Have downloaded Malware but virus is blocking access to it

Solved
By gill12
Feb 26, 2011
Topic Status:
Not open for further replies.
  1. Hi, a virus has taken over my computer and blocked my Mcafee software. I can download the Malware program but virus is blocking access to it and telling me to activate it's anti virus software.

    What do I try next?
  2. Broni

    Broni Malware Annihilator Posts: 45,317   +243

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.
    Complete as many steps as you can.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
  3. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    Hi, I have downloaded those programs to my desktop but virus doesn't allow them to run.
  4. Broni

    Broni Malware Annihilator Posts: 45,317   +243

    Try Safe Mode.
    Does the virus have any name?
  5. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    Hi again. No name as yet but keeps referring me to download it's windows anti virus program. Will try safe mode now, thanks for help.
  6. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    I succesfully ran TFC and rebooted the computer. So far so good, but I somehow managed to blow up my laptop charger while rebooting, so am stuck for a day or two. I will come back to your instructions then. Please keep it open. Thanks again for your help.
  7. Broni

    Broni Malware Annihilator Posts: 45,317   +243

    No problem.
    I'll be around :)
  8. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    Malwarebytes in Safe mode

    Hi again, charger came back to life. So far, on the quick scan with Malwarebyte found
    2 x PUM.Disabled ; Registry Data; HKEY_LOCAL_MACHINE\SOFTWARE\MICRO....;BAD 1 NO ACTION TAKEN.

    Doing full scan now.
  9. Broni

    Broni Malware Annihilator Posts: 45,317   +243

    You have to fix whatever found.
  10. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    Hi,
    I have deleted what I found, a Trojan, but am not certain that my computer is clear. I think my McAffee anti virus software might be infected. I wll check out further. Thanks for your help.
    Here are the logs.

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5904

    Windows 5.1.2600 Service Pack 3 (Safe Mode)
    Internet Explorer 8.0.6001.18702

    28/02/2011 18:28:50
    mbam-log-2011-02-28 (18-28-50).txt

    Scan type: Full scan (C:\|D:\|)
    Objects scanned: 228452
    Time elapsed: 1 hour(s), 54 minute(s), 13 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\documents and settings\all users\application data\gmpopog06300\gmpopog06300.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.










    DDS log
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/02/2008 12:00:20
    System Uptime: 28/02/2011 18:35:10 (0 hours ago)

    Motherboard: TOSHIBA | | Portable PC
    Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz | uFC-PGA Socket | 1828/166mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 75 GiB total, 54.108 GiB free.
    D: is CDROM ()

    ==== Disabled Device Manager Items =============

    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description:
    Device ID: ACPI\TOS6208\2&DABA3FF&0
    Manufacturer:
    Name:
    PNP Device ID: ACPI\TOS6208\2&DABA3FF&0
    Service:

    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description:
    Device ID: ACPI\TOS620A\2&DABA3FF&0
    Manufacturer:
    Name:
    PNP Device ID: ACPI\TOS620A\2&DABA3FF&0
    Service:

    ==== System Restore Points ===================

    RP845: 30/11/2010 14:31:16 - System Checkpoint
    RP846: 02/12/2010 01:38:52 - System Checkpoint
    RP847: 03/12/2010 20:50:09 - System Checkpoint
    RP848: 05/12/2010 17:51:06 - System Checkpoint
    RP849: 06/12/2010 19:39:50 - System Checkpoint
    RP850: 09/12/2010 11:14:35 - System Checkpoint
    RP851: 10/12/2010 12:33:00 - System Checkpoint
    RP852: 12/12/2010 11:57:28 - System Checkpoint
    RP853: 14/12/2010 10:51:21 - System Checkpoint
    RP854: 15/12/2010 09:03:46 - Software Distribution Service 3.0
    RP855: 18/12/2010 06:40:10 - Software Distribution Service 3.0
    RP856: 19/12/2010 12:46:39 - System Checkpoint
    RP857: 21/12/2010 18:03:41 - System Checkpoint
    RP858: 23/12/2010 07:33:56 - System Checkpoint
    RP859: 25/12/2010 11:51:14 - System Checkpoint
    RP860: 26/12/2010 23:58:59 - System Checkpoint
    RP861: 30/12/2010 14:58:00 - System Checkpoint
    RP862: 31/12/2010 17:16:17 - System Checkpoint
    RP863: 01/01/2011 17:21:49 - System Checkpoint
    RP864: 03/01/2011 17:20:37 - System Checkpoint
    RP865: 04/01/2011 21:19:15 - System Checkpoint
    RP866: 05/01/2011 22:28:43 - System Checkpoint
    RP867: 07/01/2011 18:31:02 - System Checkpoint
    RP868: 07/01/2011 19:55:59 - Installed Photo Story 3 for Windows
    RP869: 09/01/2011 14:02:51 - System Checkpoint
    RP870: 10/01/2011 15:07:28 - System Checkpoint
    RP871: 11/01/2011 23:38:02 - System Checkpoint
    RP872: 13/01/2011 02:35:43 - System Checkpoint
    RP873: 13/01/2011 03:00:20 - Software Distribution Service 3.0
    RP874: 14/01/2011 16:43:19 - System Checkpoint
    RP875: 16/01/2011 18:31:23 - System Checkpoint
    RP876: 18/01/2011 12:07:28 - System Checkpoint
    RP877: 19/01/2011 14:08:00 - System Checkpoint
    RP878: 22/01/2011 15:15:18 - System Checkpoint
    RP879: 23/01/2011 22:57:25 - System Checkpoint
    RP880: 25/01/2011 12:51:27 - System Checkpoint
    RP881: 01/02/2011 14:06:14 - System Checkpoint
    RP882: 02/02/2011 18:39:55 - System Checkpoint
    RP883: 06/02/2011 22:02:11 - System Checkpoint
    RP884: 09/02/2011 15:25:55 - System Checkpoint
    RP885: 10/02/2011 08:00:08 - Software Distribution Service 3.0
    RP886: 11/02/2011 13:14:00 - System Checkpoint
    RP887: 12/02/2011 14:35:52 - System Checkpoint
    RP888: 13/02/2011 21:36:36 - System Checkpoint
    RP889: 16/02/2011 15:52:37 - Installed Kies
    RP890: 16/02/2011 16:21:09 - Installed Windows KB954550-v5.
    RP891: 16/02/2011 16:21:20 - Printer Driver Microsoft XPS Document Writer Installed
    RP892: 16/02/2011 16:21:36 - Printer Driver Microsoft XPS Document Writer Installed
    RP893: 16/02/2011 17:34:08 - Installed Samsung Kies
    RP894: 16/02/2011 18:07:04 - Removed Samsung Kies
    RP895: 16/02/2011 18:27:21 - Installed Samsung Kies
    RP896: 17/02/2011 23:40:06 - System Checkpoint
    RP897: 18/02/2011 10:59:37 - Software Distribution Service 3.0
    RP898: 20/02/2011 01:34:12 - System Checkpoint
    RP899: 21/02/2011 22:43:57 - System Checkpoint
    RP900: 26/02/2011 13:35:32 - System Checkpoint

    DDS Log2

    DDS (Ver_10-12-12.02) - NTFSx86 NETWORK
    Run by Administrator at 18:44:11.54 on 28/02/2011
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
    Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1015.707 [GMT 0:00]

    AV: McAfee VirusScan *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
    FW: McAfee Personal Firewall *Enabled*

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\WINDOWS\Explorer.EXE
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Documents and Settings\All Users\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    mSearch Page =
    mSearchAssistant = hxxp://www.google.com/ie
    BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [igfxtray] c:\windows\system32\igfxtray.exe
    mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
    mRun: [igfxpers] c:\windows\system32\igfxpers.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
    mRun: [AGRSMMSG] AGRSMMSG.exe
    mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
    mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
    mRun: [TPSMain] TPSMain.exe
    mRun: [TPSODDCtl] TPSODDCtl.exe
    mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
    mRun: [Lexmark X1100 Series] "c:\program files\lexmark x1100 series\lxbkbmgr.exe"
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
    mRun: [OneTouch Monitor] "c:\program files\xerox one touch\OneTouchMon.exe"
    mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
    IE: {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com
    IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
    IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\npjpi160_13.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: igfxcui - igfxdev.dll
    Notify: psfus - psqlpwd.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    LSA: Notification Packages = scecli psqlpwd

    ================= FIREFOX ===================
  11. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    My GMER log

    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit quick scan 2011-02-28 18:41:31
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK8032GSX rev.AS111G
    Running: klnimdiygmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pwnorpoc.sys


    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Ip Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
    AttachedDevice \Driver\Tcpip \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

    ---- EOF - GMER 1.0.15 ----
  12. Broni

    Broni Malware Annihilator Posts: 45,317   +243

    Both DDS logs are incomplete.
    Please, redo.
  13. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    DDS log

    Hi, this is the latest DDS log. Got rid of 4 trojans eventually and think everything is now clear.

    Thank You.


    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Owner at 3:15:27.29 on 03/03/2011
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
    Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1015.421 [GMT 0:00]

    AV: McAfee VirusScan *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
    FW: McAfee Personal Firewall *Disabled*

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Xerox One Touch\OneTouchMon.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Protector Suite QL\psqltray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
    C:\WINDOWS\system32\RAMASST.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\dgdersvc.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\system32\FsUsbExService.Exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    c:\PROGRA~1\mcafee\msc\mcshell.exe
    C:\WINDOWS\system32\spider.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\All Users\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://google.com/
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uWindow Title = Internet Explorer Provided By Sky Broadband
    uDefault_Page_URL = hxxp://www.sky.com
    mSearch Page =
    uInternet Settings,ProxyOverride = <local>;*.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
    mSearchAssistant = hxxp://www.google.com/ie
    BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [HUAWEI 3G Data Card MTS] c:\program files\huawei technologies\huawei umts data card\3 USB Modem.exe
    uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
    uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
    uRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /s
    uRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
    uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Sky Broadband; GTB6; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.miniclip.com/games/insane-ski-jump/en/"
    mRun: [igfxtray] c:\windows\system32\igfxtray.exe
    mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
    mRun: [igfxpers] c:\windows\system32\igfxpers.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
    mRun: [AGRSMMSG] AGRSMMSG.exe
    mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
    mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
    mRun: [TPSMain] TPSMain.exe
    mRun: [TPSODDCtl] TPSODDCtl.exe
    mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
    mRun: [Lexmark X1100 Series] "c:\program files\lexmark x1100 series\lxbkbmgr.exe"
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
    mRun: [OneTouch Monitor] "c:\program files\xerox one touch\OneTouchMon.exe"
    mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    IE: {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com
    IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
    IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: igfxcui - igfxdev.dll
    Notify: psfus - psqlpwd.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    LSA: Notification Packages = scecli psqlpwd

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\lhydjfig.default\
    FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\lhydjfig.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
    FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\lhydjfig.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
    FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
    FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
    FF - plugin: c:\documents and settings\owner\application data\facebook\npfbplugin_1_0_3.dll
    FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\program files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - Ext: Move Media Player: moveplayer@movenetworks.com - %profile%\extensions\moveplayer@movenetworks.com
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\real\realplayer\browserrecord\firefox\ext
    FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor

    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true
    ============= SERVICES / DRIVERS ===============

    R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-5-31 385880]
    R2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2009-12-22 95568]
    R2 FdRedir;FdRedir;c:\program files\common files\protector suite ql\drivers\FdRedir.sys [2006-5-5 13568]
    R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\common files\protector suite ql\drivers\filedisk.sys [2006-5-5 33024]
    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-15 54752]
    R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-9-8 217088]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-8-20 203280]
    R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2010-8-20 359952]
    R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2010-8-20 144704]
    R2 smihlp;SMI helper driver;c:\program files\protector suite ql\smihlp.sys [2006-5-5 3456]
    R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2009-12-22 18136]
    R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-9-8 36640]
    R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2010-8-20 606736]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-8-20 79816]
    R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-8-20 35272]
    R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-8-20 40552]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-28 135664]
    S3 AIDA32Driver;AIDA32Driver;\??\d:\3942\aida32.sys --> d:\3942\aida32.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
    S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-8-20 34248]
    S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2011-2-16 98432]
    S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2011-2-16 14848]
    S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2011-2-16 123648]
    S3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\drivers\ss_bserd.sys [2011-2-16 100224]

    =============== Created Last 30 ================

    2011-02-28 23:53:23 -------- d-----w- C:\Temp
    2011-02-27 00:46:43 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-02-27 00:46:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-02-27 00:01:39 -------- d-----w- c:\program files\ESET
    2011-02-26 16:03:06 -------- d-----w- c:\docume~1\alluse~1\applic~1\gMpOpOg06300
    2011-02-16 18:43:35 -------- d-----w- c:\program files\MyFree Codec
    2011-02-16 18:31:05 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Samsung
    2011-02-16 17:38:36 4659712 ----a-w- c:\windows\system32\Redemption.dll
    2011-02-16 17:33:17 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Downloaded Installations
    2011-02-16 17:22:39 87340080 ----a-w- c:\program files\Kies_2.0.0.11014_49_2.exe
    2011-02-16 16:21:30 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll.new
    2011-02-16 16:20:25 -------- d-----w- C:\e3e73489e9a60c045b91ecda
    2011-02-16 15:47:54 100224 ----a-w- c:\windows\system32\drivers\ss_bserd.sys
    2011-02-16 15:47:53 14848 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys
    2011-02-16 15:47:53 12416 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys
    2011-02-16 15:47:53 123648 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys
    2011-02-16 15:47:51 98432 ----a-w- c:\windows\system32\drivers\ss_bbus.sys
    2011-02-16 15:47:51 12288 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys
    2011-02-16 15:46:24 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys

    ==================== Find3M ====================

    2011-01-29 17:00:24 90112 ----a-w- c:\windows\MAMCityDownload.ocx
    2011-01-29 17:00:24 325552 ----a-w- c:\windows\MASetupCaller.dll
    2011-01-29 17:00:24 30568 ----a-w- c:\windows\MusiccityDownload.exe
    2011-01-29 17:00:22 143360 ----a-w- c:\windows\system32\3DAudio.ax
    2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
    2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
    2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
    2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
    2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
    2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec
    2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
    2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
    2010-12-09 13:42:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-12-09 13:07:07 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe

    ============= FINISH: 3:16:44.12 ===============
     
  14. Broni

    Broni Malware Annihilator Posts: 45,317   +243

    Attach.txt is missing.
  15. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    dddattach.txt

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/02/2008 12:00:20
    System Uptime: 28/02/2011 21:05:28 (0 hours ago)

    Motherboard: TOSHIBA | | Portable PC
    Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz | uFC-PGA Socket | 1829/166mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 75 GiB total, 54.292 GiB free.
    D: is CDROM ()

    ==== Disabled Device Manager Items =============

    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description:
    Device ID: ACPI\TOS6208\2&DABA3FF&0
    Manufacturer:
    Name:
    PNP Device ID: ACPI\TOS6208\2&DABA3FF&0
    Service:

    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description:
    Device ID: ACPI\TOS620A\2&DABA3FF&0
    Manufacturer:
    Name:
    PNP Device ID: ACPI\TOS620A\2&DABA3FF&0
    Service:

    ==== System Restore Points ===================

    RP845: 30/11/2010 14:31:16 - System Checkpoint
    RP846: 02/12/2010 01:38:52 - System Checkpoint
    RP847: 03/12/2010 20:50:09 - System Checkpoint
    RP848: 05/12/2010 17:51:06 - System Checkpoint
    RP849: 06/12/2010 19:39:50 - System Checkpoint
    RP850: 09/12/2010 11:14:35 - System Checkpoint
    RP851: 10/12/2010 12:33:00 - System Checkpoint
    RP852: 12/12/2010 11:57:28 - System Checkpoint
    RP853: 14/12/2010 10:51:21 - System Checkpoint
    RP854: 15/12/2010 09:03:46 - Software Distribution Service 3.0
    RP855: 18/12/2010 06:40:10 - Software Distribution Service 3.0
    RP856: 19/12/2010 12:46:39 - System Checkpoint
    RP857: 21/12/2010 18:03:41 - System Checkpoint
    RP858: 23/12/2010 07:33:56 - System Checkpoint
    RP859: 25/12/2010 11:51:14 - System Checkpoint
    RP860: 26/12/2010 23:58:59 - System Checkpoint
    RP861: 30/12/2010 14:58:00 - System Checkpoint
    RP862: 31/12/2010 17:16:17 - System Checkpoint
    RP863: 01/01/2011 17:21:49 - System Checkpoint
    RP864: 03/01/2011 17:20:37 - System Checkpoint
    RP865: 04/01/2011 21:19:15 - System Checkpoint
    RP866: 05/01/2011 22:28:43 - System Checkpoint
    RP867: 07/01/2011 18:31:02 - System Checkpoint
    RP868: 07/01/2011 19:55:59 - Installed Photo Story 3 for Windows
    RP869: 09/01/2011 14:02:51 - System Checkpoint
    RP870: 10/01/2011 15:07:28 - System Checkpoint
    RP871: 11/01/2011 23:38:02 - System Checkpoint
    RP872: 13/01/2011 02:35:43 - System Checkpoint
    RP873: 13/01/2011 03:00:20 - Software Distribution Service 3.0
    RP874: 14/01/2011 16:43:19 - System Checkpoint
    RP875: 16/01/2011 18:31:23 - System Checkpoint
    RP876: 18/01/2011 12:07:28 - System Checkpoint
    RP877: 19/01/2011 14:08:00 - System Checkpoint
    RP878: 22/01/2011 15:15:18 - System Checkpoint
    RP879: 23/01/2011 22:57:25 - System Checkpoint
    RP880: 25/01/2011 12:51:27 - System Checkpoint
    RP881: 01/02/2011 14:06:14 - System Checkpoint
    RP882: 02/02/2011 18:39:55 - System Checkpoint
    RP883: 06/02/2011 22:02:11 - System Checkpoint
    RP884: 09/02/2011 15:25:55 - System Checkpoint
    RP885: 10/02/2011 08:00:08 - Software Distribution Service 3.0
    RP886: 11/02/2011 13:14:00 - System Checkpoint
    RP887: 12/02/2011 14:35:52 - System Checkpoint
    RP888: 13/02/2011 21:36:36 - System Checkpoint
    RP889: 16/02/2011 15:52:37 - Installed Kies
    RP890: 16/02/2011 16:21:09 - Installed Windows KB954550-v5.
    RP891: 16/02/2011 16:21:20 - Printer Driver Microsoft XPS Document Writer Installed
    RP892: 16/02/2011 16:21:36 - Printer Driver Microsoft XPS Document Writer Installed
    RP893: 16/02/2011 17:34:08 - Installed Samsung Kies
    RP894: 16/02/2011 18:07:04 - Removed Samsung Kies
    RP895: 16/02/2011 18:27:21 - Installed Samsung Kies
    RP896: 17/02/2011 23:40:06 - System Checkpoint
    RP897: 18/02/2011 10:59:37 - Software Distribution Service 3.0
    RP898: 20/02/2011 01:34:12 - System Checkpoint
    RP899: 21/02/2011 22:43:57 - System Checkpoint
    RP900: 26/02/2011 13:35:32 - System Checkpoint

    ==== Installed Programs ======================

    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 8.2.5
    Adobe Shockwave Player 11.5
    Ahead InCD EasyWrite Reader
    Ahead Nero OEM
    Ahead NeroVision Express
    Amazon MP3 Downloader 1.0.8
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    BlackBerry Desktop Software 6.0
    Bluetooth Stack for Windows by Toshiba
    Bonjour
    Compatibility Pack for the 2007 Office system
    Critical Update for Windows Media Player 11 (KB959772)
    CuteFTP 8 Home
    Directory Submitter 1.0.24
    DVD-RAM Driver
    eBook Pro Business Edition
    Facebook Plug-In
    FXCM Trading Station
    Good Keywords v2.01.100107
    Google Toolbar for Internet Explorer
    Google Update Helper
    GoToMeeting 4.5.0.457
    High Definition Audio Driver Package - KB888111
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for MSXML 2 (KB887606)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB954708)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976002-v5)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    ieSpell
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) PRO Network Connections Drivers
    iTunes
    Java(TM) 6 Update 13
    Junk Mail filter update
    Keyword Cloud Generator 1.0.20
    Lexmark 510 Series
    Lexmark X1100 Series
    Malwarebytes' Anti-Malware
    McAfee SecurityCenter
    Messenger Plus! Live
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Live Add-in 1.3
    Microsoft Office XP Professional with FrontPage
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Mozilla Firefox (3.6.13)
    MSN
    MSVCRT
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MyFreeCodec
    Niche Store Writer 1.0
    NoteTab Light 6 (Remove only)
    O Dream Board
    OGA Notifier 2.0.0048.0
    PaperPort 8.0 SE
    PC Connectivity Solution
    PCFriendly
    Personal License Update Wizard for Windows Media Player
    Photo Story 3 for Windows
    PowerDVD
    Protector Suite 5.4
    QuickTime
    RealPlayer
    Samsung Kies
    SAMSUNG USB Driver for Mobile Phones
    SD Secure Module
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
  16. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    dddattach.txt part 2

    Security Update for Windows XP (KB982802)
    Segoe UI
    Sky Broadband
    Sky Broadband Browser Branding
    Skype Toolbars
    Skype™ 4.2
    SoundMAX
    Texas Instruments PCIxx21/x515/xx12 drivers.
    TIPCI
    TOSHIBA Power Saver
    TOSHIBA SD Memory Boot Utility
    TOSHIBA SD Memory Card Format
    TOSHIBA Software Modem
    Turbo Lister 2
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 8 (KB975364)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    web'n'walk USB manager
    WebFldrs XP
    Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Windows Media Format 11 runtime
    Windows Media Hotfix - KB895181
    Windows Media Player 11
    Windows XP Service Pack 3
    Xerox One Touch
    Yahoo! Software Update

    ==== Event Viewer Messages From Past Week ========

    28/02/2011 18:37:54, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
    28/02/2011 18:37:12, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm Tosrfcom
    28/02/2011 18:29:18, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    28/02/2011 16:29:32, error: Dhcp [1002] - The IP address lease 192.168.0.2 for the Network Card with network address 001302CCCF4D has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    28/02/2011 15:56:14, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service McMSCSvc with arguments "" in order to run the server: {03082469-BA75-44A5-89CB-D187F313E572}
    28/02/2011 15:56:09, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Services service to connect.
    28/02/2011 15:56:09, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Java Quick Starter service to connect.
    28/02/2011 15:56:09, error: Service Control Manager [7000] - The McAfee Services service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    28/02/2011 15:56:09, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    28/02/2011 15:43:37, error: Service Control Manager [7034] - The McAfee Services service terminated unexpectedly. It has done this 3 time(s).
    28/02/2011 15:43:37, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Services service, but this action failed with the following error: An instance of the service is already running.
    28/02/2011 15:42:37, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    28/02/2011 15:42:36, error: Service Control Manager [7000] - The LexBce Server service failed to start due to the following error: The pipe has been ended.
    28/02/2011 15:42:34, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the SeaPort service to connect.
    28/02/2011 15:42:34, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Proxy Service service to connect.
    28/02/2011 15:42:34, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Personal Firewall Service service to connect.
    28/02/2011 15:42:34, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Anti-Spam Service service to connect.
    28/02/2011 15:42:34, error: Service Control Manager [7000] - The Yahoo! Updater service failed to start due to the following error: Access is denied.
    28/02/2011 15:42:34, error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    28/02/2011 15:42:34, error: Service Control Manager [7000] - The McAfee Proxy Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    28/02/2011 15:42:34, error: Service Control Manager [7000] - The McAfee Personal Firewall Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    28/02/2011 15:42:34, error: Service Control Manager [7000] - The McAfee Anti-Spam Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    28/02/2011 13:41:26, error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).
    28/02/2011 13:41:26, error: Service Control Manager [7034] - The TOSHIBA Bluetooth Service service terminated unexpectedly. It has done this 1 time(s).
    28/02/2011 13:41:26, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    28/02/2011 13:41:26, error: Service Control Manager [7031] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    27/02/2011 20:14:31, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McNASvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
    27/02/2011 19:28:35, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec mfehidk MPFP MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip Tosrfcom
    27/02/2011 19:28:35, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
    27/02/2011 19:28:35, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    27/02/2011 19:28:35, error: Service Control Manager [7001] - The fssfltr service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    27/02/2011 19:28:35, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    27/02/2011 19:28:35, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    27/02/2011 19:28:35, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    27/02/2011 19:28:35, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    27/02/2011 19:28:30, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    27/02/2011 19:28:18, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    27/02/2011 01:53:32, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
    26/02/2011 23:54:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 157 time(s).
    26/02/2011 23:54:39, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 152 time(s).
    26/02/2011 23:54:38, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 151 time(s).
    26/02/2011 23:54:08, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 149 time(s).
    26/02/2011 23:44:49, error: Service Control Manager [7022] - The FsUsbExService service hung on starting.
    26/02/2011 23:03:00, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 120 time(s).
    26/02/2011 23:02:55, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 119 time(s).
    26/02/2011 23:02:55, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 118 time(s).
    26/02/2011 23:02:49, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 117 time(s).
    26/02/2011 23:02:43, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 116 time(s).
    26/02/2011 23:02:42, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 115 time(s).
    26/02/2011 23:02:36, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 114 time(s).
    26/02/2011 23:02:36, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 113 time(s).
    26/02/2011 23:02:30, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 112 time(s).
    26/02/2011 23:02:29, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 111 time(s).
    26/02/2011 23:02:23, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 110 time(s).
    26/02/2011 23:02:23, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 109 time(s).
    26/02/2011 23:01:47, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 108 time(s).
    26/02/2011 23:01:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 107 time(s).
    26/02/2011 23:01:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 106 time(s).
    26/02/2011 23:01:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 105 time(s).
    26/02/2011 23:01:11, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 104 time(s).
    26/02/2011 23:00:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 103 time(s).
    26/02/2011 23:00:35, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 102 time(s).
    26/02/2011 23:00:28, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 101 time(s).
    26/02/2011 23:00:23, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 100 time(s).
    26/02/2011 23:00:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 99 time(s).
    26/02/2011 23:00:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 98 time(s).
    26/02/2011 23:00:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 97 time(s).
    26/02/2011 23:00:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 96 time(s).
    26/02/2011 23:00:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 95 time(s).
    26/02/2011 23:00:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 94 time(s).
    26/02/2011 23:00:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 93 time(s).
    26/02/2011 23:00:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 92 time(s).
    26/02/2011 23:00:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 91 time(s).
    26/02/2011 23:00:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 90 time(s).
    26/02/2011 23:00:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 89 time(s).
    26/02/2011 23:00:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 88 time(s).
    26/02/2011 23:00:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 87 time(s).
    26/02/2011 23:00:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 86 time(s).
    26/02/2011 23:00:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 85 time(s).
    26/02/2011 23:00:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 84 time(s).
    26/02/2011 23:00:18, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 83 time(s).
    26/02/2011 23:00:18, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 82 time(s).
    26/02/2011 23:00:18, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 81 time(s).
    26/02/2011 23:00:17, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 80 time(s).
    26/02/2011 23:00:16, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 79 time(s).
    26/02/2011 23:00:16, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 78 time(s).
    26/02/2011 23:00:16, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 77 time(s).
    26/02/2011 23:00:10, error: Service Control Manager [7034] - The McAfee Proxy Service service terminated unexpectedly. It has done this 3 time(s).
    26/02/2011 23:00:10, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
    26/02/2011 23:00:10, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    26/02/2011 22:59:45, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 76 time(s).
    26/02/2011 22:59:42, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 75 time(s).
    26/02/2011 22:59:42, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 74 time(s).
    26/02/2011 22:59:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 73 time(s).
    26/02/2011 22:59:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 72 time(s).
    26/02/2011 22:59:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 71 time(s).
    26/02/2011 22:59:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 70 time(s).
    26/02/2011 22:59:39, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 69 time(s).
    26/02/2011 22:59:39, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 68 time(s).
    26/02/2011 22:59:39, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 67 time(s).
    26/02/2011 22:59:39, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 66 time(s).
    26/02/2011 22:59:38, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 65 time(s).
    26/02/2011 22:59:37, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 64 time(s).
    26/02/2011 22:59:37, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 63 time(s).
    26/02/2011 22:59:36, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 62 time(s).
    26/02/2011 22:59:33, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 61 time(s).
    26/02/2011 22:59:33, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 60 time(s).
    26/02/2011 22:59:32, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 59 time(s).
    26/02/2011 22:59:32, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 58 time(s).
    26/02/2011 22:59:32, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 57 time(s).
    26/02/2011 22:59:27, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 56 time(s).
    26/02/2011 22:59:27, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 55 time(s).
    26/02/2011 22:59:27, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 54 time(s).
    26/02/2011 22:59:26, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 53 time(s).
    26/02/2011 22:59:26, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 52 time(s).
    26/02/2011 22:59:25, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 51 time(s).
    26/02/2011 22:59:25, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 50 time(s).
    26/02/2011 22:59:24, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 49 time(s).
    26/02/2011 22:59:24, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 48 time(s).
    26/02/2011 22:59:24, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 47 time(s).
    26/02/2011 22:59:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 46 time(s).
    26/02/2011 22:59:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 45 time(s).
    26/02/2011 22:59:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 44 time(s).
    26/02/2011 22:59:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 43 time(s).
    26/02/2011 22:59:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 42 time(s).
    26/02/2011 22:59:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 41 time(s).
    26/02/2011 22:59:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 40 time(s).
    26/02/2011 22:59:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 39 time(s).
    26/02/2011 22:59:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 38 time(s).
    26/02/2011 22:59:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 37 time(s).
    26/02/2011 22:59:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 36 time(s).
    26/02/2011 22:59:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 35 time(s).
    26/02/2011 22:59:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 34 time(s).
    26/02/2011 22:59:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 33 time(s).
    26/02/2011 22:59:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 32 time(s).
    26/02/2011 22:59:15, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 31 time(s).
    26/02/2011 22:59:14, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 30 time(s).
    26/02/2011 22:59:14, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 29 time(s).
    26/02/2011 22:59:14, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 28 time(s).
    26/02/2011 22:59:14, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 27 time(s).
    26/02/2011 22:59:14, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 26 time(s).
    26/02/2011 22:59:10, error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    26/02/2011 22:59:10, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    26/02/2011 22:59:10, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Network Agent service to connect.
    26/02/2011 22:59:10, error: Service Control Manager [7000] - The McAfee Network Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    26/02/2011 22:59:09, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 25 time(s).
    26/02/2011 22:59:08, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 24 time(s).
    26/02/2011 22:59:07, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 23 time(s).
    26/02/2011 22:59:07, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 22 time(s).
    26/02/2011 22:59:07, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 21 time(s).
    26/02/2011 22:59:06, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 20 time(s).
    26/02/2011 22:59:06, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 19 time(s).
    26/02/2011 22:59:06, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 18 time(s).
    26/02/2011 22:59:05, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 17 time(s).
    26/02/2011 22:59:05, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 16 time(s).
    26/02/2011 22:59:05, error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: Access is denied.
    26/02/2011 22:59:05, error: DCOM [10005] - DCOM got error "%5" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
    26/02/2011 22:59:04, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 15 time(s).
    26/02/2011 22:59:03, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 14 time(s).
    26/02/2011 22:59:03, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 13 time(s).
    26/02/2011 22:59:03, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 12 time(s).
    26/02/2011 22:59:03, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 11 time(s).
    26/02/2011 22:59:02, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 9 time(s).
    26/02/2011 22:59:02, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 10 time(s).
    26/02/2011 22:59:01, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 8 time(s).
    26/02/2011 22:59:01, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 7 time(s).
    26/02/2011 22:58:58, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 6 time(s).
    26/02/2011 22:58:57, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 5 time(s).
    26/02/2011 22:58:57, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 4 time(s).
    26/02/2011 22:58:57, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 3 time(s).
    26/02/2011 22:58:55, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 2 time(s).
    26/02/2011 22:58:55, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee SiteAdvisor Service service to connect.
    26/02/2011 22:58:55, error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    26/02/2011 22:58:55, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
    26/02/2011 22:58:54, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 5 time(s).
    26/02/2011 22:58:48, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 4 time(s).
    26/02/2011 22:58:42, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Spooler service.
    26/02/2011 22:58:42, error: Service Control Manager [7000] - The LexBce Server service failed to start due to the following error: The pipe state is invalid.
    26/02/2011 22:58:11, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 3 time(s).
    26/02/2011 22:58:10, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 2 time(s).
    26/02/2011 22:58:10, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
    26/02/2011 22:58:10, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    26/02/2011 22:58:10, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
    26/02/2011 22:58:09, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
    26/02/2011 22:58:09, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).
    26/02/2011 22:58:09, error: Service Control Manager [7034] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s).
    26/02/2011 22:58:09, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 1 time(s).
    26/02/2011 22:58:09, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    26/02/2011 22:58:09, error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).
    26/02/2011 22:58:09, error: Service Control Manager [7034] - The FsUsbExService service terminated unexpectedly. It has done this 1 time(s).
    26/02/2011 22:58:09, error: Service Control Manager [7034] - The DVD-RAM_Service service terminated unexpectedly. It has done this 1 time(s).
    26/02/2011 22:58:09, error: Service Control Manager [7034] - The Device Error Recovery Service service terminated unexpectedly. It has done this 1 time(s).
    26/02/2011 22:58:09, error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    26/02/2011 22:58:09, error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Run the configured recovery program.
    26/02/2011 22:58:09, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    26/02/2011 22:58:09, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    26/02/2011 22:58:09, error: Service Control Manager [7022] - The McAfee Proxy Service service hung on starting.
    26/02/2011 22:58:06, error: Service Control Manager [7022] - The Java Quick Starter service hung on starting.
    26/02/2011 22:55:52, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Yahoo! Updater service to connect.
    26/02/2011 22:55:52, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the TOSHIBA Bluetooth Service service to connect.
    26/02/2011 22:55:52, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Real-time Scanner service to connect.
    26/02/2011 22:55:52, error: Service Control Manager [7000] - The Yahoo! Updater service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    26/02/2011 22:55:52, error: Service Control Manager [7000] - The TOSHIBA Bluetooth Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    26/02/2011 22:55:52, error: Service Control Manager [7000] - The McAfee Services service failed to start due to the following error: The pipe has been ended.
    26/02/2011 22:55:52, error: Service Control Manager [7000] - The McAfee Real-time Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    25/02/2011 17:20:34, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001302CCCF4D. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
    25/02/2011 17:20:31, error: Dhcp [1002] - The IP address lease 192.168.0.2 for the Network Card with network address 001302CCCF4D has been denied by the DHCP server 82.113.68.58 (The DHCP Server sent a DHCPNACK message).
    23/02/2011 16:37:36, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
    23/02/2011 16:37:36, error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    23/02/2011 16:34:52, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
    22/02/2011 15:59:44, error: Dhcp [1002] - The IP address lease 192.168.0.2 for the Network Card with network address 001302CCCF4D has been denied by the DHCP server 10.196.226.193 (The DHCP Server sent a DHCPNACK message).

    ==== End Of File ===========================
  17. Broni

    Broni Malware Annihilator Posts: 45,317   +243

    Download MBRCheck to your desktop

    Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
    It will show a black screen with some data on it.
    Enter N to exit.
    A report called MBRcheckxxxx.txt will be on your desktop
    Open this report and post its content in your next reply.

    ======================================================================

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
      • Close any open browsers.
      • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    4. Double click on combofix.exe & follow the prompts.
    5. When finished, it will produce a report for you.
    6. Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.

    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 4 different versions. If one of them won't run then download and try to run the other one.

    Vista and Win7 users need to right click Rkill and choose Run as Administrator

    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    Rkill.com
    Rkill.scr
    Rkill.exe

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
  18. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    Combofix

    I have to disable my other antivirus programmes to run this one but I can't find a way to do this without deleting them. There are no options for disabling. I have deleted McAfee but I think its too risky so will reinstall it until I work out what to do.

    Gillian
  19. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    Also, my recycle bin has disappeared!
  20. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    Combofix

    Hi, thanks for your patience!

    Recycle came back.

    I have run combofix three times (without antvirus on). When it gets to the end it restarts the computer and doesn't give me a report. I have searched for the filename that you specified but can't find it. It also reinstalled some Windows security restore programme that must have been deleted by virus.

    Gillian
  21. Broni

    Broni Malware Annihilator Posts: 45,317   +243

    Did you try steps listed here?
  22. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    Combofix

    Hi,
    finally got Combo to run - here is the Rkill report followed by Combofix.

    This log file is located at C:\rkill.log.
    Please post this only if requested to by the person helping you.
    Otherwise you can close this log when you wish.

    Rkill was run on 07/03/2011 at 15:40:08.
    Operating System: Microsoft Windows XP


    Processes terminated by Rkill or while it was running:

    --------------------------------------------------------------------------------------------------------------
    COMBOFIX


    ComboFix 11-03-06.06 - Owner 07/03/2011 15:16:17.7.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1015.614 [GMT 0:00]
    Running from: C:\Documents and Settings\All Users\Desktop\gill12ComboFix.exe


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    ---- Previous Run -------

    C:\Documents and Settings\Owner\g2mdlhlpx.exe
    C:\Documents and Settings\Owner\GoToAssistDownloadHelper.exe
    C:\Install.exe
    C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log
    C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl
    C:\WINDOWS\system32\muzapp.exe

    -- Previous Run --

    C:\WINDOWS\system32\kernel32.dll . . . is infected!!

    --------


    ((((((((((((((((((((((((( Files Created from 2011-02-07 to 2011-03-07 )))))))))))))))))))))))))))))))


    2011-02-28 23:53:23 . 2011-03-01 00:12:19 -------- d-----w- C:\Temp
    2011-02-27 00:46:43 . 2010-12-20 18:09:00 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2011-02-27 00:46:39 . 2010-12-20 18:08:40 20952 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
    2011-02-27 00:01:39 . 2011-02-27 00:01:39 -------- d-----w- C:\Program Files\ESET
    2011-02-26 16:03:06 . 2011-02-28 18:28:50 -------- d-----w- C:\Documents and Settings\All Users\Application Data\gMpOpOg06300
    2011-02-16 18:43:35 . 2011-02-16 18:43:35 -------- d-----w- C:\Program Files\MyFree Codec
    2011-02-16 18:31:05 . 2011-02-17 14:42:46 -------- d-----w- C:\Documents and Settings\Owner\Local Settings\Application Data\Samsung
    2011-02-16 17:38:36 . 2011-01-29 17:00:44 4659712 ----a-w- C:\WINDOWS\system32\Redemption.dll
    2011-02-16 17:33:17 . 2011-02-16 17:33:17 -------- d-----w- C:\Documents and Settings\Owner\Local Settings\Application Data\Downloaded Installations
    2011-02-16 17:22:39 . 2011-02-16 17:24:28 87340080 ----a-w- C:\Program Files\Kies_2.0.0.11014_49_2.exe
    2011-02-16 16:21:30 . 2008-07-06 12:06:10 89088 ----a-w- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll.new
    2011-02-16 16:20:25 . 2011-02-16 16:21:41 -------- d-----w- C:\e3e73489e9a60c045b91ecda
    2011-02-16 16:00:03 . 2011-02-16 16:00:03 -------- d-----w- C:\Documents and Settings\All Users\Application Data\PC Suite
    2011-02-16 16:00:00 . 2011-02-16 16:00:00 -------- d-----w- C:\Documents and Settings\Owner\Application Data\PC Suite
    2011-02-16 15:47:54 . 2009-09-19 05:30:10 100224 ----a-w- C:\WINDOWS\system32\drivers\ss_bserd.sys
    2011-02-16 15:47:53 . 2009-09-19 05:30:10 14848 ----a-w- C:\WINDOWS\system32\drivers\ss_bmdfl.sys
    2011-02-16 15:47:53 . 2009-09-19 05:30:10 12416 ----a-w- C:\WINDOWS\system32\drivers\ss_bcmnt.sys
    2011-02-16 15:47:53 . 2009-09-19 05:30:10 123648 ----a-w- C:\WINDOWS\system32\drivers\ss_bmdm.sys
    2011-02-16 15:47:51 . 2009-09-19 05:30:10 98432 ----a-w- C:\WINDOWS\system32\drivers\ss_bbus.sys
    2011-02-16 15:47:51 . 2009-09-19 05:30:10 12288 ----a-w- C:\WINDOWS\system32\drivers\ss_bwhnt.sys
    2011-02-16 15:46:27 . 2011-02-16 15:46:27 -------- d-----w- C:\Program Files\DIFX
    2011-02-16 15:46:24 . 2008-08-26 09:26:12 18816 ----a-w- C:\WINDOWS\system32\drivers\pccsmcfd.sys


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2011-01-29 17:00:24 . 2011-01-29 17:00:24 90112 ----a-w- C:\WINDOWS\MAMCityDownload.ocx
    2011-01-29 17:00:24 . 2011-01-29 17:00:24 325552 ----a-w- C:\WINDOWS\MASetupCaller.dll
    2011-01-29 17:00:24 . 2011-01-29 17:00:24 30568 ----a-w- C:\WINDOWS\MusiccityDownload.exe
    2011-01-29 17:00:22 . 2011-01-29 17:00:22 143360 ----a-w- C:\WINDOWS\system32\3DAudio.ax
    2011-01-21 14:44:37 . 2004-08-04 12:00:00 439296 ----a-w- C:\WINDOWS\system32\shimgvw.dll
    2011-01-07 14:09:02 . 2004-08-04 12:00:00 290048 ----a-w- C:\WINDOWS\system32\atmfd.dll
    2010-12-31 13:10:33 . 2004-08-04 12:00:00 1854976 ----a-w- C:\WINDOWS\system32\win32k.sys
    2010-12-22 12:34:28 . 2004-08-04 12:00:00 301568 ----a-w- C:\WINDOWS\system32\kerberos.dll
    2010-12-20 23:59:20 . 2004-08-04 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
    2010-12-20 23:59:19 . 2004-08-04 12:00:00 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
    2010-12-20 23:59:19 . 2004-08-04 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
    2010-12-20 17:26:00 . 2004-08-04 12:00:00 730112 ----a-w- C:\WINDOWS\system32\lsasrv.dll
    2010-12-20 12:55:26 . 2004-08-04 12:00:00 385024 ----a-w- C:\WINDOWS\system32\html.iec
    2010-12-09 15:15:09 . 2004-08-04 12:00:00 718336 ----a-w- C:\WINDOWS\system32\ntdll.dll
    2010-12-09 14:30:22 . 2004-08-04 12:00:00 33280 ----a-w- C:\WINDOWS\system32\csrsrv.dll
    2010-12-09 13:42:26 . 2004-08-04 12:00:00 2148864 ----a-w- C:\WINDOWS\system32\ntoskrnl.exe
    2010-12-09 13:07:07 . 2004-08-03 22:59:02 2027008 ----a-w- C:\WINDOWS\system32\ntkrnlpa.exe


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 16:44:34 3883856]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-17 13:20:19 68856]
    "HUAWEI 3G Data Card MTS"="C:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" [BU]
    "Search Protection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [BU]
    "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [BU]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2010-05-13 16:57:20 26192168]
    "KiesHelper"="C:\Program Files\Samsung\Kies\KiesHelper.exe" [2011-01-29 23:11:32 888120]
    "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" [2011-01-29 23:11:36 3372856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-10-29 15:11:46 94208]
    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-10-29 15:11:44 77824]
    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-10-29 15:11:50 118784]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 20:11:06 925696]
    "AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 18:29:08 88203]
    "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50:42 155648]
    "PSQLLauncher"="C:\Program Files\Protector Suite QL\launcher.exe" [2006-05-05 17:36:28 30208]
    "TPSMain"="TPSMain.exe" [2006-03-21 14:40:12 299008]
    "TPSODDCtl"="TPSODDCtl.exe" [2006-03-21 14:40:14 102400]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 19:24:46 32768]
    "Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 09:43:48 57344]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2010-02-02 15:29:20 198160]
    "IndexSearch"="C:\Program Files\Scansoft\PaperPort\IndexSearch.exe" [2002-09-23 08:50:26 36864]
    "OneTouch Monitor"="C:\Program Files\Xerox One Touch\OneTouchMon.exe" [2003-06-12 15:14:00 86016]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2010-09-08 11:17:42 421888]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2010-11-17 20:59:04 421160]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 09:15:10 40368]
    "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 18:37:40 932288]
    "avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [BU]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 00:12:16 15360]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
    RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2008-2-13 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
    2006-05-05 17:48:24 40448 ----a-w- C:\WINDOWS\system32\psqlpwd.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "C:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

    R2 dgdersvc;Device Error Recovery Service;C:\WINDOWS\system32\dgdersvc.exe [22/12/2009 02:31:02 95568]
    R2 FdRedir;FdRedir;C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [05/05/2006 18:00:02 13568]
    R2 FileDisk2;FileDisk Protector Kernel Driver;C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys [05/05/2006 17:59:52 33024]
    R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [08/09/2010 01:30:47 217088]
    R2 smihlp;SMI helper driver;C:\Program Files\Protector Suite QL\smihlp.sys [05/05/2006 17:33:04 3456]
    R3 dgderdrv;dgderdrv;C:\WINDOWS\system32\drivers\dgderdrv.sys [22/12/2009 02:31:02 18136]
    R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [08/09/2010 01:30:48 36640]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [28/01/2010 21:08:54 135664]
    S3 AIDA32Driver;AIDA32Driver;\??\D:\3942\aida32.sys --> D:\3942\aida32.sys [?]
    S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [16/02/2011 15:47:51 98432]
    S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [16/02/2011 15:47:53 14848]
    S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [16/02/2011 15:47:53 123648]
    S3 ss_bserd;SAMSUNG USB Mobile Logging Driver;C:\WINDOWS\system32\drivers\ss_bserd.sys [16/02/2011 15:47:54 100224]

    Contents of the 'Scheduled Tasks' folder

    2011-02-15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50:20 . 2009-10-22 10:50:20]

    2011-03-07 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-28 21:08:54 . 2010-01-28 21:07:32]

    2011-03-07 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-28 21:08:54 . 2010-01-28 21:07:32]

    2011-03-07 C:\WINDOWS\Tasks\OGALogon.job
    - C:\WINDOWS\system32\OGAEXEC.exe [2009-08-03 15:07:42 . 2009-08-03 15:07:42]

    2011-03-07 C:\WINDOWS\Tasks\WGASetup.job
    - C:\WINDOWS\system32\KB905474\wgasetup.exe [2009-03-26 07:23:17 . 2009-03-10 22:18:08]


    ------- Supplementary Scan -------

    uStart Page = hxxp://google.com/
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Settings,ProxyOverride = <local>;*.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
    IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    FF - ProfilePath - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lhydjfig.default\
    FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - Ext: Move Media Player: moveplayer@movenetworks.com - %profile%\extensions\moveplayer@movenetworks.com
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    FF - Ext: Java Quick Starter: jqs@sun.com - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext
    FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true

    - - - - ORPHANS REMOVED - - - -

    Toolbar-Locked - (no file)
  23. Broni

    Broni Malware Annihilator Posts: 45,317   +243

    The log is incomplete (lower part is missing).
    Please repost, or re-run Combofix.
  24. gill12

    gill12 Newcomer, in training Topic Starter Posts: 44

    This is the latest complete log.
    ComboFix 11-03-07.02 - Owner 08/03/2011 1:33:56.8.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1015.608 [GMT 0:00]
    Running from: C:\Documents and Settings\All Users\Desktop\gill12ComboFix.exe


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    -- Previous Run --

    C:\WINDOWS\system32\kernel32.dll . . . is infected!!

    --------


    ((((((((((((((((((((((((( Files Created from 2011-02-08 to 2011-03-08 )))))))))))))))))))))))))))))))


    2011-03-07 22:53:01 . 2011-03-07 22:53:01 -------- d-----w- C:\Documents and Settings\Owner\Application Data\Avira
    2011-03-07 22:50:02 . 2011-01-10 14:23:53 61960 ----a-w- C:\WINDOWS\system32\drivers\avgntflt.sys
    2011-03-07 22:50:02 . 2011-01-10 14:23:53 135096 ----a-w- C:\WINDOWS\system32\drivers\avipbb.sys
    2011-03-07 22:50:02 . 2010-06-17 14:27:24 45416 ----a-w- C:\WINDOWS\system32\drivers\avgntdd.sys
    2011-03-07 22:50:02 . 2010-06-17 14:27:24 22360 ----a-w- C:\WINDOWS\system32\drivers\avgntmgr.sys
    2011-03-07 22:49:49 . 2011-03-07 22:49:49 -------- d-----w- C:\Program Files\Avira
    2011-03-07 22:49:49 . 2011-03-07 22:49:49 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Avira
    2011-02-28 23:53:23 . 2011-03-01 00:12:19 -------- d-----w- C:\Temp
    2011-02-27 00:46:43 . 2010-12-20 18:09:00 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2011-02-27 00:46:39 . 2010-12-20 18:08:40 20952 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
    2011-02-27 00:01:39 . 2011-02-27 00:01:39 -------- d-----w- C:\Program Files\ESET
    2011-02-26 16:03:06 . 2011-02-28 18:28:50 -------- d-----w- C:\Documents and Settings\All Users\Application Data\gMpOpOg06300
    2011-02-16 18:43:35 . 2011-02-16 18:43:35 -------- d-----w- C:\Program Files\MyFree Codec
    2011-02-16 18:31:05 . 2011-02-17 14:42:46 -------- d-----w- C:\Documents and Settings\Owner\Local Settings\Application Data\Samsung
    2011-02-16 17:38:36 . 2011-01-29 17:00:44 4659712 ----a-w- C:\WINDOWS\system32\Redemption.dll
    2011-02-16 17:33:17 . 2011-02-16 17:33:17 -------- d-----w- C:\Documents and Settings\Owner\Local Settings\Application Data\Downloaded Installations
    2011-02-16 17:22:39 . 2011-02-16 17:24:28 87340080 ----a-w- C:\Program Files\Kies_2.0.0.11014_49_2.exe
    2011-02-16 16:21:30 . 2008-07-06 12:06:10 89088 ----a-w- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll.new
    2011-02-16 16:20:25 . 2011-02-16 16:21:41 -------- d-----w- C:\e3e73489e9a60c045b91ecda
    2011-02-16 16:00:03 . 2011-02-16 16:00:03 -------- d-----w- C:\Documents and Settings\All Users\Application Data\PC Suite
    2011-02-16 16:00:00 . 2011-02-16 16:00:00 -------- d-----w- C:\Documents and Settings\Owner\Application Data\PC Suite
    2011-02-16 15:47:54 . 2009-09-19 05:30:10 100224 ----a-w- C:\WINDOWS\system32\drivers\ss_bserd.sys
    2011-02-16 15:47:53 . 2009-09-19 05:30:10 14848 ----a-w- C:\WINDOWS\system32\drivers\ss_bmdfl.sys
    2011-02-16 15:47:53 . 2009-09-19 05:30:10 12416 ----a-w- C:\WINDOWS\system32\drivers\ss_bcmnt.sys
    2011-02-16 15:47:53 . 2009-09-19 05:30:10 123648 ----a-w- C:\WINDOWS\system32\drivers\ss_bmdm.sys
    2011-02-16 15:47:51 . 2009-09-19 05:30:10 98432 ----a-w- C:\WINDOWS\system32\drivers\ss_bbus.sys
    2011-02-16 15:47:51 . 2009-09-19 05:30:10 12288 ----a-w- C:\WINDOWS\system32\drivers\ss_bwhnt.sys
    2011-02-16 15:46:27 . 2011-02-16 15:46:27 -------- d-----w- C:\Program Files\DIFX
    2011-02-16 15:46:24 . 2008-08-26 09:26:12 18816 ----a-w- C:\WINDOWS\system32\drivers\pccsmcfd.sys


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2011-01-29 17:00:24 . 2011-01-29 17:00:24 90112 ----a-w- C:\WINDOWS\MAMCityDownload.ocx
    2011-01-29 17:00:24 . 2011-01-29 17:00:24 325552 ----a-w- C:\WINDOWS\MASetupCaller.dll
    2011-01-29 17:00:24 . 2011-01-29 17:00:24 30568 ----a-w- C:\WINDOWS\MusiccityDownload.exe
    2011-01-29 17:00:22 . 2011-01-29 17:00:22 143360 ----a-w- C:\WINDOWS\system32\3DAudio.ax
    2011-01-21 14:44:37 . 2004-08-04 12:00:00 439296 ----a-w- C:\WINDOWS\system32\shimgvw.dll
    2011-01-07 14:09:02 . 2004-08-04 12:00:00 290048 ----a-w- C:\WINDOWS\system32\atmfd.dll
    2010-12-31 13:10:33 . 2004-08-04 12:00:00 1854976 ----a-w- C:\WINDOWS\system32\win32k.sys
    2010-12-22 12:34:28 . 2004-08-04 12:00:00 301568 ----a-w- C:\WINDOWS\system32\kerberos.dll
    2010-12-20 23:59:20 . 2004-08-04 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
    2010-12-20 23:59:19 . 2004-08-04 12:00:00 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
    2010-12-20 23:59:19 . 2004-08-04 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
    2010-12-20 17:26:00 . 2004-08-04 12:00:00 730112 ----a-w- C:\WINDOWS\system32\lsasrv.dll
    2010-12-20 12:55:26 . 2004-08-04 12:00:00 385024 ----a-w- C:\WINDOWS\system32\html.iec
    2010-12-09 15:15:09 . 2004-08-04 12:00:00 718336 ----a-w- C:\WINDOWS\system32\ntdll.dll
    2010-12-09 14:30:22 . 2004-08-04 12:00:00 33280 ----a-w- C:\WINDOWS\system32\csrsrv.dll
    2010-12-09 13:42:26 . 2004-08-04 12:00:00 2148864 ----a-w- C:\WINDOWS\system32\ntoskrnl.exe
    2010-12-09 13:07:07 . 2004-08-03 22:59:02 2027008 ----a-w- C:\WINDOWS\system32\ntkrnlpa.exe


    ((((((((((((((((((((((((((((( SnapShot@2011-03-07_15.24.07 )))))))))))))))))))))))))))))))))))))))))

    + 2011-03-08 01:19:15 . 2011-03-08 01:19:15 16384 C:\WINDOWS\temp\Perflib_Perfdata_ad4.dat
    + 2011-03-07 22:50:05 . 2010-06-17 14:27:22 28520 C:\WINDOWS\system32\drivers\ssmdrv.sys

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 16:44:34 3883856]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-17 13:20:19 68856]
    "HUAWEI 3G Data Card MTS"="C:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" [BU]
    "Search Protection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [BU]
    "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [BU]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2010-05-13 16:57:20 26192168]
    "KiesHelper"="C:\Program Files\Samsung\Kies\KiesHelper.exe" [2011-01-29 23:11:32 888120]
    "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" [2011-01-29 23:11:36 3372856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-10-29 15:11:46 94208]
    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-10-29 15:11:44 77824]
    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-10-29 15:11:50 118784]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 20:11:06 925696]
    "AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 18:29:08 88203]
    "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50:42 155648]
    "PSQLLauncher"="C:\Program Files\Protector Suite QL\launcher.exe" [2006-05-05 17:36:28 30208]
    "TPSMain"="TPSMain.exe" [2006-03-21 14:40:12 299008]
    "TPSODDCtl"="TPSODDCtl.exe" [2006-03-21 14:40:14 102400]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 19:24:46 32768]
    "Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 09:43:48 57344]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2010-02-02 15:29:20 198160]
    "IndexSearch"="C:\Program Files\Scansoft\PaperPort\IndexSearch.exe" [2002-09-23 08:50:26 36864]
    "OneTouch Monitor"="C:\Program Files\Xerox One Touch\OneTouchMon.exe" [2003-06-12 15:14:00 86016]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2010-09-08 11:17:42 421888]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2010-11-17 20:59:04 421160]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 09:15:10 40368]
    "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 18:37:40 932288]
    "avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 14:23:29 281768]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 00:12:16 15360]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
    RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2008-2-13 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
    2006-05-05 17:48:24 40448 ----a-w- C:\WINDOWS\system32\psqlpwd.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "C:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

    R2 dgdersvc;Device Error Recovery Service;C:\WINDOWS\system32\dgdersvc.exe [22/12/2009 02:31:02 95568]
    R2 FdRedir;FdRedir;C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [05/05/2006 18:00:02 13568]
    R2 FileDisk2;FileDisk Protector Kernel Driver;C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys [05/05/2006 17:59:52 33024]
    R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [08/09/2010 01:30:47 217088]
    R2 smihlp;SMI helper driver;C:\Program Files\Protector Suite QL\smihlp.sys [05/05/2006 17:33:04 3456]
    R3 dgderdrv;dgderdrv;C:\WINDOWS\system32\drivers\dgderdrv.sys [22/12/2009 02:31:02 18136]
    R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [08/09/2010 01:30:48 36640]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [28/01/2010 21:08:54 135664]
    S3 AIDA32Driver;AIDA32Driver;\??\D:\3942\aida32.sys --> D:\3942\aida32.sys [?]
    S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [16/02/2011 15:47:51 98432]
    S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [16/02/2011 15:47:53 14848]
    S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [16/02/2011 15:47:53 123648]
    S3 ss_bserd;SAMSUNG USB Mobile Logging Driver;C:\WINDOWS\system32\drivers\ss_bserd.sys [16/02/2011 15:47:54 100224]

    --- Other Services/Drivers In Memory ---

    *NewlyCreated* - FSUSBEXDISK

    Contents of the 'Scheduled Tasks' folder

    2011-02-15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50:20 . 2009-10-22 10:50:20]

    2011-03-08 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-28 21:08:54 . 2010-01-28 21:07:32]

    2011-03-07 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-28 21:08:54 . 2010-01-28 21:07:32]

    2011-03-08 C:\WINDOWS\Tasks\OGALogon.job
    - C:\WINDOWS\system32\OGAEXEC.exe [2009-08-03 15:07:42 . 2009-08-03 15:07:42]

    2011-03-08 C:\WINDOWS\Tasks\WGASetup.job
    - C:\WINDOWS\system32\KB905474\wgasetup.exe [2009-03-26 07:23:17 . 2009-03-10 22:18:08]


    ------- Supplementary Scan -------

    uStart Page = hxxp://google.com/
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Settings,ProxyOverride = <local>;*.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
    IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    FF - ProfilePath - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lhydjfig.default\
    FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - Ext: Move Media Player: moveplayer@movenetworks.com - %profile%\extensions\moveplayer@movenetworks.com
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    FF - Ext: Java Quick Starter: jqs@sun.com - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext
    FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true

    - - - - ORPHANS REMOVED - - - -

    Toolbar-Locked - (no file)
  25. Broni

    Broni Malware Annihilator Posts: 45,317   +243

    Open Windows Explorer. Go Tools>Folder Options>View tab, put a checkmark next to Show hidden files, and folders.
    Upload following files to http://www.virustotal.com/ for security check:
    - C:\WINDOWS\system32\kernel32.dll
    If the file is listed as already analyzed, click on Reanalyse file now button.
    Post scan results.

    =======================================================================

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2

    64-bit users go HERE
    • Double-click SystemLook.exe to run it.
    • Vista\Win 7 users:: Right click on SystemLook.exe, click Run As Administrator
    • Copy the content of the following box into the main textfield:
      Code:
      :filefind
      kernel32.dll
      
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.