please help me to clean my pc

[kamry2009]

please hlep me to clean my pc from any mlware

+ remove left over driver

dds.txt

attach.txt

dump.txt

runscanner3.7z

[kamry2009]

Results of screen317's Security Check version 0.99.51

Windows XP Service Pack 3 x86

Internet Explorer 7 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Security Center service is not running! This report may not be accurate!

Kingsoft Antivirus System Defense

BullGuard Antivirus

Emsisoft Anti-Malware

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

xp-AntiSpy 3.98-2

SUPERAntiSpyware

Malwarebytes Anti-Malware version 1.65.0.1400

TuneUp Utilities Language Pack (en-US)

nCleaner second 2.3.4.0

Panda Cloud Cleaner

JavaFX 2.1.1

Java 6 Update 35

Java 7 Update 6

Java version out of Date!

Adobe Flash Player 11.4.402.265

Adobe Reader X (10.1.4)

Mozilla Firefox (15.0)

````````Process Check: objlist.exe by Laurent````````

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 9%

````````````````````End of Log``````````````````````

[kamry2009]

9999999

OTL0000.Txt

[Maniac]

Hello kamry2009 and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  

Step 1

Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having three anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. My suggestion is to uninstall Emsisoft Anti-Malware and Kingsoft Antivirus 2012. Finally, reboot your computer.

Step 2

• Launch Malwarebytes' Anti-Malware
  
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 3

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

On completion of the scan click save log, save it to your desktop and post in your next reply

In your next reply, post the following log files:

• Malwarebytes' Anti-Malware log
  
• aswMBR log
  
• a new fresh DDS log

[kamry2009]

11111111

aswMBR.txt

dds.txt

attach.txt

[Maniac]

Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

[kamry2009]

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-09-26 14:52:30

-----------------------------

14:52:30.343 OS Version: Windows 5.1.2600 Service Pack 3

14:52:30.343 Number of processors: 2 586 0x170A

14:52:30.343 ComputerName: ORO UserName:

14:52:30.875 Initialize success

14:52:34.562 AVAST engine download error: 0

14:52:49.718 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

14:52:49.734 Disk 0 Vendor: Hitachi_ FB4O Size: 305245MB BusType: 3

14:52:49.734 Disk 1 \Device\Harddisk1\DR3 -> \Device\00000094

14:52:49.750 Disk 1 Vendor: RICOH 02 Size: 305245MB BusType: 0

14:52:49.750 Disk 2 \Device\Harddisk2\DR5 -> \Device\00000096

14:52:49.765 Disk 2 Vendor: RICOH 01 Size: 305245MB BusType: 0

14:52:49.781 Disk 0 MBR read successfully

14:52:49.781 Disk 0 MBR scan

14:52:49.796 Disk 0 Windows XP default MBR code

14:52:49.812 Disk 0 Partition - 00 0F Extended LBA 115804 MB offset 16065

14:52:49.828 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 189429 MB offset 237187072

14:52:49.875 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 115804 MB offset 16128

14:52:49.890 Disk 0 scanning sectors +625137664

14:52:50.000 Disk 0 scanning C:\WINDOWS\system32\drivers

14:53:12.531 Service scanning

14:53:28.609 Service KDHacker C:\Program Files\kingsoft\kingsoft antivirus\security\kxescan\kdhacker.sys **LOCKED** 5

14:53:29.578 Service KUsbGuard C:\program files\kingsoft\kingsoft antivirus\kusbquery.sys **LOCKED** 5

14:53:30.093 Service MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys **HIDDEN**

14:53:42.937 Modules scanning

14:53:52.828 Disk 0 trace - called modules:

14:53:52.843 TUKERNEL.EXE CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys

14:53:52.843 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a5bb9c0]

14:53:52.843 3 CLASSPNP.SYS[f7667fd7] -> nt!IofCallDriver -> \Device\0000008d[0x8a5bc698]

14:53:52.843 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x89795028]

14:53:52.843 Scan finished successfully

14:54:59.703 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\llllllllllllllllllll\Desktop\MBR.dat"

14:54:59.843 The log file has been saved successfully to "C:\Documents and Settings\llllllllllllllllllll\Desktop\aswMBR.txt"

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 10.6.2

Run by llllllllllllllllllll at 15:07:45 on 2012-09-26

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1915.657 [GMT -12:00]

.

AV: Kingsoft Antivirus System Defense *Enabled/Updated* {B3DDB456-E18B-4D81-9EB0-E23ABB4D2B12}

AV: BullGuard Antivirus *Enabled/Updated* {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}

AV: Emsisoft Anti-Malware *Enabled/Outdated* {0F8591BB-342B-4493-91C3-4E948ED21255}

FW: BullGuard Firewall *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Main

svchost.exe

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

c:\program files\kingsoft\kingsoft antivirus\kxescore.exe

C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Backup

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

C:\WINDOWS\System32\SvcHost.exe -k BullGuard

C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Proxy

c:\program files\bullguard ltd\bullguard\BullGuardScanner.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Emsisoft Anti-Malware\a2service.exe

C:\Program Files\Emsisoft Anti-Malware\a2guard.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Ad Muncher\AdMunch.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Mada CM\cm\UIExec.exe

C:\Program Files\Mada CM\cm\ssax226.exe

C:\Program Files\Mada CM\cm\cm.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Internet Download Manager\IDMan.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Internet Download Manager\IEMonitor.exe

D:\mbam-setup-1.65.0.1400_2.exe

C:\DOCUME~1\LLLLLL~1\LOCALS~1\Temp\is-QOD28.tmp\mbam-setup-1.65.0.1400_2.tmp

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = about:blank

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MzRAMBooster] c:\program files\mz ultimate tools\mz ram booster\MzRAMBooster.exe

uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot

uRun: [uIExec] "c:\program files\mada cm\cm\UIExec.exe"

uRun: [MADA_WIMAX_CM] "c:\program files\mada cm\cm\cm.exe"

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [bullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot

mRun: [bullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe

mRun: [emsisoft anti-malware] "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60

mRun: [kxesc] "c:\program files\kingsoft\kingsoft antivirus\kxetray.exe" -autorun

mRun: [CleanMem Mini Monitor] c:\program files\cleanmem\Mini_Monitor.exe /startup

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

dRun: [ctfmon.exe] c:\windows\system32\CTFMON.EXE

dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe

dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32

uPolicies-explorer: NoNetworkConnections = 1 (0x1)

uPolicies-explorer: NoWindowsUpdate = 1 (0x1)

uPolicies-explorer: NoSMMyPictures = 0 (0x0)

uPolicies-explorer: NoStartMenuMyMusic = 0 (0x0)

uPolicies-explorer: NoRecentDocsNetHood = 0 (0x0)

uPolicies-explorer: NoInstrumentation = 0 (0x0)

mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)

mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)

IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm

IE: Download with IDM - c:\program files\internet download manager\IEExt.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIE.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

TCP: DhcpNameServer = 93.191.177.123 93.191.177.124

TCP: Interfaces\{A6FD6A7F-FF1B-4E5A-9CE4-410613B93E81} : DhcpNameServer = 93.191.177.123 93.191.177.124

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\llllllllllllllllllll\application data\mozilla\firefox\profiles\4j52sf7g.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.jo/

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npida.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_268.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.http.max-connections-per-server - 6

FF - user.js: network.http.max-persistent-connections-per-server - 3

.

============= SERVICES / DRIVERS ===============

.

R0 FileLock;FileLock;c:\windows\system32\drivers\FileLock.sys [2012-3-11 35456]

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2012-9-20 44240]

R0 kavbootc;kavbootc;c:\windows\system32\drivers\kavbootc.sys [2012-9-24 27240]

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2011-8-31 23712]

R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\emsisoft anti-malware\a2ddax86.sys [2012-9-22 17904]

R1 a2injectiondriver;a2injectiondriver;c:\program files\emsisoft anti-malware\a2dix86.sys [2012-9-22 37856]

R1 a2util;a-squared Malware-IDS utility driver;c:\program files\emsisoft anti-malware\a2util32.sys [2012-9-22 11776]

R1 asdrm;asdrm;c:\windows\system32\drivers\asdrm.sys [2012-9-18 16208]

R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [2012-6-25 65904]

R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\rsdrv.sys [2011-8-1 22312]

R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2012-3-3 111072]

R1 KDHacker;KDHacker;c:\program files\kingsoft\kingsoft antivirus\security\kxescan\kdhacker.sys [2012-9-24 125784]

R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [2012-6-25 789960]

R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [2012-6-25 19272]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R1 sosnf32;sosnf32;c:\windows\system32\drivers\sosnf32.sys [2012-3-7 49160]

R1 WinFLAdrv;WinFLAdrv;c:\windows\system32\WinFLAdrv.sys [2012-3-11 29584]

R1 WinFPdrv;WinFPdrv;c:\windows\system32\WinFPdrv.sys [2011-8-27 19456]

R2 a2AntiMalware;Emsisoft Anti-Malware 6.6 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2012-9-22 3082640]

R2 asdrs;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\drivers\asdrs.sys [2012-9-18 22864]

R2 asdws;AnviSmartDefender Web Guard;c:\windows\system32\drivers\asdws.sys [2012-9-18 14160]

R2 BsBackup;BullGuard backup service;c:\windows\system32\SvcHost.exe -k BullGuard_Backup [2008-4-13 14336]

R2 BsBhvScan;BullGuard behavioural detection service;c:\program files\bullguard ltd\bullguard\BullGuardBhvScanner.exe [2012-9-11 313696]

R2 BsFileScan;BullGuard on-access service;c:\windows\system32\SvcHost.exe -k BullGuard [2008-4-13 14336]

R2 BsFire;BullGuard firewall service;c:\windows\system32\SvcHost.exe -k BullGuard [2008-4-13 14336]

R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\system32\SvcHost.exe -k BullGuard_Proxy [2008-4-13 14336]

R2 BsMain;BullGuard main service;c:\windows\system32\SvcHost.exe -k BullGuard_Main [2008-4-13 14336]

R2 BsScanner;BullGuard scanning service;c:\program files\bullguard ltd\bullguard\BullGuardScanner.exe [2012-9-11 179040]

R2 BsUpdate;BullGuard update service;c:\program files\bullguard ltd\bullguard\BullGuardUpdate.exe [2012-9-11 302432]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2012-4-6 54760]

R2 kisknl;kisknl;c:\windows\system32\drivers\kisknl.sys [2012-9-24 164728]

R2 kxescore;Kingsoft Core Service;c:\program files\kingsoft\kingsoft antivirus\kxescore.exe [2012-9-24 123992]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-15 399432]

R2 ssax226;ZTE AX226 WiMAX Modem Switch Service;c:\program files\mada cm\cm\ssax226.exe [2012-9-26 61440]

R2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-7-12 25448]

R2 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-17 753504]

R3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2012-9-22 54072]

R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2012-6-25 32512]

R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2012-6-25 284928]

R3 bcm;WiMAX Network Adapter;c:\windows\system32\drivers\drxvi314.sys [2012-2-2 331264]

R3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\drivers\BcmBusCtr.sys [2012-2-2 48512]

R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2012-1-28 173880]

R3 ksapi;ksapi;c:\windows\system32\drivers\ksapi.sys [2012-9-24 82264]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-9-26 40776]

R3 SmbDrvI;SmbDrvI;c:\windows\system32\drivers\Smb_driver_Intel.sys [2012-8-22 23608]

R3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [2011-8-20 390944]

R3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;c:\windows\system32\drivers\gtkdrv.sys [2012-1-4 16128]

R4 KProcessHacker2;KProcessHacker2;c:\program files\process hacker 2\kprocesshacker.sys [2012-4-4 33352]

S1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog32.sys [2012-9-18 2560]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-17 130384]

S3 5U875UVC;Sony Visual Communication Camera;c:\windows\system32\drivers\5U875.sys [2011-8-2 71296]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-2 250568]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-8-2 1691480]

S3 DIGIRPS;Digi PortServer Driver;c:\windows\system32\drivers\digirlpt.sys [2012-9-7 42432]

S3 eRootDrv;eRootDrv;c:\windows\system32\drivers\eRootDrv.sys [2012-9-7 23976]

S3 esihdrv;esihdrv; [x]

S3 KUsbGuard;KUsbGuard;c:\program files\kingsoft\kingsoft antivirus\kusbquery.sys [2012-9-24 14200]

S3 mdf16;mdf16;c:\program files\clarus\samsung secretzone\mdf16.sys [2012-2-2 18288]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-6-16 114144]

S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2012-8-1 23608]

S3 mvd22;mvd22;c:\program files\clarus\samsung secretzone\mvd22.sys [2012-2-2 70512]

S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2010-6-25 35088]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-9-21 27064]

S4 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]

S4 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files\anvisoft\anvi smart defender\ASDSrv.exe [2012-8-22 686896]

S4 Browser Defender Update Service;Browser Defender Update Service; [x]

S4 FLService;FLService;c:\program files\gilisoft\file lock pro\FLService.exe [2012-3-11 86016]

S4 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-27 704872]

S4 HitmanProScheduler;HitmanPro Scheduler;c:\program files\hitmanpro\hmpsched.exe [2012-9-17 105832]

S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2011-8-2 13592]

S4 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-4-8 3063968]

S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-12 160944]

S4 SZASSIST;SecretZone Assist Service;c:\program files\clarus\samsung secretzone\SZAssistSVC.exe [2012-2-2 90112]

S4 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-7-12 21096]

.

=============== Created Last 30 ================

.

2012-09-27 02:53:30 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-09-27 02:06:22 1894808 ----a-w- c:\windows\system32\drivers\macxvi200.bin

2012-09-27 02:06:16 -------- d-----w- c:\windows\system32\SupportWimax

2012-09-27 02:06:15 88704 ------w- c:\windows\Packet.dll

2012-09-27 02:06:15 240248 ------w- c:\windows\wpcap.dll

2012-09-27 02:06:02 -------- d-----w- c:\program files\Mada CM

2012-09-26 07:01:42 0 ----a-w- c:\windows\atemp.tmp

2012-09-26 06:43:01 -------- d-----w- c:\program files\GridinSoft Trojan Killer

2012-09-25 09:35:16 61440 ----a-w- c:\windows\system32\CleanMem.exe

2012-09-25 09:34:56 -------- d-----w- c:\windows\CleanMem

2012-09-25 09:34:56 -------- d-----w- c:\program files\CleanMem

2012-09-25 09:34:30 -------- d-----w- c:\program files\Mz Ultimate Tools

2012-09-25 09:32:51 -------- d-----w- c:\program files\R-RAM

2012-09-25 09:32:35 249856 ------w- c:\windows\Setup1.exe

2012-09-25 09:32:33 73216 ----a-w- c:\windows\ST6UNST.EXE

2012-09-25 09:19:42 74703 ----a-w- c:\windows\system32\mfc45.dat

2012-09-25 09:18:59 -------- d-----w- C:\iolo

2012-09-25 09:12:43 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\iolo

2012-09-25 09:00:27 265728 -c----w- c:\windows\system32\dllcache\http.sys

2012-09-25 08:54:00 57344 -c----w- c:\windows\system32\dllcache\uexfat.dll

2012-09-25 08:53:32 133632 -c----w- c:\windows\system32\dllcache\exfat.sys

2012-09-25 08:19:46 496128 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2012-09-25 08:19:46 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll

2012-09-25 08:19:45 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll

2012-09-25 08:19:44 63488 -c----w- c:\windows\system32\dllcache\icardie.dll

2012-09-25 08:19:44 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2012-09-25 08:19:44 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe

2012-09-25 08:19:42 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat

2012-09-25 08:19:40 6105088 -c----w- c:\windows\system32\dllcache\ieframe.dll

2012-09-25 08:12:46 804864 -c----w- c:\windows\system32\dllcache\jntfiltr.dll

2012-09-25 08:12:46 773632 -c----w- c:\windows\system32\dllcache\jnwdrv.dll

2012-09-25 08:12:46 1023488 -c----w- c:\windows\system32\dllcache\nbdoc.dll

2012-09-25 07:49:14 2192640 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2012-09-25 07:49:14 2148352 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2012-09-25 07:49:13 2069120 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe

2012-09-25 07:49:13 2026496 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2012-09-25 07:35:15 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll

2012-09-25 07:32:42 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll

2012-09-25 07:32:42 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll

2012-09-25 07:20:37 457856 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2012-09-25 07:15:16 62976 -c----w- c:\windows\system32\dllcache\cdrom.sys

2012-09-25 07:15:16 465920 -c----w- c:\windows\system32\dllcache\imapi2fs.dll

2012-09-25 07:15:16 317952 -c----w- c:\windows\system32\dllcache\imapi2.dll

2012-09-25 06:40:30 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2012-09-25 06:39:25 18296 ----a-w- c:\windows\system32\drivers\kusbquery64.sys

2012-09-25 06:39:25 14200 ----a-w- c:\windows\system32\drivers\kusbquery.sys

2012-09-25 06:31:42 74703 ----a-w- c:\windows\system32\mfc45.dll

2012-09-25 06:30:31 -------- d-----w- c:\program files\iolo

2012-09-25 06:30:31 -------- d-----w- c:\documents and settings\all users\application data\iolo

2012-09-25 06:27:37 24472 ----a-w- c:\windows\system32\drivers\bc.sys

2012-09-25 06:27:37 19352 ----a-w- c:\windows\system32\drivers\ksskrpr.sys

2012-09-25 06:27:37 164696 ----a-w- c:\windows\system32\drivers\kdhacker64.sys

2012-09-25 06:27:37 125784 ----a-w- c:\windows\system32\drivers\kdhacker.sys

2012-09-25 06:27:36 31848 ----a-w- c:\windows\system32\drivers\kavbootc64.sys

2012-09-25 06:27:36 27240 ----a-w- c:\windows\system32\drivers\kavbootc.sys

2012-09-25 06:27:36 210296 ----a-w- c:\windows\system32\drivers\kisknl64.sys

2012-09-25 06:27:36 164728 ----a-w- c:\windows\system32\drivers\kisknl.sys

2012-09-25 06:27:29 82264 ----a-w- c:\windows\system32\drivers\ksapi.sys

2012-09-25 06:26:59 -------- d-----w- c:\documents and settings\all users\application data\kingsoft

2012-09-24 13:55:15 7680 ----a-w- c:\windows\46684390.exe

2012-09-24 09:02:24 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\Rovio

2012-09-24 00:37:59 339320 ----a-w- c:\windows\system32\HMIPCore.dll

2012-09-24 00:12:23 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\VitySoft

2012-09-23 10:00:49 -------- d-----w- c:\program files\Emsisoft Anti-Malware

2012-09-23 08:44:58 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\BullGuard

2012-09-23 08:44:56 -------- d-----w- c:\documents and settings\all users\application data\BullGuard

2012-09-23 08:44:07 -------- d-----w- c:\program files\common files\BullGuard Ltd

2012-09-23 08:44:04 -------- d-----w- c:\program files\BullGuard Ltd

2012-09-23 07:52:00 0 ----a-w- c:\windows\system32\w32apiw.dll

2012-09-23 05:18:24 195957 ----a-w- c:\documents and settings\all users\application data\1348377371.bdinstall.bin

2012-09-21 22:21:04 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys

2012-09-21 22:16:06 -------- d-----w- c:\program files\Scorpio Software

2012-09-20 20:18:40 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys

2012-09-20 15:03:59 75513 ----a-w- c:\documents and settings\all users\application data\1348153144.bdinstall.bin

2012-09-20 13:32:18 -------- d-----w- c:\program files\Pale Moon

2012-09-19 09:39:21 -------- d-----w- c:\documents and settings\all users\application data\Adguard

2012-09-19 08:57:27 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\Anvisoft

2012-09-19 08:57:01 22864 ----a-w- c:\windows\system32\drivers\asdrs.sys

2012-09-19 08:57:01 16208 ----a-w- c:\windows\system32\drivers\asdrm.sys

2012-09-19 08:57:01 14160 ----a-w- c:\windows\system32\drivers\asdws.sys

2012-09-19 08:54:42 -------- d-----w- c:\documents and settings\all users\application data\Anvisoft

2012-09-19 08:20:49 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\SUPERAntiSpyware.com

2012-09-19 08:16:03 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-09-19 08:16:03 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2012-09-19 07:58:27 135016 ----a-w- c:\windows\system32\LnkProtect.dll

2012-09-19 07:57:22 -------- d-----w- c:\windows\GroundZero Advanced Netstat

2012-09-19 07:57:22 -------- d-----w- c:\program files\GroundZero Advanced Netstat

2012-09-19 07:56:39 -------- d-----w- c:\program files\PeerGuardian2

2012-09-19 07:55:29 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\Adguard

2012-09-19 07:55:11 -------- d-----w- c:\windows\system32\redirect

2012-09-19 07:42:05 2560 ----a-w- c:\windows\system32\drivers\AntiLog32.sys

2012-09-19 07:34:17 4224 -c--a-w- c:\windows\system32\dllcache\beep.sys

2012-09-19 07:34:17 4224 ----a-w- c:\windows\system32\drivers\beep.sys

2012-09-18 08:58:10 1280284 ----a-w- c:\documents and settings\all users\application data\1347958342.bdinstall.bin

2012-09-18 07:51:56 213547 ----a-w- c:\documents and settings\all users\application data\1347954633.bdinstall.bin

2012-09-18 07:51:06 47795 ----a-w- c:\documents and settings\all users\application data\1347954660.bdinstall.bin

2012-09-18 07:50:55 47795 ----a-w- c:\documents and settings\all users\application data\1347954651.bdinstall.bin

2012-09-18 07:41:23 1263956 ----a-w- c:\documents and settings\all users\application data\1347953774.bdinstall.bin

2012-09-18 06:56:59 1700352 ----a-w- c:\windows\system32\gdiplus.dll

2012-09-18 06:47:26 1398 ----a-w- c:\documents and settings\all users\application data\1347950846.bdinstall.bin

2012-09-18 06:42:50 62207 ----a-w- c:\documents and settings\all users\application data\1347950567.600.bin

2012-09-18 06:42:50 5636 ----a-w- c:\documents and settings\all users\application data\1347950567.612.bin

2012-09-18 06:42:50 1837 ----a-w- c:\documents and settings\all users\application data\1347950567.576.bin

2012-09-18 06:42:47 74836 ----a-w- c:\documents and settings\all users\application data\1347950567.2868.bin

2012-09-17 21:07:45 357667 ----a-w- c:\documents and settings\all users\application data\1347915903.bdinstall.bin

2012-09-17 20:19:44 -------- d-----w- c:\documents and settings\all users\application data\bdch

2012-09-17 19:49:12 -------- d-----w- c:\windows\system32\3com_dmi

2012-09-17 18:35:56 373549 ----a-w- c:\documents and settings\all users\application data\1347906551.bdinstall.bin

2012-09-17 18:33:34 -------- d-----w- c:\documents and settings\all users\application data\BDLogging

2012-09-17 18:33:19 511328 ----a-w- c:\windows\capicom.dll

2012-09-17 18:33:19 -------- d-----w- c:\windows\system32\ui

2012-09-17 18:16:58 46592 -c--a-w- c:\windows\system32\dllcache\svcext51.dll

2012-09-17 18:15:55 8192 -c--a-w- c:\windows\system32\dllcache\httpmb51.dll

2012-09-17 18:14:59 20540 -c--a-w- c:\windows\system32\dllcache\admin.dll

2012-09-17 18:12:39 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe

2012-09-17 18:12:39 16384 ----a-w- c:\program files\internet explorer\connection wizard\isignup.exe

2012-09-17 18:12:01 129792 -c--a-w- c:\windows\system32\dllcache\fltmgr.sys

2012-09-17 18:12:01 129792 ----a-w- c:\windows\system32\drivers\fltMgr.sys

2012-09-17 18:10:45 83968 ----a-w- c:\program files\messenger\msgsc.dll

2012-09-17 18:10:45 180224 ----a-w- c:\program files\messenger\msgslang.dll

2012-09-17 18:10:45 1695232 ------w- c:\program files\messenger\msmsgs.exe

2012-09-17 18:10:44 33792 ----a-w- c:\program files\messenger\custsat.dll

2012-09-17 18:10:44 -------- d-----w- c:\program files\Messenger

2012-09-17 17:57:12 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll

2012-09-17 17:57:12 24661 ----a-w- c:\windows\system32\spxcoins.dll

2012-09-17 17:57:12 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll

2012-09-17 17:57:12 13312 ----a-w- c:\windows\system32\irclass.dll

2012-09-17 17:56:52 16535 ----a-r- c:\windows\SET198.tmp

2012-09-17 17:56:50 1088840 ----a-r- c:\windows\SET18C.tmp

2012-09-17 17:56:49 1296669 ----a-r- c:\windows\SET189.tmp

2012-09-17 14:21:15 -------- d-----w- c:\program files\HitmanPro

2012-09-17 14:21:04 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro

2012-09-17 13:51:34 212353 ----a-w- c:\documents and settings\all users\application data\1347889873.bdinstall.bin

2012-09-17 13:11:14 -------- d-----w- c:\program files\Xilisoft

2012-09-17 11:54:00 1614848 ----a-w- c:\windows\system32\sfcfiles.dll

2012-09-17 11:53:01 990208 ----a-w- c:\windows\system32\syssetup.dll

2012-09-17 11:04:39 462104 ----a-w- c:\windows\system32\drivers\iaStor.sys

2012-09-17 11:03:22 -------- d-----w- C:\New Folder (2)

2012-09-17 10:54:48 -------- d-----w- C:\New Folder

2012-09-16 15:41:02 217758 ----a-w- c:\documents and settings\all users\application data\1347810019.bdinstall.bin

2012-09-16 08:59:30 48065 ----a-w- c:\documents and settings\all users\application data\1347785958.bdinstall.bin

2012-09-16 08:57:46 213693 ----a-w- c:\documents and settings\all users\application data\1347785823.bdinstall.bin

2012-09-16 08:17:58 -------- d-----w- c:\windows\LastGood.Tmp

2012-09-15 19:40:19 -------- d-----w- c:\windows\system32\wbem\repository\FS

2012-09-15 19:40:19 -------- d-----w- c:\windows\system32\wbem\Repository

2012-09-15 17:48:39 -------- d-----w- c:\program files\DLLSuite

2012-09-15 15:59:02 -------- d-----w- c:\documents and settings\all users\Anvisoft

2012-09-15 15:58:51 -------- d-----w- c:\program files\Anvisoft

2012-09-15 14:14:22 -------- d-----w- c:\program files\xp-AntiSpy

2012-09-15 12:52:53 -------- d-----w- c:\program files\CPUID

2012-09-15 08:40:14 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-15 08:40:14 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-09-15 08:40:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-09-15 08:36:05 -------- d-----w- c:\program files\Phyxion.net

2012-09-14 14:28:38 79360 ----a-w- c:\windows\system32\swxcacls.exe

2012-09-14 14:28:38 53248 ----a-w- c:\windows\system32\Process.exe

2012-09-14 14:28:38 135168 ----a-w- c:\windows\system32\swreg.exe

2012-09-14 13:42:00 98816 ----a-w- c:\windows\sed.exe

2012-09-14 13:42:00 518144 ----a-w- c:\windows\SWREG.exe

2012-09-14 13:42:00 256000 ----a-w- c:\windows\PEV.exe

2012-09-14 13:42:00 208896 ----a-w- c:\windows\MBR.exe

2012-09-14 13:41:57 -------- d-s---w- C:\ComboFix

2012-09-12 09:01:52 -------- d-----w- C:\driver

2012-09-12 07:04:03 7446 ----a-w- c:\windows\hr.reg

2012-09-12 07:04:03 398 ----a-w- c:\windows\im.reg

2012-09-12 07:04:03 13091 ----a-w- c:\windows\sb.reg

2012-09-12 06:30:00 0 ----a-w- C:\osy3.sys

2012-09-12 06:28:18 -------- d-s---w- C:\ComboFix_2

2012-09-10 17:00:23 1754 ----a-w- c:\windows\system32\tmp.reg

2012-09-10 17:00:05 87552 ----a-w- c:\windows\system32\VACFix.exe

2012-09-10 17:00:05 82944 ----a-w- c:\windows\system32\IEDFix.C.exe

2012-09-10 17:00:05 82432 ----a-w- c:\windows\system32\404Fix.exe

2012-09-10 17:00:05 80384 ----a-w- c:\windows\system32\o4Patch.exe

2012-09-10 17:00:05 78336 ----a-w- c:\windows\system32\Agent.OMZ.Fix.exe

2012-09-10 17:00:05 51200 ----a-w- c:\windows\system32\dumphive.exe

2012-09-10 17:00:05 289144 ----a-w- c:\windows\system32\VCCLSID.exe

2012-09-10 17:00:05 288417 ----a-w- c:\windows\system32\SrchSTS.exe

2012-09-10 13:18:54 -------- dc----w- c:\documents and settings\all users\application data\{D36303DF-0AF1-460C-9A26-C4D3BAE007EE}

2012-09-10 08:39:38 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\ESET

2012-09-10 06:15:50 -------- d-----w- C:\SMCLpav

2012-09-09 16:36:45 -------- d-----w- C:\CCE_Quarantine

2012-09-09 11:02:20 16910 ----a-w- C:\CIS REMOVAL TOOL.bat

2012-09-09 07:53:52 52736 ----a-w- C:\?????? ??? ???????-64??.exe

2012-09-09 05:47:42 -------- d-----w- C:\Ad-Remover

2012-09-09 04:52:49 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\ElevatedDiagnostics

2012-09-09 01:59:11 -------- d-----w- C:\Log

2012-09-09 00:59:39 -------- d-----w- c:\program files\SuperCopier2

2012-09-09 00:54:57 -------- d-----w- C:\IDM_Setup_Temp

2012-09-08 22:30:13 -------- d-----w- c:\documents and settings\all users\application data\Comodo

2012-09-08 20:01:54 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\Uninstaller Tool(Comodo Forums)

2012-09-08 17:02:13 -------- d-----w- c:\program files\common files\Comodo

2012-09-08 13:31:45 45320 ----a-w- c:\windows\system32\certsentry.dll

2012-09-08 13:16:42 499712 ----a-w- C:\msvcp71.dll

2012-09-08 13:16:42 262144 ----a-w- C:\RegCleaner.dll

2012-09-08 13:16:42 1060864 ----a-w- C:\MFC71.dll

2012-09-08 13:16:27 90112 ----a-w- C:\RegCleaner.exe

2012-09-08 09:03:55 -------- d-----w- C:\New Folder (4)

2012-09-08 08:56:07 -------- d-----w- c:\documents and settings\llllllllllllllllllll\Bluetooth Software

2012-09-08 08:30:16 42432 ----a-w- c:\windows\system32\drivers\digirlpt.sys

2012-09-08 07:12:41 -------- d-----w- c:\documents and settings\llllllllllllllllllll\local settings\application data\Privatefirewall

2012-09-07 19:53:33 -------- d---a-w- c:\windows\VDLL.DLL

2012-09-07 19:53:33 -------- d---a-w- c:\windows\system32\runouce.exe

2012-09-07 19:53:33 -------- d---a-w- c:\windows\logo_1.exe

2012-09-07 19:48:41 23976 ----a-w- c:\windows\system32\drivers\eRootDrv.sys

2012-09-07 19:24:58 632064 ----a-w- c:\windows\system32\msvcr80.dll

2012-09-07 19:24:54 554240 ----a-w- c:\windows\system32\msvcp80.dll

2012-09-07 19:24:53 572928 ----a-w- c:\windows\system32\msvcp90.dll

2012-09-07 19:24:51 655872 ----a-w- c:\windows\system32\msvcr90.dll

2012-09-07 19:24:48 34048 ----a-w- c:\windows\system32\eEmpty.exe

2012-09-07 19:24:36 146432 ----a-w- c:\windows\R.COM

2012-09-07 19:24:36 135680 ----a-w- c:\windows\system32\T.COM

2012-09-07 19:24:32 -------- d-----w- c:\program files\common files\MicroWorld

2012-09-07 19:24:23 -------- d-----w- c:\documents and settings\all users\application data\MicroWorld

2012-09-07 16:01:15 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\TeamViewer

2012-09-07 16:01:08 -------- d-----w- c:\program files\TeamViewer

2012-09-07 02:37:02 -------- d-----w- c:\documents and settings\llllllllllllllllllll\local settings\application data\Opera

2012-09-07 02:27:47 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\Panda Security

2012-09-07 02:26:40 -------- d-----w- c:\program files\Toolbar Cleaner

2012-09-07 02:26:35 -------- d-----w- c:\documents and settings\llllllllllllllllllll\local settings\application data\panda2_0dn

2012-09-07 02:26:17 -------- d-----w- c:\documents and settings\all users\application data\Panda Security URL Filtering

2012-09-07 02:25:32 46280 ----a-w- c:\windows\system32\drivers\PSKMAD.sys

2012-09-07 02:24:49 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\pandasecuritytb

2012-09-07 02:20:38 -------- d-----w- c:\documents and settings\all users\application data\Panda Security

2012-09-07 02:20:37 -------- d-----w- c:\program files\Panda Security

2012-09-06 22:49:34 -------- d-----w- c:\program files\WinASO

2012-08-30 07:36:51 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\DiskAid

2012-08-30 07:36:38 -------- d-----w- c:\program files\DigiDNA

2012-08-30 03:00:23 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\iPhone Tool Kits

2012-08-30 02:59:20 94854 ----a-w- c:\windows\system32\HKCU_GNU.reg

2012-08-30 02:59:20 6144 ----a-w- c:\windows\system32\ff_acm.acm

2012-08-30 02:59:20 60273 ----a-w- c:\windows\system32\pthreadGC2.dll

2012-08-30 02:59:20 258352 ----a-w- c:\windows\system32\unicows.dll

2012-08-30 02:59:20 2004 ----a-w- c:\windows\system32\HKLM_GNU.reg

2012-08-30 02:59:19 499712 ----a-w- c:\windows\system32\MSVCP71.DLL

2012-08-30 02:59:19 14909 ----a-w- c:\windows\system32\A_reg.reg

2012-08-30 02:59:11 -------- d-----w- c:\program files\Cucusoft

2012-08-30 00:43:58 -------- d-----w- c:\program files\nFinity

2012-08-30 00:26:58 -------- d-----w- c:\program files\Temp

2012-08-30 00:13:57 -------- d-----w- c:\documents and settings\llllllllllllllllllll\local settings\application data\Apple Computer

2012-08-30 00:12:03 -------- d-----w- c:\program files\iPod

2012-08-30 00:12:01 -------- d-----w- c:\program files\iTunes

2012-08-30 00:12:01 -------- d-----w- c:\documents and settings\all users\application data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2012-08-30 00:11:41 -------- d-----w- c:\documents and settings\llllllllllllllllllll\local settings\application data\Apple

2012-08-30 00:11:13 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll

2012-08-30 00:11:13 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2012-08-30 00:10:48 -------- d-----w- c:\program files\Bonjour

2012-08-29 23:41:13 -------- d-----w- c:\documents and settings\llllllllllllllllllll\local settings\application data\Wondershare

2012-08-29 23:41:11 -------- d-----w- c:\program files\common files\Wondershare

2012-08-29 23:40:50 -------- d-----w- c:\documents and settings\all users\application data\Wondershare

2012-08-29 23:40:47 67680 ----a-w- c:\windows\system32\libusb0.dll

2012-08-29 23:40:46 42592 ----a-w- c:\windows\system32\drivers\libusb0.sys

2012-08-29 23:40:42 -------- d-----w- c:\program files\Wondershare

2012-08-29 23:40:42 -------- d-----w- c:\program files\Dr.Fone_Temp

2012-08-28 21:28:29 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\OnlineArmor

2012-08-28 21:28:14 42152 ----a-w- c:\windows\system32\drivers\oahlp32.sys

2012-08-28 21:28:14 29464 ----a-w- c:\windows\system32\drivers\OAnet.sys

2012-08-28 21:28:14 25192 ----a-w- c:\windows\system32\drivers\OAmon.sys

2012-08-28 21:28:14 205864 ----a-w- c:\windows\system32\drivers\OADriver.sys

2012-08-28 21:24:20 -------- d-----w- c:\program files\NCH Software

2012-08-28 21:24:18 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\NCH Software

2012-08-28 20:48:39 -------- d-----w- c:\documents and settings\all users\CrypKey

2012-08-28 20:45:29 27648 ----a-r- c:\windows\Setup_ck.exe

2012-08-28 20:45:29 19584 ----a-w- c:\windows\system32\Ckldrv.sys

2012-08-28 20:45:29 18432 ----a-w- c:\windows\Setup_ck.dll

2012-08-28 20:45:29 165888 ----a-w- c:\windows\Ckconfig.exe

2012-08-28 20:45:29 122880 ----a-w- c:\windows\system32\Crypserv.exe

2012-08-28 20:45:29 11776 ----a-w- c:\windows\Ckrfresh.exe

2012-08-28 20:45:27 -------- d-----w- c:\program files\Stellar Phoenix Windows Data Recovery

2012-08-28 20:19:01 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\IDM

2012-08-28 20:18:44 -------- d-----w- c:\program files\Internet Download Manager

2012-08-28 05:07:49 -------- d-----w- c:\documents and settings\llllllllllllllllllll\application data\Windows Search

2012-08-28 05:01:18 -------- d-----w- c:\program files\Windows Desktop Search

2012-08-28 04:50:14 -------- dc-h--w- c:\windows\ie8

2012-08-28 03:59:17 -------- d-----w- c:\documents and settings\all users\application data\KRSHistory

2012-08-28 03:50:49 -------- d-----w- c:\program files\Microsoft Chart Controls

2012-08-28 03:49:52 -------- d-s---w- C:\KRECYCLE

2012-08-28 03:49:05 -------- d-----w- c:\program files\kingsoft

.

==================== Find3M ====================

.

2012-09-27 02:51:43 0 ----a-w- c:\windows\FileLock.bin

2012-09-24 08:05:32 111072 ----a-w- c:\windows\system32\drivers\idmtdi.sys

2012-09-19 08:28:11 12872 ----a-w- c:\windows\system32\bootdelete.exe

2012-09-17 15:15:12 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-09-17 15:15:12 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-27 18:11:20 14664 ----a-w- c:\windows\stinger.sys

2012-08-26 08:46:43 120872 ----a-w- c:\windows\system32\drivers\PSINProt.sys

2012-08-26 08:46:42 179368 ----a-w- c:\windows\system32\drivers\PSINKNC.sys

2012-08-26 08:46:42 114856 ----a-w- c:\windows\system32\drivers\PSINProc.sys

2012-08-26 08:46:42 102696 ----a-w- c:\windows\system32\drivers\PSINFile.sys

2012-08-26 08:46:00 149544 ----a-w- c:\windows\system32\drivers\PSINAflt.sys

2012-08-25 02:38:03 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-08-25 02:38:02 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-08-25 02:38:02 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-25 02:38:02 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-08-23 09:16:55 223152 ----a-w- c:\windows\system32\drivers\SynTP.sys

2012-08-23 09:16:55 206120 ----a-w- c:\windows\system32\SynCtrl.dll

2012-08-23 09:16:55 169256 ----a-w- c:\windows\system32\SynCOM.dll

2012-08-23 09:16:55 161064 ----a-w- c:\windows\system32\SynTPAPI.dll

2012-08-23 09:16:55 120104 ----a-w- c:\windows\system32\SynTPCo4.dll

2012-08-23 09:10:57 23608 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys

2012-08-19 06:27:57 20304 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys

2012-08-07 14:56:58 54624 ----a-w- c:\windows\system32\BGLsp.dll

2012-08-01 11:06:10 106896 ----a-w- c:\windows\system32\BgGamingMonitor.dll

2012-07-30 13:18:54 22400 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2012-07-12 09:18:32 206632 ----a-w- c:\windows\system32\drivers\NNSStrm.sys

2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll

2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-07-03 16:21:32 41224 ----a-w- c:\windows\avastSS.scr

2012-07-03 15:07:44 832512 ----a-w- c:\windows\system32\wininet.dll

2012-07-03 15:07:43 1830912 ----a-w- c:\windows\system32\inetcpl.cpl

2012-07-03 15:07:42 78336 ----a-w- c:\windows\system32\ieencode.dll

2012-07-03 15:07:42 17408 ----a-w- c:\windows\system32\corpol.dll

2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys

2008-03-09 05:25:10 236 ----a-w- c:\program files\common files\dx.reg

.

============= FINISH: 15:11:34.32 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 9/17/2012 6:17:37 AM

System Uptime: 9/26/2012 1:39:15 PM (2 hours ago)

.

Motherboard: Sony Corporation | | VAIO

Processor: Intel Pentium III Xeon processor | N/A | 2525/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 113 GiB total, 1.776 GiB free.

D: is FIXED (NTFS) - 185 GiB total, 38.135 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: Modem Device on High Definition Audio Bus

Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_2C06&SUBSYS_104D1700&REV_1000\4&20BC933D&0&0102

Manufacturer:

Name: Modem Device on High Definition Audio Bus

PNP Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_2C06&SUBSYS_104D1700&REV_1000\4&20BC933D&0&0102

Service:

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Privacyware Filter Miniport

Device ID: ROOT\PWIPF6MP\0000

Manufacturer: Privacyware

Name: WiMAX Network Adapter #2 - Privacyware Filter Miniport

PNP Device ID: ROOT\PWIPF6MP\0000

Service: pwipf6

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Privacyware Filter Miniport

Device ID: ROOT\PWIPF6MP\0003

Manufacturer: Privacyware

Name: Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller - Privacyware Filter Miniport

PNP Device ID: ROOT\PWIPF6MP\0003

Service: pwipf6

.

==== System Restore Points ===================

.

RP151: 9/24/2012 8:59:42 PM - Installed Windows XP KB971314.

RP152: 9/24/2012 9:00:07 PM - Installed Windows XP KB969084.

RP153: 9/24/2012 9:00:53 PM - Installed Windows XP KB970430.

RP154: 9/24/2012 9:02:01 PM - Installed Windows XP KB971737.

RP155: 9/24/2012 9:03:51 PM - Installed Windows XP KB977377.

RP156: 9/24/2012 9:04:47 PM - Installed Windows XP KB2492386.

RP157: 9/24/2012 9:05:29 PM - Installed Windows XP KB2541763.

RP158: 9/24/2012 9:06:06 PM - Installed Windows XP KB2641690.

RP159: 9/24/2012 9:06:32 PM - Installed Windows XP KB2633952.

RP160: 9/24/2012 9:11:32 PM - Installed Windows XP KB2483614.

RP161: 9/26/2012 2:01:28 PM - Revo Uninstaller Pro's restore point - Mada CM

RP162: 9/26/2012 2:03:39 PM - Removed Mada CM

RP163: 9/26/2012 2:06:00 PM - Installed Mada CM

RP164: 9/26/2012 3:10:59 PM - Tweaking.com - Windows Repair

.

==== Installed Programs ======================

.

??????? ???????? Microsoft Save as PDF or XPS ?????? Microsoft Office 2007

7-Zip 9.20

Ad Muncher v4.93.33707

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.1) - Arabic

Adobe Reader X (10.1.4)

Adobe Shockwave Player 11.6

AntiCrash 3.6.1

Anvi Smart Defender 1.6

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ASF-AVI-RM-WMV Repair 2.01

Atheros AR928x Wireless Network Adapter

Auslogics BoostSpeed

Back2Life 2.7

Battery Doubler 1.2.1

BullGuard

CamStudio OSS Desktop Recorder

CleanMem

Cloud System Booster

Comodo Dragon

CPUID CPU-Z 1.61.5

Debut Video Capture Software

DiskAid 5.31

DiskGetor Data Recovery V3.2

Emsisoft Anti-Malware

F.lux

Folder Lock

GiliSoft File Lock Pro 5.0

Google Update Helper

Hare 1.5.1

HitmanPro 3.6

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB895961-v4)

Hotfix for Windows XP (KB932716-v2)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB943232-v2)

Hotfix for Windows XP (KB951830)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954708)

Hotfix for Windows XP (KB955535)

Hotfix for Windows XP (KB969084)

Hotfix for Windows XP (KB971276-v3)

Hotfix for Windows XP (KB971314)

Intel PROSet Wireless

Internet Download Manager

iPhone Tool Kits 2.8.8

iTunes

Java 7 Update 6

Java Auto Updater

Java 6 Update 35

JavaFX 2.1.1

Juggle Mouse 1.2.1

Junk Mail filter update

K-Lite Codec Pack 8.3.2 (Full)

KeyScrambler

Kingsoft Antivirus 2012

Mada CM

MAGIX Screenshare

MAGIX Video Sound Cleaning Lab Download Version

Malwarebytes Anti-Malware version 1.65.0.1400

Marvell Miniport Driver

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)

Microsoft Choice Guard

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office PowerPoint Viewer 2003

Microsoft Office Word Viewer 2003

Microsoft Silverlight

Microsoft Text-to-Speech Engine 4.0 (English)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 15.0 (x86 en-US)

Mozilla Maintenance Service

MSVC90_x86

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB973686)

Mz RAM Booster

nCleaner second 2.3.4.0

NewLive All Media To Mp3 Converter 7.7

NVIDIA PhysX

Ontrack EasyRecovery Enterprise

Pale Moon 15.0 (x86 en-US)

Panda Cloud Cleaner

Passware Kit Enterprise Demo 11.5

Password Recovery Bundle 2011

Prism Video File Converter

Process Hacker 2.28 (r5073)

ProphecyMaster v1.1

QuickVoice Sync

Realtek High Definition Audio Driver

RealUpgrade 1.1

Recovery Toolbox for RAR 1.1

Recuva

Release RAM + Acceleration Startup Manager 2000/XP

Remove Toolbar Buddy 4.61

Revo Uninstaller Pro 2.5.8

RunAlyzer

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2699988)

Security Update for Windows Internet Explorer 7 (KB2722913)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2483614)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660649)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950582)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953155)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977377)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982665)

Segoe UI

Skype Click to Call

Skype™ 5.10

Software Informer 1.1

SRS Audio Sandbox

Stellar Phoenix Windows Data Recovery - Technical

SUPERAntiSpyware

SuperCopier2

swMSM

Synaptics Pointing Device Driver

System Checkup 3.3

TuneUp Utilities Language Pack (en-US)

Tweaking.com - Windows Repair (All in One)

Ultra Video Joiner 6.2.0411

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 7 (KB2628724)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2492386)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB898461)

Update for Windows XP (KB943729)

Update for Windows XP (KB951978)

Update for Windows XP (KB954920-v2)

Update for Windows XP (KB955704)

Update for Windows XP (KB958752)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973815)

VC80CRTRedist - 8.0.50727.6195

VLC media player 2.0.2

Voxware Audio decoder 1.6

VS10RuntimeWin32

WebFldrs XP

WIDCOMM Bluetooth Software

WinASO EasyTweak 3.0.3

WinASO Registry Optimizer 4.7.7

Windows Driver Package - Sony Corporation Sony HDD Protection Filter Driver (08/22/2008 1.3.08.08220)

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Mail

Windows Live Sign-in Assistant

Windows Live Upload Tool

Windows Management Framework Core

Windows Media Format 11 runtime

WinPcap 4.1.2

WinRAR 4.10 beta 5 (32-bit)

Xilisoft ISO Burner

xp-AntiSpy 3.98-2

Xvid Video Codec

Zoom 1.3.1

.

==== Event Viewer Messages From Past Week ========

.

9/25/2012 7:02:28 PM, error: Service Control Manager [7034] - The Kingsoft Core Service service terminated unexpectedly. It has done this 2 time(s).

9/25/2012 6:58:19 PM, error: Service Control Manager [7034] - The Kingsoft Core Service service terminated unexpectedly. It has done this 1 time(s).

9/25/2012 1:24:39 PM, error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

9/24/2012 6:43:47 PM, error: Service Control Manager [7034] - The BullGuard update service service terminated unexpectedly. It has done this 1 time(s).

9/24/2012 12:06:00 PM, error: Service Control Manager [7000] - The ZTE AX226 WiMAX Modem Switch Service service failed to start due to the following error: %1 is not a valid Win32 application.

9/23/2012 4:00:39 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}

9/23/2012 3:37:45 PM, error: Service Control Manager [7034] - The HideMyIpSRV service terminated unexpectedly. It has done this 2 time(s).

9/23/2012 3:37:28 PM, error: Service Control Manager [7034] - The HideMyIpSRV service terminated unexpectedly. It has done this 1 time(s).

9/23/2012 12:59:21 PM, error: Service Control Manager [7001] - The Universal Plug and Play Device Host service depends on the SSDP Discovery Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

9/23/2012 12:55:44 PM, error: ialm [108] - The driver igxprd32 for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.

9/22/2012 7:56:40 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

9/22/2012 7:40:19 PM, error: PlugPlayManager [11] - The device Root\LEGACY_A2DDA\0000 disappeared from the system without first being prepared for removal.

9/22/2012 7:40:19 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service TuneUp.UtilitiesSvc with arguments "" in order to run the server: {5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}

9/22/2012 7:36:39 PM, error: PlugPlayManager [11] - The device Root\LEGACY_SABPROCENUM\0000 disappeared from the system without first being prepared for removal.

9/22/2012 7:36:39 PM, error: PlugPlayManager [11] - The device Root\LEGACY_SABKUTIL\0000 disappeared from the system without first being prepared for removal.

9/22/2012 7:36:39 PM, error: PlugPlayManager [11] - The device Root\LEGACY_SABDIFSV\0000 disappeared from the system without first being prepared for removal.

9/22/2012 7:35:30 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

9/22/2012 7:28:12 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: asdnet asdrm ElRawDisk Fips intelppm NetworkX SABDIFSV SABKUTIL SASDIFSV SASKUTIL truecrypt WinFLAdrv WinFPdrv

9/22/2012 5:26:46 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

9/22/2012 5:25:42 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

9/22/2012 5:13:09 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: asdnet asdrm avc3 bdselfpr BDVEDISK ElRawDisk Fips gzflt intelppm NetworkX SABDIFSV SABKUTIL SASDIFSV SASKUTIL truecrypt trufos WinFLAdrv WinFPdrv

9/22/2012 4:46:31 PM, error: Service Control Manager [7000] - The BitDefender Firewall NDIS Filter Service service failed to start due to the following error: The filename, directory name, or volume label syntax is incorrect.

9/22/2012 4:46:01 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

9/22/2012 2:15:25 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

9/22/2012 2:12:18 AM, error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 4.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

9/22/2012 2:12:14 AM, error: Service Control Manager [7034] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s).

9/22/2012 2:12:09 AM, error: Service Control Manager [7034] - The Bitdefender Desktop Update Service service terminated unexpectedly. It has done this 1 time(s).

9/22/2012 1:50:21 AM, error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

9/22/2012 1:50:05 AM, error: Service Control Manager [7034] - The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).

9/21/2012 8:20:55 AM, error: Service Control Manager [7000] - The FLService service failed to start due to the following error: The pipe has been ended.

9/21/2012 8:19:47 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service SafeBox with arguments "" in order to run the server: {F681ABD0-41DE-46C8-9ED3-D0F4EBA19111}

9/21/2012 8:14:48 AM, error: Service Control Manager [7000] - The ZTE AX226 WiMAX Modem Switch Service service failed to start due to the following error: The pipe has been ended.

9/21/2012 11:05:41 PM, error: Dhcp [1008] - Your computer was unable to initialize a Network Interface attached to the system. The error code is: A device attached to the system is not functioning. .

9/21/2012 10:31:46 AM, error: Service Control Manager [7034] - The ZTE AX226 WiMAX Modem Switch Service service terminated unexpectedly. It has done this 1 time(s).

9/20/2012 9:16:34 PM, error: Service Control Manager [7023] - The Uninterruptible Power Supply service terminated with the following error: %%2481

9/20/2012 9:16:04 PM, error: UPS [2481] - The UPS service is not configured correctly.

9/20/2012 3:55:00 AM, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s).

9/20/2012 3:54:35 AM, error: Service Control Manager [7034] - The TuneUp Utilities Service service terminated unexpectedly. It has done this 2 time(s).

9/20/2012 3:54:26 AM, error: Service Control Manager [7034] - The FLService service terminated unexpectedly. It has done this 1 time(s).

9/20/2012 3:54:05 AM, error: Service Control Manager [7034] - The Intel® PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).

9/20/2012 3:53:50 AM, error: Service Control Manager [7034] - The Intel® PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s).

9/20/2012 3:53:45 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

9/20/2012 3:53:38 AM, error: Service Control Manager [7034] - The SafeBox service terminated unexpectedly. It has done this 1 time(s).

9/20/2012 3:32:09 AM, error: Service Control Manager [7034] - The Intel® PROSet/Wireless WiFi Service service terminated unexpectedly. It has done this 1 time(s).

9/20/2012 3:28:55 AM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).

9/20/2012 3:28:51 AM, error: Service Control Manager [7034] - The TuneUp Utilities Service service terminated unexpectedly. It has done this 1 time(s).

9/20/2012 3:27:30 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service TuneUp.UtilitiesSvc with arguments "" in order to run the server: {5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}

9/20/2012 2:49:35 AM, error: Service Control Manager [7000] - The XAudioService service failed to start due to the following error: %1 is not a valid Win32 application.

9/20/2012 2:45:26 AM, error: Service Control Manager [7034] - The Volume Shadow Copy service terminated unexpectedly. It has done this 1 time(s).

9/20/2012 10:55:56 AM, error: Service Control Manager [7031] - The Emsisoft Anti-Malware 6.6 - Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

9/20/2012 10:55:44 AM, error: Service Control Manager [7034] - The Bitdefender Desktop Update Service service terminated unexpectedly. It has done this 2 time(s).

9/20/2012 10:55:40 AM, error: Service Control Manager [7031] - The Bluetooth Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/20/2012 10:24:17 AM, error: Service Control Manager [7001] - The Logical Disk Manager Administrative Service service depends on the Logical Disk Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

9/20/2012 10:24:17 AM, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service dmadmin with arguments "/com" in order to run the server: {4FB6BB00-3347-11D0-B40A-00AA005FF586}

9/19/2012 6:45:41 AM, error: Service Control Manager [7034] - The BrowserProtect Anti-Hijack Service service terminated unexpectedly. It has done this 1 time(s).

9/19/2012 6:44:17 AM, error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 4.0.0.0 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

9/19/2012 6:43:36 AM, error: Service Control Manager [7034] - The Unsigned Themes service terminated unexpectedly. It has done this 1 time(s).

9/19/2012 6:43:05 AM, error: Service Control Manager [7034] - The AD Blocker Service service terminated unexpectedly. It has done this 1 time(s).

9/19/2012 2:22:34 AM, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: The process cannot access the file because it is being used by another process.

9/19/2012 2:22:20 AM, error: SRService [104] - The System Restore initialization process failed.

9/19/2012 12:21:29 AM, error: Service Control Manager [7031] - The Windows CardSpace service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

9/19/2012 12:09:38 AM, error: Service Control Manager [7031] - The Windows CardSpace service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/19/2012 10:29:30 PM, error: Service Control Manager [7034] - The Anvi Smart Defender Realtime Guard Service service terminated unexpectedly. It has done this 1 time(s).

9/19/2012 10:28:55 PM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

.

==== End Of File ===========================

[Maniac]

Where are the results from first and second step?

[kamry2009]

Malwarebytes Anti-Malware (PRO) 1.65.0.1400

www.malwarebytes.org

Database version: v2012.09.26.05

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 7.0.5730.13

llllllllllllllllllll :: ORO [administrator]

Protection: Disabled

9/26/2012 15:19:28

mbam-log-2012-09-26 (15-19-28).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 322790

Time elapsed: 12 minute(s), 29 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[kamry2009]

first step

i want to keep this programs

i dont use all of them as real time protection

[Maniac]

Note: Please do not run this tool without special supervision and instruction of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

[kamry2009]

i need restore points

what can i do in this case?

[Maniac]

Why? What's going on there?

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!