Geddy1961

Members
  • Content count

    46
  • Joined

  • Last visited

About Geddy1961

  • Rank
    New Member
  1. thank you very very much
  2. what is this system recovery options i have to do again ?
  3. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-06-2013 03 Ran by User at 2013-06-03 16:04:18 Run:1 Running from C:\Documents and Settings\User\Desktop Boot Mode: Normal ============================================== C:\Program Files\SoftwareUpdater => Moved successfully. C:\Windows\2437DF07D3CB4D858397ED8AE9ED26D5.TMP => Moved successfully. C:\Documents and Settings\User\My Documents\iLividSetup.exe => Moved successfully. C:\Documents and Settings\User\My Documents\VCDCutterSetup.exe => Moved successfully. C:\Documents and Settings\User\My Documents\Programs\VideoCutterSetup.exe => Moved successfully. C:\WINDOWS\Temp\Optimizer_Pro.exe => Moved successfully. ==== End of Fixlog ====
  4. Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-06-2013 03 Ran by User at 2013-06-03 14:27:27 Run: Running from C:\Documents and Settings\User\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe AIR (Version: 3.1.0.4880) Adobe Flash Player 11 ActiveX (Version: 11.7.700.202) Adobe Flash Player 11 Plugin (Version: 11.7.700.202) Adobe Reader XI (11.0.03) (Version: 11.0.03) ANIO Service ANIWZCS2 Service Apple Application Support (Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (Version: 2.1.3.127) Avanquest update (Version: 1.30) Bonjour (Version: 3.0.0.10) BT Desktop Help BTHomeHub CCleaner (Version: 4.02) D-Link Wireless N DWA-140 Download Accelerator Plus (DAP) (Version: 10036 (Build 2451)) Driving Theory Test Professional v2.4.0.0 Easy Phone Sync (Version: 57) EPSON Scan ESET Online Scanner v3 GoToAssist Corporate (Version: 10.2.0.830) GoToAssist Corporate (Version: 9.0.570) Intel® Graphics Media Accelerator Driver iTunes (Version: 11.0.2.26) Java 7 Update 21 (Version: 7.0.210) Java Auto Updater (Version: 2.1.9.5) Java SE Development Kit 7 Update 13 (Version: 1.7.0.130) K-Lite Codec Pack 9.7.5 (Full) (Version: 9.7.5) LeapFrog Connect (Version: 4.2.9.15649) LeapFrog Leapster Explorer Plugin (Version: 4.2.11.15696) Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100) Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729) Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Choice Guard (Version: 2.0.48.0) Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1) Microsoft Corporation (Version: 9.0.30729.1) Microsoft LifeCam (Version: 3.22.270.0) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (Version: 14.0.5130.5003) Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1) Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Security Client (Version: 4.2.0223.1) Microsoft Security Essentials (Version: 4.2.223.1) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1) Mozilla Maintenance Service (Version: 20.0.1) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MyFreeCodec Nero 6 Ultra Edition Netscape Navigator (9.0.0.6) (Version: 9.0.0.6 (en-US)) PhotoNow! 1.0 (Version: 3.0.4004) PowerDirector QuickTime (Version: 7.73.80.64) Recover Disc 2.0 (Version: 2.0) Samsung Kies (Version: 2.5.1.12123_2) SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0) SoulSeek 157 NS 13e SoulseekQt SpeedBit Video Accelerator (Version: 3307(build_3013)) Strongvault Online Backup (Version: 5.0.2.34) SUPERAntiSpyware (Version: 5.6.1020) Tweaking.com - Windows Repair (All in One) (Version: 1.9.8) Uninstall Helper (Version: 2.0.1.0) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition Update for Windows Internet Explorer 8 (KB2598845) (Version: 1) Update for Windows XP (KB2345886) (Version: 1) Update for Windows XP (KB2467659) (Version: 1) Update for Windows XP (KB2541763) (Version: 1) Update for Windows XP (KB2616676-v2) (Version: 2) Update for Windows XP (KB2641690) (Version: 1) Update for Windows XP (KB2661254-v2) (Version: 2) Update for Windows XP (KB2718704) (Version: 1) Update for Windows XP (KB2736233) (Version: 1) Update for Windows XP (KB2749655) (Version: 1) Update for Windows XP (KB898461) (Version: 1) Update for Windows XP (KB951978) (Version: 1) Update for Windows XP (KB955759) (Version: 1) Update for Windows XP (KB961503) (Version: 1) Update for Windows XP (KB968389) (Version: 1) Update for Windows XP (KB971029) (Version: 1) Update for Windows XP (KB971737) (Version: 1) Update for Windows XP (KB973687) (Version: 1) Update for Windows XP (KB973815) (Version: 1) Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin) VCD Cutter 1.1 VLC media player 2.0.0 (Version: 2.0.0) WebFldrs XP (Version: 9.50.7523) Winamp (Version: 5.623 ) Winamp Detector Plug-in (Version: 1.0.0.1) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012) Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 (Version: 20090308.140743) Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player Firefox Plugin (Version: 1.0.0.8) Windows PowerShell 1.0 (Version: 2) WinRAR archiver Xilisoft Video Converter Ultimate (Version: 7.4.0.20120712) Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar ==================== Restore Points ========================= ==================== Hosts content: ========================== 127.0.0.1 localhost ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/03/2013 01:04:23 PM) (Source: MPSampleSubmission) (User: ) Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. Error: (06/03/2013 10:16:00 AM) (Source: MPSampleSubmission) (User: ) Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. Error: (06/03/2013 08:36:47 AM) (Source: MPSampleSubmission) (User: ) Description: EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile, P4 4.2.223.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. Error: (06/03/2013 08:36:46 AM) (Source: MPSampleSubmission) (User: ) Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.2.223.0, P3 passthrough, P4 1.1.9506.0, P5 fixed, P6 2 _ 2048, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. Error: (06/03/2013 08:36:45 AM) (Source: MPSampleSubmission) (User: ) Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.2.223.0, P3 timeout, P4 1.1.9506.0, P5 fixed, P6 2 _ 2048, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. Error: (06/03/2013 08:36:44 AM) (Source: MPSampleSubmission) (User: ) Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.2.223.0, P3 timeout, P4 1.1.9506.0, P5 fixed, P6 2 _ 2048, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. Error: (06/03/2013 08:36:44 AM) (Source: MPSampleSubmission) (User: ) Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.2.223.0, P3 timeout, P4 1.1.9506.0, P5 fixed, P6 2 _ 2048, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. Error: (06/03/2013 08:36:39 AM) (Source: MPSampleSubmission) (User: ) Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.2.223.0, P3 timeout, P4 1.1.9506.0, P5 fixed, P6 2 _ 2048, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. Error: (06/03/2013 08:36:34 AM) (Source: MPSampleSubmission) (User: ) Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.2.223.0, P3 timeout, P4 1.1.9506.0, P5 fixed, P6 2 _ 2048, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. Error: (06/03/2013 08:36:06 AM) (Source: MPSampleSubmission) (User: ) Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.2.223.0, P3 timeout, P4 1.1.9506.0, P5 fixed, P6 2 _ 2048, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. System errors: ============= Error: (06/03/2013 01:57:50 PM) (Source: Service Control Manager) (User: ) Description: The MRESP50 NDIS Protocol Driver service failed to start due to the following error: %%2 Error: (06/03/2013 01:57:50 PM) (Source: Service Control Manager) (User: ) Description: The MRESP50 NDIS Protocol Driver service failed to start due to the following error: %%2 Error: (06/03/2013 01:57:37 PM) (Source: Service Control Manager) (User: ) Description: The MRESP50 NDIS Protocol Driver service failed to start due to the following error: %%2 Error: (06/03/2013 01:57:37 PM) (Source: Service Control Manager) (User: ) Description: The MRESP50 NDIS Protocol Driver service failed to start due to the following error: %%2 Error: (06/03/2013 01:57:30 PM) (Source: Service Control Manager) (User: ) Description: The MRESP50 NDIS Protocol Driver service failed to start due to the following error: %%2 Error: (06/03/2013 01:57:30 PM) (Source: Service Control Manager) (User: ) Description: The MRESP50 NDIS Protocol Driver service failed to start due to the following error: %%2 Error: (06/03/2013 01:57:29 PM) (Source: Service Control Manager) (User: ) Description: The MRESP50 NDIS Protocol Driver service failed to start due to the following error: %%2 Error: (06/03/2013 01:57:29 PM) (Source: Service Control Manager) (User: ) Description: The MRESP50 NDIS Protocol Driver service failed to start due to the following error: %%2 Error: (06/03/2013 01:57:29 PM) (Source: Service Control Manager) (User: ) Description: The MRESP50 NDIS Protocol Driver service failed to start due to the following error: %%2 Error: (06/03/2013 01:57:29 PM) (Source: Service Control Manager) (User: ) Description: The MRESP50 NDIS Protocol Driver service failed to start due to the following error: %%2 Microsoft Office Sessions: ========================= Error: (05/16/2012 03:44:36 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 24 seconds with 0 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Percentage of memory in use: 54% Total physical RAM: 2036.89 MB Available physical RAM: 924.89 MB Total Pagefile: 3929.78 MB Available Pagefile: 2883.11 MB Total Virtual: 2047.88 MB Available Virtual: 1935.68 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:148.93 GB) (Free:111.21 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: (PDR5+PP4.0_R2) (CDROM) (Total:0.24 GB) (Free:0 GB) CDFS Drive e: (FreeAgent Drive) (Fixed) (Total:596.17 GB) (Free:399.86 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: A42D04A3) Partition 1: (Not Active) - (Size=78 MB) - (Type=DE) Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 596 GB) (Disk ID: CF72BE11) Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  5. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-06-2013 03 Ran by User (administrator) on 03-06-2013 14:26:49 Running from C:\Documents and Settings\User\Desktop Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Alcatel-Lucent) C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Microsoft Corporation) C:\WINDOWS\vVX1000.exe (Wireless Service) C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (D-Link Corp.) C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe (LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (SpeedBit LTD) C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe (Samsung) C:\Program Files\Samsung\Kies\Kies.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe () C:\Program Files\CyberLink\Shared Files\RichVideo.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe (Yahoo! Inc.) C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe (SpeedBit Ltd.) C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe [1044480 2008-07-16] (Analog Devices, Inc.) HKLM\...\Run: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe" [2011824 2012-11-23] (Alcatel-Lucent) HKLM\...\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" [119152 2010-05-20] (Microsoft Corporation) HKLM\...\Run: [VX1000] C:\WINDOWS\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation) HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.) HKLM\...\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-05-07] (Wireless Service) HKLM\...\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe [1683456 2009-05-07] (D-Link Corp.) HKLM\...\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe" [298376 2012-09-28] (LeapFrog Enterprises, Inc.) HKLM\...\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" [74752 2011-12-09] (Nullsoft, Inc.) HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [947152 2013-01-27] (Microsoft Corporation) HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [421888 2012-10-25] (Apple Inc.) HKLM\...\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.) HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.) HKLM\...\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation) HKLM\...\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u [x] Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\830\G2AWinLogon.dll [X] Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation) HKCU\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet [6595928 2012-05-25] (Yahoo! Inc.) HKCU\...\Run: [speedBitVideoAccelerator] "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe" /startup [1493704 2012-02-04] (SpeedBit LTD) HKCU\...\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP [3774680 2012-08-25] (Speedbit Ltd.) HKCU\...\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload [1476104 2012-12-20] (Samsung) HKCU\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [x] HKCU\...\Run: [uTorrent] "C:\Documents and Settings\User\Application Data\uTorrent\uTorrent.exe" /MINIMIZED [x] HKCU\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4760816 2013-05-15] (SUPERAntiSpyware.com) SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: SBCONVERT Class - {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll No File BHO: SpeedBit Link Verification Helper - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU -No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File Toolbar: HKCU -No Name - {57334934-2D47-006A-76A7-7A786E7484D7} - No File PDF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab PDF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Winsock: Catalog9 01 C:\Program Files\SpeedBit Video Accelerator\LSP3.2.2.5\SBLSP.dll [121704] (Apple Inc.) Winsock: Catalog9 02 C:\Program Files\SpeedBit Video Accelerator\LSP3.2.2.5\SBLSP.dll [121704] (Apple Inc.) Winsock: Catalog9 24 C:\Program Files\SpeedBit Video Accelerator\LSP3.2.2.5\SBLSP.dll [92672] (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @ei.MyWebFace_5a.com/Plugin - C:\Program Files\MyWebFace_5aEI\Installr\1.bin\NP5aEISB.dll No File FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @Motive.com/NpMotive,version=1.0 - C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent) FF Plugin: @Motive.com/npMotiveRequest,version=1.0 - C:\Program Files\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent) FF Plugin: @videolan.org/vlc,version=2.0.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Yahoo! Toolbar - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} FF Extension: DownloadHelper - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: Flash and Video Download - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} ========================== Services (Whitelisted) ================= R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [119056 2013-05-23] (SUPERAntiSpyware.com) R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation) R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] () R2 VideoAcceleratorService; C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe [265928 2012-02-04] (SpeedBit Ltd.) R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x] ==================== Drivers (Whitelisted) ==================== S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows ® Server 2003 DDK provider) R3 k57w2k; C:\Windows\System32\DRIVERS\k57xp32.sys [176640 2008-07-16] (Broadcom Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [21104 2012-12-14] (Malwarebytes Corporation) S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation) S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation) S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 rt2870; C:\Windows\System32\DRIVERS\rt2870.sys [715520 2009-04-15] (Ralink Technology, Corp.) S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation) S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation) S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation) S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation) S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation) S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation) S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R0 SFAUDIO; C:\Windows\System32\drivers\sfaudio.sys [24064 2008-07-16] (Sonic Focus, Inc) S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation) S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation) S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1961072 2010-05-20] (Microsoft Corporation) S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation) S4 Abiosdsk; No ImagePath S4 abp480n5; No ImagePath S4 adpu160m; No ImagePath S4 Aha154x; No ImagePath S4 aic78u2; No ImagePath S4 aic78xx; No ImagePath S4 AliIde; No ImagePath S4 amsint; No ImagePath S4 asc; No ImagePath S4 asc3350p; No ImagePath S4 asc3550; No ImagePath S4 Atdisk; No ImagePath S3 catchme; \??\C:\ComboFix\catchme.sys [x] S4 cd20xrnt; No ImagePath S0 cerc6; No ImagePath S1 Changer; No ImagePath S4 CmdIde; No ImagePath S4 Cpqarray; No ImagePath U4 dac2w2k; No ImagePath S4 dac960nt; No ImagePath S4 dpti2o; No ImagePath S4 hpn; No ImagePath S1 i2omgmt; No ImagePath S4 i2omp; No ImagePath S4 ini910u; No ImagePath S4 IntelIde; No ImagePath S1 lbrtfdc; No ImagePath S4 mraid35x; No ImagePath S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x] S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x] S3 MRESP50; System32\Drivers\MRESP50.sys [x] S1 PCIDump; No ImagePath S3 PDCOMP; No ImagePath S3 PDFRAME; No ImagePath S3 PDRELI; No ImagePath S3 PDRFRAME; No ImagePath S4 perc2; No ImagePath S4 perc2hib; No ImagePath S4 ql1080; No ImagePath S4 Ql10wnt; No ImagePath S4 ql12160; No ImagePath S4 ql1240; No ImagePath S4 ql1280; No ImagePath S4 Simbad; No ImagePath S4 Sparrow; No ImagePath S4 symc810; No ImagePath S4 symc8xx; No ImagePath S4 sym_hi; No ImagePath S4 sym_u3; No ImagePath S4 TosIde; No ImagePath S4 ultra; No ImagePath S4 ViaIde; No ImagePath S3 WDICA; No ImagePath ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-06-03 14:26 - 2013-06-03 14:26 - 01356197 ____A (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe 2013-06-03 14:26 - 2013-06-03 14:26 - 00000000 ____D C:\FRST 2013-06-03 14:21 - 2013-06-03 14:21 - 00006790 ____A C:\Windows\FaxSetup.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00006639 ____A C:\Windows\iis6.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00005816 ____A C:\Windows\ocgen.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00004591 ____A C:\Windows\tsoc.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00002504 ____A C:\Windows\comsetup.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00001891 ____A C:\Windows\imsins.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00001850 ____A C:\Windows\msmqinst.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00001810 ____A C:\Windows\ntdtcsetup.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00001592 ____A C:\Windows\netfxocm.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000719 ____A C:\Windows\MedCtrOC.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000479 ____A C:\Windows\msgsocm.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000469 ____A C:\Windows\ocmsn.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000311 ____A C:\Windows\tabletoc.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000000 ____A C:\Windows\setuperr.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000000 ____A C:\Windows\setupact.log 2013-06-03 14:07 - 2013-06-03 14:07 - 00000433 ____A C:\Documents and Settings\User\Desktop\eset.txt 2013-06-03 12:07 - 2013-06-03 12:07 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Speedbit 2013-06-03 12:07 - 2013-06-03 12:07 - 00000000 ____A C:\Documents and Settings\User\DAP.LOG 2013-06-03 12:05 - 2013-06-03 12:05 - 00010522 ____A C:\AdwCleaner[s2].txt 2013-06-03 12:04 - 2013-06-03 12:04 - 00632031 ____A C:\Documents and Settings\User\Desktop\adwcleaner.exe 2013-06-03 10:17 - 2013-06-03 10:17 - 00019738 ____A C:\Documents and Settings\User\Desktop\attach.txt 2013-06-03 10:17 - 2013-06-03 10:17 - 00016731 ____A C:\Documents and Settings\User\Desktop\dds.txt 2013-06-03 10:14 - 2013-06-03 10:14 - 00688992 ____R (Swearware) C:\Documents and Settings\User\Desktop\dds.scr 2013-06-02 23:06 - 2013-06-02 23:15 - 00021300 ____A C:\Documents and Settings\User\Desktop\enzyme write up_1 2013-06-02 23:06 - 2013-06-02 23:06 - 00020698 ____A C:\Documents and Settings\User\Desktop\enzyme write up 2013-06-02 20:27 - 2013-06-02 20:27 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-06-02 20:23 - 2013-06-02 20:24 - 02237968 ____A (Kaspersky Lab ZAO) C:\Documents and Settings\User\Desktop\tdsskiller.exe 2013-06-02 16:58 - 2013-06-02 16:58 - 00000018 ____A C:\Documents and Settings\User\My Documents\malwarebytes forum.txt 2013-06-02 10:41 - 2013-06-02 10:41 - 00001678 ____A C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk 2013-06-02 10:41 - 2013-06-02 10:41 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-06-02 10:41 - 2013-06-02 10:41 - 00000000 ____D C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com 2013-06-02 10:41 - 2013-06-02 10:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2013-05-28 13:58 - 2013-06-02 20:29 - 00000000 ____D C:\Program Files\SoftwareUpdater 2013-05-28 10:30 - 2013-05-28 10:30 - 00000247 ____A C:\Documents and Settings\User\My Documents\tv licence payment may 28th.txt 2013-05-27 17:29 - 2013-05-27 17:54 - 00000000 ____D C:\Documents and Settings\User\Application Data\Audacity 2013-05-27 17:28 - 2013-05-27 17:28 - 21281052 ____A (Audacity Team ) C:\Documents and Settings\User\My Documents\audacity-win-2.0.3.exe 2013-05-25 11:01 - 2013-05-25 11:06 - 00000000 ____D C:\Documents and Settings\User\My Documents\Tommy Liverpool Kit - may 25th 2013 2013-05-20 12:40 - 2013-05-20 12:40 - 00000000 ____A C:\Windows\System32\TempWmicBatchFile.bat 2013-05-15 16:03 - 2013-05-15 16:03 - 00000000 ____D C:\Documents and Settings\User\Application Data\Xilisoft 2013-05-15 16:01 - 2013-05-15 16:01 - 00000000 ____D C:\Program Files\Xilisoft 2013-05-15 16:01 - 2013-05-15 16:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Xilisoft 2013-05-15 15:23 - 2013-05-15 15:23 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$ 2013-05-15 15:20 - 2013-05-15 15:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$ 2013-05-14 08:22 - 2013-05-14 08:22 - 00137869 ____A C:\hcwclear.txt 2013-05-14 08:21 - 2013-05-14 08:21 - 00150128 ____A (Hauppauge Computer Works) C:\Documents and Settings\User\My Documents\hcwclear.exe 2013-05-13 12:42 - 2013-05-13 12:42 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\CyberLink 2013-05-13 12:26 - 2008-04-14 05:42 - 00363520 ___AC C:\Windows\System32\dllcache\psisdecd.dll 2013-05-13 12:26 - 2008-04-14 05:42 - 00363520 ____A C:\Windows\System32\PsisDecd.dll 2013-05-13 12:26 - 2008-04-14 05:42 - 00056832 ___AC C:\Windows\System32\dllcache\msdvbnp.ax 2013-05-13 12:26 - 2008-04-14 05:42 - 00056832 ____A C:\Windows\System32\MSDvbNP.ax 2013-05-13 12:26 - 2008-04-14 05:42 - 00033280 ___AC C:\Windows\System32\dllcache\psisrndr.ax 2013-05-13 12:26 - 2008-04-14 05:42 - 00033280 ____A C:\Windows\System32\PsisRndr.ax 2013-05-13 12:26 - 2008-04-14 05:42 - 00018432 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\bdaplgin.ax 2013-05-13 12:26 - 2008-04-14 05:42 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\BdaPlgIn.ax 2013-05-13 12:26 - 2008-04-14 00:16 - 00015232 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mpe.sys 2013-05-13 12:26 - 2008-04-14 00:16 - 00015232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MPE.sys 2013-05-13 12:26 - 2008-04-14 00:16 - 00011776 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\bdasup.sys 2013-05-13 12:26 - 2008-04-14 00:16 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BdaSup.sys 2013-05-13 12:20 - 2013-05-13 12:20 - 00000000 ____D C:\Documents and Settings\User\My Documents\CyberLink 2013-05-13 12:17 - 2013-05-15 15:04 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\CyberLink 2013-05-13 12:17 - 2013-05-13 12:17 - 00000000 ____D C:\Documents and Settings\User\Application Data\CyberLink 2013-05-13 12:12 - 2013-05-13 12:12 - 00001688 ____A C:\Documents and Settings\User\My Documents\CyberLink PowerDirector.lnk 2013-05-13 12:11 - 2013-05-27 17:19 - 00000000 ____D C:\Program Files\CyberLink 2013-05-10 10:02 - 2013-05-10 10:02 - 00000000 ____D C:\Documents and Settings\User\Application Data\dvdcss 2013-05-07 08:21 - 2013-05-07 08:21 - 06577464 ____A C:\Documents and Settings\User\My Documents\Attachments_201357_2.zip 2013-05-07 08:20 - 2013-05-07 08:21 - 09245261 ____A C:\Documents and Settings\User\My Documents\Attachments_201357_1.zip 2013-05-07 08:20 - 2013-05-07 08:20 - 07909799 ____A C:\Documents and Settings\User\My Documents\Attachments_201357.zip 2013-05-04 08:12 - 2013-06-03 09:37 - 00000000 ____D C:\Documents and Settings\User\Desktop\New Folder (3) ==================== One Month Modified Files and Folders ======== 2013-06-03 14:26 - 2013-06-03 14:26 - 01356197 ____A (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe 2013-06-03 14:26 - 2013-06-03 14:26 - 00000000 ____D C:\FRST 2013-06-03 14:21 - 2013-06-03 14:21 - 00006790 ____A C:\Windows\FaxSetup.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00006639 ____A C:\Windows\iis6.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00005816 ____A C:\Windows\ocgen.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00004591 ____A C:\Windows\tsoc.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00002504 ____A C:\Windows\comsetup.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00001891 ____A C:\Windows\imsins.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00001850 ____A C:\Windows\msmqinst.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00001810 ____A C:\Windows\ntdtcsetup.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00001592 ____A C:\Windows\netfxocm.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000719 ____A C:\Windows\MedCtrOC.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000479 ____A C:\Windows\msgsocm.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000469 ____A C:\Windows\ocmsn.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000311 ____A C:\Windows\tabletoc.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000000 ____A C:\Windows\setuperr.log 2013-06-03 14:21 - 2013-06-03 14:21 - 00000000 ____A C:\Windows\setupact.log 2013-06-03 14:21 - 2011-11-06 13:20 - 01264086 ____A C:\Windows\WindowsUpdate.log 2013-06-03 14:18 - 2012-08-25 14:17 - 00000776 ____A C:\Windows\Tasks\SBWUpdateTask_Time_cbef6ec-0023AE7E1D75.job 2013-06-03 14:07 - 2013-06-03 14:07 - 00000433 ____A C:\Documents and Settings\User\Desktop\eset.txt 2013-06-03 14:07 - 2012-03-31 22:06 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-06-03 13:33 - 2012-12-19 22:23 - 00000000 ____D C:\Documents and Settings\User\Desktop\New Folder (2) 2013-06-03 12:46 - 2011-11-10 21:53 - 00000000 ____D C:\Documents and Settings\User\Application Data\vlc 2013-06-03 12:16 - 2013-02-26 22:55 - 00000384 ___AH C:\Windows\Tasks\Microsoft Antimalware Scheduled Scan.job 2013-06-03 12:07 - 2013-06-03 12:07 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Speedbit 2013-06-03 12:07 - 2013-06-03 12:07 - 00000000 ____A C:\Documents and Settings\User\DAP.LOG 2013-06-03 12:07 - 2011-11-11 13:07 - 00000159 ____A C:\Windows\wiadebug.log 2013-06-03 12:07 - 2011-11-11 13:07 - 00000050 ____A C:\Windows\wiaservc.log 2013-06-03 12:07 - 2008-04-14 13:00 - 00002206 ____A C:\Windows\System32\wpa.dbl 2013-06-03 12:06 - 2013-03-16 14:27 - 00000276 ____A C:\Windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-73586283-2000478354-682003330-1003.job 2013-06-03 12:06 - 2012-08-25 14:17 - 00000776 ____A C:\Windows\Tasks\SBWUpdateTask_Logon_cbef6ec-0023AE7E1D75.job 2013-06-03 12:06 - 2011-11-06 13:29 - 00032024 ____A C:\Windows\SchedLgU.Txt 2013-06-03 12:06 - 2011-11-06 13:29 - 00000178 ___SH C:\Documents and Settings\User\ntuser.ini 2013-06-03 12:06 - 2011-11-06 13:29 - 00000062 __ASH C:\Documents and Settings\User\Local Settings\desktop.ini 2013-06-03 12:06 - 2011-11-06 13:29 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini 2013-06-03 12:06 - 2011-11-06 13:29 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-03 12:06 - 2011-11-06 13:23 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini 2013-06-03 12:05 - 2013-06-03 12:05 - 00010522 ____A C:\AdwCleaner[s2].txt 2013-06-03 12:04 - 2013-06-03 12:04 - 00632031 ____A C:\Documents and Settings\User\Desktop\adwcleaner.exe 2013-06-03 10:17 - 2013-06-03 10:17 - 00019738 ____A C:\Documents and Settings\User\Desktop\attach.txt 2013-06-03 10:17 - 2013-06-03 10:17 - 00016731 ____A C:\Documents and Settings\User\Desktop\dds.txt 2013-06-03 10:14 - 2013-06-03 10:14 - 00688992 ____R (Swearware) C:\Documents and Settings\User\Desktop\dds.scr 2013-06-03 09:37 - 2013-05-04 08:12 - 00000000 ____D C:\Documents and Settings\User\Desktop\New Folder (3) 2013-06-02 23:15 - 2013-06-02 23:06 - 00021300 ____A C:\Documents and Settings\User\Desktop\enzyme write up_1 2013-06-02 23:06 - 2013-06-02 23:06 - 00020698 ____A C:\Documents and Settings\User\Desktop\enzyme write up 2013-06-02 23:02 - 2012-12-03 23:05 - 00000000 ____D C:\Documents and Settings\User\Desktop\New Folder 2013-06-02 21:14 - 2011-11-10 20:53 - 00000000 ____D C:\Program Files\CCleaner 2013-06-02 21:00 - 2013-01-20 09:33 - 00000420 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{B63C40F8-7EA7-49A7-80E3-8F685E85CD33}.job 2013-06-02 20:29 - 2013-05-28 13:58 - 00000000 ____D C:\Program Files\SoftwareUpdater 2013-06-02 20:29 - 2011-11-10 20:32 - 00000000 ____D C:\Program Files\Common Files\Motive 2013-06-02 20:27 - 2013-06-02 20:27 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-06-02 20:24 - 2013-06-02 20:23 - 02237968 ____A (Kaspersky Lab ZAO) C:\Documents and Settings\User\Desktop\tdsskiller.exe 2013-06-02 19:57 - 2011-11-06 14:12 - 00000000 __SHD C:\Documents and Settings\User\UserData 2013-06-02 17:51 - 2012-04-30 19:12 - 00000000 ____D C:\Documents and Settings\User\Application Data\Winamp 2013-06-02 16:58 - 2013-06-02 16:58 - 00000018 ____A C:\Documents and Settings\User\My Documents\malwarebytes forum.txt 2013-06-02 15:26 - 2011-12-25 14:33 - 00000000 ____D C:\Windows\2437DF07D3CB4D858397ED8AE9ED26D5.TMP 2013-06-02 10:41 - 2013-06-02 10:41 - 00001678 ____A C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk 2013-06-02 10:41 - 2013-06-02 10:41 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-06-02 10:41 - 2013-06-02 10:41 - 00000000 ____D C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com 2013-06-02 10:41 - 2013-06-02 10:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2013-06-01 14:09 - 2013-03-16 14:27 - 00000284 ____A C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-73586283-2000478354-682003330-1003.job 2013-06-01 11:11 - 2012-03-04 10:42 - 00000284 ____A C:\Windows\Tasks\AppleSoftwareUpdate.job 2013-05-30 16:25 - 2011-11-10 21:05 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-05-30 12:06 - 2011-11-10 20:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Soulseek 2013-05-29 07:34 - 2012-03-06 13:57 - 00000007 ____A C:\Windows\System32\ANIWZCSUSERNAME 2013-05-28 10:30 - 2013-05-28 10:30 - 00000247 ____A C:\Documents and Settings\User\My Documents\tv licence payment may 28th.txt 2013-05-27 17:54 - 2013-05-27 17:29 - 00000000 ____D C:\Documents and Settings\User\Application Data\Audacity 2013-05-27 17:28 - 2013-05-27 17:28 - 21281052 ____A (Audacity Team ) C:\Documents and Settings\User\My Documents\audacity-win-2.0.3.exe 2013-05-27 17:19 - 2013-05-13 12:11 - 00000000 ____D C:\Program Files\CyberLink 2013-05-27 17:18 - 2011-11-10 20:47 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-05-25 11:06 - 2013-05-25 11:01 - 00000000 ____D C:\Documents and Settings\User\My Documents\Tommy Liverpool Kit - may 25th 2013 2013-05-24 12:28 - 2012-09-17 14:20 - 00000443 ____A C:\Documents and Settings\User\My Documents\EDF PAYBACK.txt 2013-05-23 14:00 - 2012-03-17 17:41 - 00552960 __ASH C:\Documents and Settings\User\My Documents\Thumbs.db 2013-05-20 12:56 - 2011-11-10 20:46 - 00000000 ____D C:\Documents and Settings\User\Application Data\Skype 2013-05-20 12:56 - 2011-11-10 20:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype 2013-05-20 12:40 - 2013-05-20 12:40 - 00000000 ____A C:\Windows\System32\TempWmicBatchFile.bat 2013-05-15 16:03 - 2013-05-15 16:03 - 00000000 ____D C:\Documents and Settings\User\Application Data\Xilisoft 2013-05-15 16:01 - 2013-05-15 16:01 - 00000000 ____D C:\Program Files\Xilisoft 2013-05-15 16:01 - 2013-05-15 16:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Xilisoft 2013-05-15 15:49 - 2011-11-06 13:12 - 00268600 ____A C:\Windows\System32\FNTCACHE.DAT 2013-05-15 15:42 - 2011-11-11 13:40 - 00000000 ____D C:\Windows\Microsoft.NET 2013-05-15 15:31 - 2011-11-06 13:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help 2013-05-15 15:30 - 2011-11-06 13:13 - 00542886 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-15 15:23 - 2013-05-15 15:23 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$ 2013-05-15 15:23 - 2011-11-06 14:10 - 00000000 ____D C:\Windows\$hf_mig$ 2013-05-15 15:20 - 2013-05-15 15:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$ 2013-05-15 15:20 - 2011-11-06 14:46 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-05-15 15:04 - 2013-05-13 12:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\CyberLink 2013-05-15 12:07 - 2013-02-27 22:07 - 17613192 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe 2013-05-15 12:07 - 2012-03-31 22:06 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2013-05-15 12:07 - 2011-11-10 20:39 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2013-05-14 13:21 - 2011-11-19 20:20 - 00000000 ____D C:\Documents and Settings\User\Application Data\Media Player Classic 2013-05-14 08:22 - 2013-05-14 08:22 - 00137869 ____A C:\hcwclear.txt 2013-05-14 08:21 - 2013-05-14 08:21 - 00150128 ____A (Hauppauge Computer Works) C:\Documents and Settings\User\My Documents\hcwclear.exe 2013-05-13 12:42 - 2013-05-13 12:42 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\CyberLink 2013-05-13 12:20 - 2013-05-13 12:20 - 00000000 ____D C:\Documents and Settings\User\My Documents\CyberLink 2013-05-13 12:17 - 2013-05-13 12:17 - 00000000 ____D C:\Documents and Settings\User\Application Data\CyberLink 2013-05-13 12:14 - 2011-11-06 15:08 - 00069632 ____A C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2013-05-13 12:12 - 2013-05-13 12:12 - 00001688 ____A C:\Documents and Settings\User\My Documents\CyberLink PowerDirector.lnk 2013-05-10 10:02 - 2013-05-10 10:02 - 00000000 ____D C:\Documents and Settings\User\Application Data\dvdcss 2013-05-08 11:32 - 2011-11-11 13:58 - 00000000 ____D C:\Documents and Settings\User\Tracing 2013-05-08 11:24 - 2011-11-06 13:13 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-05-07 08:21 - 2013-05-07 08:21 - 06577464 ____A C:\Documents and Settings\User\My Documents\Attachments_201357_2.zip 2013-05-07 08:21 - 2013-05-07 08:20 - 09245261 ____A C:\Documents and Settings\User\My Documents\Attachments_201357_1.zip 2013-05-07 08:20 - 2013-05-07 08:20 - 07909799 ____A C:\Documents and Settings\User\My Documents\Attachments_201357.zip 2013-05-07 05:27 - 2008-04-14 13:00 - 06015488 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mshtml.dll 2013-05-07 05:27 - 2008-04-14 13:00 - 06015488 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Lo
  6. i cannot see a program callws softwareupdater in the list ?
  7. C:\Documents and Settings\User\My Documents\iLividSetup.exe Win32/Toolbar.SearchSuite application C:\Documents and Settings\User\My Documents\VCDCutterSetup.exe multiple threats C:\Documents and Settings\User\My Documents\Programs\VideoCutterSetup.exe Win32/Adware.RK.AP application C:\Program Files\SoftwareUpdater\uninstall.exe a variant of Win32/ToolkitOffers.A application C:\WINDOWS\Temp\Optimizer_Pro.exe multiple threats
  8. the pop ups from yieldmanager seemed to have stopped
  9. tdsskiller logs.tdsskiller logs.zip
  10. sorry posted that twice
  11. malwarebytes logslogs.ziplogs.zip
  12. malwarebytes logs
  13. # AdwCleaner v2.301 - Logfile created 06/03/2013 at 12:05:13 # Updated 16/05/2013 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : User - DELL-360 # Boot Mode : Normal # Running from : C:\Documents and Settings\User\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Documents and Settings\All Users\Application Data\Speedbit File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\searchplugins\Babylon.xml File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\searchplugins\BrowserProtect.xml File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\searchplugins\delta.xml File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\searchplugins\speedbit.xml File Deleted : C:\END File Deleted : C:\WINDOWS\Tasks\Auto Lyrics Update.job Folder Deleted : C:\Documents and Settings\All Users\Application Data\APN Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Speedbit Video Downloader Folder Deleted : C:\Documents and Settings\User\Application Data\Babylon Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\CT1729633 Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\extensions\{b52de586-c0f5-4d19-8593-69542c4b9f8b} Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\extensions\ffxtlbr@babylon.com Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\Smartbar Folder Deleted : C:\Documents and Settings\User\Application Data\PriceGong Folder Deleted : C:\Documents and Settings\User\Application Data\Toolbar4 Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\Conduit Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\Speedbit Folder Deleted : C:\Program Files\Ask.com Folder Deleted : C:\Program Files\AutoLyrics Folder Deleted : C:\Program Files\Common Files\Speedbit Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\Speedbit Video Downloader ***** [Registry] ***** Key Deleted : HKCU\Software\AutoLyrics Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\ConduitSearchScopes Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BrowserProtect Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0329E7D6-6F54-462D-93F6-F5C3118BADF2} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{92A9ACF4-9333-43AE-9698-DB283326F87F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DAEB9E85-4694-4F9B-85CB-2F28987872D7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FF7C3CF0-4B15-11D1-ABED-709549C10000} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0329E7D6-6F54-462D-93F6-F5C3118BADF2} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92A9ACF4-9333-43AE-9698-DB283326F87F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DAEB9E85-4694-4F9B-85CB-2F28987872D7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF7C3CF0-4B15-11D1-ABED-709549C10000} Key Deleted : HKCU\Software\Optimizer Pro Key Deleted : HKCU\Software\PriceGong Key Deleted : HKCU\Software\SBConvert Key Deleted : HKCU\Software\SmartBar Key Deleted : HKCU\Software\SpeedBit Key Deleted : HKLM\SOFTWARE\5b558c8ce23ab912 Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{92A9ACF4-9333-43AE-9698-DB283326F87F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DAEB9E85-4694-4F9B-85CB-2F28987872D7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FF7C3CF0-4B15-11D1-ABED-709549C10000} Key Deleted : HKLM\SOFTWARE\Classes\Directory\shell\SPEEDbitVideoConverter Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289075 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pkcdkfohdadbjmlfejhncigcbfkiaamf Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\autolyrics@man-soft.net Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdater Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SPEEDbit Video Downloader Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92A9ACF4-9333-43AE-9698-DB283326F87F} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DAEB9E85-4694-4F9B-85CB-2F28987872D7} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\autolyrics@man-soft.net Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SPEEDbit Video Downloader Key Deleted : HKLM\Software\SoftwareUpdater Key Deleted : HKLM\Software\SpeedBit Key Deleted : HKLM\Software\Tarma Installer Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 Replaced : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=5c9729fe-89d4-42f3-9fc6-1862c0bb4aaf&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms} --> hxxp://www.google.com Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=GB&userid=5c9729fe-89d4-42f3-9fc6-1862c0bb4aaf&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms} --> hxxp://www.google.com -\\ Mozilla Firefox v20.0.1 (en-US) File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\prefs.js C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\kvvgi3y1.default\user.js ... Deleted ! [OK] File is clean. ************************* AdwCleaner[s1].txt - [12646 octets] - [09/02/2013 17:03:35] AdwCleaner[s2].txt - [10391 octets] - [03/06/2013 12:05:13] ########## EOF - C:\AdwCleaner[s2].txt - [10452 octets] ##########
  14. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2 Run by User at 10:16:21 on 2013-06-03 Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2037.869 [GMT 1:00] . AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . ============== Running Processes ================ . C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\vVX1000.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe C:\Program Files\DAP\DAP.EXE C:\Program Files\Samsung\Kies\Kies.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Windows Media Player\WMPNetwk.exe C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\alg.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.co.uk/ uSearchAssistant = hxxp://www.google.com BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: SBCONVERT Class: {92A9ACF4-9333-43AE-9698-DB283326F87F} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll BHO: SBCONVERT Class: {A1056498-D09A-41E4-864B-505EDD640D9E} - c:\program files\speedbit video downloader\toolbar\SpeedBitVideoDownloader.dll BHO: SpeedBit Link Verification Helper: {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - c:\program files\dap\LinkVerifier.dll BHO: Auto Lyrics: {DAEB9E85-4694-4F9B-85CB-2F28987872D7} - c:\program files\autolyrics\autolrcs.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: GrabberObj Class: {FF7C3CF0-4B15-11D1-ABED-709549C10000} - c:\program files\speedbit video downloader\toolbar\Grabber.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet uRun: [speedBitVideoAccelerator] "c:\program files\speedbit video accelerator\VideoAccelerator.exe" /startup uRun: [DownloadAccelerator] "c:\program files\dap\DAP.EXE" /STARTUP uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [uTorrent] "c:\documents and settings\user\application data\utorrent\uTorrent.exe" /MINIMIZED uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [btbb_McciTrayApp] "c:\program files\bt broadband desktop help\btbb\BTHelpNotifier.exe" mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe" mRun: [VX1000] c:\windows\vVX1000.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe mRun: [D-Link D-Link Wireless N DWA-140] c:\program files\d-link\dwa-140 revb\AirNCFG.exe mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe" mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [userFaultCheck] c:\windows\system32\dumprep 0 -u dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t uPolicies-Explorer: NoDriveTypeAutoRun = dword:323 uPolicies-Explorer: NoDriveAutoRun = dword:67108863 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe LSP: c:\program files\speedbit video accelerator\lsp3.2.2.5\SBLSP.dll DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1320585147328 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab TCP: NameServer = 192.168.1.254 TCP: Interfaces\{56371F02-5AF3-4740-B579-671BF06180FF} : DHCPNameServer = 192.168.1.254 Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll Notify: GoToAssist - c:\program files\citrix\gotoassist\830\G2AWinLogon.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\kvvgi3y1.default\ FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\motive\npMotive.dll FF - plugin: c:\program files\common files\motive\npMotiveRequest.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.shownSelectionUI - true FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 0cbef6ec0000000000000023ae7e1d75 FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15853 FF - user.js: extensions.delta.vrsn - 1.8.21.5 FF - user.js: extensions.delta.vrsni - 1.8.21.5 FF - user.js: extensions.delta.vrsnTs - 1.8.21.514:00:52 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=119722&tt=gc_ FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 195296] R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2011-11-6 24064] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-5-23 119056] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-12 398184] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-14 682344] R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~2\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~2\VideoAcceleratorService.exe -start -scm [?] R3 k57w2k;Broadcom NetLink Gigabit Ethernet;c:\windows\system32\drivers\k57xp32.sys [2011-11-6 176640] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-14 21104] S0 cerc6;cerc6; [x] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-1-21 83168] S3 LeapFrog-USBLAN;LeapFrog-USBLAN;c:\windows\system32\drivers\btblan.sys [2009-10-9 33792] S3 rt2870;D-Link 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2012-3-5 715520] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2011-11-10 86824] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2011-11-10 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2011-11-10 114600] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2011-11-10 108328] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2011-11-10 26024] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2011-11-10 104616] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2011-11-10 109736] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-1-21 181344] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== File Associations =============== . FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2013-06-02 19:27:41 -------- d-----w- C:\TDSSKiller_Quarantine 2013-06-02 14:32:45 7016152 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eede6b0a-3de3-4a0d-a1eb-e6b39211cbb2}\mpengine.dll 2013-06-02 09:41:33 -------- d-----w- c:\documents and settings\user\application data\SUPERAntiSpyware.com 2013-06-02 09:41:23 -------- d-----w- c:\program files\SUPERAntiSpyware 2013-06-02 09:41:23 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com 2013-06-02 01:18:54 7016152 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-06-01 07:48:21 -------- d-----w- c:\program files\AutoLyrics 2013-06-01 07:47:57 -------- d-----w- C:\temp 2013-05-28 12:58:23 -------- d-----w- c:\program files\SoftwareUpdater 2013-05-20 11:40:53 0 ----a-w- c:\windows\system32\TempWmicBatchFile.bat 2013-05-20 11:00:26 -------- d-----w- c:\documents and settings\user\application data\Toolbar4 2013-05-15 15:03:58 -------- d-----w- c:\documents and settings\user\application data\Xilisoft 2013-05-15 15:01:45 -------- d-----w- c:\program files\Xilisoft 2013-05-15 15:01:45 -------- d-----w- c:\documents and settings\all users\application data\Xilisoft 2013-05-13 12:01:17 -------- d-----w- c:\documents and settings\user\application data\Babylon 2013-05-13 12:01:17 -------- d-----w- c:\documents and settings\all users\application data\Babylon 2013-05-13 11:26:32 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys 2013-05-13 11:26:32 15232 ----a-w- c:\windows\system32\drivers\MPE.sys 2013-05-13 11:26:17 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll 2013-05-13 11:26:17 363520 ----a-w- c:\windows\system32\PsisDecd.dll 2013-05-13 11:26:16 56832 ----a-w- c:\windows\system32\MSDvbNP.ax 2013-05-13 11:26:15 33280 ----a-w- c:\windows\system32\PsisRndr.ax 2013-05-13 11:26:15 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys 2013-05-13 11:26:15 11776 ----a-w- c:\windows\system32\drivers\BdaSup.sys 2013-05-13 11:26:14 18432 ----a-w- c:\windows\system32\BdaPlgIn.ax 2013-05-11 10:37:28 209472 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2013-05-11 10:37:28 209472 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll . ==================== Find3M ==================== . 2013-05-15 11:07:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-15 11:07:13 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-15 11:07:07 17613192 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-04-16 22:17:15 920064 ----a-w- c:\windows\system32\wininet.dll 2013-04-16 22:17:14 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-04-16 22:17:14 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-04-12 23:28:55 385024 ----a-w- c:\windows\system32\html.iec 2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys 2013-04-04 04:35:08 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-03-13 20:52:48 69632 ----a-w- c:\windows\system32\CUUpdateComponent.ocx 2013-03-13 20:52:48 421888 ----a-w- c:\windows\system32\ComputerUpdaterLM.ocx 2013-03-13 20:52:48 131072 ----a-w- c:\windows\system32\SafeAppRichList.ocx 2013-03-09 19:49:09 861088 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-03-09 19:49:09 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll 2013-03-07 01:32:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-07 00:50:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-07-12 08:19:00 2174976 ----a-w- c:\program files\common files\atimpenc.dll . ============= FINISH: 10:17:09.18 ===============
  15. i was told to copy and paste these 2 logs here. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 06/11/2011 12:22:45 System Uptime: 03/06/2013 08:10:27 (2 hours ago) . Motherboard: Dell Inc. | | 0T656F Processor: Intel Pentium III Xeon processor | CPU | 2493/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 149 GiB total, 111.256 GiB free. D: is CDROM (CDFS) E: is FIXED (NTFS) - 596 GiB total, 399.855 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.03) ANIO Service ANIWZCS2 Service Apple Application Support Apple Mobile Device Support Apple Software Update Auto Lyrics Avanquest update Bonjour BT Desktop Help BTHomeHub CCleaner D-Link Wireless N DWA-140 Download Accelerator Plus (DAP) Driving Theory Test Professional v2.4.0.0 Easy Phone Sync EPSON Scan ESET Online Scanner v3 GoToAssist Corporate Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB2779562) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB976002-v5) Intel® Graphics Media Accelerator Driver iTunes Java 7 Update 21 Java Auto Updater Java SE Development Kit 7 Update 13 K-Lite Codec Pack 9.7.5 (Full) LeapFrog Connect LeapFrog Leapster Explorer Plugin Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation Microsoft LifeCam Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Live Add-in 1.5 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 20.0.1 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec Nero 6 Ultra Edition Netscape Navigator (9.0.0.6) PhotoNow! 1.0 PowerDirector QuickTime Recover Disc 2.0 Samsung Kies SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB2761465) Security Update for Windows Internet Explorer 8 (KB2792100) Security Update for Windows Internet Explorer 8 (KB2797052) Security Update for Windows Internet Explorer 8 (KB2799329) Security Update for Windows Internet Explorer 8 (KB2809289) Security Update for Windows Internet Explorer 8 (KB2817183) Security Update for Windows Internet Explorer 8 (KB2829530) Security Update for Windows Internet Explorer 8 (KB2847204) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2586448) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB2753842-v2) Security Update for Windows XP (KB2753842) Security Update for Windows XP (KB2757638) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2761226) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2778344) Security Update for Windows XP (KB2779030) Security Update for Windows XP (KB2780091) Security Update for Windows XP (KB2799494) Security Update for Windows XP (KB2802968) Security Update for Windows XP (KB2807986) Security Update for Windows XP (KB2808735) Security Update for Windows XP (KB2813170) Security Update for Windows XP (KB2813345) Security Update for Windows XP (KB2820197) Security Update for Windows XP (KB2820917) Security Update for Windows XP (KB2829361) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) SoftwareUpdater SoulSeek 157 NS 13e SoulseekQt SpeedBit Video Accelerator SpeedBit Video Downloader Strongvault Online Backup SUPERAntiSpyware Tweaking.com - Windows Repair (All in One) Uninstall Helper Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition Update for Windows Internet Explorer 8 (KB2598845) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2616676-v2) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB961503) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin) VCD Cutter 1.1 VLC media player 2.0.0 WebFldrs XP Winamp Winamp Detector Plug-in Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player Firefox Plugin Windows PowerShell 1.0 WinRAR archiver Xilisoft Video Converter Ultimate Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 30/05/2013 08:20:07, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Media Player Network Sharing Service service to connect. 30/05/2013 08:20:07, error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 30/05/2013 03:22:47, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Software Updater service to connect. 30/05/2013 03:22:47, error: Service Control Manager [7000] - The Software Updater service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 28/05/2013 08:44:13, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions. 03/06/2013 08:35:39, error: Service Control Manager [7022] - The Terminal Services service hung on starting. 03/06/2013 08:35:39, error: Service Control Manager [7022] - The Automatic Updates service hung on starting. 03/06/2013 08:35:39, error: Service Control Manager [7001] - The Fast User Switching Compatibility service depends on the Terminal Services service which failed to start because of the following error: After starting, the service hung in a start-pending state. 03/06/2013 08:35:17, error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions. 02/06/2013 20:32:12, error: Service Control Manager [7000] - The MRESP50 NDIS Protocol Driver service failed to start due to the following error: The system cannot find the file specified. 02/06/2013 20:32:11, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820} 02/06/2013 20:32:11, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} 02/06/2013 20:32:11, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} 02/06/2013 20:32:11, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 02/06/2013 20:32:05, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect. 02/06/2013 20:32:05, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================