Jump to content

Strange happenings.

Cranfield
 Share

Recommended Posts

Cranfield

Cranfield

Posted
Posted

I have Anti-Malware (PRO) installed and I also have SpyHunter installed, this was done some months ago by a techie friend to remove a specific trojan.

I am running Windows XP and GoogleChrome browser.

 

If I run Malwarebytes quick scan I find no problems.

If I then immediately run SpyHunter quick scan I find infections when scanning my Registry from, "Findwide.com", "ImminentSearchtheWeb" and "StartsearHyjacker".

I then press "remove threats" on SpyHunter and quick scan again and the "threats" are still there, but if I run a quick scan by Malwarebytes there are no "threats".

 

I have contacted SpyHunter Support and have been advised to do a reinstall of SpyHunter, which I have done and the situation remains the same.

 

I am not a technical minded person and I would appreciate some help as to what is going on and should I be doing something about it.

 

 

.

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

Hello, Cranfield:
 
Welcome back.
 
I'm not familiar with SpyHunter, but it appears to be some sort of anti-malware application similar to Malwarebytes Anti-Malware (MBAM)?
It might be some sort of conflict between the 2 programs.

(FWIW Spyhunter doesn't seem to have a favorable reputation, and some consider it to be a rogue.)

 

ALSO: You didn't mention what anti-virus (AV) program you are running?

(MBAM is not an anti-virus & is not a replacement for one.)

 

Let's start by getting some basic system information, so that the staff and experts can better assist you.

Please follow the instructions below and post back with the following logs as attachments to your next reply:

  • Checkresults.txt from mbam-check
  • A couple of protection logs, if you have them
  • DDS.txt from DDS
  • Attach.txt from DDS

These will provide the MBAM staff with a bit of information that will help them to pinpoint the cause and the solution for you.

Thanks!

daledoc1

-----------------------------

Step 1 -- Create an mbam-check log:

Download mbam-check.exe from HERE and save it to your desktop.
Double-click on mbam-check.exe to run it, it should then open a log file.
Please attach to your next reply the CheckResults.txt file which should now be located on your desktop.

Then, if you can, please also upload your 3 most recent Protection module logs:

In Windows XP, these logs are located in: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
In Windows Vista/7/8, these logs are located in: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs



Step 2 -- Run DDS and create 2 logs:

Download DDS from one of the locations below and save it to your Desktop:
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once it is downloaded, you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please attach both of the following logs to your next reply: DDS.txt and Attach.txt
    --->You can ignore the note about zipping the Attach.txt file in most cases.
Link to post
Share on other sites
Cranfield

Cranfield

Posted
  • Author
Posted

The last three "Protection Module logs" (I think).

 

2013/12/13 08:55:59 GMT YOUR-C94F920E24 MESSAGE Starting protection
2013/12/13 08:55:59 GMT YOUR-C94F920E24 MESSAGE Protection started successfully
2013/12/13 08:55:59 GMT YOUR-C94F920E24 MESSAGE Starting IP protection
2013/12/13 08:56:53 GMT YOUR-C94F920E24 HP_Owner MESSAGE IP Protection started successfully
2013/12/13 13:29:26 GMT YOUR-C94F920E24 HP_Owner MESSAGE Starting database refresh
2013/12/13 13:29:27 GMT YOUR-C94F920E24 HP_Owner MESSAGE Stopping IP protection
2013/12/13 13:29:27 GMT YOUR-C94F920E24 HP_Owner MESSAGE IP Protection stopped successfully
2013/12/13 13:29:54 GMT YOUR-C94F920E24 HP_Owner MESSAGE Database refreshed successfully
2013/12/13 13:29:54 GMT YOUR-C94F920E24 HP_Owner MESSAGE Starting IP protection
2013/12/13 13:30:19 GMT YOUR-C94F920E24 HP_Owner MESSAGE IP Protection started successfully
 
2013/12/12 07:43:55 GMT YOUR-C94F920E24 HP_Owner MESSAGE Starting protection
2013/12/12 07:43:56 GMT YOUR-C94F920E24 HP_Owner MESSAGE Protection started successfully
2013/12/12 07:43:56 GMT YOUR-C94F920E24 HP_Owner MESSAGE Starting IP protection
2013/12/12 07:45:29 GMT YOUR-C94F920E24 HP_Owner MESSAGE IP Protection started successfully
2013/12/12 13:11:47 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:11:50 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:11:50 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:11:50 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:11:56 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:11:56 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:11:56 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:12:08 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:12:08 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:12:08 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:12:11 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:12:11 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:12:11 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:12:17 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:12:17 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 13:12:17 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/12 22:27:57 GMT YOUR-C94F920E24 MESSAGE Starting protection
2013/12/12 22:27:58 GMT YOUR-C94F920E24 MESSAGE Protection started successfully
2013/12/12 22:27:58 GMT YOUR-C94F920E24 MESSAGE Starting IP protection
2013/12/12 22:29:22 GMT YOUR-C94F920E24 HP_Owner MESSAGE IP Protection started successfully
 
 
2013/12/11 08:42:35 GMT YOUR-C94F920E24 MESSAGE Starting protection
2013/12/11 08:42:35 GMT YOUR-C94F920E24 MESSAGE Protection started successfully
2013/12/11 08:42:35 GMT YOUR-C94F920E24 MESSAGE Starting IP protection
2013/12/11 08:44:13 GMT YOUR-C94F920E24 HP_Owner MESSAGE IP Protection started successfully
2013/12/11 10:37:18 GMT YOUR-C94F920E24 MESSAGE Starting protection
2013/12/11 10:37:19 GMT YOUR-C94F920E24 MESSAGE Protection started successfully
2013/12/11 10:37:20 GMT YOUR-C94F920E24 HP_Owner MESSAGE Starting IP protection
2013/12/11 10:38:28 GMT YOUR-C94F920E24 HP_Owner MESSAGE IP Protection started successfully
2013/12/11 19:35:41 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 19:35:44 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 19:35:44 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 19:35:50 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 19:35:50 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 19:36:02 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 19:36:02 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 19:36:05 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 19:36:05 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 19:36:11 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 19:36:11 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:48:58 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:01 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:07 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:19 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:22 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:28 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:40 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:43 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:43 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:48 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:49 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:49 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:51 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:51 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:57 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:49:57 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:01 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:01 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:04 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:04 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:09 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:09 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:10 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:10 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:12 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:12 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:17 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:17 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:18 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:18 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:19 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:20 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:20 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:22 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:25 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:26 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:26 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:26 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:31 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:37 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:38 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:38 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:41 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:41 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:41 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:43 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:46 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:46 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:47 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:47 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:52 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:58 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:59 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:50:59 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:01 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:02 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:02 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:07 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:08 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:08 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:19 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:20 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:20 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:23 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:23 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:23 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:28 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:29 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
2013/12/11 20:51:29 GMT YOUR-C94F920E24 HP_Owner IP-BLOCK 94.242.214.83 (Type: outgoing)
 
Link to post
Share on other sites
Cranfield

Cranfield

Posted
  • Author
Posted

Here are the dds logs.

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 23/11/2006 11:58:36
System Uptime: 13/12/2013 08:51:27 (8 hours ago)
.
Motherboard: MSI |  | AMETHYST-M
Processor: AMD Sempron Processor 3000+ | Socket 939 | 1790/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 227 GiB total, 78.292 GiB free.
D: is FIXED (FAT32) - 5 GiB total, 0.498 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2910: 15/09/2013 10:59:49 - System Checkpoint
RP2911: 16/09/2013 11:41:16 - System Checkpoint
RP2912: 17/09/2013 13:24:24 - System Checkpoint
RP2913: 18/09/2013 14:18:10 - System Checkpoint
RP2914: 19/09/2013 14:58:39 - System Checkpoint
RP2915: 20/09/2013 15:55:56 - System Checkpoint
RP2916: 21/09/2013 16:09:32 - System Checkpoint
RP2917: 22/09/2013 16:23:15 - System Checkpoint
RP2918: 23/09/2013 16:56:27 - System Checkpoint
RP2919: 24/09/2013 17:33:46 - System Checkpoint
RP2920: 25/09/2013 19:21:33 - System Checkpoint
RP2921: 26/09/2013 19:51:13 - System Checkpoint
RP2922: 27/09/2013 21:27:14 - System Checkpoint
RP2923: 28/09/2013 23:11:06 - System Checkpoint
RP2924: 30/09/2013 10:34:44 - System Checkpoint
RP2925: 01/10/2013 11:04:13 - System Checkpoint
RP2926: 02/10/2013 13:32:00 - System Checkpoint
RP2927: 03/10/2013 13:43:47 - System Checkpoint
RP2928: 04/10/2013 14:04:28 - System Checkpoint
RP2929: 05/10/2013 17:54:51 - System Checkpoint
RP2930: 06/10/2013 19:58:15 - System Checkpoint
RP2931: 07/10/2013 22:38:26 - System Checkpoint
RP2932: 09/10/2013 10:41:09 - System Checkpoint
RP2933: 09/10/2013 22:46:34 - Software Distribution Service 3.0
RP2934: 11/10/2013 08:09:53 - System Checkpoint
RP2935: 12/10/2013 08:39:50 - System Checkpoint
RP2936: 12/10/2013 23:20:22 - Removed Apple Software Update
RP2937: 12/10/2013 23:21:19 - Removed Apple Application Support
RP2938: 13/10/2013 12:56:28 - Installed iTunes
RP2939: 13/10/2013 21:13:04 - Software Distribution Service 3.0
RP2940: 14/10/2013 21:25:32 - System Checkpoint
RP2941: 16/10/2013 11:42:04 - System Checkpoint
RP2942: 17/10/2013 11:43:12 - System Checkpoint
RP2943: 18/10/2013 13:09:21 - System Checkpoint
RP2944: 19/10/2013 13:46:10 - System Checkpoint
RP2945: 20/10/2013 16:53:52 - System Checkpoint
RP2946: 21/10/2013 08:50:16 - Installed Java 7 Update 45
RP2947: 21/10/2013 22:49:50 - avast! antivirus system restore point
RP2948: 23/10/2013 00:24:12 - System Checkpoint
RP2949: 24/10/2013 11:22:11 - System Checkpoint
RP2950: 25/10/2013 12:45:23 - System Checkpoint
RP2951: 25/10/2013 13:17:47 - avast! antivirus system restore point
RP2952: 26/10/2013 08:35:42 - avast! antivirus system restore point
RP2953: 26/10/2013 08:37:17 - avast! antivirus system restore point
RP2954: 27/10/2013 08:19:12 - System Checkpoint
RP2955: 28/10/2013 08:44:04 - System Checkpoint
RP2956: 29/10/2013 10:57:41 - System Checkpoint
RP2957: 30/10/2013 11:48:14 - System Checkpoint
RP2958: 31/10/2013 12:30:12 - System Checkpoint
RP2959: 01/11/2013 15:25:39 - System Checkpoint
RP2960: 02/11/2013 16:36:47 - System Checkpoint
RP2961: 03/11/2013 17:32:19 - System Checkpoint
RP2962: 04/11/2013 19:44:31 - System Checkpoint
RP2963: 05/11/2013 20:31:44 - System Checkpoint
RP2964: 07/11/2013 11:40:31 - System Checkpoint
RP2965: 08/11/2013 13:31:47 - System Checkpoint
RP2966: 09/11/2013 14:10:44 - System Checkpoint
RP2967: 09/11/2013 15:21:14 - Removed OpenOffice.org 3.3
RP2968: 09/11/2013 15:23:18 - Installed OpenOffice 4.0.1
RP2969: 10/11/2013 15:35:11 - System Checkpoint
RP2970: 11/11/2013 19:26:15 - System Checkpoint
RP2971: 12/11/2013 19:48:14 - System Checkpoint
RP2972: 13/11/2013 13:51:15 - Software Distribution Service 3.0
RP2973: 13/11/2013 15:56:30 - Software Distribution Service 3.0
RP2974: 14/11/2013 09:24:05 - Installed MailWasherPro
RP2975: 15/11/2013 11:57:51 - System Checkpoint
RP2976: 16/11/2013 13:23:54 - System Checkpoint
RP2977: 17/11/2013 18:37:49 - System Checkpoint
RP2978: 18/11/2013 19:08:28 - System Checkpoint
RP2979: 19/11/2013 20:15:48 - System Checkpoint
RP2980: 20/11/2013 11:54:57 - Removed Skype™ 6.10
RP2981: 20/11/2013 11:56:15 - Removed Skype Click to Call
RP2982: 21/11/2013 15:02:25 - System Checkpoint
RP2983: 22/11/2013 16:03:29 - System Checkpoint
RP2984: 23/11/2013 17:31:12 - System Checkpoint
RP2985: 24/11/2013 18:49:22 - System Checkpoint
RP2986: 25/11/2013 19:07:36 - System Checkpoint
RP2987: 26/11/2013 21:30:58 - System Checkpoint
RP2988: 27/11/2013 22:22:29 - System Checkpoint
RP2989: 29/11/2013 10:55:20 - System Checkpoint
RP2990: 30/11/2013 11:12:36 - System Checkpoint
RP2991: 01/12/2013 12:04:53 - System Checkpoint
RP2992: 02/12/2013 12:28:22 - System Checkpoint
RP2993: 03/12/2013 12:32:51 - System Checkpoint
RP2994: 04/12/2013 13:07:11 - System Checkpoint
RP2995: 05/12/2013 14:16:53 - System Checkpoint
RP2996: 06/12/2013 14:43:27 - System Checkpoint
RP2997: 07/12/2013 15:27:48 - System Checkpoint
RP2998: 08/12/2013 16:20:12 - System Checkpoint
RP2999: 09/12/2013 16:35:38 - System Checkpoint
RP3000: 10/12/2013 17:53:30 - System Checkpoint
RP3001: 11/12/2013 09:49:01 - Software Distribution Service 3.0
RP3002: 12/12/2013 10:39:38 - System Checkpoint
RP3003: 12/12/2013 22:16:58 - Removed RegHunter
RP3004: 12/12/2013 22:17:59 - Removed SpyHunter
RP3005: 12/12/2013 22:47:19 - Installed SpyHunter
RP3006: 13/12/2013 09:02:06 - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoBase 3
ArcSoft PhotoStudio 5
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
avast! Internet Security
BBC iPlayer Desktop
Belkin F5D8053 N Wireless USB Adapter
Bonjour
Canon CanoScan Toolbox 4.1
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center HydraVision Full
Catalyst Control Center Localization All
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CDisplay 1.8
Critical Update for Windows Media Player 11 (KB959772)
Customer Experience Enhancement
DivX Setup
DocumentViewer
DocumentViewerQFolder
DownloadX ActiveX Download Control 1.6.5
Enhanced Multimedia Keyboard Solution
EPSON PhotoQuicker3.4
EPSON PRINT Image Framer Tool2.0
EPSON Printer Software
Foxit PDF Editor
Free File Viewer 2011
Google Chrome
Google Earth
Google Earth Plug-in
Google Gmail Notifier
Google Update Helper
Haali Media Splitter
Hewlett-Packard ACLM.NET v1.1.0.0
High Definition Audio Driver Package - KB888111
HijackThis 1.99.0
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP Deskjet Printer Preload
HP Document Viewer 5.3
HP DVD Play 1.0
HP Product Assistant
HP Product Detection
HP Update
HPProductAssistant
HpSdpAppCoreApp
Internet Download Manager
Internet Services
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 5
Java 7 Update 45
Java Auto Updater
Java 6 Update 22
LightScribe  1.4.62.1
MailWasher Pro
MailWasherPro
Malwarebytes Anti-Malware version 1.75.0.1300
Manual CanoScan LiDE 80
Matroska Pack - Lazy Man's MKV 0.9.9
MediaStore PlayFLV
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OmniPage SE
OpenOffice 4.0.1
PC-Doctor 5 for Windows
PC Wizard 2008.1.871
PerformanceTest v6.1
PIF DESIGNER2.0
PowerISO
Presto! PageManager 6.03
PS2
Recuva
Samsung_MonSetup
ScanToWeb
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2675157)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Serif PagePlus SE 1.0
Skins
Skype Click to Call
Skype™ 6.1
SopCast 3.2.4
SpeedTouch USB Software
Spotify
Spybot - Search & Destroy
SpyHunter
TomTom HOME
TomTom HOME Visual Studio Merge Modules
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB2904266)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.4053
Veetle TV
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 2.1.2
WebFldrs XP
Windows Driver Package - MobileTop (sshpmdm) Modem  (02/23/2007 2.5.0.0)
Windows Driver Package - MobileTop (sshpusb) USB  (02/23/2007 2.5.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows PowerShell 1.0
Windows XP Service Pack 3
WinRAR archiver
YapPhone
.
==== Event Viewer Messages From Past Week ========
.
12/12/2013 22:17:08, error: Service Control Manager [7023]  - The Application Management service terminated with the following error:  The specified module could not be found.
11/12/2013 08:43:44, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Skype C2C Service service to connect.
09/12/2013 07:44:23, error: Service Control Manager [7000]  - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
09/12/2013 07:44:22, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
08/12/2013 22:17:00, error: Schedule [7901]  - The At1.job command failed to start due to the following error:  %%2147942402
08/12/2013 09:05:09, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  ftsata2
08/12/2013 09:05:09, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Windows Image Acquisition (WIA) service to connect.
08/12/2013 09:05:09, error: Service Control Manager [7000]  - The Windows Image Acquisition (WIA) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
 
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.45.2
Run by HP_Owner at 16:51:32 on 2013-12-13
Microsoft Windows XP Home Edition  5.1.2600.3.1252.44.1033.18.3006.1919 [GMT 0:00]
.
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* 
FW: AVG Firewall *Disabled* 
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: {B56A7D7D-6927-48C8-A975-17DF180C71AC} - <orphaned>
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe
mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [20131121] c:\program files\avast software\avast\setup\emupdate\3796a166-ea42-4ca3-83a7-5b2bd79ff5dd.exe /check
StartupFolder: c:\docume~1\hp_owner\startm~1\programs\startup\mailwa~1.lnk - c:\program files\firetrust\mailwasher\MailWasherPro.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021} - <orphaned>
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{01C79DFE-6A25-48C0-B0C4-B8881E914877} : DHCPNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
TCP: Interfaces\{E45BEAE8-2621-4757-97A5-480F92005260} : DHCPNameServer = 192.168.2.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2013-7-13 12112]
R0 aswNdis2;avast! Firewall NDIS Driver;c:\windows\system32\drivers\aswNdis2.sys [2013-7-13 247192]
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-7-13 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-7-13 178304]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-5-2 64288]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-7-13 26136]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-7-13 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2013-7-13 403440]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2010-12-23 121184]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2009-10-28 101720]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-7-13 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-7-13 70384]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-7-13 50344]
R2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2013-7-13 179088]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-3 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-1-7 701512]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-11-22 3290304]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2013-8-27 93072]
R3 esgiguard;esgiguard;c:\program files\enigma software group\spyhunter\esgiguard.sys [2011-5-6 13904]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-1-7 22856]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 Aldebaran;Aldebaran - Storage Filter Drivers;\??\c:\windows\system32\drivers\aldebaran.sys --> c:\windows\system32\drivers\Aldebaran.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2009-5-22 36608]
S3 rt2870;Belkin 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2007-7-28 517632]
S3 w7lf_.sys;w7lf_.sys;\??\c:\windows\system32\drivers\w7lf_.sys --> c:\windows\system32\drivers\w7lf_.sys [?]
S3 xcpip;TCP/IP Protocol Driver;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]
S3 xpsec;IPSEC driver;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]
S3 YapLoad;Y@pPhone;c:\windows\system32\drivers\YapLoad.Sys [2008-7-8 19656]
.
=============== Created Last 30 ================
.
2013-12-12 22:47:27 110080 ----a-r- c:\documents and settings\hp_owner\application data\microsoft\installer\{34949bb0-08bb-4407-882f-164eb49e335b}\IconF7A21AF7.exe
2013-12-12 22:47:27 110080 ----a-r- c:\documents and settings\hp_owner\application data\microsoft\installer\{34949bb0-08bb-4407-882f-164eb49e335b}\IconD7F16134.exe
2013-12-12 22:47:27 110080 ----a-r- c:\documents and settings\hp_owner\application data\microsoft\installer\{34949bb0-08bb-4407-882f-164eb49e335b}\IconCAE74F08.exe
2013-12-12 22:47:21 -------- d-----w- C:\sh4ldr
2013-12-12 22:47:21 -------- d-----w- c:\program files\Enigma Software Group
2013-12-12 22:16:36 -------- d-----w- c:\windows\CD27142034CF47DC80B7C409B6CD0DD8.TMP
2013-11-30 21:17:25 -------- d-----w- c:\documents and settings\hp_owner\local settings\application data\Spotify
2013-11-30 21:16:29 -------- d-----w- c:\documents and settings\hp_owner\application data\Spotify
.
==================== Find3M  ====================
.
2013-12-10 22:21:44 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-10 22:21:43 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 23:41:38 121184 ----a-w- c:\windows\system32\drivers\idmtdi.sys
2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26:17 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:57:34 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:57:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-29 07:57:33 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:57:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45:02 385024 ----a-w- c:\windows\system32\html.iec
2013-10-23 23:45:49 172032 ----a-w- c:\windows\system32\scrrun.dll
2013-10-21 21:55:49 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-21 21:55:49 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-21 21:55:49 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-21 21:55:49 43152 ----a-w- c:\windows\avastSS.scr
2013-10-21 21:55:49 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-21 21:55:35 26136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-10-21 21:55:32 247192 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-10-14 17:41:58 104752 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-08 06:50:41 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-08 06:29:36 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-07 10:59:21 603136 ----a-w- c:\windows\system32\crypt32.dll
.
=================== ROOTKIT  ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR 
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 
1 ntkrnlpa!IofCallDriver[0x804EE1A0] -> \Device\Harddisk0\DR0[0x8AC48AB8]
3 CLASSPNP[0xBA0E8FD7] -> ntkrnlpa!IofCallDriver[0x804EE1A0] -> \Device\00000072[0x8ABE9F18]
5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EE1A0] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8AC43D98]
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x5c;  }
user != kernel MBR !!! 
.
============= FINISH: 16:52:39.75 ===============
 

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.