[nrobe]

Cannot open Windows Security centre - Windows Firewall.

Says ' Due to an unidentifed problem, windows cannot display windows firewall settings'.

I have run TFC, Malwarebytes anti-malware - nothing.
can you help.

[Advertisements]

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

• Please do not run any tools unless instructed to do so.
  
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
• Please do not attach logs or use code boxes, just copy and paste the text.
  
  • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
• Please read every post completely before doing anything.
  
  • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
• Please provide feedback about your experience as we go.
  
  • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.





I need to get some reports to get a base to start from so I need you to run these programs first.


-DeFogger-

• Please download DeFogger to your desktop.
  
  Double click DeFogger to run the tool.
  
• The application window will appear
• Click the Disable button to disable your CD Emulation drivers
• Click Yes to continue
• A 'Finished!' message will appear
• Click OK
• DeFogger may ask you to reboot the machine, if it does - click OK

Do not re-enable these drivers until otherwise instructed.


-Security Check-

• Download Security Check by screen317 from here.
• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-Download DDS-

• Please download DDS from one of the links below and save it to your desktop:
  
  
  Download DDS and save it to your desktop
  
  Link1
  Link2
  Link3
  
  
  
  • Double-Click on dds.scr and a command window will appear. This is normal.
  • Shortly after two logs will appear:
    
  • DDS.txt
  • Attach.txt
• A window will open instructing you save & post the logs
• Save the logs to a convenient place such as your desktop
• Copy the contents of both logs & post in your next reply

information and logs

• In your next post I need the following
  
  
• both reports from DDS
• report from security check
• let me know of any problems you may have had

Gringo

[gringo_pr]

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

• Please do not run any tools unless instructed to do so.
  
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
• Please do not attach logs or use code boxes, just copy and paste the text.
  
  • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
• Please read every post completely before doing anything.
  
  • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
• Please provide feedback about your experience as we go.
  
  • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.





I need to get some reports to get a base to start from so I need you to run these programs first.


-DeFogger-

• Please download DeFogger to your desktop.
  
  Double click DeFogger to run the tool.
  
• The application window will appear
• Click the Disable button to disable your CD Emulation drivers
• Click Yes to continue
• A 'Finished!' message will appear
• Click OK
• DeFogger may ask you to reboot the machine, if it does - click OK

Do not re-enable these drivers until otherwise instructed.


-Security Check-

• Download Security Check by screen317 from here.
• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-Download DDS-

• Please download DDS from one of the links below and save it to your desktop:
  
  
  Download DDS and save it to your desktop
  
  Link1
  Link2
  Link3
  
  
  
  • Double-Click on dds.scr and a command window will appear. This is normal.
  • Shortly after two logs will appear:
    
  • DDS.txt
  • Attach.txt
• A window will open instructing you save & post the logs
• Save the logs to a convenient place such as your desktop
• Copy the contents of both logs & post in your next reply

information and logs

• In your next post I need the following
  
  
• both reports from DDS
• report from security check
• let me know of any problems you may have had

Gringo

[gringo_pr]

Hello

48 Hour bump

It has been more than 48 hours since my last post.

• do you still need help with this?
• do you need more time?
• are you having problems following my instructions?
  
• if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

[nrobe]

Delayed notification 'gringo'.

Too much print - temporary data, work, overload.

[gringo_pr]

I will check on you later

[gringo_pr]

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo

[nrobe]

DDS

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Michael Roughan at 18:05:46 on 2013-02-05
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.703.123 [GMT 0:00]
.
AV: Kaspersky Internet Security *Disabled/Outdated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.pipexuk.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4A368E80-174F-4872-96B5-0B27DDD11DB2} - c:\program files\spywareguard\dlprotect.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - <orphaned>
EB: &Discuss: {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [VTTimer] VTTimer.exe
mRun: [PCMService] "c:\apps\powercinema\PCMService.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\point32.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2013\avp.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SpeedTouch USB Diagnostics] "c:\program files\thomson\speedtouch usb\Dragdiag.exe" /icon
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\michae~1\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palmone\Hotsync.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: nosimplestartmenu = dword:0
uPolicies-Explorer: norecentdochistory = dword:0
uPolicies-Explorer: maxrecentdocs = dword:0
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:351
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2013\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: mswsock.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {26E6B759-DEEB-42A1-A21C-78CD29098411} - hxxp://games.bigfishgames.com/en_fitness-dash/online/FitnessDashWeb.1.0.0.11.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238148714015
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356227304421
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FD07749-EFFA-48C6-947C-45A8D7BF422F} - hxxp://www.cyberlink.com/prog/vista/prog/CLVistaGenie.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs= c:\progra~1\google\google~2\GOEC62~1.DLL
SSODL: CDBurn - <orphaned>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SpywareGuard.Handler - {81559C35-8464-49F7-BB0E-07A383BEF910} - c:\program files\spywareguard\spywareguard.dll
.
============= SERVICES / DRIVERS ===============
.
R0 kl1;kl1;c:\windows\system32\drivers\kl1.sys [2012-6-19 136024]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2012-10-5 586584]
R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [2012-6-8 43608]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [2012-8-13 144344]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2013\avp.exe [2012-8-17 356376]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2012-6-27 35672]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [2012-5-25 24408]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2012-7-25 24920]
S3 ExpressAccountsService;Express Accounts;c:\program files\nch software\expressaccounts\expressaccounts.exe [2012-11-20 3051632]
S3 ExpressInvoiceService;Express Invoice;c:\program files\nch software\expressinvoice\expressinvoice.exe [2012-11-20 2211952]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-8-26 30192]
S3 InventoriaService;Inventoria Stock Manager;c:\program files\nch software\inventoria\inventoria.exe [2012-11-20 1693312]
.
=============== Created Last 30 ================
.
2013-02-04 01:38:50 2560 ----a-w- c:\documents and settings\all users\application data\microsoft\usmt\iconlib.dll
2013-01-30 17:24:07 -------- d-----w- C:\ELIBRARY
2013-01-25 00:37:24 -------- d-----w- c:\windows\system32\wbem\repository\FS
2013-01-25 00:37:24 -------- d-----w- c:\windows\system32\wbem\Repository
2013-01-25 00:36:48 -------- d-----w- c:\program files\common files\supportsoft
2013-01-24 22:57:18 -------- d-----w- c:\documents and settings\michael roughan\local settings\application data\Wajam
2013-01-24 22:56:05 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer
.
==================== Find3M ====================
.
2013-01-10 10:15:05 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-10 10:15:04 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 16:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-10 12:01:22 18360 ----a-w- c:\windows\system32\roboot.exe
2012-11-16 22:29:29 43608 ----a-w- c:\windows\system32\drivers\kltdi.sys
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 18:08:10.84 ===============


Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 18/03/2009 19:05:58
System Uptime: 05/02/2013 17:25:49 (1 hours ago)
.
Motherboard: NEC COMPUTERS INTERNATIONAL | | MS-6786
Processor: AMD Sempron™ 2800+ | Socket A | 2005/167mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 69 GiB total, 35.528 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP461: 07/11/2012 19:06:24 - System Checkpoint
RP462: 11/11/2012 23:42:15 - System Checkpoint
RP463: 16/11/2012 22:36:31 - First Restore Point
RP464: 21/11/2012 14:48:16 - System Checkpoint
RP465: 22/11/2012 22:35:25 - Software Distribution Service 3.0
RP466: 08/12/2012 00:14:21 - First Restore Point
RP467: 08/12/2012 00:20:14 - First Restore Point
RP468: 10/12/2012 15:48:18 - System Checkpoint
RP469: 13/12/2012 23:19:27 - System Checkpoint
RP470: 13/12/2012 23:33:52 - Software Distribution Service 3.0
RP471: 14/12/2012 11:22:38 - RegClean Pro Fri, Dec 14, 12 11:22
RP472: 15/12/2012 17:46:21 - System Checkpoint
RP473: 18/12/2012 21:27:37 - System Checkpoint
RP474: 23/12/2012 01:53:39 - N A ROBERTSON Restore System
RP475: 26/12/2012 10:49:42 - System Checkpoint
RP476: 26/12/2012 18:00:53 - Software Distribution Service 3.0
RP477: 29/12/2012 01:30:21 - Software Distribution Service 3.0
RP478: 05/01/2013 21:38:27 - Software Distribution Service 3.0
RP479: 07/01/2013 15:14:16 - Software Distribution Service 3.0
RP480: 10/01/2013 19:08:08 - Software Distribution Service 3.0
RP481: 14/01/2013 19:23:58 - System Checkpoint
RP482: 15/01/2013 23:20:00 - System Checkpoint
RP483: 17/01/2013 11:17:36 - System Checkpoint
RP484: 23/01/2013 23:12:54 - System Checkpoint
RP485: 24/01/2013 23:30:03 - Removed Internet Explorer Toolbar 4.6 by SweetPacks
RP486: 24/01/2013 23:36:01 - Removed SupportSoft Assisted Service
RP487: 24/01/2013 23:37:13 - Removed SweetIM for Messenger 3.7
RP488: 24/01/2013 23:46:47 - Removed Update Manager for SweetPacks 1.1
RP489: 25/01/2013 00:35:12 - Restore Operation
RP490: 25/01/2013 00:47:49 - 25 Janvier 2013 0046
RP491: 30/01/2013 22:01:04 - System Checkpoint
RP492: 05/02/2013 00:12:27 - System Checkpoint
.
==== Installed Programs ======================
.
ACDSee for PENTAX 3.0
Acrobat.com
Adobe AIR
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.3
Adobe Reader for Palm OS, 3.05
Adobe Shockwave Player 11.5
AiO_Scan
Apple Application Support
Apple Software Update
Aztech CNR2900 V.90 Modem
BufferChm
Compatibility Pack for the 2007 Office system
Copper
Copy
CreativeProjects
CreativeProjectsTemplates
CueTour
Destinations
Director
DocProc
DocumentViewer
Express Accounts
Express Burn
Express Invoice
GdiplusUpgrade
Google Desktop
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HourGuard Time Sheet
HP Image Zone 4.2
HP Product Detection
HP PSC & OfficeJet 4.2
HP Update
HPODiscovery
HPSystemDiagnostics
InstantShare
Inventoria Stock Manager
Java 2 Runtime Environment, SE v1.4.2_05
Java Auto Updater
Java™ 6 Update 13
Java™ 6 Update 31
Kaspersky Internet Security 2013
Lizardtech DjVu Control
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 5.0
Microsoft IntelliType Pro 5.0
Microsoft Office 2003 Primary Interop Assemblies
Microsoft Office Access 2003 Step by Step
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Visio Professional 2003
Microsoft Silverlight
Microsoft SQL Native Client
Microsoft SQL Server 2005 Express Edition CTP (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition CTP
Microsoft SQL Server Setup Support Files (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Windows Media Video 9 VCM
Microsoft Works 7.0
Microsoft XML Parser
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB933579)
NetObjects Fusion 7
overland
Packard Bell InfoCentre
PhotoGallery
PrintScreen
QFolder
QuickBooks
QuickBooks SimpleStart Free Limited Editon
QuickProjects
QuickTime
QuickTime for Windows (32-bit)
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
Sage e-Banking Core Components
Scan
Seagate SeaTools English Online
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SkinsHP1
Sonic MyDVD
Sonic RecordNow!
SpeedTouch USB Software
SpywareGuard v2.2
SQLXML 4.0
SupportSoft Assisted Service
TAS Basics
TrayApp
TweakNow RegCleaner 2012
TweakNow RegCleaner Standard
UniChrome Series Driver and Utilities
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VB Runtime
VIA Rhine-Family Fast Ethernet Adapter
Viewpoint Media Player
Visual Studio 2005 Tools for Office Second Edition Runtime
WebFldrs XP
WebReg
Windows Genuine Advantage v1.3.0254.0
Windows Internet Explorer 8
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
30/01/2013 22:44:49, error: Service Control Manager [7034] - The SmartLinkService service terminated unexpectedly. It has done this 1 time(s).
30/01/2013 22:44:49, error: Service Control Manager [7034] - The QBCFMonitorService service terminated unexpectedly. It has done this 1 time(s).
30/01/2013 22:44:49, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
30/01/2013 22:44:49, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
30/01/2013 22:44:49, error: Service Control Manager [7034] - The Generic Service for HID Keyboard Input Collections service terminated unexpectedly. It has done this 1 time(s).
30/01/2013 22:44:49, error: Service Control Manager [7034] - The CyberLink Task Scheduler (CTS) service terminated unexpectedly. It has done this 1 time(s).
30/01/2013 22:44:49, error: Service Control Manager [7034] - The CyberLink Media Library Service service terminated unexpectedly. It has done this 1 time(s).
30/01/2013 22:44:48, error: Service Control Manager [7034] - The CyberLink Background Capture Service (CBCS) service terminated unexpectedly. It has done this 1 time(s).
05/02/2013 18:05:59, error: Service Control Manager [7016] - The SmartLinkService service has reported an invalid current state 0.
02/02/2013 14:02:52, error: Service Control Manager [7024] - The SQL Server (SQLEXPRESS) service terminated with service-specific error 17051 (0x429B).
02/02/2013 14:02:52, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
.
==== End Of File ===========================


Checkup

Results of screen317's Security Check version 0.99.57
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Kaspersky Internet Security 2013
`````````Anti-malware/Other Utilities Check:`````````
SpywareGuard v2.2
Malwarebytes Anti-Malware version 1.70.0.1100
TweakNow RegCleaner 2012
TweakNow RegCleaner Standard
Java™ 6 Update 13
Java™ 6 Update 31
Java 2 Runtime Environment, SE v1.4.2_05
Java version out of Date!
Adobe Reader 9 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 2013 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 8%
````````````````````End of Log``````````````````````



not so sure where your coming from with disabling the cd dive - is taht necccessary,

reply

[gringo_pr]

Hello

that does not disable the CD drive - it disable a type of software that makes a virtual CD drive as that will cause false positives in some of our tools


These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.


-AdwCleaner-

• Please download AdwCleaner by Xplode onto your desktop.
  
• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click on Delete.
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

• Download & SAVE to your Desktop RogueKiller or from here
  
• Quit all programs that you may have started.
• Please disconnect any USB or external drives from the computer before you run this scan!
• For Vista or Windows 7, right-click and select "Run as Administrator to start"
• For Windows XP, double-click to start.
• Wait until Prescan has finished ...
• Then Click on "Scan" button
• Wait until the Status box shows "Scan Finished"
• click on "delete"
• Wait until the Status box shows "Deleting Finished"
• Click on "Report" and copy/paste the content of the Notepad into your next reply.
• The log should be found in RKreport[1].txt on your Desktop
• Exit/Close RogueKiller+

Gringo

[nrobe]

Adwcleaner

# AdwCleaner v2.111 - Logfile created 02/06/2013 at 19:57:47
# Updated 05/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Michael Roughan - SN044855520105
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Michael Roughan\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\michael roughan\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\michael roughan\Local Settings\Application Data\Wajam
Folder Deleted : C:\Program Files\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CToolbar_UNINSTALL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [3544 octets] - [06/02/2013 19:57:47]

########## EOF - C:\AdwCleaner[S1].txt - [3604 octets] ##########


Adwcleaner [2]

# AdwCleaner v2.111 - Logfile created 02/06/2013 at 20:24:41
# Updated 05/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Michael Roughan\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [3673 octets] - [06/02/2013 19:57:47]
AdwCleaner[S2].txt - [616 octets] - [06/02/2013 20:24:41]

########## EOF - C:\AdwCleaner[S2].txt - [675 octets] ##########



Cannot get rogue killer to run properly.

Stops half way through - Kapersky says - suspicious driver installation.a

here is the report it produced.



[00:00:0031] ***** Global Init *****
[00:00:0062] Has crashed before : Yes
[00:00:0062] Create mutex : RogueKiller
[00:00:0062] Mutex Created : 0x1f4
[00:00:0062] Fill lists
[00:00:0062] OS Language : English
[00:00:0078] Take Privileges
[00:00:0078] Modify Token
[00:00:0093] Set priority to HIGH
[00:00:0093] Getting Operating System
[00:00:0093] Os Getted : Windows XP (5.1.2600 Service Pack 3) 32 bits version
[00:00:0093] ***** Global Init OK *****
[00:00:0093] ***** GUI Init *****
[00:00:0093] Get build number
[00:00:0093] build number : RogueKiller (by Tigzy) -- v8.4.4 [Feb 5 2013] (x64 : No)
[00:00:0281] ***** GUI Init OK *****
[00:00:0281] ***** PreScan *****
[00:00:0297] Clear ListViews
[00:00:0297] Clear Objects : 0x0
[00:00:0297] Enum Windows
[00:00:0484] [Check Window] Eula - Please read
[00:00:0484] [Check Window] Debug log sending
[00:00:0484] [Check Window] TF_FloatingLangBar_WndTitle
[00:00:0484] [Check Window] CiceroUIWndFrame
[00:00:0500] [Check Window] Start Menu
[00:00:0500] [Check Window] ALSMTray
[00:00:0500] [Check Window] CL RC Engine3 Dummy Winidow
[00:00:0500] [Check Window] RogueKiller (by Tigzy) -- v8.4.4
[00:00:0500] [Check Window] SpywareGuard
[00:00:0515] [Check Window] SpywareGuard
[00:00:0515] [Check Window] MCI command handling window
[00:00:0515] [Check Window] ToucanSurf Broadband
[00:00:0515] [Check Window] DDE Server Window
[00:00:0515] [Check Window] Kaspersky Internet Security 2013
[00:00:0531] [Check Window] Kaspersky Internet Security 2013
[00:00:0531] [Check Window] SpywareGuard Brower Hijacking Protection
[00:00:0531] [Check Window] SG Browser Hijacking Protection
[00:00:0531] [Check Window] _GD_Crawl
[00:00:0547] [Check Window] QTPlayer Tray Icon
[00:00:0547] [Check Window] mouse
[00:00:0547] [Check Window] HPWU
[00:00:0547] [Check Window] keyboard
[00:00:0547] [Check Window] Powercinema service
[00:00:0547] [Check Window] Notification Wnd for RNAdmin
[00:00:0562] [Check Window] Connections Tray
[00:00:0562] [Check Window] S3Timer
[00:00:0562] [Check Window] Power Meter
[00:00:0562] [Check Window] MS_WebcheckMonitor
[00:00:0562] [Check Window] CLSchMgr
[00:00:0578] [Check Window] Dialog
[00:00:0578] [Check Window] Program Manager
[00:00:0578] [Check Window] M
[00:00:0578] [Check Window] Default IME
[00:00:0578] [Check Window] M
[00:00:0578] [Check Window] Default IME
[00:00:0593] [Check Window] Default IME
[00:00:0593] [Check Window] M
[00:00:0593] [Check Window] Default IME
[00:00:0593] [Check Window] M
[00:00:0593] [Check Window] Default IME
[00:00:0609] [Check Window] Default IME
[00:00:0609] [Check Window] Default IME
[00:00:0609] [Check Window] M
[00:00:0609] [Check Window] Default IME
[00:00:0609] [Check Window] Default IME
[00:00:0609] [Check Window] Default IME
[00:00:0625] [Check Window] Default IME
[00:00:0625] [Check Window] Default IME
[00:00:0625] [Check Window] Default IME
[00:00:0625] [Check Window] Default IME
[00:00:0625] [Check Window] Default IME
[00:00:0640] [Check Window] Default IME
[00:00:0640] [Check Window] Default IME
[00:00:0640] [Check Window] Default IME
[00:00:0640] [Check Window] Default IME
[00:00:0640] [Check Window] Default IME
[00:00:0656] [Check Window] Default IME
[00:00:0656] [Check Window] Default IME
[00:00:0656] [Check Window] Default IME
[00:00:0656] [Check Window] Default IME
[00:00:0656] [Check Window] Default IME
[00:00:0672] [Check Window] Default IME
[00:00:0672] [Check Window] M
[00:00:0672] [Check Window] Default IME
[00:00:0703] [Check Processes] Service PID : 1064
[00:09:0047] [Check Processes] [0][_0] [System Process] :
[00:09:0062] [Check Processes] [4][_0] System :
[00:09:0062] [Check Processes] [920][_4] smss.exe : C:\WINDOWS\System32\smss.exe
[00:09:0062] [Check Processes] [984][_920] csrss.exe : C:\WINDOWS\system32\csrss.exe
[00:09:0062] [Check Processes] [1008][_920] winlogon.exe : C:\WINDOWS\system32\winlogon.exe
[00:09:0062] [Check Processes] [1064][_1008] services.exe : C:\WINDOWS\system32\services.exe
[00:09:0078] [Check Processes] [1076][_1008] lsass.exe : C:\WINDOWS\system32\lsass.exe
[00:09:0078] [Check Processes] [1232][_1064] svchost.exe : C:\WINDOWS\system32\svchost.exe
[00:09:0078] [Check Processes] [1292][_1064] svchost.exe : C:\WINDOWS\system32\svchost.exe
[00:09:0078] [Check Processes] [1336][_1064] svchost.exe : C:\WINDOWS\system32\svchost.exe
[00:09:0078] [Check Processes] [1432][_1064] svchost.exe : C:\WINDOWS\system32\svchost.exe
[00:09:0093] [Check Processes] [1584][_1064] svchost.exe : C:\WINDOWS\system32\svchost.exe
[00:09:0093] [Check Processes] [1776][_1064] spoolsv.exe : C:\WINDOWS\system32\spoolsv.exe
[00:09:0093] [Check Processes] [1856][_1064] svchost.exe : C:\WINDOWS\system32\svchost.exe
[00:09:0093] [Check Processes] [1892][_1064] avp.exe : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
[00:09:0578] [Check Processes] [1908][_1064] CLCapSvc.exe : c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
[00:09:0875] [Check Processes] [1924][_1064] CLSched.exe : c:\APPS\Powercinema\Kernel\TV\CLSched.exe
[00:10:0140] [Check Processes] [1956][_1064] CLMLServer.exe : C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
[00:10:0281] [Check Processes] [2004][_1064] HidService.exe : c:\APPS\HIDSERVICE\HIDSERVICE.exe
[00:10:0406] [Check Processes] [2016][_1956] CLMLService.exe : C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
[00:10:0890] [Check Processes] [164][_1692] explorer.exe : C:\WINDOWS\explorer.exe
[00:10:0906] [Check DLLs] Explorer.EXE : C:\WINDOWS\Explorer.EXE
[00:10:0906] [Check DLLs] ntdll.dll : C:\WINDOWS\system32\ntdll.dll
[00:11:0234] [Check DLLs] kernel32.dll : C:\WINDOWS\system32\kernel32.dll
[00:11:0640] [Check DLLs] ADVAPI32.dll : C:\WINDOWS\system32\ADVAPI32.dll
[00:11:0984] [Check DLLs] RPCRT4.dll : C:\WINDOWS\system32\RPCRT4.dll
[00:12:0375] [Check DLLs] Secur32.dll : C:\WINDOWS\system32\Secur32.dll
[00:12:0406] [Check DLLs] BROWSEUI.dll : C:\WINDOWS\system32\BROWSEUI.dll
[00:12:0828] [Check DLLs] GDI32.dll : C:\WINDOWS\system32\GDI32.dll
[00:12:0968] [Check DLLs] USER32.dll : C:\WINDOWS\system32\USER32.dll
[00:13:0125] [Check DLLs] msvcrt.dll : C:\WINDOWS\system32\msvcrt.dll
[00:13:0312] [Check DLLs] ole32.dll : C:\WINDOWS\system32\ole32.dll
[00:14:0093] [Check DLLs] SHLWAPI.dll : C:\WINDOWS\system32\SHLWAPI.dll
[00:14:0328] [Check DLLs] OLEAUT32.dll : C:\WINDOWS\system32\OLEAUT32.dll
[00:14:0609] [Check DLLs] SHDOCVW.dll : C:\WINDOWS\system32\SHDOCVW.dll
[00:15:0078] [Check DLLs] CRYPT32.dll : C:\WINDOWS\system32\CRYPT32.dll
[00:15:0656] [Check DLLs] MSASN1.dll : C:\WINDOWS\system32\MSASN1.dll
[00:15:0718] [Check DLLs] CRYPTUI.dll : C:\WINDOWS\system32\CRYPTUI.dll
[00:15:0906] [Check DLLs] NETAPI32.dll : C:\WINDOWS\system32\NETAPI32.dll
[00:16:0031] [Check DLLs] VERSION.dll : C:\WINDOWS\system32\VERSION.dll
[00:16:0062] [Check DLLs] WININET.dll : C:\WINDOWS\system32\WININET.dll
[00:16:0406] [Check DLLs] Normaliz.dll : C:\WINDOWS\system32\Normaliz.dll
[00:16:0468] [Check DLLs] urlmon.dll : C:\WINDOWS\system32\urlmon.dll
[00:16:0890] [Check DLLs] iertutil.dll : C:\WINDOWS\system32\iertutil.dll
[00:17:0437] [Check DLLs] WINTRUST.dll : C:\WINDOWS\system32\WINTRUST.dll
[00:17:0453] [Check DLLs] IMAGEHLP.dll : C:\WINDOWS\system32\IMAGEHLP.dll
[00:17:0593] [Check DLLs] WLDAP32.dll : C:\WINDOWS\system32\WLDAP32.dll
[00:17:0625] [Check DLLs] SHELL32.dll : C:\WINDOWS\system32\SHELL32.dll
[00:18:0125] [Check DLLs] UxTheme.dll : C:\WINDOWS\system32\UxTheme.dll
[00:18:0156] [Check DLLs] ShimEng.dll : C:\WINDOWS\system32\ShimEng.dll
[00:18:0172] [Check DLLs] AcGenral.DLL : C:\WINDOWS\AppPatch\AcGenral.DLL
[00:18:0328] [Check DLLs] WINMM.dll : C:\WINDOWS\system32\WINMM.dll
[00:18:0359] [Check DLLs] MSACM32.dll : C:\WINDOWS\system32\MSACM32.dll
[00:18:0375] [Check DLLs] USERENV.dll : C:\WINDOWS\system32\USERENV.dll
[00:18:0437] [Check DLLs] IMM32.DLL : C:\WINDOWS\system32\IMM32.DLL
[00:18:0453] [Check DLLs] LPK.DLL : C:\WINDOWS\system32\LPK.DLL
[00:18:0468] [Check DLLs] USP10.dll : C:\WINDOWS\system32\USP10.dll
[00:18:0500] [Check DLLs] comctl32.dll : C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[00:18:0562] [Check DLLs] comctl32.dll : C:\WINDOWS\system32\comctl32.dll
[00:18:0609] [Check DLLs] serwvdrv.dll : C:\WINDOWS\system32\serwvdrv.dll
[00:18:0625] [Check DLLs] umdmxfrm.dll : C:\WINDOWS\system32\umdmxfrm.dll
[00:18:0640] [Check DLLs] msctfime.ime : C:\WINDOWS\system32\msctfime.ime
[00:18:0656] [Check DLLs] appHelp.dll : C:\WINDOWS\system32\appHelp.dll
[00:18:0687] [Check DLLs] CLBCATQ.DLL : C:\WINDOWS\system32\CLBCATQ.DLL
[00:18:0718] [Check DLLs] COMRes.dll : C:\WINDOWS\system32\COMRes.dll
[00:18:0781] [Check DLLs] cscui.dll : C:\WINDOWS\System32\cscui.dll
[00:18:0797] [Check DLLs] CSCDLL.dll : C:\WINDOWS\System32\CSCDLL.dll
[00:18:0812] [Check DLLs] themeui.dll : C:\WINDOWS\system32\themeui.dll
[00:18:0859] [Check DLLs] MSIMG32.dll : C:\WINDOWS\system32\MSIMG32.dll
[00:18:0875] [Check DLLs] xpsp2res.dll : C:\WINDOWS\system32\xpsp2res.dll
[00:19:0078] [Check DLLs] actxprxy.dll : C:\WINDOWS\system32\actxprxy.dll
[00:19:0093] [Check DLLs] ntshrui.dll : C:\WINDOWS\system32\ntshrui.dll
[00:19:0140] [Check DLLs] ATL.DLL : C:\WINDOWS\system32\ATL.DLL
[00:19:0156] [Check DLLs] LINKINFO.dll : C:\WINDOWS\system32\LINKINFO.dll
[00:19:0203] [Check DLLs] msi.dll : C:\WINDOWS\system32\msi.dll
[00:19:0390] [Check DLLs] SETUPAPI.dll : C:\WINDOWS\system32\SETUPAPI.dll
[00:19:0468] [Check DLLs] SXS.DLL : C:\WINDOWS\system32\SXS.DLL
[00:19:0531] [Check DLLs] ieframe.dll : C:\WINDOWS\system32\ieframe.dll
[00:20:0250] [Check DLLs] msvcp60.dll : C:\WINDOWS\System32\msvcp60.dll
[00:20:0312] [Check DLLs] WINSTA.dll : C:\WINDOWS\system32\WINSTA.dll
[00:20:0328] [Check DLLs] webcheck.dll : C:\WINDOWS\system32\webcheck.dll
[00:20:0343] [Check DLLs] MLANG.dll : C:\WINDOWS\system32\MLANG.dll
[00:20:0390] [Check DLLs] stobject.dll : C:\WINDOWS\system32\stobject.dll
[00:20:0406] [Check DLLs] BatMeter.dll : C:\WINDOWS\system32\BatMeter.dll
[00:20:0437] [Check DLLs] POWRPROF.dll : C:\WINDOWS\system32\POWRPROF.dll
[00:20:0468] [Check DLLs] WTSAPI32.dll : C:\WINDOWS\system32\WTSAPI32.dll
[00:20:0468] [Check DLLs] WPDShServiceObj.dll : C:\WINDOWS\system32\WPDShServiceObj.dll
[00:20:0500] [Check DLLs] WINHTTP.dll : C:\WINDOWS\system32\WINHTTP.dll
[00:20:0531] [Check DLLs] mydocs.dll : C:\WINDOWS\system32\mydocs.dll
[00:20:0547] [Check DLLs] PortableDeviceTypes.dll : C:\WINDOWS\system32\PortableDeviceTypes.dll
[00:20:0578] [Check DLLs] PortableDeviceApi.dll : C:\WINDOWS\system32\PortableDeviceApi.dll
[00:20:0593] [Check DLLs] wdmaud.drv : C:\WINDOWS\system32\wdmaud.drv
[00:20:0609] [Check DLLs] msacm32.drv : C:\WINDOWS\system32\msacm32.drv
[00:20:0625] [Check DLLs] midimap.dll : C:\WINDOWS\system32\midimap.dll
[00:20:0625] [Check DLLs] NETSHELL.dll : C:\WINDOWS\system32\NETSHELL.dll
[00:20:0734] [Check DLLs] credui.dll : C:\WINDOWS\system32\credui.dll
[00:20:0765] [Check DLLs] dot3api.dll : C:\WINDOWS\system32\dot3api.dll
[00:20:0781] [Check DLLs] rtutils.dll : C:\WINDOWS\system32\rtutils.dll
[00:20:0797] [Check DLLs] dot3dlg.dll : C:\WINDOWS\system32\dot3dlg.dll
[00:20:0797] [Check DLLs] OneX.DLL : C:\WINDOWS\system32\OneX.DLL
[00:20:0828] [Check DLLs] eappcfg.dll : C:\WINDOWS\system32\eappcfg.dll
[00:20:0843] [Check DLLs] eappprxy.dll : C:\WINDOWS\system32\eappprxy.dll
[00:20:0859] [Check DLLs] iphlpapi.dll : C:\WINDOWS\system32\iphlpapi.dll
[00:20:0875] [Check DLLs] WS2_32.dll : C:\WINDOWS\system32\WS2_32.dll
[00:20:0906] [Check DLLs] WS2HELP.dll : C:\WINDOWS\system32\WS2HELP.dll
[00:20:0906] [Check DLLs] rsaenh.dll : C:\WINDOWS\system32\rsaenh.dll
[00:20:0922] [Check DLLs] MSCTF.dll : C:\WINDOWS\system32\MSCTF.dll
[00:20:0953] [Check DLLs] MPR.dll : C:\WINDOWS\system32\MPR.dll
[00:20:0968] [Check DLLs] drprov.dll : C:\WINDOWS\System32\drprov.dll
[00:20:0984] [Check DLLs] ntlanman.dll : C:\WINDOWS\System32\ntlanman.dll
[00:21:0015] [Check DLLs] NETUI0.dll : C:\WINDOWS\System32\NETUI0.dll
[00:21:0031] [Check DLLs] NETUI1.dll : C:\WINDOWS\System32\NETUI1.dll
[00:21:0062] [Check DLLs] NETRAP.dll : C:\WINDOWS\System32\NETRAP.dll
[00:21:0078] [Check DLLs] SAMLIB.dll : C:\WINDOWS\System32\SAMLIB.dll
[00:21:0093] [Check DLLs] davclnt.dll : C:\WINDOWS\System32\davclnt.dll
[00:21:0109] [Check DLLs] mslbui.dll : C:\WINDOWS\system32\mslbui.dll
[00:21:0125] [Check DLLs] browselc.dll : C:\WINDOWS\system32\browselc.dll
[00:21:0140] [Check DLLs] MSVBVM60.DLL : C:\WINDOWS\system32\MSVBVM60.DLL
[00:21:0437] [Check DLLs] DUSER.dll : C:\WINDOWS\system32\DUSER.dll
[00:21:0625] [Check DLLs] PDFShell.dll : C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
[00:21:0812] [Check DLLs] MSVCR80.dll : C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
[00:22:0031] [Check DLLs] RASAPI32.dll : C:\WINDOWS\system32\RASAPI32.dll
[00:22:0078] [Check DLLs] rasman.dll : C:\WINDOWS\system32\rasman.dll
[00:22:0125] [Check DLLs] TAPI32.dll : C:\WINDOWS\system32\TAPI32.dll
[00:22:0234] [Check DLLs] msv1_0.dll : C:\WINDOWS\system32\msv1_0.dll
[00:22:0297] [Check DLLs] cryptdll.dll : C:\WINDOWS\system32\cryptdll.dll
[00:22:0375] [Check DLLs] spywareguard.dll : C:\Program Files\SpywareGuard\spywareguard.dll
[00:22:0422] [Check DLLs] printui.dll : C:\WINDOWS\system32\printui.dll
[00:22:0484] [Check DLLs] ACTIVEDS.dll : C:\WINDOWS\system32\ACTIVEDS.dll
[00:22:0547] [Check DLLs] adsldpc.dll : C:\WINDOWS\system32\adsldpc.dll
[00:22:0609] [Check DLLs] CFGMGR32.dll : C:\WINDOWS\system32\CFGMGR32.dll
[00:22:0640] [Check DLLs] WINSPOOL.DRV : C:\WINDOWS\system32\WINSPOOL.DRV
[00:22:0672] [Check DLLs] WZCSAPI.DLL : C:\WINDOWS\system32\WZCSAPI.DLL
[00:22:0687] [Check DLLs] wzcdlg.dll : C:\WINDOWS\system32\wzcdlg.dll
[00:22:0750] [Check Processes] [236][_1064] jqs.exe : C:\Program Files\Java\jre6\bin\jqs.exe
[00:22:0797] [Check Processes] [420][_1064] HPZipm12.exe : C:\WINDOWS\system32\HPZipm12.exe
[00:22:0812] [Check Processes] [468][_1064] QBCFMonitorService.exe : C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
[00:22:0828] [Check Processes] [628][_1064] slserv.exe : C:\WINDOWS\system32\slserv.exe
[00:22:0843] [Check Processes] [668][_1064] svchost.exe : C:\WINDOWS\system32\svchost.exe
[00:22:0843] [Check Processes] [912][_164] VTTimer.exe : C:\WINDOWS\system32\VTTimer.exe
[00:22:0843] [Check Processes] [944][_164] PCMService.exe : C:\APPS\Powercinema\PCMService.exe
[00:22:0875] [Check Processes] [1104][_164] realsched.exe : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[00:22:0937] [Check Processes] [1268][_164] type32.exe : C:\Program Files\Microsoft IntelliType Pro\type32.exe
[00:22:0968] [Check Processes] [1360][_164] point32.exe : C:\Program Files\Microsoft IntelliPoint\point32.exe
[00:22:0984] [Check Processes] [1404][_164] hpwuSchd2.exe : C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[00:23:0031] [Check Processes] [1664][_164] SOUNDMAN.EXE : C:\WINDOWS\SOUNDMAN.EXE
[00:23:0031] [Check Processes] [2120][_164] GoogleDesktop.exe : C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
[00:23:0047] [Check Processes] [2204][_164] QTTask.exe : C:\Program Files\QuickTime\QTTask.exe
[00:23:0093] [Check Processes] [2228][_164] avp.exe : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
[00:23:0109] [Check Processes] [2292][_164] dragdiag.exe : C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
[00:23:0187] [Check Processes] [2320][_164] ctfmon.exe : C:\WINDOWS\system32\ctfmon.exe
[00:23:0187] [Check Processes] [2428][_164] sgmain.exe : C:\Program Files\SpywareGuard\sgmain.exe
[00:23:0234] [Check Processes] [2656][_2428] sgbhp.exe : C:\Program Files\SpywareGuard\sgbhp.exe
[00:23:0265] [Check Processes] [2688][_1232] klwtblfs.exe : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe
[00:24:0453] [Check Services] [1/306] Abiosdsk
[00:24:0500] [Check Services] Path not found
[00:24:0500] [Check Services] [2/306] abp480n5
[00:24:0515] [Check Services] C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
[00:24:0515] [Check Services] [3/306] ACPI
[00:24:0515] [Check Services] C:\WINDOWS\system32\DRIVERS\ACPI.sys
[00:24:0515] [Check Services] [4/306] ACPIEC
[00:24:0531] [Check Services] Path not found
[00:24:0531] [Check Services] [5/306] AdobeFlashPlayerUpdateSvc
[00:24:0531] [Check Services] C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[00:24:0531] [Check Services] [6/306] adpu160m
[00:24:0547] [Check Services] C:\WINDOWS\system32\DRIVERS\adpu160m.sys
[00:24:0547] [Check Services] [7/306] aec
[00:24:0547] [Check Services] C:\WINDOWS\system32\drivers\aec.sys
[00:24:0547] [Check Services] [8/306] AFD
[00:24:0547] [Check Services] C:\WINDOWS\System32\drivers\afd.sys
[00:24:0547] [Check Services] [9/306] agpCPQ
[00:24:0562] [Check Services] C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
[00:24:0562] [Check Services] [10/306] Aha154x
[00:24:0562] [Check Services] C:\WINDOWS\system32\DRIVERS\aha154x.sys
[00:24:0562] [Check Services] [11/306] aic78u2
[00:24:0578] [Check Services] C:\WINDOWS\system32\DRIVERS\aic78u2.sys
[00:24:0578] [Check Services] [12/306] aic78xx
[00:24:0578] [Check Services] C:\WINDOWS\system32\DRIVERS\aic78xx.sys
[00:24:0578] [Check Services] [13/306] alcan5wn
[00:24:0578] [Check Services] C:\WINDOWS\system32\DRIVERS\alcan5wn.sys
[00:24:0578] [Check Services] [14/306] alcaudsl
[00:24:0593] [Check Services] C:\WINDOWS\system32\DRIVERS\alcaudsl.sys
[00:24:0593] [Check Services] [15/306] ALCXSENS
[00:24:0593] [Check Services] C:\WINDOWS\system32\drivers\ALCXSENS.SYS
[00:24:0593] [Check Services] [16/306] ALCXWDM
[00:24:0593] [Check Services] C:\WINDOWS\system32\drivers\ALCXWDM.SYS
[00:24:0593] [Check Services] [17/306] Alerter
[00:24:0609] [Check Services] C:\WINDOWS\system32\svchost.exe -k LocalService
[00:24:0609] [Check Services] [18/306] ALG
[00:24:0640] [Check Services] C:\WINDOWS\system32\alg.exe
[00:24:0640] [Check Services] [19/306] AliIde
[00:24:0640] [Check Services] C:\WINDOWS\system32\DRIVERS\aliide.sys
[00:24:0656] [Check Services] [20/306] alim1541
[00:24:0656] [Check Services] C:\WINDOWS\system32\DRIVERS\alim1541.sys
[00:24:0656] [Check Services] [21/306] amdagp
[00:24:0656] [Check Services] C:\WINDOWS\system32\DRIVERS\amdagp.sys
[00:24:0656] [Check Services] [22/306] AmdK7
[00:24:0672] [Check Services] C:\WINDOWS\system32\DRIVERS\amdk7.sys
[00:24:0672] [Check Services] [23/306] amsint
[00:24:0672] [Check Services] C:\WINDOWS\system32\DRIVERS\amsint.sys
[00:24:0672] [Check Services] [24/306] AppMgmt
[00:24:0687] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:24:0687] [Check Services] [25/306] asc
[00:24:0687] [Check Services] C:\WINDOWS\system32\DRIVERS\asc.sys
[00:24:0687] [Check Services] [26/306] asc3350p
[00:24:0703] [Check Services] C:\WINDOWS\system32\DRIVERS\asc3350p.sys
[00:24:0703] [Check Services] [27/306] asc3550
[00:24:0703] [Check Services] C:\WINDOWS\system32\DRIVERS\asc3550.sys
[00:24:0703] [Check Services] [28/306] aspnet_state
[00:24:0734] [Check Services] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
[00:24:0734] [Check Services] [29/306] AsyncMac
[00:24:0734] [Check Services] C:\WINDOWS\system32\DRIVERS\asyncmac.sys
[00:24:0734] [Check Services] [30/306] atapi
[00:24:0750] [Check Services] C:\WINDOWS\system32\DRIVERS\atapi.sys
[00:24:0750] [Check Services] [31/306] Atdisk
[00:24:0750] [Check Services] Path not found
[00:24:0750] [Check Services] [32/306] Atmarpc
[00:24:0750] [Check Services] C:\WINDOWS\system32\DRIVERS\atmarpc.sys
[00:24:0765] [Check Services] [33/306] AudioSrv
[00:24:0765] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:24:0765] [Check Services] [34/306] audstub
[00:24:0765] [Check Services] C:\WINDOWS\system32\DRIVERS\audstub.sys
[00:24:0765] [Check Services] [35/306] AVP
[00:24:0797] [Check Services] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" -r
[00:24:0797] [Check Services] [36/306] Beep
[00:24:0812] [Check Services] Path not found
[00:24:0812] [Check Services] [37/306] Browser
[00:24:0812] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:24:0812] [Check Services] [38/306] cbidf
[00:24:0812] [Check Services] C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
[00:24:0812] [Check Services] [39/306] cbidf2k
[00:24:0828] [Check Services] Path not found
[00:24:0828] [Check Services] [40/306] cd20xrnt
[00:24:0828] [Check Services] C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
[00:24:0828] [Check Services] [41/306] Cdaudio
[00:24:0828] [Check Services] Path not found
[00:24:0843] [Check Services] [42/306] Cdfs
[00:24:0843] [Check Services] Path not found
[00:24:0843] [Check Services] [43/306] Cdrom
[00:24:0843] [Check Services] C:\WINDOWS\system32\DRIVERS\cdrom.sys
[00:24:0843] [Check Services] [44/306] Changer
[00:24:0859] [Check Services] Path not found
[00:24:0859] [Check Services] [45/306] CiSvc
[00:24:0859] [Check Services] C:\WINDOWS\system32\cisvc.exe
[00:24:0859] [Check Services] [46/306] CLCapSvc
[00:24:0859] [Check Services] "c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe"
[00:24:0859] [Check Services] [47/306] ClipSrv
[00:24:0875] [Check Services] C:\WINDOWS\system32\clipsrv.exe
[00:24:0875] [Check Services] [48/306] clr_optimization_v2.0.50727_32
[00:24:0906] [Check Services] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00:24:0906] [Check Services] [49/306] CLSched
[00:24:0906] [Check Services] "c:\APPS\Powercinema\Kernel\TV\CLSched.exe"
[00:24:0906] [Check Services] [50/306] CmdIde
[00:24:0922] [Check Services] C:\WINDOWS\system32\DRIVERS\cmdide.sys
[00:24:0922] [Check Services] [51/306] COMSysApp
[00:24:0922] [Check Services] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[00:24:0922] [Check Services] [52/306] Cpqarray
[00:24:0922] [Check Services] C:\WINDOWS\system32\DRIVERS\cpqarray.sys
[00:24:0922] [Check Services] [53/306] CryptSvc
[00:24:0937] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:24:0937] [Check Services] [54/306] CyberLink Media Library Service
[00:24:0937] [Check Services] "C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe"
[00:24:0937] [Check Services] [55/306] dac2w2k
[00:24:0937] [Check Services] C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
[00:24:0953] [Check Services] [56/306] dac960nt
[00:24:0953] [Check Services] C:\WINDOWS\system32\DRIVERS\dac960nt.sys
[00:24:0953] [Check Services] [57/306] DcomLaunch
[00:24:0953] [Check Services] C:\WINDOWS\system32\svchost -k DcomLaunch
[00:24:0953] [Check Services] [58/306] Dhcp
[00:24:0968] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:24:0968] [Check Services] [59/306] Disk
[00:24:0968] [Check Services] C:\WINDOWS\system32\DRIVERS\disk.sys
[00:24:0968] [Check Services] [60/306] dmadmin
[00:24:0968] [Check Services] C:\WINDOWS\System32\dmadmin.exe /com
[00:24:0968] [Check Services] [61/306] dmboot
[00:24:0984] [Check Services] C:\WINDOWS\System32\drivers\dmboot.sys
[00:24:0984] [Check Services] [62/306] dmio
[00:24:0984] [Check Services] Path not found
[00:24:0984] [Check Services] [63/306] dmload
[00:24:0984] [Check Services] Path not found
[00:24:0984] [Check Services] [64/306] dmserver
[00:25:0000] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:25:0000] [Check Services] [65/306] DMusic
[00:25:0000] [Check Services] C:\WINDOWS\system32\drivers\DMusic.sys
[00:25:0000] [Check Services] [66/306] Dnscache
[00:25:0000] [Check Services] C:\WINDOWS\system32\svchost.exe -k NetworkService
[00:25:0015] [Check Services] [67/306] Dot3svc
[00:25:0015] [Check Services] C:\WINDOWS\System32\svchost.exe -k dot3svc
[00:25:0015] [Check Services] [68/306] dpti2o
[00:25:0015] [Check Services] C:\WINDOWS\system32\DRIVERS\dpti2o.sys
[00:25:0015] [Check Services] [69/306] drmkaud
[00:25:0031] [Check Services] C:\WINDOWS\system32\drivers\drmkaud.sys
[00:25:0031] [Check Services] [70/306] EapHost
[00:25:0031] [Check Services] C:\WINDOWS\System32\svchost.exe -k eapsvcs
[00:25:0031] [Check Services] [71/306] ERSvc
[00:25:0031] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:25:0031] [Check Services] [72/306] Eventlog
[00:25:0047] [Check Services] C:\WINDOWS\system32\services.exe
[00:25:0047] [Check Services] [73/306] EventSystem
[00:25:0047] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:25:0047] [Check Services] [74/306] ExpressAccountsService
[00:25:0078] [Check Services] "C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe" -service
[00:25:0078] [Check Services] [75/306] ExpressInvoiceService
[00:25:0078] [Check Services] "C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe" -service
[00:25:0078] [Check Services] [76/306] Fastfat
[00:25:0093] [Check Services] Path not found
[00:25:0093] [Check Services] [77/306] FastUserSwitchingCompatibility
[00:25:0093] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:25:0093] [Check Services] [78/306] Fdc
[00:25:0093] [Check Services] C:\WINDOWS\system32\DRIVERS\fdc.sys
[00:25:0093] [Check Services] [79/306] FETND5BV
[00:25:0109] [Check Services] C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
[00:25:0109] [Check Services] [80/306] FETNDISB
[00:25:0109] [Check Services] C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
[00:25:0109] [Check Services] [81/306] Fips
[00:25:0109] [Check Services] Path not found
[00:25:0109] [Check Services] [82/306] Flpydisk
[00:25:0125] [Check Services] Path not found
[00:25:0125] [Check Services] [83/306] FltMgr
[00:25:0125] [Check Services] C:\WINDOWS\system32\drivers\fltmgr.sys
[00:25:0125] [Check Services] [84/306] FontCache3.0.0.0
[00:25:0218] [Check Services] C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
[00:25:0218] [Check Services] [85/306] Ftdisk
[00:25:0234] [Check Services] C:\WINDOWS\system32\DRIVERS\ftdisk.sys
[00:25:0234] [Check Services] [86/306] GenericHidService
[00:25:0234] [Check Services] c:\APPS\HIDSERVICE\HIDSERVICE.exe
[00:25:0234] [Check Services] [87/306] GoogleDesktopManager-051210-111108
[00:25:0297] [Check Services] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
[00:25:0297] [Check Services] [88/306] Gpc
[00:25:0297] [Check Services] C:\WINDOWS\system32\DRIVERS\msgpc.sys
[00:25:0297] [Check Services] [89/306] helpsvc
[00:25:0297] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:25:0312] [Check Services] [90/306] HidServ
[00:25:0312] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:25:0312] [Check Services] [91/306] HidUsb
[00:25:0312] [Check Services] C:\WINDOWS\system32\DRIVERS\hidusb.sys
[00:25:0312] [Check Services] [92/306] hkmsvc
[00:25:0328] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:25:0328] [Check Services] [93/306] hpn
[00:25:0328] [Check Services] C:\WINDOWS\system32\DRIVERS\hpn.sys
[00:25:0328] [Check Services] [94/306] HPZid412
[00:25:0328] [Check Services] C:\WINDOWS\system32\DRIVERS\HPZid412.sys
[00:25:0328] [Check Services] [95/306] HPZipr12
[00:25:0343] [Check Services] C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
[00:25:0343] [Check Services] [96/306] HPZius12
[00:25:0343] [Check Services] C:\WINDOWS\system32\DRIVERS\HPZius12.sys
[00:25:0343] [Check Services] [97/306] HTTP
[00:25:0343] [Check Services] C:\WINDOWS\System32\Drivers\HTTP.sys
[00:25:0343] [Check Services] [98/306] HTTPFilter
[00:25:0359] [Check Services] C:\WINDOWS\System32\svchost.exe -k HTTPFilter
[00:25:0359] [Check Services] [99/306] i2omgmt
[00:25:0359] [Check Services] Path not found
[00:25:0359] [Check Services] [100/306] i2omp
[00:25:0375] [Check Services] C:\WINDOWS\system32\DRIVERS\i2omp.sys
[00:25:0375] [Check Services] [101/306] i8042prt
[00:25:0375] [Check Services] C:\WINDOWS\system32\DRIVERS\i8042prt.sys
[00:25:0375] [Check Services] [102/306] IDriverT
[00:25:0375] [Check Services] "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
[00:25:0375] [Check Services] [103/306] idsvc
[00:25:0453] [Check Services] "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
[00:25:0453] [Check Services] [104/306] Imapi
[00:25:0453] [Check Services] C:\WINDOWS\system32\DRIVERS\imapi.sys
[00:25:0453] [Check Services] [105/306] ImapiService
[00:25:0484] [Check Services] C:\WINDOWS\system32\imapi.exe
[00:25:0484] [Check Services] [106/306] ini910u
[00:25:0515] [Check Services] C:\WINDOWS\system32\DRIVERS\ini910u.sys
[00:25:0515] [Check Services] [107/306] IntelIde
[00:25:0515] [Check Services] C:\WINDOWS\system32\DRIVERS\intelide.sys
[00:25:0515] [Check Services] [108/306] InventoriaService
[00:25:0531] [Check Services] "C:\Program Files\NCH Software\Inventoria\inventoria.exe" -service
[00:25:0531] [Check Services] [109/306] Ip6Fw
[00:25:0531] [Check Services] C:\WINDOWS\system32\drivers\ip6fw.sys
[00:25:0531] [Check Services] [110/306] IpFilterDriver
[00:25:0531] [Check Services] C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
[00:25:0531] [Check Services] [111/306] IpInIp
[00:25:0547] [Check Services] C:\WINDOWS\system32\DRIVERS\ipinip.sys
[00:25:0547] [Check Services] [112/306] IpNat
[00:25:0547] [Check Services] C:\WINDOWS\system32\DRIVERS\ipnat.sys
[00:25:0547] [Check Services] [113/306] IPSec
[00:25:0547] [Check Services] C:\WINDOWS\system32\DRIVERS\ipsec.sys
[00:25:0547] [Check Services] [114/306] IRENUM
[00:25:0562] [Check Services] C:\WINDOWS\system32\DRIVERS\irenum.sys
[00:25:0562] [Check Services] [115/306] isapnp
[00:25:0562] [Check Services] C:\WINDOWS\system32\DRIVERS\isapnp.sys
[00:25:0562] [Check Services] [116/306] JavaQuickStarterService
[00:25:0593] [Check Services] "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
[00:25:0593] [Check Services] [117/306] Kbdclass
[00:25:0609] [Check Services] C:\WINDOWS\system32\DRIVERS\kbdclass.sys
[00:25:0609] [Check Services] [118/306] kbdhid
[00:25:0625] [Check Services] C:\WINDOWS\system32\DRIVERS\kbdhid.sys
[00:25:0625] [Check Services] [119/306] kl1
[00:25:0625] [Check Services] C:\WINDOWS\system32\DRIVERS\kl1.sys
[00:25:0625] [Check Services] [120/306] KLIF
[00:25:0640] [Check Services] C:\WINDOWS\system32\DRIVERS\klif.sys
[00:25:0640] [Check Services] [121/306] klim5
[00:25:0640] [Check Services] C:\WINDOWS\system32\DRIVERS\klim5.sys
[00:25:0640] [Check Services] [122/306] klkbdflt
[00:25:0640] [Check Services] C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
[00:25:0656] [Check Services] [123/306] klmouflt
[00:25:0656] [Check Services] C:\WINDOWS\system32\DRIVERS\klmouflt.sys
[00:25:0656] [Check Services] [124/306] kltdi
[00:25:0656] [Check Services] C:\WINDOWS\system32\DRIVERS\kltdi.sys
[00:25:0656] [Check Services] [125/306] kmixer
[00:25:0672] [Check Services] C:\WINDOWS\system32\drivers\kmixer.sys
[00:25:0672] [Check Services] [126/306] kneps
[00:25:0687] [Check Services] C:\WINDOWS\system32\DRIVERS\kneps.sys
[00:25:0687] [Check Services] [127/306] KSecDD
[00:25:0687] [Check Services] Path not found
[00:25:0687] [Check Services] [128/306] lanmanserver
[00:25:0687] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:25:0687] [Check Services] [129/306] lanmanworkstation
[00:25:0703] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:25:0703] [Check Services] [130/306] lbrtfdc
[00:25:0703] [Check Services] Path not found
[00:25:0703] [Check Services] [131/306] LmHosts
[00:25:0703] [Check Services] C:\WINDOWS\system32\svchost.exe -k LocalService
[00:25:0703] [Check Services] [132/306] Messenger
[00:25:0718] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:25:0718] [Check Services] [133/306] mnmdd
[00:25:0718] [Check Services] Path not found
[00:25:0718] [Check Services] [134/306] mnmsrvc
[00:25:0734] [Check Services] C:\WINDOWS\system32\mnmsrvc.exe
[00:25:0734] [Check Services] [135/306] Modem
[00:25:0734] [Check Services] Path not found
[00:25:0734] [Check Services] [136/306] MODEMCSA
[00:25:0734] [Check Services] C:\WINDOWS\system32\drivers\MODEMCSA.sys
[00:25:0734] [Check Services] [137/306] Mouclass
[00:25:0750] [Check Services] C:\WINDOWS\system32\DRIVERS\mouclass.sys
[00:25:0750] [Check Services] [138/306] mouhid
[00:25:0750] [Check Services] C:\WINDOWS\system32\DRIVERS\mouhid.sys
[00:25:0750] [Check Services] [139/306] MountMgr
[00:25:0750] [Check Services] Path not found
[00:25:0750] [Check Services] [140/306] mraid35x
[00:25:0765] [Check Services] C:\WINDOWS\system32\DRIVERS\mraid35x.sys
[00:25:0765] [Check Services] [141/306] MRxDAV
[00:25:0765] [Check Services] C:\WINDOWS\system32\DRIVERS\mrxdav.sys
[00:25:0765] [Check Services] [142/306] MRxSmb
[00:25:0765] [Check Services] C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
[00:25:0781] [Check Services] [143/306] MSDTC
[00:25:0812] [Check Services] C:\WINDOWS\system32\msdtc.exe
[00:25:0812] [Check Services] [144/306] Msfs
[00:25:0812] [Check Services] Path not found
[00:25:0812] [Check Services] [145/306] MSIServer
[00:25:0812] [Check Services] C:\WINDOWS\system32\msiexec.exe /V
[00:25:0812] [Check Services] [146/306] MSKSSRV
[00:25:0828] [Check Services] C:\WINDOWS\system32\drivers\MSKSSRV.sys
[00:25:0828] [Check Services] [147/306] MSPCLOCK
[00:25:0828] [Check Services] C:\WINDOWS\system32\drivers\MSPCLOCK.sys
[00:25:0828] [Check Services] [148/306] MSPQM
[00:25:0828] [Check Services] C:\WINDOWS\system32\drivers\MSPQM.sys
[00:25:0843] [Check Services] [149/306] mssmbios
[00:25:0843] [Check Services] C:\WINDOWS\system32\DRIVERS\mssmbios.sys
[00:25:0843] [Check Services] [150/306] MSSQL$SQLEXPRESS
[00:25:0843] [Check Services] "c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
[00:25:0843] [Check Services] [151/306] MSSQLServerADHelper
[00:25:0859] [Check Services] "c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe"
[00:25:0859] [Check Services] [152/306] Mtlmnt5
[00:25:0859] [Check Services] C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys
[00:25:0859] [Check Services] [153/306] Mtlstrm
[00:25:0859] [Check Services] C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys
[00:25:0859] [Check Services] [154/306] Mup
[00:25:0875] [Check Services] Path not found
[00:25:0875] [Check Services] [155/306] napagent
[00:25:0875] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:25:0875] [Check Services] [156/306] NDIS
[00:25:0875] [Check Services] Path not found
[00:25:0875] [Check Services] [157/306] NdisTapi
[00:25:0890] [Check Services] C:\WINDOWS\system32\DRIVERS\ndistapi.sys
[00:25:0890] [Check Services] [158/306] Ndisuio
[00:25:0890] [Check Services] C:\WINDOWS\system32\DRIVERS\ndisuio.sys
[00:25:0890] [Check Services] [159/306] NdisWan
[00:25:0890] [Check Services] C:\WINDOWS\system32\DRIVERS\ndiswan.sys
[00:25:0906] [Check Services] [160/306] NDProxy
[00:25:0906] [Check Services] Path not found
[00:25:0906] [Check Services] [161/306] NetBIOS
[00:25:0906] [Check Services] C:\WINDOWS\system32\DRIVERS\netbios.sys
[00:25:0906] [Check Services] [162/306] NetBT
[00:25:0906] [Check Services] C:\WINDOWS\system32\DRIVERS\netbt.sys
[00:25:0922] [Check Services] [163/306] NetDDE
[00:25:0937] [Check Services] C:\WINDOWS\system32\netdde.exe
[00:25:0937] [Check Services] [164/306] NetDDEdsdm
[00:25:0937] [Check Services] C:\WINDOWS\system32\netdde.exe
[00:25:0937] [Check Services] [165/306] Netlogon
[00:25:0937] [Check Services] C:\WINDOWS\system32\lsass.exe
[00:25:0953] [Check Services] [166/306] Netman
[00:25:0953] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:25:0953] [Check Services] [167/306] NetTcpPortSharing
[00:25:0968] [Check Services] "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
[00:25:0968] [Check Services] [168/306] Nla
[00:25:0968] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:25:0968] [Check Services] [169/306] Npfs
[00:25:0968] [Check Services] Path not found
[00:25:0968] [Check Services] [170/306] Ntfs
[00:25:0984] [Check Services] Path not found
[00:25:0984] [Check Services] [171/306] NtLmSsp
[00:25:0984] [Check Services] C:\WINDOWS\system32\lsass.exe
[00:25:0984] [Check Services] [172/306] NtmsSvc
[00:25:0984] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:26:0000] [Check Services] [173/306] NtMtlFax
[00:26:0000] [Check Services] C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys
[00:26:0000] [Check Services] [174/306] Null
[00:26:0000] [Check Services] Path not found
[00:26:0000] [Check Services] [175/306] NwlnkFlt
[00:26:0015] [Check Services] C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
[00:26:0015] [Check Services] [176/306] NwlnkFwd
[00:26:0015] [Check Services] C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
[00:26:0015] [Check Services] [177/306] ose
[00:26:0015] [Check Services] "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
[00:26:0015] [Check Services] [178/306] PalmUSBD
[00:26:0031] [Check Services] C:\WINDOWS\system32\drivers\PalmUSBD.sys
[00:26:0031] [Check Services] [179/306] Parport
[00:26:0031] [Check Services] C:\WINDOWS\system32\DRIVERS\parport.sys
[00:26:0031] [Check Services] [180/306] PartMgr
[00:26:0031] [Check Services] Path not found
[00:26:0047] [Check Services] [181/306] ParVdm
[00:26:0047] [Check Services] Path not found
[00:26:0047] [Check Services] [182/306] PCI
[00:26:0047] [Check Services] C:\WINDOWS\system32\DRIVERS\pci.sys
[00:26:0047] [Check Services] [183/306] PCIDump
[00:26:0062] [Check Services] Path not found
[00:26:0062] [Check Services] [184/306] PCIIde
[00:26:0062] [Check Services] C:\WINDOWS\system32\DRIVERS\pciide.sys
[00:26:0062] [Check Services] [185/306] Pcmcia
[00:26:0062] [Check Services] Path not found
[00:26:0062] [Check Services] [186/306] PDCOMP
[00:26:0078] [Check Services] Path not found
[00:26:0078] [Check Services] [187/306] PDFRAME
[00:26:0078] [Check Services] Path not found
[00:26:0078] [Check Services] [188/306] PDRELI
[00:26:0078] [Check Services] Path not found
[00:26:0078] [Check Services] [189/306] PDRFRAME
[00:26:0093] [Check Services] Path not found
[00:26:0093] [Check Services] [190/306] perc2
[00:26:0093] [Check Services] C:\WINDOWS\system32\DRIVERS\perc2.sys
[00:26:0093] [Check Services] [191/306] perc2hib
[00:26:0093] [Check Services] C:\WINDOWS\system32\DRIVERS\perc2hib.sys
[00:26:0093] [Check Services] [192/306] pfc
[00:26:0109] [Check Services] C:\WINDOWS\system32\drivers\pfc.sys
[00:26:0109] [Check Services] [193/306] PlugPlay
[00:26:0109] [Check Services] C:\WINDOWS\system32\services.exe
[00:26:0109] [Check Services] [194/306] Pml Driver HPZ12
[00:26:0125] [Check Services] C:\WINDOWS\system32\HPZipm12.exe
[00:26:0125] [Check Services] [195/306] Point32
[00:26:0125] [Check Services] C:\WINDOWS\system32\DRIVERS\point32.sys
[00:26:0125] [Check Services] [196/306] PolicyAgent
[00:26:0125] [Check Services] C:\WINDOWS\system32\lsass.exe
[00:26:0125] [Check Services] [197/306] PptpMiniport
[00:26:0140] [Check Services] C:\WINDOWS\system32\DRIVERS\raspptp.sys
[00:26:0140] [Check Services] [198/306] Processor
[00:26:0140] [Check Services] C:\WINDOWS\system32\DRIVERS\processr.sys
[00:26:0140] [Check Services] [199/306] ProtectedStorage
[00:26:0156] [Check Services] C:\WINDOWS\system32\lsass.exe
[00:26:0156] [Check Services] [200/306] PSched
[00:26:0156] [Check Services] C:\WINDOWS\system32\DRIVERS\psched.sys
[00:26:0156] [Check Services] [201/306] Ptilink
[00:26:0156] [Check Services] C:\WINDOWS\system32\DRIVERS\ptilink.sys
[00:26:0172] [Check Services] [202/306] PxHelp20
[00:26:0172] [Check Services] C:\WINDOWS\System32\Drivers\PxHelp20.sys
[00:26:0172] [Check Services] [203/306] QBCFMonitorService
[00:26:0172] [Check Services] "C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe"
[00:26:0172] [Check Services] [204/306] QBFCService
[00:26:0172] [Check Services] "C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe"
[00:26:0187] [Check Services] [205/306] ql1080
[00:26:0187] [Check Services] C:\WINDOWS\system32\DRIVERS\ql1080.sys
[00:26:0187] [Check Services] [206/306] Ql10wnt
[00:26:0187] [Check Services] C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
[00:26:0187] [Check Services] [207/306] ql12160
[00:26:0187] [Check Services] C:\WINDOWS\system32\DRIVERS\ql12160.sys
[00:26:0203] [Check Services] [208/306] ql1240
[00:26:0203] [Check Services] C:\WINDOWS\system32\DRIVERS\ql1240.sys
[00:26:0203] [Check Services] [209/306] ql1280
[00:26:0203] [Check Services] C:\WINDOWS\system32\DRIVERS\ql1280.sys
[00:26:0203] [Check Services] [210/306] RasAcd
[00:26:0218] [Check Services] C:\WINDOWS\system32\DRIVERS\rasacd.sys
[00:26:0218] [Check Services] [211/306] RasAuto
[00:26:0218] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:26:0218] [Check Services] [212/306] Rasl2tp
[00:26:0218] [Check Services] C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
[00:26:0218] [Check Services] [213/306] RasMan
[00:26:0234] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:26:0234] [Check Services] [214/306] RasPppoe
[00:26:0234] [Check Services] C:\WINDOWS\system32\DRIVERS\raspppoe.sys
[00:26:0234] [Check Services] [215/306] Raspti
[00:26:0234] [Check Services] C:\WINDOWS\system32\DRIVERS\raspti.sys
[00:26:0234] [Check Services] [216/306] Rdbss
[00:26:0250] [Check Services] C:\WINDOWS\system32\DRIVERS\rdbss.sys
[00:26:0250] [Check Services] [217/306] RDPCDD
[00:26:0250] [Check Services] C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
[00:26:0250] [Check Services] [218/306] rdpdr
[00:26:0250] [Check Services] C:\WINDOWS\system32\DRIVERS\rdpdr.sys
[00:26:0250] [Check Services] [219/306] RDPWD
[00:26:0265] [Check Services] Path not found
[00:26:0265] [Check Services] [220/306] RDSessMgr
[00:26:0265] [Check Services] C:\WINDOWS\system32\sessmgr.exe
[00:26:0265] [Check Services] [221/306] RecAgent
[00:26:0265] [Check Services] C:\WINDOWS\system32\DRIVERS\RecAgent.sys
[00:26:0281] [Check Services] [222/306] redbook
[00:26:0281] [Check Services] C:\WINDOWS\system32\DRIVERS\redbook.sys
[00:26:0281] [Check Services] [223/306] RemoteAccess
[00:26:0281] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:26:0281] [Check Services] [224/306] RpcLocator
[00:26:0297] [Check Services] C:\WINDOWS\system32\locator.exe
[00:26:0297] [Check Services] [225/306] RpcSs
[00:26:0312] [Check Services] C:\WINDOWS\system32\svchost -k rpcss
[00:26:0312] [Check Services] [226/306] RSVP
[00:26:0328] [Check Services] C:\WINDOWS\system32\rsvp.exe
[00:26:0328] [Check Services] [227/306] SamSs
[00:26:0328] [Check Services] C:\WINDOWS\system32\lsass.exe
[00:26:0328] [Check Services] [228/306] SCardSvr
[00:26:0328] [Check Services] C:\WINDOWS\system32\scardsvr.exe
[00:26:0343] [Check Services] [229/306] Schedule
[00:26:0343] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:26:0343] [Check Services] [230/306] Secdrv
[00:26:0343] [Check Services] C:\WINDOWS\system32\DRIVERS\secdrv.sys
[00:26:0343] [Check Services] [231/306] seclogon
[00:26:0359] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:26:0359] [Check Services] [232/306] SENS
[00:26:0359] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:26:0359] [Check Services] [233/306] Serenum
[00:26:0359] [Check Services] C:\WINDOWS\system32\DRIVERS\serenum.sys
[00:26:0359] [Check Services] [234/306] Serial
[00:26:0390] [Check Services] C:\WINDOWS\system32\DRIVERS\serial.sys
[00:26:0390] [Check Services] [235/306] Sfloppy
[00:26:0406] [Check Services] Path not found
[00:26:0406] [Check Services] [236/306] ShellHWDetection
[00:26:0406] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:26:0406] [Check Services] [237/306] Simbad
[00:26:0406] [Check Services] Path not found
[00:26:0406] [Check Services] [238/306] Slntamr
[00:26:0422] [Check Services] C:\WINDOWS\system32\DRIVERS\slntamr.sys
[00:26:0422] [Check Services] [239/306] SlNtHal
[00:26:0422] [Check Services] C:\WINDOWS\system32\DRIVERS\Slnthal.sys
[00:26:0422] [Check Services] [240/306] SLService
[00:26:0422] [Check Services] slserv.exe
[00:26:0437] [Check Services] [241/306] SlWdmSup
[00:26:0437] [Check Services] C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys
[00:26:0437] [Check Services] [242/306] Sparrow
[00:26:0437] [Check Services] C:\WINDOWS\system32\DRIVERS\sparrow.sys
[00:26:0437] [Check Services] [243/306] splitter
[00:26:0453] [Check Services] C:\WINDOWS\system32\drivers\splitter.sys
[00:26:0453] [Check Services] [244/306] Spooler
[00:26:0453] [Check Services] C:\WINDOWS\system32\spoolsv.exe
[00:26:0453] [Check Services] [245/306] SQLBrowser
[00:26:0453] [Check Services] "c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
[00:26:0453] [Check Services] [246/306] sr
[00:26:0468] [Check Services] C:\WINDOWS\system32\DRIVERS\sr.sys
[00:26:0468] [Check Services] [247/306] srservice
[00:26:0468] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:26:0468] [Check Services] [248/306] Srv
[00:26:0484] [Check Services] C:\WINDOWS\system32\DRIVERS\srv.sys
[00:26:0484] [Check Services] [249/306] SSDPSRV
[00:26:0484] [Check Services] C:\WINDOWS\system32\svchost.exe -k LocalService
[00:26:0484] [Check Services] [250/306] stisvc
[00:26:0484] [Check Services] C:\WINDOWS\system32\svchost.exe -k imgsvc
[00:26:0484] [Check Services] [251/306] swenum
[00:26:0500] [Check Services] C:\WINDOWS\system32\DRIVERS\swenum.sys
[00:26:0500] [Check Services] [252/306] swmidi
[00:26:0500] [Check Services] C:\WINDOWS\system32\drivers\swmidi.sys
[00:26:0500] [Check Services] [253/306] SwPrv
[00:26:0500] [Check Services] C:\WINDOWS\system32\dllhost.exe /Processid:{CFC59BD5-CA5F-44FA-B132-636EC3B2B436}
[00:26:0500] [Check Services] [254/306] symc810
[00:26:0515] [Check Services] C:\WINDOWS\system32\DRIVERS\symc810.sys
[00:26:0515] [Check Services] [255/306] symc8xx
[00:26:0515] [Check Services] C:\WINDOWS\system32\DRIVERS\symc8xx.sys
[00:26:0515] [Check Services] [256/306] sym_hi
[00:26:0515] [Check Services] C:\WINDOWS\system32\DRIVERS\sym_hi.sys
[00:26:0515] [Check Services] [257/306] sym_u3
[00:26:0531] [Check Services] C:\WINDOWS\system32\DRIVERS\sym_u3.sys
[00:26:0531] [Check Services] [258/306] sysaudio
[00:26:0531] [Check Services] C:\WINDOWS\system32\drivers\sysaudio.sys
[00:26:0531] [Check Services] [259/306] SysmonLog
[00:26:0562] [Check Services] C:\WINDOWS\system32\smlogsvc.exe
[00:26:0562] [Check Services] [260/306] TapiSrv
[00:26:0562] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:26:0562] [Check Services] [261/306] Tcpip
[00:26:0578] [Check Services] C:\WINDOWS\system32\DRIVERS\tcpip.sys
[00:26:0578] [Check Services] [262/306] TDPIPE
[00:26:0578] [Check Services] Path not found
[00:26:0578] [Check Services] [263/306] TDTCP
[00:26:0578] [Check Services] Path not found
[00:26:0578] [Check Services] [264/306] TermDD
[00:26:0593] [Check Services] C:\WINDOWS\system32\DRIVERS\termdd.sys
[00:26:0593] [Check Services] [265/306] TermService
[00:26:0593] [Check Services] C:\WINDOWS\System32\svchost -k DComLaunch
[00:26:0593] [Check Services] [266/306] Themes
[00:26:0593] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:26:0593] [Check Services] [267/306] TosIde
[00:26:0609] [Check Services] C:\WINDOWS\system32\DRIVERS\toside.sys
[00:26:0609] [Check Services] [268/306] TrkWks
[00:26:0609] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:26:0609] [Check Services] [269/306] uagp35
[00:26:0609] [Check Services] C:\WINDOWS\system32\DRIVERS\uagp35.sys
[00:26:0609] [Check Services] [270/306] Udfs
[00:26:0625] [Check Services] Path not found
[00:26:0625] [Check Services] [271/306] ultra
[00:26:0625] [Check Services] C:\WINDOWS\system32\DRIVERS\ultra.sys
[00:26:0625] [Check Services] [272/306] Update
[00:26:0625] [Check Services] C:\WINDOWS\system32\DRIVERS\update.sys
[00:26:0640] [Check Services] [273/306] upnphost
[00:26:0640] [Check Services] C:\WINDOWS\system32\svchost.exe -k LocalService
[00:26:0640] [Check Services] [274/306] UPS
[00:26:0640] [Check Services] C:\WINDOWS\system32\ups.exe
[00:26:0656] [Check Services] [275/306] usbccgp
[00:26:0656] [Check Services] C:\WINDOWS\system32\DRIVERS\usbccgp.sys
[00:26:0656] [Check Services] [276/306] usbehci
[00:26:0656] [Check Services] C:\WINDOWS\system32\DRIVERS\usbehci.sys
[00:26:0656] [Check Services] [277/306] usbhub
[00:26:0672] [Check Services] C:\WINDOWS\system32\DRIVERS\usbhub.sys
[00:26:0672] [Check Services] [278/306] usbohci
[00:26:0672] [Check Services] C:\WINDOWS\system32\DRIVERS\usbohci.sys
[00:26:0672] [Check Services] [279/306] usbprint
[00:26:0672] [Check Services] C:\WINDOWS\system32\DRIVERS\usbprint.sys
[00:26:0687] [Check Services] [280/306] usbscan
[00:26:0687] [Check Services] C:\WINDOWS\system32\DRIVERS\usbscan.sys
[00:26:0687] [Check Services] [281/306] USBSTOR
[00:26:0687] [Check Services] C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
[00:26:0687] [Check Services] [282/306] usbuhci
[00:26:0703] [Check Services] C:\WINDOWS\system32\DRIVERS\usbuhci.sys
[00:26:0703] [Check Services] [283/306] usnjsvc
[00:26:0734] [Check Services] "C:\Program Files\MSN Messenger\usnsvc.exe"
[00:26:0734] [Check Services] [284/306] VgaSave
[00:26:0734] [Check Services] C:\WINDOWS\System32\drivers\vga.sys
[00:26:0734] [Check Services] [285/306] viaagp
[00:26:0750] [Check Services] C:\WINDOWS\system32\DRIVERS\viaagp.sys
[00:26:0750] [Check Services] [286/306] viaagp1
[00:26:0750] [Check Services] C:\WINDOWS\system32\DRIVERS\viaagp1.sys
[00:26:0750] [Check Services] [287/306] viagfx
[00:26:0765] [Check Services] C:\WINDOWS\system32\DRIVERS\vtmini.sys
[00:26:0765] [Check Services] [288/306] ViaIde
[00:26:0765] [Check Services] C:\WINDOWS\system32\DRIVERS\viaide.sys
[00:26:0765] [Check Services] [289/306] VolSnap
[00:26:0765] [Check Services] Path not found
[00:26:0765] [Check Services] [290/306] VSS
[00:26:0781] [Check Services] C:\WINDOWS\system32\vssvc.exe
[00:26:0781] [Check Services] [291/306] W32Time
[00:26:0781] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:26:0781] [Check Services] [292/306] Wanarp
[00:26:0781] [Check Services] C:\WINDOWS\system32\DRIVERS\wanarp.sys
[00:26:0781] [Check Services] [293/306] wanatw
[00:26:0797] [Check Services] C:\WINDOWS\system32\DRIVERS\wanatw4.sys
[00:26:0797] [Check Services] [294/306] WDICA
[00:26:0797] [Check Services] Path not found
[00:26:0797] [Check Services] [295/306] wdmaud
[00:26:0812] [Check Services] C:\WINDOWS\system32\drivers\wdmaud.sys
[00:26:0812] [Check Services] [296/306] WebClient
[00:26:0812] [Check Services] C:\WINDOWS\system32\svchost.exe -k LocalService
[00:26:0812] [Check Services] [297/306] winmgmt
[00:26:0812] [Check Services] C:\WINDOWS\system32\svchost.exe -k netsvcs
[00:26:0812] [Check Services] [298/306] WmdmPmSN
[00:26:0843] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:26:0843] [Check Services] [299/306] WmiApSrv
[00:26:0875] [Check Services] C:\WINDOWS\system32\wbem\wmiapsrv.exe
[00:26:0875] [Check Services] [300/306] WMPNetworkSvc
[00:26:0922] [Check Services] "C:\Program Files\Windows Media Player\WMPNetwk.exe"
[00:26:0922] [Check Services] [301/306] WS2IFSL
[00:26:0922] [Check Services] C:\WINDOWS\System32\drivers\ws2ifsl.sys
[00:26:0922] [Check Services] [302/306] WudfPf
[00:26:0922] [Check Services] C:\WINDOWS\system32\DRIVERS\WudfPf.sys
[00:26:0922] [Check Services] [303/306] WudfRd
[00:26:0937] [Check Services] C:\WINDOWS\system32\DRIVERS\wudfrd.sys
[00:26:0937] [Check Services] [304/306] WudfSvc
[00:26:0937] [Check Services] C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
[00:26:0953] [Check Services] [305/306] WZCSVC
[00:26:0953] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:26:0953] [Check Services] [306/306] xmlprov
[00:26:0953] [Check Services] C:\WINDOWS\System32\svchost.exe -k netsvcs
[00:26:0953] Loading Driver
[03:41:0703] Unload Driver
[03:41:0718] Delete Driver
[03:41:0718] Release mutex
[03:41:0718] Delete Mutex File


Can you tell me if it is possible to change the user. I bought the cmputer used several years ago and it is still registered in someone elses name.

[gringo_pr]

Hello

the user account (the one you sign into) or the name of the computer

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

• In your next post I need the following
  
• Log from Combofix
• let me know of any problems you may have had
  
• How is the computer doing now?

Gringo

[nrobe]

Firewall is back and so is windows security centre -thanks.

Can I delete combofix, rogue killer and defogger
- do I have to delete from dos and desktop.

Do you want the report.

[gringo_pr]

yes I would like the report

[nrobe]

Combofix report

ComboFix 13-02-07.02 - Michael Roughan 08/02/2013 22:19:23.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.703.349 [GMT 0:00]
Running from: c:\documents and settings\michael roughan\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\WINDOWS
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Start Menu\Programs\Scanner
c:\documents and settings\All Users\Start Menu\Programs\Scanner\HP Image Zone.lnk
c:\documents and settings\All Users\Start Menu\Programs\Scanner\HP Director.lnk
c:\documents and settings\All Users\Start Menu\Programs\Scanner\HP Document Viewer.lnk
c:\documents and settings\All Users\Start Menu\Programs\Scanner\Scanner and Camera Wizard.lnk
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\michael roughan\My Documents\~WRL0027.tmp
c:\documents and settings\michael roughan\My Documents\~WRL1119.tmp
c:\documents and settings\michael roughan\My Documents\~WRL1856.tmp
c:\documents and settings\michael roughan\My Documents\~WRL3896.tmp
c:\documents and settings\Michael Roughan\WINDOWS
C:\readme.txt
c:\windows\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe
c:\windows\iun6002.exe
c:\windows\system\MFC42.DLL
c:\windows\system\MSVCRT.DLL
c:\windows\system\OLEAUT32.DLL
c:\windows\system\olepro32.dll
c:\windows\system\Stdole2.tlb
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\roboot.exe
c:\windows\system32\Thumbs.db
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_USNJSVC
-------\Service_usnjsvc
.
.
((((((((((((((((((((((((( Files Created from 2013-01-08 to 2013-02-08 )))))))))))))))))))))))))))))))
.
.
2013-02-07 12:06 . 2013-02-07 12:06 -------- d--h--w- c:\windows\PIF
2013-02-04 01:38 . 2008-04-13 16:44 2560 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\USMT\iconlib.dll
2013-01-30 17:24 . 2013-01-30 17:24 -------- d-----w- C:\ELIBRARY
2013-01-25 00:37 . 2013-01-25 00:37 -------- d-----w- c:\windows\system32\wbem\Repository
2013-01-25 00:36 . 2013-01-25 00:36 -------- d-----w- c:\program files\Common Files\supportsoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 10:15 . 2012-04-04 19:33 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-10 10:15 . 2011-05-17 18:44 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 12:23 . 2004-08-04 13:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 16:49 . 2009-03-16 11:39 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-16 22:29 . 2012-06-08 10:38 43608 ----a-w- c:\windows\system32\drivers\kltdi.sys
2012-11-13 01:25 . 2004-08-04 13:00 1866368 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"VTTimer"="VTTimer.exe" [2004-03-26 49152]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-01-28 110740]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-04-05 180269]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2003-05-15 114688]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2003-05-15 163840]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-04 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"SoundMan"="SOUNDMAN.EXE" [2004-05-14 67072]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2008-11-18 623880]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-27 30192]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2012-11-16 356376]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Michael Roughan\Start Menu\Programs\Startup\
SpywareGuard.lnk - c:\program files\SpywareGuard\sgmain.exe [2003-8-29 360448]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HOTSYNCSHORTCUTNAME.lnk - c:\program files\palmOne\Hotsync.exe [N/A]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-3-8 984408]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"nosimplestartmenu"= 0 (0x0)
"norecentdochistory"= 0 (0x0)
"maxrecentdocs"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [08/06/2012 10:38 43608]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [13/08/2012 15:49 144344]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [27/06/2012 13:09 35672]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [25/05/2012 18:38 24408]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [25/07/2012 13:53 24920]
S3 ExpressAccountsService;Express Accounts;c:\program files\NCH Software\ExpressAccounts\expressaccounts.exe [20/11/2012 01:37 3051632]
S3 ExpressInvoiceService;Express Invoice;c:\program files\NCH Software\ExpressInvoice\expressinvoice.exe [20/11/2012 01:38 2211952]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [26/08/2010 23:42 30192]
S3 InventoriaService;Inventoria Stock Manager;c:\program files\NCH Software\Inventoria\inventoria.exe [20/11/2012 01:38 1693312]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WUAUSERV
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 10:15]
.
2013-02-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 17:57]
.
2012-12-18 c:\windows\Tasks\CopperReminder.job
- c:\program files\NCH Software\Copper\copper.exe [2012-11-25 10:00]
.
2013-01-25 c:\windows\Tasks\ExpressBurnDowngrade.job
- c:\program files\NCH Software\ExpressBurn\expressburn.exe [2012-11-20 03:50]
.
2012-12-21 c:\windows\Tasks\ExpressInvoiceReminder.job
- c:\program files\NCH Software\ExpressInvoice\expressinvoice.exe [2012-11-20 10:58]
.
2012-12-09 c:\windows\Tasks\InventoriaSchedBackup.job
- c:\program files\NCH Software\Inventoria\inventoria.exe [2012-11-20 03:32]
.
2013-02-08 c:\windows\Tasks\User_Feed_Synchronization-{7F08C149-E3BB-4E55-B904-7AD637C07E76}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.pipexuk.com/
mStart Page = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
DPF: {26E6B759-DEEB-42A1-A21C-78CD29098411} - hxxp://games.bigfishgames.com/en_fitness-dash/online/FitnessDashWeb.1.0.0.11.cab
DPF: {8FD07749-EFFA-48C6-947C-45A8D7BF422F} - hxxp://www.cyberlink.com/prog/vista/prog/CLVistaGenie.cab
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-NetObjects Fusion 7 - c:\netobjects fusion 7\Uninst.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-08 22:41
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3938932195-1789280515-296146922-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3938932195-1789280515-296146922-1006\Software\YourCompanyName\YourProductName\Version*]
"VersionData"=hex:94,5d,97,b7,cb,44,a6,7f,da,c8,08,24,07,89,83,8e,6a,ef,42,be,
2e,bd,bf,4b,c1,4b,cf,d9,0b,c1,9b,4e,4e,95,da,4f,5c,a7,89,8b,61,68,a9,c2,7e,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(4392)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
c:\apps\Powercinema\Kernel\TV\CLSched.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\apps\HIDSERVICE\HIDSERVICE.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\VTTimer.exe
c:\windows\SOUNDMAN.EXE
c:\program files\SpywareGuard\sgbhp.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Completion time: 2013-02-08 22:50:10 - machine was rebooted
ComboFix-quarantined-files.txt 2013-02-08 22:50
.
Pre-Run: 38,089,879,552 bytes free
Post-Run: 37,968,859,136 bytes free
.
- - End Of File - - 20C7493E9EAA50C85CB45D5F24AA2221



I have another issue - recently, there is a delay with the screen coming on at start up of computer - looking like it's not going to turn on.

Usually I unplug the computer when not using it - now the screen is not coming on unless I leave it on at the mains and just switch it off at the side of the screen
- any suggestions.

[gringo_pr]

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe

This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

• In your next post I need the following
  
  
• report from Combofix
• let me know of any problems you may have had
• How is the computer doing now after running the script?

Gringo

[nrobe]

No cannot do anything else. Screen has gone out - I'll have to see if I can get a replacement screen or if that's it.