amann95
Members-
Posts
7 -
Joined
-
Last visited
Reputation
0 NeutralAbout amann95
- Birthday 06/02/1995
-
1st of all the link u gave me is dead.2nd u say these logs(that contain Keygens, cracks, warez and similar), im quoting u "will given the option to remove the P2P items" so how do i know witch are these items i can think of a few keygens and cracks but im guessing its not that simple. Anyhow if u think we cant make it right to your policy tnx...u kinda helped me and these ip warnings are not so often now...so tnx
-
1 more thing every time i start the computer firewall is turned off, i turn it back on but the next time i start it up its off....
-
Just to say the pop-ups are still coming up but there is fewer...
-
Ok...i done this combofix just after uninstalling ask and avira and here is the log : ComboFix 11-11-04.04 - Shrooms 09.11.2011 17:16:00.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2107 [GMT 1:00] Running from: D:\My Documents\Downloads\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66} ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\ImageDB.ddf C:\Documents and Settings\All Users\Application Data\TEMP ((((((((((((((((((((((((( Files Created from 2011-10-09 to 2011-11-09 ))))))))))))))))))))))))))))))) 2011-11-09 11:53:28 . 2011-11-09 11:53:28 -------- d-----w- C:\WINDOWS\LastGood 2011-11-03 09:03:55 . 2011-11-08 21:34:53 -------- d-----w- C:\Documents and Settings\Shrooms\Local Settings\Application Data\Akamai 2011-10-27 20:03:17 . 2011-10-27 20:03:17 -------- d-----w- C:\$AVG 2011-10-26 12:06:46 . 2011-10-26 12:06:46 -------- d-----w- C:\Documents and Settings\Shrooms\Application Data\AVG2012 2011-10-26 12:05:02 . 2011-11-09 11:53:10 -------- d-----w- C:\WINDOWS\system32\drivers\AVG 2011-10-26 12:05:02 . 2011-10-26 14:20:00 -------- d-----w- C:\Documents and Settings\All Users\Application Data\AVG2012 2011-10-26 12:04:00 . 2011-10-26 12:04:00 -------- d-----w- C:\Program Files\AVG 2011-10-26 11:52:14 . 2011-10-26 11:52:14 -------- d--h--w- C:\Documents and Settings\All Users\Application Data\Common Files 2011-10-26 11:51:41 . 2011-11-09 11:53:16 -------- d-----w- C:\Documents and Settings\All Users\Application Data\MFAData 2011-10-25 20:38:58 . 2011-10-27 09:07:58 -------- d-----w- C:\Program Files\Common Files\PC Tools 2011-10-25 20:38:57 . 2011-10-27 09:07:58 -------- d-----w- C:\Program Files\PC Tools Security 2011-10-25 20:33:58 . 2011-10-26 14:44:52 -------- d-----w- C:\Documents and Settings\All Users\Application Data\PC Tools 2011-10-24 18:56:03 . 2011-11-02 10:23:28 -------- d-----r- C:\Program Files\Skype 2011-10-22 12:24:03 . 2011-10-22 13:13:25 -------- d-----w- C:\Program Files\Rainmeter 2011-10-11 12:08:06 . 2011-10-11 12:08:06 -------- d-----w- C:\WINDOWS\system32\1008 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2011-10-07 05:23:48 . 2011-07-10 23:13:46 230608 ----a-w- C:\WINDOWS\system32\drivers\avgldx86.sys 2011-10-04 05:21:42 . 2011-07-10 23:14:30 16720 ----a-w- C:\WINDOWS\system32\drivers\AVGIDSShim.sys 2011-10-03 03:06:03 . 2010-06-12 20:50:53 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll 2011-10-03 00:37:52 . 2011-05-13 16:02:47 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl 2011-09-28 11:35:25 . 2011-05-13 15:59:08 404640 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2011-09-26 09:41:20 . 2008-07-29 17:59:58 611328 ----a-w- C:\WINDOWS\system32\uiautomationcore.dll 2011-09-26 09:41:20 . 2002-11-22 16:19:26 220160 ----a-w- C:\WINDOWS\system32\oleacc.dll 2011-09-26 09:41:14 . 2002-11-22 16:19:26 20480 ----a-w- C:\WINDOWS\system32\oleaccrc.dll 2011-09-13 04:30:10 . 2011-09-13 04:30:10 32592 ----a-w- C:\WINDOWS\system32\drivers\avgrkx86.sys 2011-09-09 09:12:13 . 2004-08-04 00:56:42 599040 ----a-w- C:\WINDOWS\system32\crypt32.dll 2011-09-06 13:20:51 . 2004-08-03 23:17:42 1858944 ----a-w- C:\WINDOWS\system32\win32k.sys 2011-09-05 13:56:22 . 2004-08-04 00:56:48 667136 ----a-w- C:\WINDOWS\system32\wininet.dll 2011-09-05 13:56:22 . 2004-08-03 22:59:30 61952 ----a-w- C:\WINDOWS\system32\tdc.ocx 2011-09-05 13:56:21 . 2004-08-04 00:56:44 81920 ----a-w- C:\WINDOWS\system32\ieencode.dll 2011-09-05 12:35:09 . 2004-08-03 22:59:58 369664 ----a-w- C:\WINDOWS\system32\html.iec 2011-08-31 15:00:50 . 2011-05-13 12:32:36 22216 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys 2011-08-26 21:49:51 . 2007-10-20 13:20:17 443448 ----a-w- C:\WINDOWS\system32\drivers\sptd.sys 2011-08-17 13:49:54 . 2004-08-03 23:14:16 138496 ----a-w- C:\WINDOWS\system32\drivers\afd.sys 2011-10-05 08:19:38 . 2011-05-10 13:00:26 134104 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2010-06-13 15:25:14 138552] [HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{15531A3F-2691-26A5-5D8A-029C7846098D}] 2008-04-14 03:42:04 98304 ----a-w- C:\WINDOWS\system32\ntmsaapi.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 2010-06-13 15:25:12 1438520 ----a-r- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 15:25:12 1438520] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 15:25:12 1438520] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.IEToolbar] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-04 13:52:08 95536] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-04 20:51:48 39408] "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2011-03-30 13:08:23 399736] "Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2009-12-30 17:47:38 523408] "Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe" [2011-07-05 22:29:13 3077528] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 07:33:30 4910912] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2011-10-13 08:27:14 17351304] "Akamai NetSession Interface"="C:\Documents and Settings\Shrooms\Local Settings\Application Data\Akamai\netsession_win.exe" [2011-11-08 04:10:12 3295320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50:42 155648] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 20:57:00 30208] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 09:09:00 49152] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2007-09-04 13:52:08 54576] "razer"="C:\Program Files\Razer\Copperhead\razerhid.exe" [2005-10-08 14:27:48 155648] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 19:24:54 98304] "SweetIM"="C:\Program Files\SweetIM\Messenger\SweetIM.exe" [2010-08-30 09:44:20 111928] "RTHDCPL"="RTHDCPL.EXE" [2007-08-20 13:38:02 16384512] "Standby"="C:\Program Files\Common Files\Corel\Standby\Standby.exe" [2010-01-07 12:09:38 105632] "TkBellExe"="C:\program files\real\realplayer\update\realsched.exe" [2011-06-02 20:32:19 273544] "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 10:55:28 937920] "DeathAdder"="C:\Program Files\Razer\DeathAdder\razerhid.exe" [2011-03-21 09:06:08 248320] "QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" [2011-07-05 16:36:48 421888] "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 11:06:06 254696] "Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 15:00:48 449608] "AVG_TRAY"="C:\Program Files\AVG\AVG2012\avgtray.exe" [2011-10-24 19:29:16 2415456] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 03:42:18 15360] C:\Documents and Settings\Shrooms\Start Menu\Programs\Startup\ Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] hott notes 4.lnk - C:\Program Files\hott notes 4\hottnotes.exe [2007-5-16 1249280] Registration Prince of Persia T2T (2).LNK - D:\pop3\POP\Support\Register\RegistrationReminder.exe [N/A] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ LOLRecorder.lnk - C:\Program Files\LOLReplay\LOLRecorder.exe [2011-10-7 406016] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^Shrooms^Start Menu^Programs^Startup^Registration .LNK] backup=C:\WINDOWS\pss\Registration .LNKStartup [HKLM\~\startupfolder\C:^Documents and Settings^Shrooms^Start Menu^Programs^Startup^Registration RAYMAN] backup=C:\WINDOWS\pss\Registration RAYMANStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 16:43:28 69632 ----a-r- C:\WINDOWS\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2007-08-20 13:38:02 16384512 ----a-r- C:\WINDOWS\RTHDCPL.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "D:\\Igrice\\Little Fighter 4 Turbo\\LF4t.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "D:\\WOW\\Launcher.exe"= "D:\\WOW\\BackgroundDownloader.exe"= "D:\\pes11\\Pro Evolution Soccer 2011\\pes2011.exe"= "C:\\Program Files\\Java\\jre6\\bin\\java.exe"= "C:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"= "C:\\WINDOWS\\system32\\PnkBstrA.exe"= "C:\\WINDOWS\\system32\\PnkBstrB.exe"= "C:\\Program Files\\LOLReplay\\LOLReplay.exe"= "C:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "D:\\pes11\\Pro Evolution Soccer 2011\\Pro Evolution Soccer 2011\\JSL-2011.exe"= "C:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "C:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "C:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= "C:\\Documents and Settings\\Shrooms\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "8380:TCP"= 8380:TCP:League of Legends Launcher "8380:UDP"= 8380:UDP:League of Legends Launcher "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 "8394:TCP"= 8394:TCP:League of Legends Launcher "8394:UDP"= 8394:UDP:League of Legends Launcher "6931:TCP"= 6931:TCP:League of Legends Launcher "6931:UDP"= 6931:UDP:League of Legends Launcher "8395:TCP"= 8395:TCP:League of Legends Launcher "8395:UDP"= 8395:UDP:League of Legends Launcher "8396:TCP"= 8396:TCP:League of Legends Launcher "8396:UDP"= 8396:UDP:League of Legends Launcher "6889:TCP"= 6889:TCP:League of Legends Launcher "6889:UDP"= 6889:UDP:League of Legends Launcher "6894:TCP"= 6894:TCP:League of Legends Launcher "6894:UDP"= 6894:UDP:League of Legends Launcher "6914:TCP"= 6914:TCP:League of Legends Launcher "6914:UDP"= 6914:UDP:League of Legends Launcher "6913:TCP"= 6913:TCP:League of Legends Launcher "6913:UDP"= 6913:UDP:League of Legends Launcher "6933:TCP"= 6933:TCP:League of Legends Launcher "6933:UDP"= 6933:UDP:League of Legends Launcher "6984:TCP"= 6984:TCP:League of Legends Launcher "6984:UDP"= 6984:UDP:League of Legends Launcher "6912:TCP"= 6912:TCP:League of Legends Launcher "6912:UDP"= 6912:UDP:League of Legends Launcher "6896:TCP"= 6896:TCP:League of Legends Launcher "6896:UDP"= 6896:UDP:League of Legends Launcher "6892:TCP"= 6892:TCP:League of Legends Launcher "6892:UDP"= 6892:UDP:League of Legends Launcher "6988:TCP"= 6988:TCP:League of Legends Launcher "6988:UDP"= 6988:UDP:League of Legends Launcher "6881:TCP"= 6881:TCP:League of Legends Launcher "6881:UDP"= 6881:UDP:League of Legends Launcher "8397:TCP"= 8397:TCP:League of Legends Launcher "8397:UDP"= 8397:UDP:League of Legends Launcher "6958:TCP"= 6958:TCP:League of Legends Launcher "6958:UDP"= 6958:UDP:League of Legends Launcher "6920:TCP"= 6920:TCP:League of Legends Launcher "6920:UDP"= 6920:UDP:League of Legends Launcher "6941:TCP"= 6941:TCP:League of Legends Launcher "6941:UDP"= 6941:UDP:League of Legends Launcher "6968:TCP"= 6968:TCP:League of Legends Launcher "6968:UDP"= 6968:UDP:League of Legends Launcher "8398:TCP"= 8398:TCP:League of Legends Launcher "8398:UDP"= 8398:UDP:League of Legends Launcher "8393:TCP"= 8393:TCP:League of Legends Lobby "8393:UDP"= 8393:UDP:League of Legends Lobby "8390:TCP"= 8390:TCP:League of Legends Game Client "8390:UDP"= 8390:UDP:League of Legends Game Client "56296:TCP"= 56296:TCP:Pando Media Booster "56296:UDP"= 56296:UDP:Pando Media Booster R0 AVGIDSEH;AVGIDSEH;C:\WINDOWS\system32\drivers\AVGIDSEH.sys [11.7.2011 0:14:28 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;C:\WINDOWS\system32\drivers\avgrkx86.sys [13.9.2011 5:30:10 32592] R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R0 vax347b;vax347b;C:\WINDOWS\system32\drivers\vax347b.sys [1.7.2008 13:27:59 159616] R0 vax347s;vax347s;C:\WINDOWS\system32\drivers\vax347s.sys [1.7.2008 13:27:59 5248] R1 Avgldx86;AVG AVI Loader Driver;C:\WINDOWS\system32\drivers\avgldx86.sys [11.7.2011 0:13:46 230608] R1 Avgtdix;AVG TDI Driver;C:\WINDOWS\system32\drivers\avgtdix.sys [11.7.2011 0:14:38 295248] R2 Akamai;Akamai NetSession Interface;C:\WINDOWS\System32\svchost.exe -k Akamai [4.8.2004 1:56:58 14336] R2 avgwd;AVG WatchDog;C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2.8.2011 5:09:08 192776] R2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [13.5.2011 13:32:40 366152] R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\drivers\avgfwdx.sys [23.5.2011 0:03:20 30944] R3 AVGIDSDriver;AVGIDSDriver;C:\WINDOWS\system32\drivers\AVGIDSDriver.sys [11.7.2011 0:14:26 134608] R3 AVGIDSFilter;AVGIDSFilter;C:\WINDOWS\system32\drivers\AVGIDSFilter.sys [11.7.2011 0:14:28 24272] R3 AVGIDSShim;AVGIDSShim;C:\WINDOWS\system32\drivers\AVGIDSShim.sys [11.7.2011 0:14:30 16720] R3 danewFltr;NewDeathAdder Mouse;C:\WINDOWS\system32\drivers\danew.sys [29.6.2011 20:17:52 11136] R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;C:\WINDOWS\system32\drivers\hidkmdf.sys [29.6.2011 20:17:43 6656] R3 MBAMProtector;MBAMProtector;C:\WINDOWS\system32\drivers\mbam.sys [13.5.2011 13:32:36 22216] R3 VKbms;Virtual HID Minidriver;C:\WINDOWS\system32\drivers\VKbms.sys [29.6.2011 20:17:43 10240] S0 ps6ah4nb;DiRT Synchronization Driver (ps6ah4nb);C:\WINDOWS\system32\drivers\ps6ah4nb.sys --> C:\WINDOWS\system32\drivers\ps6ah4nb.sys [?] S0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);C:\WINDOWS\system32\drivers\ps6ah4nc.sys --> C:\WINDOWS\system32\drivers\ps6ah4nc.sys [?] S2 avgfws;AVG zaštitni zid;C:\Program Files\AVG\AVG2012\avgfws.exe [24.10.2011 20:29:34 2398512] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [12.10.2011 6:25:22 4433248] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16:28 130384] S2 pr2ah4nb;DiRT Drivers Auto Removal (pr2ah4nb);C:\WINDOWS\system32\pr2ah4nb.exe svc --> C:\WINDOWS\system32\pr2ah4nb.exe svc [?] S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);C:\WINDOWS\system32\pr2ah4nc.exe svc --> C:\WINDOWS\system32\pr2ah4nc.exe svc [?] S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\drivers\avgfwdx.sys [23.5.2011 0:03:20 30944] S3 hid7906;hid7906;C:\WINDOWS\system32\drivers\hid7906.sys [4.1.2008 17:39:40 53793] S3 Razerlow;Razer Copperhead Driver;C:\WINDOWS\system32\drivers\Razerlow.sys [26.6.2009 17:18:28 19020] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16:28 753504] S3 XDva370;XDva370;\??\C:\WINDOWS\system32\XDva370.sys --> C:\WINDOWS\system32\XDva370.sys [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai Contents of the 'Scheduled Tasks' folder 2011-11-03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57:16 . 2011-06-01 15:57:16] 2011-11-01 C:\WINDOWS\Tasks\At1.job - C:\WINDOWS\system32\gpuppdate.exe [2002-11-22 16:19:04 . 2002-11-22 16:19:04] 2011-11-09 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-04 20:51:51 . 2010-06-04 20:51:50] 2011-11-09 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-04 20:51:51 . 2010-06-04 20:51:50] 2011-11-08 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1390067357-839522115-1003Core.job - C:\Documents and Settings\Shrooms\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-20 13:35:56 . 2010-06-04 20:51:50] 2011-11-09 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1390067357-839522115-1003UA.job - C:\Documents and Settings\Shrooms\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-20 13:35:56 . 2010-06-04 20:51:50] 2011-11-09 C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-854245398-1390067357-839522115-1003.job - C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46] 2011-11-09 C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-1390067357-839522115-1003.job - C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47:46 . 2011-03-29 08:47:46] ------- Supplementary Scan ------- uStart Page = hxxp://www.bigseekpro.com/mediaget/{5FF7ECB8-6D08-4C83-996A-01C297A8E99E} uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mStart Page = hxxp://www.bigseekpro.com/mediaget/{5FF7ECB8-6D08-4C83-996A-01C297A8E99E} uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = http=127.0.0.1:25507; uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - C:\Documents and Settings\Shrooms\Application Data\Mozilla\Firefox\Profiles\mwkxrc77.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT315908&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Wikipedia (en) FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZRfox000&ptb=jFSzIIdODiWFC3uHHD9mXQ&ind=2010072314&ptnrS=ZRfox000&si=&n=77cf44fa&psa=&st=kwd&searchfor= - - - - ORPHANS REMOVED - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-NSS - C:\Program Files\Norton Security Scan\Engine\3.1.1.6\InstWrap.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-11-09 17:21:17 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Akamai] "ServiceDll"="c:\program files\common files\akamai/netsession_win_a74ca62.dll" --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-854245398-1390067357-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "??"=hex:ee,db,4a,c8,cb,b9,10,b6,55,ca,85,e0,92,54,73,c4,70,5e,3c,bd,d9,f2,b8, d9,0f,9c,1c,74,44,79,e4,4e,b6,bc,c1,a2,ef,9c,e7,b5,a7,f4,5d,e8,cb,8c,71,6b,\ "??"=hex:3e,b6,f3,f9,a1,ac,f4,92,43,c4,f6,ee,4c,91,13,4e [HKEY_USERS\S-1-5-21-854245398-1390067357-839522115-1003\Software\SecuROM\License information*] "datasecu"=hex:ab,f8,ed,3c,5f,bd,2d,8b,c4,d9,7d,9d,49,38,1a,42,04,b4,79,e0,99, b2,00,03,a8,75,4a,cd,43,17,dd,b0,64,26,8a,08,75,aa,54,8d,e8,dc,c8,6f,a5,12,\ "rkeysecu"=hex:64,b3,78,c0,11,d6,cf,ba,66,4d,42,15,76,f1,19,89 --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1072) C:\WINDOWS\system32\Ati2evxx.dll C:\WINDOWS\system32\atiadlxx.dll Completion time: 2011-11-09 17:23:58 ComboFix-quarantined-files.txt 2011-11-09 16:23:12 Pre-Run: 5.996.097.536 bytes free Post-Run: 5.989.167.104 bytes free - - End Of File - - 02128C58A875BBF536B5DD8F9C1D9C48 Heres the scaners log : ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=6.00.2900.5512 (xpsp.080413-2105) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=d886e142bad6744b87ce5477ec95e927 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2011-11-09 07:26:53 # local_time=2011-11-09 08:26:53 (+0100, Central Europe Standard Time) # country="Serbia and Montenegro" # lang=9 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=1024 16777175 100 0 1229402 1229402 0 0 # compatibility_mode=8192 67108863 100 0 4078 4078 0 0 # scanned=163285 # found=12 # cleaned=12 # scan_time=6771 C:\Program Files\MP3 Player Utilities 1.40\DelDrv.exe Win32/KillFiles.NEM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{7684B190-BCA8-4BF4-BB3F-F552D1CEC818}\RP222\A0060189.exe Win32/KillFiles.NEM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\My Documents\Downloads\cnet_fpc-2_4_4_i386-win32_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\My Documents\Downloads\installer_free_pascal.exe Win32/Toggle application (deleted - quarantined) 00000000000000000000000000000000 C D:\My Documents\Downloads\installer_reginout_2_0_0_1000_English.exe multiple threats (deleted - quarantined) 00000000000000000000000000000000 C D:\My Documents\Downloads\SoftonicDownloader_for_daemon-tools.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\My Documents\Downloads\SoftonicDownloader_for_microsoft-office-word-viewer.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\My Documents\Downloads\SoftonicDownloader_for_pes-2012(1).exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\My Documents\Downloads\SoftonicDownloader_for_pes-2012.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\My Documents\Downloads\speedupmypc(2).exe Win32/SpeedUpMyPC application (deleted - quarantined) 00000000000000000000000000000000 C D:\My Documents\Downloads\speedupmypc(3).exe Win32/SpeedUpMyPC application (deleted - quarantined) 00000000000000000000000000000000 C D:\My Documents\Downloads\speedupmypc.exe Win32/SpeedUpMyPC application (deleted - quarantined) 00000000000000000000000000000000 C Heres Security Check u asked for : Results of screen317's Security Check version 0.99.25 Windows XP Service Pack 3 x86 Internet Explorer 6 Out of date! `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! AVG 2012 ESET Online Scanner v3 Antivirus up to date! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Java 6 Update 29 Adobe Flash Player ( 10.3.183.10) Flash Player Out of Date! Adobe Reader X (10.1.1) Mozilla Firefox (Player..) ```````````````````````````````` Process Check: objlist.exe by Laurent Malwarebytes' Anti-Malware mbamservice.exe Malwarebytes' Anti-Malware mbamgui.exe AVG avgwdsvc.exe AVG avgtray.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe ``````````End of Log```````````` I dont know if i did something wrong but this combofix log is shorter than the last ones i thing maybe AVG interfeered...and yea these blokings from mbam keep up comeing, but from this scan i didnt seen any of them ill post if i get some again
-
Here is mbams log : Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8059 Windows 5.1.2600 Service Pack 3 Here are mbam logs : Internet Explorer 6.0.2900.5512 1.11.2011 9:45:21 mbam-log-2011-11-01 (09-45-20).txt Scan type: Quick scan Objects scanned: 194153 Time elapsed: 10 minute(s), 14 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Here is combofix : ComboFix 11-10-30.03 - Shrooms 01.11.2011 9:57:56.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2041 [GMT 1:00] Running from: C:\Documents and Settings\Shrooms\Desktop\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66} * Created a new restore point ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Documents and Settings\All Users\Application Data\ACD Systems\ACDSee\ImageDB.ddf C:\Documents and Settings\All Users\Application Data\ae8077 C:\Documents and Settings\All Users\Application Data\ae8077\6775.mof C:\Documents and Settings\All Users\Application Data\ae8077\BackUp\Adobe Gamma.lnk C:\Documents and Settings\All Users\Application Data\ae8077\BackUp\Adobe Reader Speed Launch.lnk C:\Documents and Settings\All Users\Application Data\ae8077\BackUp\hott notes 4.lnk C:\Documents and Settings\All Users\Application Data\ae8077\BackUp\LOLRecorder.lnk C:\Documents and Settings\All Users\Application Data\ae8077\BackUp\Registration Prince of Persia T2T.LNK C:\Documents and Settings\All Users\Application Data\ae8077\PSG.ico C:\Documents and Settings\Shrooms\Application Data\Toolbar4 C:\Documents and Settings\Shrooms\Local Settings\Application Data\.# C:\Documents and Settings\Shrooms\Recent\ANTIGEN.dll C:\Documents and Settings\Shrooms\Recent\cb.drv C:\Documents and Settings\Shrooms\Recent\cb.exe C:\Documents and Settings\Shrooms\Recent\cb.sys C:\Documents and Settings\Shrooms\Recent\eb.sys C:\Documents and Settings\Shrooms\Recent\exec.drv C:\Documents and Settings\Shrooms\Recent\fan.exe C:\Documents and Settings\Shrooms\Recent\fan.sys C:\Documents and Settings\Shrooms\Recent\FW.tmp C:\Documents and Settings\Shrooms\Recent\Linking Park - In th.m3u C:\Documents and Settings\Shrooms\Recent\pal.dll C:\Documents and Settings\Shrooms\Recent\pal.tmp C:\Documents and Settings\Shrooms\Recent\PE.drv C:\Documents and Settings\Shrooms\Recent\PE.sys C:\Documents and Settings\Shrooms\Recent\ppal.tmp C:\Documents and Settings\Shrooms\Recent\runddl.dll C:\Documents and Settings\Shrooms\Recent\sld.exe C:\Documents and Settings\Shrooms\Recent\Thumbs.db C:\Documents and Settings\Shrooms\Recent\tjd.dll C:\Documents and Settings\Shrooms\Recent\tjd.drv C:\Documents and Settings\Shrooms\WINDOWS C:\WINDOWS\help\tours\htmltour\unlock_playing.htm C:\WINDOWS\pkunzip.pif C:\WINDOWS\pkzip.pif C:\WINDOWS\system\oeminfo.ini C:\WINDOWS\system32\d3d9caps.dat ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MYWEBSEARCHSERVICE -------\Legacy_SSHNAS ((((((((((((((((((((((((( Files Created from 2011-10-01 to 2011-11-01 ))))))))))))))))))))))))))))))) 2011-10-27 20:03:17 . 2011-10-27 20:03:17 -------- d-----w- C:\$AVG 2011-10-26 12:06:46 . 2011-10-26 12:06:46 -------- d-----w- C:\Documents and Settings\Shrooms\Application Data\AVG2012 2011-10-26 12:05:02 . 2011-11-01 07:13:26 -------- d-----w- C:\WINDOWS\system32\drivers\AVG 2011-10-26 12:05:02 . 2011-10-26 14:20:00 -------- d-----w- C:\Documents and Settings\All Users\Application Data\AVG2012 2011-10-26 12:04:00 . 2011-10-26 12:04:00 -------- d-----w- C:\Program Files\AVG 2011-10-26 11:52:14 . 2011-10-26 11:52:14 -------- d--h--w- C:\Documents and Settings\All Users\Application Data\Common Files 2011-10-26 11:51:41 . 2011-11-01 07:49:04 -------- d-----w- C:\Documents and Settings\All Users\Application Data\MFAData 2011-10-25 20:38:58 . 2011-10-27 09:07:58 -------- d-----w- C:\Program Files\Common Files\PC Tools 2011-10-25 20:38:57 . 2011-10-27 09:07:58 -------- d-----w- C:\Program Files\PC Tools Security 2011-10-25 20:33:58 . 2011-10-26 14:44:52 -------- d-----w- C:\Documents and Settings\All Users\Application Data\PC Tools 2011-10-24 18:56:06 . 2011-10-24 18:56:06 -------- d-----w- C:\Program Files\Common Files\Skype 2011-10-24 18:56:03 . 2011-10-24 18:56:06 -------- d-----r- C:\Program Files\Skype 2011-10-22 12:24:03 . 2011-10-22 13:13:25 -------- d-----w- C:\Program Files\Rainmeter 2011-10-19 21:37:11 . 2011-10-19 21:37:11 -------- d-----w- C:\Documents and Settings\Shrooms\Application Data\Avira 2011-10-19 21:36:36 . 2011-10-11 13:00:32 36000 ----a-w- C:\WINDOWS\system32\drivers\avkmgr.sys 2011-10-19 21:36:35 . 2011-10-11 13:00:32 74640 ----a-w- C:\WINDOWS\system32\drivers\avgntflt.sys 2011-10-19 21:36:35 . 2011-10-11 13:00:32 134344 ----a-w- C:\WINDOWS\system32\drivers\avipbb.sys 2011-10-19 21:36:21 . 2011-10-19 21:36:21 -------- d-----w- C:\Program Files\Avira 2011-10-19 21:36:21 . 2011-10-19 21:36:21 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Avira 2011-10-11 12:08:06 . 2011-10-11 12:08:06 -------- d-----w- C:\WINDOWS\system32\1008 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2011-10-03 03:06:03 . 2010-06-12 20:50:53 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll 2011-10-03 00:37:52 . 2011-05-13 16:02:47 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl 2011-09-28 11:35:25 . 2011-05-13 15:59:08 404640 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2011-09-26 09:41:20 . 2008-07-29 17:59:58 611328 ----a-w- C:\WINDOWS\system32\uiautomationcore.dll 2011-09-26 09:41:20 . 2002-11-22 16:19:26 220160 ----a-w- C:\WINDOWS\system32\oleacc.dll 2011-09-26 09:41:14 . 2002-11-22 16:19:26 20480 ----a-w- C:\WINDOWS\system32\oleaccrc.dll 2011-09-13 04:30:10 . 2011-09-13 04:30:10 32592 ----a-w- C:\WINDOWS\system32\drivers\avgrkx86.sys 2011-09-09 09:12:13 . 2004-08-04 00:56:42 599040 ----a-w- C:\WINDOWS\system32\crypt32.dll 2011-09-06 13:20:51 . 2004-08-03 23:17:42 1858944 ----a-w- C:\WINDOWS\system32\win32k.sys 2011-09-05 13:56:22 . 2004-08-04 00:56:48 667136 ----a-w- C:\WINDOWS\system32\wininet.dll 2011-09-05 13:56:22 . 2004-08-03 22:59:30 61952 ----a-w- C:\WINDOWS\system32\tdc.ocx 2011-09-05 13:56:21 . 2004-08-04 00:56:44 81920 ----a-w- C:\WINDOWS\system32\ieencode.dll 2011-09-05 12:35:09 . 2004-08-03 22:59:58 369664 ----a-w- C:\WINDOWS\system32\html.iec 2011-08-31 15:00:50 . 2011-05-13 12:32:36 22216 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys 2011-08-26 21:49:51 . 2007-10-20 13:20:17 443448 ----a-w- C:\WINDOWS\system32\drivers\sptd.sys 2011-08-17 13:49:54 . 2004-08-03 23:14:16 138496 ----a-w- C:\WINDOWS\system32\drivers\afd.sys 2011-08-09 20:32:40 . 2011-03-15 17:35:44 6060 --sha-w- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys 2011-08-08 04:08:58 . 2011-08-08 04:08:58 40016 ----a-w- C:\WINDOWS\system32\drivers\avgmfx86.sys 2011-10-05 08:19:38 . 2011-05-10 13:00:26 134104 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll heres new dds : . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_29 Run by Shrooms at 10:22:37 on 2011-11-01 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2073 [GMT 1:00] . AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} FW: AVG Firewall *Enabled* . ============== Running Processes =============== . C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\Ati2evxx.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe -k Akamai C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\AVG\AVG2012\avgfws.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Razer\Copperhead\razerhid.exe C:\WINDOWS\RTHDCPL.EXE C:\program files\real\realplayer\update\realsched.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Razer\DeathAdder\razerhid.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe C:\Program Files\Pando Networks\Media Booster\PMB.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\LOLReplay\LOLRecorder.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\hott notes 4\hottnotes.exe C:\Program Files\Razer\Copperhead\razerofa.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Razer\DeathAdder\razertra.exe C:\Program Files\Razer\DeathAdder\razerofa.exe C:\Program Files\Razer\DeathAdder\vdDaemon.exe C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\Program Files\Common Files\Corel\Standby\Standby.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.bigseekpro.com/mediaget/{5FF7ECB8-6D08-4C83-996A-01C297A8E99E} uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.bigseekpro.com/mediaget/{5FF7ECB8-6D08-4C83-996A-01C297A8E99E} uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = http=127.0.0.1:25507; uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll uURLSearchHooks: H - No File BHO: Adobe PDF Link Helper: {15531a3f-2691-26a5-5d8a-029c7846098d} - c:\windows\system32\ntmsaapi.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File EB: &Research: {ff059e31-cc5a-4e2e-bf3b-96e929d65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" uRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel Photo Downloader.exe" -startup uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe" mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM mRun: [razer] c:\program files\razer\copperhead\razerhid.exe mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [sweetIM] c:\program files\sweetim\messenger\SweetIM.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [standby] "c:\program files\common files\corel\standby\Standby.exe" -START mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [DeathAdder] c:\program files\razer\deathadder\razerhid.exe mRun: [QuickTime Task] "c:\program files\k-lite codec pack\quicktime\QTTask.exe" -atboottime mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\shrooms\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\shrooms\startm~1\programs\startup\hottno~1.lnk - c:\program files\hott notes 4\hottnotes.exe StartupFolder: c:\docume~1\shrooms\startm~1\programs\startup\regist~2.lnk - d:\pop3\pop\support\register\RegistrationReminder.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\lolrec~1.lnk - c:\program files\lolreplay\LOLRecorder.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{43BC0FBC-1456-4AF8-AEED-2467AAF98CC5} : DhcpNameServer = 192.168.1.1 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\shrooms\application data\mozilla\firefox\profiles\mwkxrc77.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT315908&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Wikipedia (en) FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZRfox000&ptb=jFSzIIdODiWFC3uHHD9mXQ&ind=2010072314&ptnrS=ZRfox000&si=&n=77cf44fa&psa=&st=kwd&searchfor= FF - component: c:\documents and settings\shrooms\application data\mozilla\firefox\profiles\mwkxrc77.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\documents and settings\shrooms\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin2.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin3.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin4.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin5.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin6.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin7.dll FF - plugin: c:\program files\microsoft silverlight\4.0.50917.0\npctrlui.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592] R0 vax347b;vax347b;c:\windows\system32\drivers\vax347b.sys [2008-7-1 159616] R0 vax347s;vax347s;c:\windows\system32\drivers\vax347s.sys [2008-7-1 5248] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 229840] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248] R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-10-19 36000] R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-4 14336] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-19 86224] R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2011-10-19 110032] R2 avgfws;AVG zaštitni zid;c:\program files\avg\avg2012\avgfws.exe [2011-8-19 2399560] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-9-12 5265248] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-19 74640] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-5-13 366152] R2 StarWindService;StarWind iSCSI Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindService.exe [2005-4-2 217600] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-7-11 16720] R3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [2011-6-29 11136] R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;c:\windows\system32\drivers\hidkmdf.sys [2011-6-29 6656] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-5-13 22216] R3 VKbms;Virtual HID Minidriver;c:\windows\system32\drivers\VKbms.sys [2011-6-29 10240] S0 ps6ah4nb;DiRT Synchronization Driver (ps6ah4nb);c:\windows\system32\drivers\ps6ah4nb.sys --> c:\windows\system32\drivers\ps6ah4nb.sys [?] S0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);c:\windows\system32\drivers\ps6ah4nc.sys --> c:\windows\system32\drivers\ps6ah4nc.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 pr2ah4nb;DiRT Drivers Auto Removal (pr2ah4nb);c:\windows\system32\pr2ah4nb.exe svc --> c:\windows\system32\pr2ah4nb.exe svc [?] S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);c:\windows\system32\pr2ah4nc.exe svc --> c:\windows\system32\pr2ah4nc.exe svc [?] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944] S3 hid7906;hid7906;c:\windows\system32\drivers\hid7906.sys [2008-1-4 53793] S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [2009-6-26 19020] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 XDva370;XDva370;\??\c:\windows\system32\xdva370.sys --> c:\windows\system32\XDva370.sys [?] . =============== Created Last 30 ================ . 2011-11-01 08:56:37 -------- d-sha-r- C:\cmdcons 2011-11-01 08:54:05 256000 ----a-w- c:\windows\PEV.exe 2011-11-01 08:54:05 208896 ----a-w- c:\windows\MBR.exe 2011-11-01 08:54:04 98816 ----a-w- c:\windows\sed.exe 2011-11-01 08:54:04 518144 ----a-w- c:\windows\SWREG.exe 2011-11-01 08:53:27 -------- d-----w- C:\ComboFix 2011-10-27 20:03:17 -------- d-----w- C:\$AVG 2011-10-26 12:06:46 -------- d-----w- c:\documents and settings\shrooms\application data\AVG2012 2011-10-26 12:05:02 -------- d-----w- c:\windows\system32\drivers\AVG 2011-10-26 12:05:02 -------- d-----w- c:\documents and settings\all users\application data\AVG2012 2011-10-26 12:04:00 -------- d-----w- c:\program files\AVG 2011-10-26 11:52:14 -------- d--h--w- c:\documents and settings\all users\application data\Common Files 2011-10-26 11:51:41 -------- d-----w- c:\documents and settings\all users\application data\MFAData 2011-10-25 20:38:58 -------- d-----w- c:\program files\common files\PC Tools 2011-10-25 20:38:57 -------- d-----w- c:\program files\PC Tools Security 2011-10-25 20:33:58 -------- d-----w- c:\documents and settings\all users\application data\PC Tools 2011-10-24 18:56:03 -------- d-----r- c:\program files\Skype 2011-10-22 12:24:03 -------- d-----w- c:\program files\Rainmeter 2011-10-19 21:37:11 -------- d-----w- c:\documents and settings\shrooms\application data\Avira 2011-10-19 21:36:36 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2011-10-19 21:36:35 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-10-19 21:36:21 -------- d-----w- c:\program files\Avira 2011-10-19 21:36:21 -------- d-----w- c:\documents and settings\all users\application data\Avira 2011-10-11 12:08:06 -------- d-----w- c:\windows\system32\1008 . ==================== Find3M ==================== . 2011-10-03 03:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-03 00:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-09-28 11:35:25 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-26 09:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-26 09:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-13 04:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys 2011-09-05 13:56:22 667136 ----a-w- c:\windows\system32\wininet.dll 2011-09-05 13:56:22 61952 ----a-w- c:\windows\system32\tdc.ocx 2011-09-05 13:56:21 81920 ----a-w- c:\windows\system32\ieencode.dll 2011-09-05 12:35:09 369664 ----a-w- c:\windows\system32\html.iec 2011-08-31 15:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-26 21:49:51 443448 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys 2011-08-09 20:32:40 6060 --sha-w- c:\documents and settings\all users\application data\KGyGaAvL.sys . ============= FINISH: 10:22:55,92 =============== And im not sure if im suppose to give u new attach too, but since comment is this big... Attach : . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 12.3.2011 16:08:43 System Uptime: 1.11.2011 10:07:20 (0 hours ago) . Motherboard: MSI | | MS-7369 Processor: AMD Athlon 64 X2 Dual Core Processor 4400+ | CPU 1 | 2310/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 40 GiB total, 2,58 GiB free. D: is FIXED (NTFS) - 193 GiB total, 58,19 GiB free. E: is CDROM () F: is CDROM () G: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Hamachi Network Interface Device ID: ROOT\NET\0000 Manufacturer: LogMeIn, Inc. Name: Hamachi Network Interface PNP Device ID: ROOT\NET\0000 Service: hamachi . ==== System Restore Points =================== . RP197: 17.10.2011 12:00:33 - Removed Assassin's Creed II RP198: 17.10.2011 12:18:42 - Installé Pro Evolution Soccer 2012. RP199: 21.10.2011 11:42:35 - System Checkpoint RP200: 21.10.2011 13:00:19 - Pro Evolution Soccer 2012 supprimé. RP201: 21.10.2011 13:17:34 - Software Distribution Service 3.0 RP202: 21.10.2011 21:19:25 - Removed Assassin's Creed Brotherhood RP203: 21.10.2011 21:20:49 - Removed Titan Quest RP204: 21.10.2011 21:21:26 - Removed Titan Quest Immortal Throne RP205: 21.10.2011 21:35:01 - Installed Pro Evolution Soccer 2012. RP206: 22.10.2011 0:54:40 - Software Distribution Service 3.0 RP207: 22.10.2011 13:03:36 - Installed Java 6 Update 29 RP208: 23.10.2011 13:28:01 - System Checkpoint RP209: 24.10.2011 20:54:32 - Removed Skype Click to Call RP210: 24.10.2011 20:54:52 - Removed Skype™ 5.5 RP211: 26.10.2011 14:03:59 - Instalirano AVG 2012 RP212: 26.10.2011 14:04:38 - Instalirano AVG 2012 RP213: 27.10.2011 19:42:10 - System Checkpoint RP214: 28.10.2011 22:07:03 - System Checkpoint RP215: 29.10.2011 23:30:32 - System Checkpoint RP216: 1.11.2011 9:54:15 - ComboFix created restore point . ==== Installed Programs ====================== . µTorrent ACDSee Adobe AIR Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Help Center 2.1 Adobe Photoshop CS2 Adobe Reader X (10.1.1) Adobe Shockwave Player 11.5 Adobe Stock Photos 1.0 AIMP2 Akamai NetSession Interface AMD APP SDK Runtime Apple Application Support Apple Software Update Ask Toolbar ASUS nVIDIA Driver ATI AVIVO Codecs ATI Catalyst Control Center ATI Catalyst Install Manager ATI Parental Control & Encoder AVG 2012 Avira Free Antivirus Bastion Beowulf TM BitLocker To Go Reader Bonjour Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center HydraVision Full Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-preinstall ccc-core-static ccc-utility CCC Help English CCleaner CDCheck (remove only) Chessmaster Challenge Chicken Invaders: Revenge of the Yolk (Christmas Edition) v3.20 Compatibility Pack for the 2007 Office system Contents Corel PaintShop Photo Pro X3 CorelDRAW Graphics Suite 12 DAEMON Tools Lite DAEMON Tools Toolbar DarksidersInstaller Deus Ex - Human Revolution version 1.0 DeviceIO DEVIL MAY CRY 4 Fraps (remove only) Free Pascal 2.4.4 Google Chrome Google Toolbar for Internet Explorer Google Update Helper Gutterball 2 Hamachi 1.0.1.5 HighMAT Extension to Microsoft Windows XP CD Writing Wizard Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB961118) hott notes 4 ICA IPM_PSP_Pro J2SE Runtime Environment 5.0 Update 8 Java Auto Updater Java 6 Update 29 Jelen SuperLiga by EDIT TEAM version 2011 K-Lite Mega Codec Pack 1.52 League of Legends Little Fighter 2.5 - v2.0 LOLReplay Luxor 2 Luxor 3 Macro Vibration Joystick Mad Caps Magic ISO Maker v5.5 (build 0276) Malwarebytes' Anti-Malware version 1.51.2.1300 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 Microsoft Office Live Add-in 1.3 Microsoft Office Outlook Connector Microsoft Office Professional Edition 2003 Microsoft Office Word Viewer 2003 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Windows Journal Viewer Microsoft XNA Framework Redistributable 3.1 MLE Motherboard Monitor 5 Mozilla Firefox 7.0.1 (x86 en-US) MP3 Player Utilities 1.40 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML 6 Service Pack 2 (KB973686) MSXML4 Parser Nero 6 Ultra Edition Nero 7 Premium Norton Security Scan NVIDIA Drivers NVIDIA PhysX OLYMPUS Master 2 OLYMPUS muvee theaterPack OpenAL Pando Media Booster PCI SoftV92 Modem Plants vs. Zombies PowerDVD Prince of Persia T2T Pro Evolution Soccer 2011 1.0 Pro Evolution Soccer 2012 PSPH10Pro PSPPContent PSPPRO_DCRAW PunkBuster Services PureHD QuickTime Razer Copperhead Razer DeathAdder Mouse RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver RealUpgrade 1.1 RegCure Rockstar Games Social Club Rubber Ninjas 1.05 S4 League_EU Saitek Dual Analog Rumble Pad Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft Windows (KB2564958) Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Media Encoder (KB2447961) Security Update for Windows Media Encoder (KB954156) Security Update for Windows Media Encoder (KB979332) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2530548) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2559049) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2586448) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982381) Security Update for Windows XP (KB982665) Setup Share Skype™ 5.3 Snail Mail Sonic & SEGA All-Stars Racing SpeedFan (remove only) Steam SweetIM for Messenger 3.3 SweetIM Toolbar for Internet Explorer 3.9 TeamSpeak 2 RC2 Total Commander (Remove or Repair) Ubisoft Game Launcher Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Windows XP (KB2345886) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VIO VLC media player 1.1.4 WARRIORS OROCHI WebFldrs XP Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows Media Player 10 Windows Media Player Firefox Plugin Windows Presentation Foundation Windows XP Service Pack 3 WinRAR archiver Xbox 360 Controller for Windows XML Paper Specification Shared Components Pack 1.0 XP Royale Theme . ==== Event Viewer Messages From Past Week ======== . 27.10.2011 11:10:24, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The system cannot find the file specified. 27.10.2011 11:08:05, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 0019DBD16D0B has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). 26.10.2011 16:15:51, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PC Tools Security Service service to connect. 26.10.2011 16:15:51, error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 26.10.2011 14:06:35, error: Service Control Manager [7000] - The AVG TDI Driver service failed to start due to the following error: The parameter is incorrect. 1.11.2011 8:10:41, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect. 1.11.2011 8:10:41, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================
-
ok. I have the same problems as some other guys here and its about malwarebytes blocking some random IPs from Nederland and China. This blocking is about every 10mins or so when im not browsing, but when im entering some random sites its more like every 1 min. Also my computer browser is very slow and sometimes wont start at all, so i think i have malware problems in general. So when u read this(if u do) pls give me some advice. Here are the logs: DDS : . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_29 Run by Shrooms at 11:57:35 on 2011-10-27 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2004 [GMT 2:00] . AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: PC Security Guardian *Enabled/Updated* {1FCEF370-070F-4836-879E-2C418C5C7ABF} AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} FW: PC Security Guardian *Enabled* FW: AVG Firewall *Enabled* . ============== Running Processes =============== . C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Razer\Copperhead\razerhid.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\program files\real\realplayer\update\realsched.exe C:\Program Files\Razer\DeathAdder\razerhid.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\LOLReplay\LOLRecorder.exe C:\Program Files\hott notes 4\hottnotes.exe C:\WINDOWS\System32\svchost.exe -k Akamai C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Razer\Copperhead\razerofa.exe C:\Program Files\Razer\DeathAdder\razertra.exe C:\Program Files\Razer\DeathAdder\razerofa.exe C:\Program Files\Razer\DeathAdder\vdDaemon.exe C:\Program Files\AVG\AVG2012\avgfws.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Common Files\Corel\Standby\Standby.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.bigseekpro.com/mediaget/{5FF7ECB8-6D08-4C83-996A-01C297A8E99E} uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mStart Page = hxxp://www.bigseekpro.com/mediaget/{5FF7ECB8-6D08-4C83-996A-01C297A8E99E} uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = http=127.0.0.1:25507; uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll uURLSearchHooks: H - No File BHO: Adobe PDF Link Helper: {15531a3f-2691-26a5-5d8a-029c7846098d} - c:\windows\system32\ntmsaapi.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File EB: &Research: {ff059e31-cc5a-4e2e-bf3b-96e929d65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "c:\documents and settings\shrooms\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" uRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel Photo Downloader.exe" -startup uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe" mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM mRun: [razer] c:\program files\razer\copperhead\razerhid.exe mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [sweetIM] c:\program files\sweetim\messenger\SweetIM.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [standby] "c:\program files\common files\corel\standby\Standby.exe" -START mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [DeathAdder] c:\program files\razer\deathadder\razerhid.exe mRun: [QuickTime Task] "c:\program files\k-lite codec pack\quicktime\QTTask.exe" -atboottime mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\shrooms\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\shrooms\startm~1\programs\startup\hottno~1.lnk - c:\program files\hott notes 4\hottnotes.exe StartupFolder: c:\docume~1\shrooms\startm~1\programs\startup\regist~2.lnk - d:\pop3\pop\support\register\RegistrationReminder.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\lolrec~1.lnk - c:\program files\lolreplay\LOLRecorder.exe IE: &Search IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll IFEO: image file execution options - svchost.exe . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\shrooms\application data\mozilla\firefox\profiles\mwkxrc77.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT315908&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Wikipedia (en) FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZRfox000&ptb=jFSzIIdODiWFC3uHHD9mXQ&ind=2010072314&ptnrS=ZRfox000&si=&n=77cf44fa&psa=&st=kwd&searchfor= FF - component: c:\documents and settings\shrooms\application data\mozilla\firefox\profiles\mwkxrc77.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\documents and settings\shrooms\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin2.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin3.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin4.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin5.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin6.dll FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin7.dll FF - plugin: c:\program files\microsoft silverlight\4.0.50917.0\npctrlui.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592] R0 vax347b;vax347b;c:\windows\system32\drivers\vax347b.sys [2008-7-1 159616] R0 vax347s;vax347s;c:\windows\system32\drivers\vax347s.sys [2008-7-1 5248] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 229840] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248] R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-10-19 36000] R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-4 14336] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-19 86224] R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2011-10-19 110032] R2 avgfws;AVG zaštitni zid;c:\program files\avg\avg2012\avgfws.exe [2011-8-19 2399560] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-9-12 5265248] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-19 74640] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-5-13 366152] R2 StarWindService;StarWind iSCSI Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindService.exe [2005-4-2 217600] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-7-11 16720] R3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [2011-6-29 11136] R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;c:\windows\system32\drivers\hidkmdf.sys [2011-6-29 6656] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-5-13 22216] R3 VKbms;Virtual HID Minidriver;c:\windows\system32\drivers\VKbms.sys [2011-6-29 10240] S0 ps6ah4nb;DiRT Synchronization Driver (ps6ah4nb);c:\windows\system32\drivers\ps6ah4nb.sys --> c:\windows\system32\drivers\ps6ah4nb.sys [?] S0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);c:\windows\system32\drivers\ps6ah4nc.sys --> c:\windows\system32\drivers\ps6ah4nc.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 pr2ah4nb;DiRT Drivers Auto Removal (pr2ah4nb);c:\windows\system32\pr2ah4nb.exe svc --> c:\windows\system32\pr2ah4nb.exe svc [?] S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);c:\windows\system32\pr2ah4nc.exe svc --> c:\windows\system32\pr2ah4nc.exe svc [?] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944] S3 hid7906;hid7906;c:\windows\system32\drivers\hid7906.sys [2008-1-4 53793] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [2009-6-26 19020] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 XDva370;XDva370;\??\c:\windows\system32\xdva370.sys --> c:\windows\system32\XDva370.sys [?] . =============== Created Last 30 ================ . 2011-10-26 12:06:46 -------- d-----w- c:\documents and settings\shrooms\application data\AVG2012 2011-10-26 12:05:02 -------- d-----w- c:\windows\system32\drivers\AVG 2011-10-26 12:05:02 -------- d-----w- c:\documents and settings\all users\application data\AVG2012 2011-10-26 12:04:00 -------- d-----w- c:\program files\AVG 2011-10-26 11:52:14 -------- d--h--w- c:\documents and settings\all users\application data\Common Files 2011-10-26 11:51:41 -------- d-----w- c:\documents and settings\all users\application data\MFAData 2011-10-25 20:38:58 -------- d-----w- c:\program files\common files\PC Tools 2011-10-25 20:38:57 -------- d-----w- c:\program files\PC Tools Security 2011-10-25 20:33:58 -------- d-----w- c:\documents and settings\all users\application data\PC Tools 2011-10-24 18:56:03 -------- d-----r- c:\program files\Skype 2011-10-22 12:24:03 -------- d-----w- c:\program files\Rainmeter 2011-10-19 21:37:11 -------- d-----w- c:\documents and settings\shrooms\application data\Avira 2011-10-19 21:36:36 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2011-10-19 21:36:35 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-10-19 21:36:21 -------- d-----w- c:\program files\Avira 2011-10-19 21:36:21 -------- d-----w- c:\documents and settings\all users\application data\Avira 2011-10-11 12:08:06 -------- d-----w- c:\windows\system32\1008 2011-10-01 10:49:24 -------- d-----w- C:\FPC . ==================== Find3M ==================== . 2011-10-03 03:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-03 00:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-09-28 11:35:25 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-26 09:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 09:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-26 09:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-13 04:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys 2011-09-05 13:56:22 667136 ----a-w- c:\windows\system32\wininet.dll 2011-09-05 13:56:22 61952 ----a-w- c:\windows\system32\tdc.ocx 2011-09-05 13:56:21 81920 ----a-w- c:\windows\system32\ieencode.dll 2011-09-05 12:35:09 369664 ----a-w- c:\windows\system32\html.iec 2011-08-31 15:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-26 21:49:51 443448 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys 2011-08-09 20:32:40 6060 --sha-w- c:\documents and settings\all users\application data\KGyGaAvL.sys . ============= FINISH: 11:58:30,03 =============== And here is attach : . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 12.3.2011 16:08:43 System Uptime: 27.10.2011 11:07:33 (0 hours ago) . Motherboard: MSI | | MS-7369 Processor: AMD Athlon 64 X2 Dual Core Processor 4400+ | CPU 1 | 2310/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 40 GiB total, 2,397 GiB free. D: is FIXED (NTFS) - 193 GiB total, 58,224 GiB free. E: is CDROM () F: is CDROM () G: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Hamachi Network Interface Device ID: ROOT\NET\0000 Manufacturer: LogMeIn, Inc. Name: Hamachi Network Interface PNP Device ID: ROOT\NET\0000 Service: hamachi . ==== System Restore Points =================== . RP197: 17.10.2011 12:00:33 - Removed Assassin's Creed II RP198: 17.10.2011 12:18:42 - Installé Pro Evolution Soccer 2012. RP199: 21.10.2011 11:42:35 - System Checkpoint RP200: 21.10.2011 13:00:19 - Pro Evolution Soccer 2012 supprimé. RP201: 21.10.2011 13:17:34 - Software Distribution Service 3.0 RP202: 21.10.2011 21:19:25 - Removed Assassin's Creed Brotherhood RP203: 21.10.2011 21:20:49 - Removed Titan Quest RP204: 21.10.2011 21:21:26 - Removed Titan Quest Immortal Throne RP205: 21.10.2011 21:35:01 - Installed Pro Evolution Soccer 2012. RP206: 22.10.2011 0:54:40 - Software Distribution Service 3.0 RP207: 22.10.2011 13:03:36 - Installed Java 6 Update 29 RP208: 23.10.2011 13:28:01 - System Checkpoint RP209: 24.10.2011 20:54:32 - Removed Skype Click to Call RP210: 24.10.2011 20:54:52 - Removed Skype™ 5.5 RP211: 26.10.2011 14:03:59 - Instalirano AVG 2012 RP212: 26.10.2011 14:04:38 - Instalirano AVG 2012 . ==== Installed Programs ====================== . µTorrent ACDSee Adobe AIR Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Help Center 2.1 Adobe Photoshop CS2 Adobe Reader X (10.1.1) Adobe Shockwave Player 11.5 Adobe Stock Photos 1.0 AIMP2 Akamai NetSession Interface AMD APP SDK Runtime Apple Application Support Apple Software Update Ask Toolbar ASUS nVIDIA Driver ATI AVIVO Codecs ATI Catalyst Control Center ATI Catalyst Install Manager ATI Parental Control & Encoder AVG 2012 Avira Free Antivirus Bastion Beowulf TM BitLocker To Go Reader Bonjour Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center HydraVision Full Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-preinstall ccc-core-static ccc-utility CCC Help English CCleaner CDCheck (remove only) Chessmaster Challenge Chicken Invaders: Revenge of the Yolk (Christmas Edition) v3.20 Compatibility Pack for the 2007 Office system Contents Corel PaintShop Photo Pro X3 CorelDRAW Graphics Suite 12 DAEMON Tools Lite DAEMON Tools Toolbar DarksidersInstaller Deus Ex - Human Revolution version 1.0 DeviceIO DEVIL MAY CRY 4 Fraps (remove only) Free Pascal 2.4.4 Google Chrome Google Toolbar for Internet Explorer Google Update Helper Gutterball 2 Hamachi 1.0.1.5 HighMAT Extension to Microsoft Windows XP CD Writing Wizard Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB961118) hott notes 4 ICA IPM_PSP_Pro J2SE Runtime Environment 5.0 Update 8 Java Auto Updater Java 6 Update 29 Jelen SuperLiga by EDIT TEAM version 2011 K-Lite Mega Codec Pack 1.52 League of Legends Little Fighter 2.5 - v2.0 LOLReplay Luxor 2 Luxor 3 Macro Vibration Joystick Mad Caps Magic ISO Maker v5.5 (build 0276) Malwarebytes' Anti-Malware version 1.51.2.1300 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 Microsoft Office Live Add-in 1.3 Microsoft Office Outlook Connector Microsoft Office Professional Edition 2003 Microsoft Office Word Viewer 2003 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Windows Journal Viewer Microsoft XNA Framework Redistributable 3.1 MLE Motherboard Monitor 5 Mozilla Firefox 7.0.1 (x86 en-US) MP3 Player Utilities 1.40 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML 6 Service Pack 2 (KB973686) MSXML4 Parser Nero 6 Ultra Edition Nero 7 Premium Norton Security Scan NVIDIA Drivers NVIDIA PhysX OLYMPUS Master 2 OLYMPUS muvee theaterPack OpenAL Pando Media Booster PCI SoftV92 Modem Plants vs. Zombies PowerDVD Prince of Persia T2T Pro Evolution Soccer 2011 1.0 Pro Evolution Soccer 2012 PSPH10Pro PSPPContent PSPPRO_DCRAW PunkBuster Services PureHD QuickTime Razer Copperhead Razer DeathAdder Mouse RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver RealUpgrade 1.1 RegCure Rockstar Games Social Club Rubber Ninjas 1.05 S4 League_EU Saitek Dual Analog Rumble Pad Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft Windows (KB2564958) Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Media Encoder (KB2447961) Security Update for Windows Media Encoder (KB954156) Security Update for Windows Media Encoder (KB979332) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2530548) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2559049) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2586448) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982381) Security Update for Windows XP (KB982665) Setup Share Skype™ 5.3 Snail Mail Sonic & SEGA All-Stars Racing SpeedFan (remove only) Steam SweetIM for Messenger 3.3 SweetIM Toolbar for Internet Explorer 3.9 TeamSpeak 2 RC2 Total Commander (Remove or Repair) Ubisoft Game Launcher Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Windows XP (KB2345886) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VIO VLC media player 1.1.4 WARRIORS OROCHI WebFldrs XP Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows Media Player 10 Windows Media Player Firefox Plugin Windows Presentation Foundation Windows XP Service Pack 3 WinRAR archiver Xbox 360 Controller for Windows XML Paper Specification Shared Components Pack 1.0 XP Royale Theme . ==== Event Viewer Messages From Past Week ======== . 26.10.2011 16:15:51, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PC Tools Security Service service to connect. 26.10.2011 16:15:51, error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 26.10.2011 14:06:01, error: Service Control Manager [7000] - The AVG TDI Driver service failed to start due to the following error: The parameter is incorrect. 24.10.2011 7:51:29, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The system cannot find the file specified. 24.10.2011 7:50:16, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 0019DBD16D0B has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). 24.10.2011 20:48:41, error: System Error [1003] - Error code 1000008e, parameter1 c0000047, parameter2 804fcf44, parameter3 f78b6774, parameter4 00000000. 24.10.2011 20:45:28, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: gagp30kx ViaIde 24.10.2011 20:45:08, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 24.10.2011 18:03:07, error: Service Control Manager [7000] - The MBAMSwissArmy service failed to start due to the following error: The system cannot find the file specified. . ==== End Of File ===========================
-
i have same the problem...can u tell me how u solve it? if u do..