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
07:43:46.0734 3004 Alerter - ok
07:43:46.0781 3004 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
07:43:46.0781 3004 ALG - ok
07:43:46.0796 3004 AliIde - ok
07:43:46.0812 3004 amsint - ok
07:43:46.0843 3004 AppMgmt - ok
07:43:46.0859 3004 asc - ok
07:43:46.0890 3004 asc3350p - ok
07:43:46.0906 3004 asc3550 - ok
07:43:47.0062 3004 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
07:43:47.0187 3004 aspnet_state - ok
07:43:47.0234 3004 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:43:47.0234 3004 AsyncMac - ok
07:43:47.0281 3004 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
07:43:47.0281 3004 atapi - ok
07:43:47.0328 3004 Atdisk - ok
07:43:47.0375 3004 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:43:47.0375 3004 Atmarpc - ok
07:43:47.0421 3004 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
07:43:47.0421 3004 AudioSrv - ok
07:43:47.0468 3004 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
07:43:47.0484 3004 audstub - ok
07:43:47.0546 3004 [ 42175A3B56922A8C9A294FA6F0B18344 ] BdSpy C:\WINDOWS\system32\DRIVERS\BdSpy.sys
07:43:47.0546 3004 BdSpy - ok
07:43:47.0609 3004 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
07:43:47.0656 3004 Beep - ok
07:43:47.0734 3004 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
07:43:47.0750 3004 BITS - ok
07:43:47.0796 3004 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
07:43:47.0796 3004 Browser - ok
07:43:47.0937 3004 [ 0271B8667BCDE590A6F6205209359EEF ] BsBackup C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll
07:43:47.0937 3004 BsBackup - ok
07:43:48.0000 3004 [ FB283DFF8DB224359AC43BE70BB8902B ] BsBhvScan C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
07:43:48.0015 3004 BsBhvScan - ok
07:43:48.0031 3004 [ A1FB74B2CBBF373AFCFB647894341F73 ] BsFileScan C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll
07:43:48.0046 3004 BsFileScan - ok
07:43:48.0093 3004 [ C42A4EF09D8539F1CFA2676579F44987 ] BsFire C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll
07:43:48.0109 3004 BsFire - ok
07:43:48.0187 3004 [ 9060850E3EFC91D40A157B347A03D6FB ] BsMailProxy C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll
07:43:48.0203 3004 BsMailProxy - ok
07:43:48.0281 3004 [ EE6A1DBC67AE54C260304676B9E7B439 ] BsMain C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll
07:43:48.0281 3004 BsMain - ok
07:43:48.0328 3004 [ 69D38B2E736F8E8BC97D4638B682DEEF ] BsScanner C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
07:43:48.0328 3004 BsScanner - ok
07:43:48.0406 3004 [ 0AEC20CDC63860592ACAFA886B01599A ] BsUpdate C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
07:43:48.0406 3004 BsUpdate - ok
07:43:48.0453 3004 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
07:43:48.0484 3004 cbidf2k - ok
07:43:48.0500 3004 cd20xrnt - ok
07:43:48.0562 3004 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
07:43:48.0687 3004 Cdaudio - ok
07:43:48.0734 3004 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
07:43:48.0765 3004 Cdfs - ok
07:43:48.0796 3004 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:43:48.0796 3004 Cdrom - ok
07:43:48.0812 3004 Changer - ok
07:43:48.0875 3004 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
07:43:48.0875 3004 CiSvc - ok
07:43:48.0906 3004 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
07:43:48.0906 3004 ClipSrv - ok
07:43:48.0953 3004 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:43:49.0062 3004 clr_optimization_v2.0.50727_32 - ok
07:43:49.0078 3004 CmdIde - ok
07:43:49.0109 3004 COMSysApp - ok
07:43:49.0140 3004 Cpqarray - ok
07:43:49.0156 3004 Crypkey License - ok
07:43:49.0218 3004 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
07:43:49.0218 3004 CryptSvc - ok
07:43:49.0234 3004 dac2w2k - ok
07:43:49.0265 3004 dac960nt - ok
07:43:49.0359 3004 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
07:43:49.0375 3004 DcomLaunch - ok
07:43:49.0421 3004 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
07:43:49.0437 3004 Dhcp - ok
07:43:49.0453 3004 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
07:43:49.0453 3004 Disk - ok
07:43:49.0484 3004 dmadmin - ok
07:43:49.0546 3004 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
07:43:49.0562 3004 dmboot - ok
07:43:49.0593 3004 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
07:43:49.0609 3004 dmio - ok
07:43:49.0640 3004 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
07:43:49.0656 3004 dmload - ok
07:43:49.0687 3004 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
07:43:49.0687 3004 dmserver - ok
07:43:49.0718 3004 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
07:43:49.0718 3004 DMusic - ok
07:43:49.0781 3004 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
07:43:49.0781 3004 Dnscache - ok
07:43:49.0828 3004 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
07:43:49.0843 3004 Dot3svc - ok
07:43:49.0843 3004 dpti2o - ok
07:43:49.0890 3004 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
07:43:49.0890 3004 drmkaud - ok
07:43:49.0921 3004 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
07:43:49.0937 3004 EapHost - ok
07:43:50.0031 3004 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
07:43:50.0031 3004 EPSON_PM_RPCV4_01 - ok
07:43:50.0093 3004 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
07:43:50.0093 3004 ERSvc - ok
07:43:50.0171 3004 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
07:43:50.0171 3004 Eventlog - ok
07:43:50.0218 3004 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
07:43:50.0234 3004 EventSystem - ok
07:43:50.0312 3004 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
07:43:50.0328 3004 Fastfat - ok
07:43:50.0375 3004 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
07:43:50.0390 3004 FastUserSwitchingCompatibility - ok
07:43:50.0406 3004 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
07:43:50.0421 3004 Fdc - ok
07:43:50.0437 3004 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
07:43:50.0437 3004 Fips - ok
07:43:50.0500 3004 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
07:43:50.0500 3004 Flpydisk - ok
07:43:50.0562 3004 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
07:43:50.0562 3004 FltMgr - ok
07:43:50.0656 3004 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
07:43:50.0656 3004 FontCache3.0.0.0 - ok
07:43:50.0687 3004 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:43:50.0703 3004 Fs_Rec - ok
07:43:50.0734 3004 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:43:50.0734 3004 Ftdisk - ok
07:43:50.0750 3004 FXDRV - ok
07:43:50.0781 3004 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
07:43:50.0781 3004 gagp30kx - ok
07:43:50.0859 3004 [ 5CC2B1D06AC1962AF5FBBCF88D781DD8 ] GoToAssist C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
07:43:50.0875 3004 GoToAssist - ok
07:43:50.0906 3004 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:43:50.0921 3004 Gpc - ok
07:43:51.0031 3004 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
07:43:51.0031 3004 gupdate - ok
07:43:51.0046 3004 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
07:43:51.0046 3004 gupdatem - ok
07:43:51.0140 3004 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:43:51.0140 3004 helpsvc - ok
07:43:51.0187 3004 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
07:43:51.0187 3004 HidServ - ok
07:43:51.0218 3004 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:43:51.0218 3004 HidUsb - ok
07:43:51.0281 3004 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
07:43:51.0296 3004 hkmsvc - ok
07:43:51.0312 3004 hpn - ok
07:43:51.0406 3004 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
07:43:51.0406 3004 HTTP - ok
07:43:51.0468 3004 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
07:43:51.0468 3004 HTTPFilter - ok
07:43:51.0484 3004 i2omgmt - ok
07:43:51.0500 3004 i2omp - ok
07:43:51.0562 3004 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
07:43:51.0562 3004 i8042prt - ok
07:43:51.0656 3004 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:43:51.0687 3004 idsvc - ok
07:43:51.0734 3004 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
07:43:51.0734 3004 Imapi - ok
07:43:51.0796 3004 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
07:43:51.0812 3004 ImapiService - ok
07:43:51.0828 3004 ini910u - ok
07:43:51.0968 3004 [ 874DB5E07FE2A7F1B22F7C760736F6F4 ] IntelC51 C:\WINDOWS\system32\DRIVERS\IntelC51.sys
07:43:52.0046 3004 IntelC51 - ok
07:43:52.0093 3004 [ 4C0F190119EBC5CE728C9D060D8AE3E7 ] IntelC52 C:\WINDOWS\system32\DRIVERS\IntelC52.sys
07:43:52.0109 3004 IntelC52 - ok
07:43:52.0156 3004 [ 85B36BC9E8FA579C64DE88FFECECCE6C ] IntelC53 C:\WINDOWS\system32\DRIVERS\IntelC53.sys
07:43:52.0171 3004 IntelC53 - ok
07:43:52.0187 3004 IntelIde - ok
07:43:52.0234 3004 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
07:43:52.0234 3004 Ip6Fw - ok
07:43:52.0281 3004 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:43:52.0296 3004 IpFilterDriver - ok
07:43:52.0328 3004 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:43:52.0328 3004 IpInIp - ok
07:43:52.0375 3004 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:43:52.0375 3004 IpNat - ok
07:43:52.0437 3004 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:43:52.0453 3004 IPSec - ok
07:43:52.0484 3004 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
07:43:52.0484 3004 IRENUM - ok
07:43:52.0531 3004 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:43:52.0531 3004 isapnp - ok
07:43:52.0625 3004 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
07:43:52.0625 3004 JavaQuickStarterService - ok
07:43:52.0671 3004 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:43:52.0671 3004 Kbdclass - ok
07:43:52.0734 3004 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:43:52.0734 3004 kbdhid - ok
07:43:52.0765 3004 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
07:43:52.0765 3004 kmixer - ok
07:43:52.0812 3004 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
07:43:52.0812 3004 KSecDD - ok
07:43:52.0875 3004 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
07:43:52.0890 3004 lanmanserver - ok
07:43:52.0953 3004 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
07:43:52.0953 3004 lanmanworkstation - ok
07:43:52.0984 3004 lbrtfdc - ok
07:43:53.0046 3004 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
07:43:53.0046 3004 LmHosts - ok
07:43:53.0109 3004 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
07:43:53.0156 3004 MBAMProtector - ok
07:43:53.0250 3004 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
07:43:53.0343 3004 MBAMScheduler - ok
07:43:53.0390 3004 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
07:43:53.0453 3004 MBAMService - ok
07:43:53.0500 3004 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
07:43:53.0500 3004 Messenger - ok
07:43:53.0546 3004 [ 8C7D037A53B495E7C250FD70B158B581 ] MidiSyn C:\WINDOWS\system32\drivers\MidiSyn.sys
07:43:53.0546 3004 MidiSyn - ok
07:43:53.0609 3004 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
07:43:53.0625 3004 mnmdd - ok
07:43:53.0671 3004 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
07:43:53.0687 3004 mnmsrvc - ok
07:43:53.0734 3004 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
07:43:53.0734 3004 Modem - ok
07:43:53.0781 3004 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
07:43:53.0781 3004 MODEMCSA - ok
07:43:53.0812 3004 [ F2CC6273E7DE087DC0FD701F753461CA ] mohfilt C:\WINDOWS\system32\DRIVERS\mohfilt.sys
07:43:53.0812 3004 mohfilt - ok
07:43:53.0843 3004 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:43:53.0843 3004 Mouclass - ok
07:43:53.0906 3004 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:43:53.0906 3004 mouhid - ok
07:43:53.0921 3004 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
07:43:53.0937 3004 MountMgr - ok
07:43:54.0000 3004 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:43:54.0046 3004 MozillaMaintenance - ok
07:43:54.0062 3004 mraid35x - ok
07:43:54.0140 3004 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
07:43:54.0187 3004 MREMP50 - ok
07:43:54.0203 3004 MREMPR5 - ok
07:43:54.0218 3004 MRENDIS5 - ok
07:43:54.0281 3004 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
07:43:54.0296 3004 MRESP50 - ok
07:43:54.0343 3004 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:43:54.0343 3004 MRxDAV - ok
07:43:54.0421 3004 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:43:54.0437 3004 MRxSmb - ok
07:43:54.0484 3004 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
07:43:54.0484 3004 MSDTC - ok
07:43:54.0515 3004 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
07:43:54.0531 3004 Msfs - ok
07:43:54.0546 3004 MSIServer - ok
07:43:54.0593 3004 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:43:54.0593 3004 MSKSSRV - ok
07:43:54.0609 3004 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:43:54.0609 3004 MSPCLOCK - ok
07:43:54.0656 3004 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
07:43:54.0656 3004 MSPQM - ok
07:43:54.0687 3004 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:43:54.0687 3004 mssmbios - ok
07:43:54.0750 3004 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
07:43:54.0750 3004 Mup - ok
07:43:54.0812 3004 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
07:43:54.0828 3004 napagent - ok
07:43:54.0890 3004 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
07:43:54.0937 3004 NDIS - ok
07:43:55.0000 3004 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:43:55.0000 3004 NdisTapi - ok
07:43:55.0031 3004 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:43:55.0031 3004 Ndisuio - ok
07:43:55.0046 3004 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:43:55.0046 3004 NdisWan - ok
07:43:55.0109 3004 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
07:43:55.0109 3004 NDProxy - ok
07:43:55.0171 3004 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
07:43:55.0171 3004 NetBIOS - ok
07:43:55.0203 3004 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
07:43:55.0203 3004 NetBT - ok
07:43:55.0265 3004 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
07:43:55.0265 3004 NetDDE - ok
07:43:55.0296 3004 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
07:43:55.0296 3004 NetDDEdsdm - ok
07:43:55.0328 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
07:43:55.0343 3004 Netlogon - ok
07:43:55.0375 3004 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
07:43:55.0390 3004 Netman - ok
07:43:55.0437 3004 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:43:55.0437 3004 NetTcpPortSharing - ok
07:43:55.0484 3004 [ 2643E42EED808AAEB147877FEBD110A6 ] NetworkX C:\WINDOWS\system32\ckldrv.sys
07:43:55.0546 3004 NetworkX - ok
07:43:55.0609 3004 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
07:43:55.0625 3004 Nla - ok
07:43:55.0718 3004 [ CB9751585223A77785B915B0591D71F0 ] NovaShieldFilterDriver C:\WINDOWS\system32\DRIVERS\NSKernel.sys
07:43:55.0734 3004 NovaShieldFilterDriver - ok
07:43:55.0765 3004 [ ED6AF59B384A092E1C42DF79B483B952 ] NovaShieldTDIDriver C:\WINDOWS\system32\DRIVERS\NSNetmon.sys
07:43:55.0765 3004 NovaShieldTDIDriver - ok
07:43:55.0796 3004 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
07:43:55.0843 3004 Npfs - ok
07:43:55.0890 3004 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
07:43:55.0921 3004 Ntfs - ok
07:43:55.0953 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
07:43:55.0953 3004 NtLmSsp - ok
07:43:56.0015 3004 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
07:43:56.0015 3004 NtmsSvc - ok
07:43:56.0062 3004 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
07:43:56.0078 3004 Null - ok
07:43:56.0125 3004 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
07:43:56.0125 3004 NwlnkFlt - ok
07:43:56.0156 3004 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
07:43:56.0156 3004 NwlnkFwd - ok
07:43:56.0218 3004 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
07:43:56.0218 3004 ohci1394 - ok
07:43:56.0312 3004 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:43:56.0312 3004 ose - ok
07:43:56.0359 3004 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
07:43:56.0359 3004 Parport - ok
07:43:56.0390 3004 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
07:43:56.0406 3004 PartMgr - ok
07:43:56.0453 3004 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
07:43:56.0468 3004 ParVdm - ok
07:43:56.0531 3004 [ C96C14987F167F461266A6C6028B698B ] pcCMService C:\Program Files\Common Files\Motive\pcCMService.exe
07:43:56.0625 3004 pcCMService - ok
07:43:56.0687 3004 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
07:43:56.0687 3004 PCI - ok
07:43:56.0718 3004 PCIDump - ok
07:43:56.0734 3004 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
07:43:56.0734 3004 PCIIde - ok
07:43:56.0765 3004 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
07:43:56.0781 3004 Pcmcia - ok
07:43:56.0796 3004 PDCOMP - ok
07:43:56.0812 3004 PDFRAME - ok
07:43:56.0828 3004 PDRELI - ok
07:43:56.0843 3004 PDRFRAME - ok
07:43:56.0875 3004 perc2 - ok
07:43:56.0890 3004 perc2hib - ok
07:43:56.0968 3004 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
07:43:56.0968 3004 PlugPlay - ok
07:43:57.0031 3004 [ 5C71F7CDD1B4BA5F00B87CA05E414AEA ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
07:43:57.0031 3004 Point32 - ok
07:43:57.0046 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
07:43:57.0046 3004 PolicyAgent - ok
07:43:57.0093 3004 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:43:57.0093 3004 PptpMiniport - ok
07:43:57.0140 3004 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
07:43:57.0140 3004 Processor - ok
07:43:57.0187 3004 [ DE11F5C3E9BDA993B65E1518D46BC438 ] Profos C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys
07:43:57.0218 3004 Profos - ok
07:43:57.0250 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
07:43:57.0250 3004 ProtectedStorage - ok
07:43:57.0296 3004 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
07:43:57.0296 3004 PSched - ok
07:43:57.0328 3004 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:43:57.0328 3004 Ptilink - ok
07:43:57.0359 3004 ql1080 - ok
07:43:57.0375 3004 Ql10wnt - ok
07:43:57.0406 3004 ql12160 - ok
07:43:57.0421 3004 ql1240 - ok
07:43:57.0437 3004 ql1280 - ok
07:43:57.0484 3004 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:43:57.0484 3004 RasAcd - ok
07:43:57.0515 3004 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
07:43:57.0531 3004 RasAuto - ok
07:43:57.0562 3004 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:43:57.0578 3004 Rasl2tp - ok
07:43:57.0640 3004 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
07:43:57.0656 3004 RasMan - ok
07:43:57.0671 3004 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:43:57.0671 3004 RasPppoe - ok
07:43:57.0703 3004 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
07:43:57.0703 3004 Raspti - ok
07:43:57.0734 3004 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:43:57.0750 3004 Rdbss - ok
07:43:57.0765 3004 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:43:57.0765 3004 RDPCDD - ok
07:43:57.0843 3004 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
07:43:57.0843 3004 RDPWD - ok
07:43:57.0890 3004 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
07:43:57.0921 3004 RDSessMgr - ok
07:43:57.0953 3004 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
07:43:57.0968 3004 redbook - ok
07:43:58.0015 3004 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
07:43:58.0015 3004 RemoteAccess - ok
07:43:58.0046 3004 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
07:43:58.0062 3004 RpcLocator - ok
07:43:58.0125 3004 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
07:43:58.0125 3004 RpcSs - ok
07:43:58.0171 3004 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
07:43:58.0187 3004 RSVP - ok
07:43:58.0218 3004 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
07:43:58.0218 3004 SamSs - ok
07:43:58.0250 3004 ScanDrv - ok
07:43:58.0281 3004 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
07:43:58.0281 3004 SCardSvr - ok
07:43:58.0343 3004 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
07:43:58.0343 3004 Schedule - ok
07:43:58.0421 3004 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:43:58.0421 3004 Secdrv - ok
07:43:58.0468 3004 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
07:43:58.0468 3004 seclogon - ok
07:43:58.0515 3004 [ BB596A578330AD794C6769B588AF6BB4 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
07:43:58.0515 3004 senfilt - ok
07:43:58.0562 3004 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
07:43:58.0562 3004 SENS - ok
07:43:58.0609 3004 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
07:43:58.0609 3004 serenum - ok
07:43:58.0640 3004 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
07:43:58.0640 3004 Serial - ok
07:43:58.0687 3004 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
07:43:58.0703 3004 Sfloppy - ok
07:43:58.0781 3004 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
07:43:58.0781 3004 SharedAccess - ok
07:43:58.0828 3004 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
07:43:58.0828 3004 ShellHWDetection - ok
07:43:58.0843 3004 Simbad - ok
07:43:58.0906 3004 [ 20659BC41D142236F0DCFCE519A9F2B7 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys
07:43:58.0937 3004 SiS315 - ok
07:43:58.0968 3004 [ 882382BA1743729484665F19A7DC9E9F ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys
07:43:58.0984 3004 SiSkp - ok
07:43:59.0046 3004 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys
07:43:59.0046 3004 SISNIC - ok
07:43:59.0171 3004 [ 1319EA66A96250D59665D133C0FF7CD0 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
07:43:59.0218 3004 smwdm - ok
07:43:59.0265 3004 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
07:43:59.0375 3004 SoundMAX Agent Service (default) - ok
07:43:59.0406 3004 Sparrow - ok
07:43:59.0468 3004 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
07:43:59.0468 3004 splitter - ok
07:43:59.0546 3004 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
07:43:59.0546 3004 Spooler - ok
07:43:59.0609 3004 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
07:43:59.0609 3004 sr - ok
07:43:59.0687 3004 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
07:43:59.0703 3004 srservice - ok
07:43:59.0781 3004 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
07:43:59.0781 3004 Srv - ok
07:43:59.0859 3004 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
07:43:59.0859 3004 SSDPSRV - ok
07:43:59.0890 3004 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
07:43:59.0906 3004 stisvc - ok
07:43:59.0953 3004 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
07:43:59.0953 3004 swenum - ok
07:43:59.0984 3004 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
07:43:59.0984 3004 swmidi - ok
07:44:00.0015 3004 SwPrv - ok
07:44:00.0031 3004 symc810 - ok
07:44:00.0062 3004 symc8xx - ok
07:44:00.0078 3004 sym_hi - ok
07:44:00.0093 3004 sym_u3 - ok
07:44:00.0125 3004 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
07:44:00.0125 3004 sysaudio - ok
07:44:00.0187 3004 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
07:44:00.0187 3004 SysmonLog - ok
07:44:00.0234 3004 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
07:44:00.0250 3004 TapiSrv - ok
07:44:00.0359 3004 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:44:00.0375 3004 Tcpip - ok
07:44:00.0421 3004 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
07:44:00.0437 3004 TDPIPE - ok
07:44:00.0468 3004 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
07:44:00.0484 3004 TDTCP - ok
07:44:00.0531 3004 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
07:44:00.0531 3004 TermDD - ok
07:44:00.0609 3004 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
07:44:00.0609 3004 TermService - ok
07:44:00.0640 3004 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
07:44:00.0656 3004 Themes - ok
07:44:00.0671 3004 TosIde - ok
07:44:00.0703 3004 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
07:44:00.0703 3004 TrkWks - ok
07:44:00.0781 3004 [ B1F9B01F90F08ED91AF5A7D3ED66148C ] Trufos C:\WINDOWS\system32\DRIVERS\Trufos.sys
07:44:00.0781 3004 Trufos - ok
07:44:00.0828 3004 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
07:44:00.0859 3004 Udfs - ok
07:44:00.0875 3004 ultra - ok
07:44:00.0937 3004 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
07:44:00.0953 3004 Update - ok
07:44:01.0015 3004 [ 325FB38C323C63C7F57885B4DFB1B91E ] UPHClean C:\Program Files\UPHClean\uphclean.exe
07:44:01.0140 3004 UPHClean - ok
07:44:01.0203 3004 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
07:44:01.0203 3004 upnphost - ok
07:44:01.0234 3004 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
07:44:01.0234 3004 UPS - ok
07:44:01.0312 3004 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
07:44:01.0312 3004 usbaudio - ok
07:44:01.0328 3004 USBCamera - ok
07:44:01.0375 3004 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:44:01.0375 3004 usbccgp - ok
07:44:01.0453 3004 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:44:01.0453 3004 usbehci - ok
07:44:01.0484 3004 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:44:01.0484 3004 usbhub - ok
07:44:01.0500 3004 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
07:44:01.0500 3004 usbohci - ok
07:44:01.0515 3004 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:44:01.0531 3004 usbprint - ok
07:44:01.0546 3004 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:44:01.0546 3004 usbscan - ok
07:44:01.0578 3004 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:44:01.0593 3004 USBSTOR - ok
07:44:01.0625 3004 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
07:44:01.0640 3004 VgaSave - ok
07:44:01.0671 3004 ViaIde - ok
07:44:01.0703 3004 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
07:44:01.0718 3004 VolSnap - ok
07:44:01.0765 3004 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
07:44:01.0781 3004 VSS - ok
07:44:01.0828 3004 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
07:44:01.0828 3004 W32Time - ok
07:44:01.0859 3004 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:44:01.0890 3004 Wanarp - ok
07:44:01.0906 3004 WDICA - ok
07:44:01.0953 3004 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
07:44:01.0953 3004 wdmaud - ok
07:44:02.0015 3004 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
07:44:02.0031 3004 WebClient - ok
07:44:02.0156 3004 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
07:44:02.0156 3004 winmgmt - ok
07:44:02.0234 3004 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
07:44:02.0234 3004 WmdmPmSN - ok
07:44:02.0296 3004 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
07:44:02.0343 3004 WmiApSrv - ok
07:44:02.0437 3004 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
07:44:02.0453 3004 WMPNetworkSvc - ok
07:44:02.0500 3004 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
07:44:02.0500 3004 WS2IFSL - ok
07:44:02.0562 3004 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
07:44:02.0562 3004 wscsvc - ok
07:44:02.0578 3004 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
07:44:02.0593 3004 wuauserv - ok
07:44:02.0640 3004 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
07:44:02.0640 3004 WudfPf - ok
07:44:02.0671 3004 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
07:44:02.0687 3004 WudfRd - ok
07:44:02.0718 3004 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
07:44:02.0718 3004 WudfSvc - ok
07:44:02.0781 3004 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
07:44:02.0796 3004 WZCSVC - ok
07:44:02.0843 3004 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
07:44:02.0859 3004 xmlprov - ok
07:44:02.0953 3004 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
07:44:02.0968 3004 YahooAUService - ok
07:44:02.0984 3004 ================ Scan global ===============================
07:44:03.0000 3004 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
07:44:03.0062 3004 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
07:44:03.0093 3004 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
07:44:03.0125 3004 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
07:44:03.0125 3004 [Global] - ok
07:44:03.0140 3004 ================ Scan MBR ==================================
07:44:03.0156 3004 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
07:44:03.0375 3004 \Device\Harddisk0\DR0 - ok
07:44:03.0390 3004 ================ Scan VBR ==================================
07:44:03.0390 3004 [ 782ED474EC6A940D0D889C9ABC5866E5 ] \Device\Harddisk0\DR0\Partition1
07:44:03.0406 3004 \Device\Harddisk0\DR0\Partition1 - ok
07:44:03.0406 3004 ============================================================
07:44:03.0406 3004 Scan finished
07:44:03.0406 3004 ============================================================
07:44:03.0453 1224 Detected object count: 0
07:44:03.0453 1224 Actual detected object count: 0
07:46:57.0390 3460 Deinitialize success
-
I have done as requested,however I can't attach the log as it is too big to copy and I can't select all and copy it?
Where do I find the root of the drive?
Thanks
Carol
-
Here's the log Jeff ,thanks very much for trying to help me.
Carol
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-06 16:45:19
-----------------------------
16:45:19.093 OS Version: Windows 5.1.2600 Service Pack 3
16:45:19.093 Number of processors: 1 586 0x2C02
16:45:19.093 ComputerName: OFFICE UserName: Owner
16:45:19.671 Initialize success
16:47:26.000 AVAST engine defs: 12110601
16:47:32.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
16:47:32.437 Disk 0 Vendor: ExcelStor_Technology_J880 PF2OA21B Size: 78533MB BusType: 3
16:47:32.468 Disk 0 MBR read successfully
16:47:32.468 Disk 0 MBR scan
16:47:32.531 Disk 0 unknown MBR code
16:47:32.546 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 78528 MB offset 63
16:47:32.562 Disk 0 scanning sectors +160826715
16:47:32.687 Disk 0 scanning C:\WINDOWS\system32\drivers
16:47:56.781 Service scanning
16:48:06.718 Service FXDRV D:\Fxdrv.sys **LOCKED** 21
16:48:33.843 Modules scanning
16:48:56.015 Disk 0 trace - called modules:
16:48:56.015 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
16:48:56.046 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8697dab8]
16:48:56.046 3 CLASSPNP.SYS[f7656fd7] -> nt!IofCallDriver -> \Device\0000005b[0x869c9f18]
16:48:56.062 5 ACPI.sys[f74ed620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86933940]
16:48:56.906 AVAST engine scan C:\WINDOWS
16:49:23.453 AVAST engine scan C:\WINDOWS\system32
16:54:14.500 AVAST engine scan C:\WINDOWS\system32\drivers
16:54:42.656 AVAST engine scan C:\Documents and Settings\Owner
17:23:36.546 AVAST engine scan C:\Documents and Settings\All Users
17:26:50.562 Scan finished successfully
17:32:37.359 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\My Documents\MBR.dat"
17:32:37.406 The log file has been saved successfully to "C:\Documents and Settings\Owner\My Documents\aswMBR.txt"
-
OMG that's really long- sorry!
-
I have an outgoing message that has been blocked,so I've been told to download two logs,here they are .Sorry I haven't got a clue what I'm doing and now don;t see the Malware or Bullguard logos at the bottom of my computer.Hope that's okay?
DDS (Ver_2012-11-05.02) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37
Run by Owner at 12:42:56 on 2012-11-06
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.990.419 [GMT 0:00]
.
AV: BullGuard Antivirus *Enabled/Updated* {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}
FW: BullGuard Firewall *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\WINDOWS\system32\crypserv.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Main
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Backup
C:\WINDOWS\System32\SvcHost.exe -k BullGuard
C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Proxy
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uWindow Title = Windows Internet Explorer provided by Yahoo!
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
mStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
mDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
uProxyOverride = <local>
mSearchAssistant = hxxp://www.google.com/ie
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
mRun: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent
mRun: [bullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot
mRun: [soundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [soundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIE.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {071582AE-C7F9-11D2-A742-0080C8129F3E} - hxxp://traptestsrv.east-northamptonshire.gov.uk/trpzx1.cab
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://www.caminova.net/ja/downloads/getmodule.aspx?lang=en
DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/install/00/alttiff.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/0/5/7/05796dde-b2ba-4eef-8da4-f99c7e0c9b92/LegitCheckControl.cab
DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} - hxxp://contacts.orange.co.uk/wuk_webab/VoxsyncX.cab
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} - hxxps://fixit.support.microsoft.com/ActiveX/FixItClient.CAB
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341415977484
DPF: {71057C18-0507-4747-86BC-E11CE7512C5F} - hxxps://register.btinternet.com/templates/btmailcontrol013.cab
DPF: {84818113-96C5-11D2-BE39-006008BF4DD5} - hxxp://www.scotlandspeople.gov.uk/Viewers/ActiveXControl/viewdw32.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} - hxxps://register.btinternet.com/templates/btwebcontrol028.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{CE017AD2-DA29-44E2-A20E-8A1A6FC2ECE4} : DHCPNameServer = 192.168.1.254
Notify: GoToAssist - c:\program files\citrix\gotoassist\570\G2AWinLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\uorzh9uj.default\
FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/
FF - component: c:\program files\bullguard ltd\bullguard\antiphishing\ff\antiphishing@bullguard\components\BGFFComponent.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\yahoo!\browserplus\2.8.1\plugins\npybrowserplus_2.8.1.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\motive\npMotive.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2012-10-17 09:43; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [2010-3-12 64608]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [2011-1-27 789960]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [2011-1-27 19272]
R2 BsBackup;BullGuard backup service;c:\windows\system32\SvcHost.exe -k BullGuard_Backup [2004-8-4 14336]
R2 BsBhvScan;BullGuard Behavioural Detection;c:\program files\bullguard ltd\bullguard\BullGuardBhvScanner.exe [2011-1-27 321376]
R2 BsFileScan;BullGuard on-access service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336]
R2 BsFire;BullGuard firewall service;c:\windows\system32\SvcHost.exe -k BullGuard [2004-8-4 14336]
R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\system32\SvcHost.exe -k BullGuard_Proxy [2004-8-4 14336]
R2 BsMain;BullGuard main service;c:\windows\system32\SvcHost.exe -k BullGuard_Main [2004-8-4 14336]
R2 BsScanner;BullGuard scanning service;c:\program files\bullguard ltd\bullguard\BullGuardScanner.exe [2010-3-3 178528]
R2 BsUpdate;BullGuard update service;c:\program files\bullguard ltd\bullguard\BullGuardUpdate.exe [2012-8-27 304480]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-18 399432]
R2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2012-7-31 361472]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\Afw.sys [2009-12-4 32512]
R3 afwcore;afwcore;c:\windows\system32\drivers\AfwCore.sys [2009-12-4 284928]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-12-28 676936]
S2 ScanDrv;ScanDrv; [x]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-12-28 22856]
.
=============== Created Last 30 ================
.
2012-10-27 16:39:59 638432 ----a-w- c:\program files\mozilla firefox\nss3.dll
.
==================== Find3M ====================
.
2012-10-09 21:58:25 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 21:58:25 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-29 18:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-24 14:32:24 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-24 14:32:20 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-24 12:51:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec
2012-08-27 11:29:43 100216 ----a-w- c:\windows\system32\BgGamingMonitor.dll
2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:29:19 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58:06 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-17 16:33:51 54624 ----a-w- c:\windows\system32\BGLsp.dll
.
============= FINISH: 12:44:58.54 ===============
And
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-05.02)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 23/03/2006 15:52:22
System Uptime: 06/11/2012 08:44:12 (4 hours ago)
.
Motherboard: WinFast | | 760GXK8MC
Processor: AMD Sempron Processor 2600+ | Socket 940 | 1599/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 77 GiB total, 55.514 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1329: 04/08/2012 10:25:47 - System Checkpoint
RP1330: 05/08/2012 11:04:21 - System Checkpoint
RP1331: 07/08/2012 09:09:13 - System Checkpoint
RP1332: 08/08/2012 09:27:51 - System Checkpoint
RP1333: 09/08/2012 20:04:49 - System Checkpoint
RP1334: 17/08/2012 17:57:21 - Software Distribution Service 3.0
RP1335: 20/08/2012 09:24:08 - System Checkpoint
RP1336: 29/08/2012 08:51:09 - System Checkpoint
RP1337: 02/09/2012 18:24:09 - System Checkpoint
RP1338: 03/09/2012 16:12:25 - Installed Microsoft Office Word Viewer 2003
RP1339: 03/09/2012 17:29:12 - Installed Java 6 Update 35
RP1340: 04/09/2012 07:40:39 - Software Distribution Service 3.0
RP1341: 09/09/2012 17:09:10 - System Checkpoint
RP1342: 12/09/2012 07:33:29 - Software Distribution Service 3.0
RP1343: 14/09/2012 09:41:41 - System Checkpoint
RP1344: 14/09/2012 16:35:45 - Removed WinBMD 7.
RP1345: 14/09/2012 16:36:01 - Installed WinBMD 7.
RP1346: 18/09/2012 17:58:08 - Installed Compatibility Pack for the 2007 Office system
RP1347: 19/09/2012 07:19:08 - Software Distribution Service 3.0
RP1348: 22/09/2012 08:30:46 - Software Distribution Service 3.0
RP1349: 26/09/2012 16:37:04 - System Checkpoint
RP1350: 27/09/2012 16:52:15 - System Checkpoint
RP1351: 30/09/2012 09:09:14 - System Checkpoint
RP1352: 03/10/2012 08:32:21 - System Checkpoint
RP1353: 05/10/2012 16:05:24 - System Checkpoint
RP1354: 07/10/2012 12:51:31 - System Checkpoint
RP1355: 10/10/2012 07:43:43 - Software Distribution Service 3.0
RP1356: 11/10/2012 17:02:11 - System Checkpoint
RP1357: 13/10/2012 09:45:04 - System Checkpoint
RP1358: 14/10/2012 17:52:24 - System Checkpoint
RP1359: 16/10/2012 07:39:54 - Software Distribution Service 3.0
RP1360: 17/10/2012 09:42:58 - Installed Java 6 Update 37
RP1361: 18/10/2012 10:18:44 - System Checkpoint
RP1362: 20/10/2012 11:46:52 - Removed UK-Info 2003
RP1363: 20/10/2012 11:52:23 - Installed UK-Info 2003
RP1364: 21/10/2012 19:18:08 - System Checkpoint
RP1365: 23/10/2012 13:52:37 - System Checkpoint
RP1366: 25/10/2012 12:32:17 - Removed UK-Info 2003
RP1367: 25/10/2012 12:39:29 - Installed UK-Info 2003
RP1368: 26/10/2012 20:58:54 - System Checkpoint
RP1369: 26/10/2012 23:34:33 - Removed UK-Info 2003
RP1370: 28/10/2012 11:10:24 - System Checkpoint
RP1371: 30/10/2012 18:16:32 - System Checkpoint
RP1372: 01/11/2012 08:41:55 - System Checkpoint
RP1373: 01/11/2012 14:50:22 - Installed Microsoft Office 2000 Resource Kit Tools and Utilities
RP1374: 02/11/2012 10:35:25 - Removed HP Photo and Imaging 2.1 - Scanjet 2400 Series
RP1375: 04/11/2012 11:02:57 - System Checkpoint
RP1376: 05/11/2012 16:26:23 - System Checkpoint
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop 6.0
Adobe Reader 9.5.2
BT Desktop Help
BTHomeHub
BullGuard 9.0
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
EPSON Copy Utility 3
EPSON Printer Software
EPSON Scan
ESC84 Software Guide
ESET Online Scanner v3
Family Historian PDF File (novaPDF 6.1 printer)
Family History Resource File Viewer 4.0
Family Tree Maker 2005
FamilySearch Indexing
Google Earth Plug-in
Google Update Helper
GoToAssist Corporate
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Memories Disc
Intel® 537EP Modem
Java Auto Updater
Java 6 Update 37
Junk Mail filter update
LizardTech DjVu Control
LizardTech DjVu Control (autoinstall)
Malwarebytes Anti-Malware version 1.65.1.1000
Micrografx Picture Publisher 7
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 6.01
Microsoft IntelliType Pro 6.01
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Resource Kit Tools and Utilities
Microsoft Office 2000 Small Business
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Word Viewer 2003
Microsoft Press Interactive Training
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works 6-9 Converter
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
Nero Suite
Personal Ancestral File 5
Personal Ancestral File Companion 5.4
ScanToWeb
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SiS VGA Utilities
SiSAGP driver
SoundMAX
TeamViewer 7
Tweak UI
UK-Info Disk 2002
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
User Profile Hive Cleanup Service
WebFldrs XP
WinBMD 7
Windows Defender Signatures
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Safety Scanner
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell 1.0
Windows XP Service Pack 3
Yahoo! BrowserPlus 2.8.1
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
05/11/2012 07:07:55, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
05/11/2012 07:07:55, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
05/11/2012 07:07:54, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
02/11/2012 22:49:03, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
02/11/2012 06:58:34, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.
02/11/2012 06:55:59, error: Service Control Manager [7000] - The ScanDrv service failed to start due to the following error: The system cannot find the file specified.
01/11/2012 22:31:37, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Netman service.
01/11/2012 07:04:39, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
01/11/2012 07:04:39, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
-
Thank you,but I have XP,and a really old computer. I don't know how to disable anything.
I might have to take my computer to the £50 an hour repair man then?
Oh dear !!!
Rgrds
-
I've run a malware check and nothing comes up,so why does it keep doing this?
2012/11/06 07:12:55 GMT OFFICE MESSAGE Starting protection
2012/11/06 07:12:55 GMT OFFICE MESSAGE Protection started successfully
2012/11/06 07:12:55 GMT OFFICE MESSAGE Starting IP protection
2012/11/06 07:13:19 GMT OFFICE Owner MESSAGE IP Protection started successfully
2012/11/06 09:04:42 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:44 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:45 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:45 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:46 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:46 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:48 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:49 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:49 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:50 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:51 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:52 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:52 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:52 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:53 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:54 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:55 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:55 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:55 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:55 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:04:56 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:01 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:01 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:02 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:03 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:03 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:03 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:06 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:06 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:07 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:07 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:10 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:10 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:12 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:12 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:13 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:14 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:16 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:16 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:16 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:17 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:22 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:23 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:24 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:27 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:33 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:44 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:45 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:45 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:47 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:48 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:48 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:53 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:54 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:54 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:54 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:55 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:56 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:56 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:58 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:59 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:05:59 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:03 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:04 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:05 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:05 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:06 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:06 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:09 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:09 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:15 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:15 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:16 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:17 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:19 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:20 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:25 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:26 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:33 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:33 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:36 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:36 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:37 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:37 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:40 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:40 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:42 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:42 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:46 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:46 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:54 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:06:58 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:01 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:03 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:07 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:48 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:48 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:51 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:51 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:51 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:51 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:07:57 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:08:09 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:08:09 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:08:12 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:08:18 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:08:30 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:08:33 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:08:39 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:05 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:05 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:05 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:08 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:08 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:08 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:14 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:14 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:14 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:26 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:29 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:35 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:47 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:50 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
2012/11/06 09:10:56 GMT OFFICE Owner IP-BLOCK 77.92.95.114 (Type: outgoing)
Track this topic?
in Resolved Malware Removal Logs
Posted
Well it's finally finished after more thean 3 hours and no threats were found.
Thank you.