Solved Have downloaded Malware but virus is blocking access to it

Status
Not open for further replies.

gill12

Posts: 44   +0
Hi, a virus has taken over my computer and blocked my Mcafee software. I can download the Malware program but virus is blocking access to it and telling me to activate it's anti virus software.

What do I try next?
 
Welcome aboard
yahooo.gif


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Complete as many steps as you can.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Hi again. No name as yet but keeps referring me to download it's windows anti virus program. Will try safe mode now, thanks for help.
 
I succesfully ran TFC and rebooted the computer. So far so good, but I somehow managed to blow up my laptop charger while rebooting, so am stuck for a day or two. I will come back to your instructions then. Please keep it open. Thanks again for your help.
 
Malwarebytes in Safe mode

Hi again, charger came back to life. So far, on the quick scan with Malwarebyte found
2 x PUM.Disabled ; Registry Data; HKEY_LOCAL_MACHINE\SOFTWARE\MICRO....;BAD 1 NO ACTION TAKEN.

Doing full scan now.
 
Hi,
I have deleted what I found, a Trojan, but am not certain that my computer is clear. I think my McAffee anti virus software might be infected. I wll check out further. Thanks for your help.
Here are the logs.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5904

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

28/02/2011 18:28:50
mbam-log-2011-02-28 (18-28-50).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 228452
Time elapsed: 1 hour(s), 54 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\all users\application data\gmpopog06300\gmpopog06300.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.










DDS log
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/02/2008 12:00:20
System Uptime: 28/02/2011 18:35:10 (0 hours ago)

Motherboard: TOSHIBA | | Portable PC
Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz | uFC-PGA Socket | 1828/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 75 GiB total, 54.108 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\TOS6208\2&DABA3FF&0
Manufacturer:
Name:
PNP Device ID: ACPI\TOS6208\2&DABA3FF&0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\TOS620A\2&DABA3FF&0
Manufacturer:
Name:
PNP Device ID: ACPI\TOS620A\2&DABA3FF&0
Service:

==== System Restore Points ===================

RP845: 30/11/2010 14:31:16 - System Checkpoint
RP846: 02/12/2010 01:38:52 - System Checkpoint
RP847: 03/12/2010 20:50:09 - System Checkpoint
RP848: 05/12/2010 17:51:06 - System Checkpoint
RP849: 06/12/2010 19:39:50 - System Checkpoint
RP850: 09/12/2010 11:14:35 - System Checkpoint
RP851: 10/12/2010 12:33:00 - System Checkpoint
RP852: 12/12/2010 11:57:28 - System Checkpoint
RP853: 14/12/2010 10:51:21 - System Checkpoint
RP854: 15/12/2010 09:03:46 - Software Distribution Service 3.0
RP855: 18/12/2010 06:40:10 - Software Distribution Service 3.0
RP856: 19/12/2010 12:46:39 - System Checkpoint
RP857: 21/12/2010 18:03:41 - System Checkpoint
RP858: 23/12/2010 07:33:56 - System Checkpoint
RP859: 25/12/2010 11:51:14 - System Checkpoint
RP860: 26/12/2010 23:58:59 - System Checkpoint
RP861: 30/12/2010 14:58:00 - System Checkpoint
RP862: 31/12/2010 17:16:17 - System Checkpoint
RP863: 01/01/2011 17:21:49 - System Checkpoint
RP864: 03/01/2011 17:20:37 - System Checkpoint
RP865: 04/01/2011 21:19:15 - System Checkpoint
RP866: 05/01/2011 22:28:43 - System Checkpoint
RP867: 07/01/2011 18:31:02 - System Checkpoint
RP868: 07/01/2011 19:55:59 - Installed Photo Story 3 for Windows
RP869: 09/01/2011 14:02:51 - System Checkpoint
RP870: 10/01/2011 15:07:28 - System Checkpoint
RP871: 11/01/2011 23:38:02 - System Checkpoint
RP872: 13/01/2011 02:35:43 - System Checkpoint
RP873: 13/01/2011 03:00:20 - Software Distribution Service 3.0
RP874: 14/01/2011 16:43:19 - System Checkpoint
RP875: 16/01/2011 18:31:23 - System Checkpoint
RP876: 18/01/2011 12:07:28 - System Checkpoint
RP877: 19/01/2011 14:08:00 - System Checkpoint
RP878: 22/01/2011 15:15:18 - System Checkpoint
RP879: 23/01/2011 22:57:25 - System Checkpoint
RP880: 25/01/2011 12:51:27 - System Checkpoint
RP881: 01/02/2011 14:06:14 - System Checkpoint
RP882: 02/02/2011 18:39:55 - System Checkpoint
RP883: 06/02/2011 22:02:11 - System Checkpoint
RP884: 09/02/2011 15:25:55 - System Checkpoint
RP885: 10/02/2011 08:00:08 - Software Distribution Service 3.0
RP886: 11/02/2011 13:14:00 - System Checkpoint
RP887: 12/02/2011 14:35:52 - System Checkpoint
RP888: 13/02/2011 21:36:36 - System Checkpoint
RP889: 16/02/2011 15:52:37 - Installed Kies
RP890: 16/02/2011 16:21:09 - Installed Windows KB954550-v5.
RP891: 16/02/2011 16:21:20 - Printer Driver Microsoft XPS Document Writer Installed
RP892: 16/02/2011 16:21:36 - Printer Driver Microsoft XPS Document Writer Installed
RP893: 16/02/2011 17:34:08 - Installed Samsung Kies
RP894: 16/02/2011 18:07:04 - Removed Samsung Kies
RP895: 16/02/2011 18:27:21 - Installed Samsung Kies
RP896: 17/02/2011 23:40:06 - System Checkpoint
RP897: 18/02/2011 10:59:37 - Software Distribution Service 3.0
RP898: 20/02/2011 01:34:12 - System Checkpoint
RP899: 21/02/2011 22:43:57 - System Checkpoint
RP900: 26/02/2011 13:35:32 - System Checkpoint

DDS Log2

DDS (Ver_10-12-12.02) - NTFSx86 NETWORK
Run by Administrator at 18:44:11.54 on 28/02/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1015.707 [GMT 0:00]

AV: McAfee VirusScan *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\All Users\Desktop\dds.scr

============== Pseudo HJT Report ===============

mSearch Page =
mSearchAssistant = hxxp://www.google.com/ie
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [TPSMain] TPSMain.exe
mRun: [TPSODDCtl] TPSODDCtl.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [Lexmark X1100 Series] "c:\program files\lexmark x1100 series\lxbkbmgr.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
mRun: [OneTouch Monitor] "c:\program files\xerox one touch\OneTouchMon.exe"
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
IE: {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\npjpi160_13.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: psfus - psqlpwd.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli psqlpwd

================= FIREFOX ===================
 
My GMER log

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-02-28 18:41:31
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK8032GSX rev.AS111G
Running: klnimdiygmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pwnorpoc.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

---- EOF - GMER 1.0.15 ----
 
DDS log

Hi, this is the latest DDS log. Got rid of 4 trojans eventually and think everything is now clear.

Thank You.


DDS (Ver_10-12-12.02) - NTFSx86
Run by Owner at 3:15:27.29 on 03/03/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1015.421 [GMT 0:00]

AV: McAfee VirusScan *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *Disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Xerox One Touch\OneTouchMon.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\WINDOWS\system32\RAMASST.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dgdersvc.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
c:\PROGRA~1\mcafee\msc\mcshell.exe
C:\WINDOWS\system32\spider.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\All Users\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uWindow Title = Internet Explorer Provided By Sky Broadband
uDefault_Page_URL = hxxp://www.sky.com
mSearch Page =
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearchAssistant = hxxp://www.google.com/ie
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [HUAWEI 3G Data Card MTS] c:\program files\huawei technologies\huawei umts data card\3 USB Modem.exe
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /s
uRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Sky Broadband; GTB6; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.miniclip.com/games/insane-ski-jump/en/"
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [TPSMain] TPSMain.exe
mRun: [TPSODDCtl] TPSODDCtl.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [Lexmark X1100 Series] "c:\program files\lexmark x1100 series\lxbkbmgr.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
mRun: [OneTouch Monitor] "c:\program files\xerox one touch\OneTouchMon.exe"
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: psfus - psqlpwd.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli psqlpwd

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\lhydjfig.default\
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\lhydjfig.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\lhydjfig.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\owner\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\program files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Move Media Player: moveplayer@movenetworks.com - %profile%\extensions\moveplayer@movenetworks.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\real\realplayer\browserrecord\firefox\ext
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-5-31 385880]
R2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2009-12-22 95568]
R2 FdRedir;FdRedir;c:\program files\common files\protector suite ql\drivers\FdRedir.sys [2006-5-5 13568]
R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\common files\protector suite ql\drivers\filedisk.sys [2006-5-5 33024]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-15 54752]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-9-8 217088]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-8-20 203280]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2010-8-20 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2010-8-20 144704]
R2 smihlp;SMI helper driver;c:\program files\protector suite ql\smihlp.sys [2006-5-5 3456]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2009-12-22 18136]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-9-8 36640]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2010-8-20 606736]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-8-20 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-8-20 35272]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-8-20 40552]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-28 135664]
S3 AIDA32Driver;AIDA32Driver;\??\d:\3942\aida32.sys --> d:\3942\aida32.sys [?]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-8-20 34248]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2011-2-16 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2011-2-16 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2011-2-16 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\drivers\ss_bserd.sys [2011-2-16 100224]

=============== Created Last 30 ================

2011-02-28 23:53:23 -------- d-----w- C:\Temp
2011-02-27 00:46:43 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-27 00:46:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-27 00:01:39 -------- d-----w- c:\program files\ESET
2011-02-26 16:03:06 -------- d-----w- c:\docume~1\alluse~1\applic~1\gMpOpOg06300
2011-02-16 18:43:35 -------- d-----w- c:\program files\MyFree Codec
2011-02-16 18:31:05 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Samsung
2011-02-16 17:38:36 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-02-16 17:33:17 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Downloaded Installations
2011-02-16 17:22:39 87340080 ----a-w- c:\program files\Kies_2.0.0.11014_49_2.exe
2011-02-16 16:21:30 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll.new
2011-02-16 16:20:25 -------- d-----w- C:\e3e73489e9a60c045b91ecda
2011-02-16 15:47:54 100224 ----a-w- c:\windows\system32\drivers\ss_bserd.sys
2011-02-16 15:47:53 14848 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys
2011-02-16 15:47:53 12416 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys
2011-02-16 15:47:53 123648 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys
2011-02-16 15:47:51 98432 ----a-w- c:\windows\system32\drivers\ss_bbus.sys
2011-02-16 15:47:51 12288 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys
2011-02-16 15:46:24 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys

==================== Find3M ====================

2011-01-29 17:00:24 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-01-29 17:00:24 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-01-29 17:00:24 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-01-29 17:00:22 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:42:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:07 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe

============= FINISH: 3:16:44.12 ===============
 
dddattach.txt

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/02/2008 12:00:20
System Uptime: 28/02/2011 21:05:28 (0 hours ago)

Motherboard: TOSHIBA | | Portable PC
Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz | uFC-PGA Socket | 1829/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 75 GiB total, 54.292 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\TOS6208\2&DABA3FF&0
Manufacturer:
Name:
PNP Device ID: ACPI\TOS6208\2&DABA3FF&0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\TOS620A\2&DABA3FF&0
Manufacturer:
Name:
PNP Device ID: ACPI\TOS620A\2&DABA3FF&0
Service:

==== System Restore Points ===================

RP845: 30/11/2010 14:31:16 - System Checkpoint
RP846: 02/12/2010 01:38:52 - System Checkpoint
RP847: 03/12/2010 20:50:09 - System Checkpoint
RP848: 05/12/2010 17:51:06 - System Checkpoint
RP849: 06/12/2010 19:39:50 - System Checkpoint
RP850: 09/12/2010 11:14:35 - System Checkpoint
RP851: 10/12/2010 12:33:00 - System Checkpoint
RP852: 12/12/2010 11:57:28 - System Checkpoint
RP853: 14/12/2010 10:51:21 - System Checkpoint
RP854: 15/12/2010 09:03:46 - Software Distribution Service 3.0
RP855: 18/12/2010 06:40:10 - Software Distribution Service 3.0
RP856: 19/12/2010 12:46:39 - System Checkpoint
RP857: 21/12/2010 18:03:41 - System Checkpoint
RP858: 23/12/2010 07:33:56 - System Checkpoint
RP859: 25/12/2010 11:51:14 - System Checkpoint
RP860: 26/12/2010 23:58:59 - System Checkpoint
RP861: 30/12/2010 14:58:00 - System Checkpoint
RP862: 31/12/2010 17:16:17 - System Checkpoint
RP863: 01/01/2011 17:21:49 - System Checkpoint
RP864: 03/01/2011 17:20:37 - System Checkpoint
RP865: 04/01/2011 21:19:15 - System Checkpoint
RP866: 05/01/2011 22:28:43 - System Checkpoint
RP867: 07/01/2011 18:31:02 - System Checkpoint
RP868: 07/01/2011 19:55:59 - Installed Photo Story 3 for Windows
RP869: 09/01/2011 14:02:51 - System Checkpoint
RP870: 10/01/2011 15:07:28 - System Checkpoint
RP871: 11/01/2011 23:38:02 - System Checkpoint
RP872: 13/01/2011 02:35:43 - System Checkpoint
RP873: 13/01/2011 03:00:20 - Software Distribution Service 3.0
RP874: 14/01/2011 16:43:19 - System Checkpoint
RP875: 16/01/2011 18:31:23 - System Checkpoint
RP876: 18/01/2011 12:07:28 - System Checkpoint
RP877: 19/01/2011 14:08:00 - System Checkpoint
RP878: 22/01/2011 15:15:18 - System Checkpoint
RP879: 23/01/2011 22:57:25 - System Checkpoint
RP880: 25/01/2011 12:51:27 - System Checkpoint
RP881: 01/02/2011 14:06:14 - System Checkpoint
RP882: 02/02/2011 18:39:55 - System Checkpoint
RP883: 06/02/2011 22:02:11 - System Checkpoint
RP884: 09/02/2011 15:25:55 - System Checkpoint
RP885: 10/02/2011 08:00:08 - Software Distribution Service 3.0
RP886: 11/02/2011 13:14:00 - System Checkpoint
RP887: 12/02/2011 14:35:52 - System Checkpoint
RP888: 13/02/2011 21:36:36 - System Checkpoint
RP889: 16/02/2011 15:52:37 - Installed Kies
RP890: 16/02/2011 16:21:09 - Installed Windows KB954550-v5.
RP891: 16/02/2011 16:21:20 - Printer Driver Microsoft XPS Document Writer Installed
RP892: 16/02/2011 16:21:36 - Printer Driver Microsoft XPS Document Writer Installed
RP893: 16/02/2011 17:34:08 - Installed Samsung Kies
RP894: 16/02/2011 18:07:04 - Removed Samsung Kies
RP895: 16/02/2011 18:27:21 - Installed Samsung Kies
RP896: 17/02/2011 23:40:06 - System Checkpoint
RP897: 18/02/2011 10:59:37 - Software Distribution Service 3.0
RP898: 20/02/2011 01:34:12 - System Checkpoint
RP899: 21/02/2011 22:43:57 - System Checkpoint
RP900: 26/02/2011 13:35:32 - System Checkpoint

==== Installed Programs ======================

Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.2.5
Adobe Shockwave Player 11.5
Ahead InCD EasyWrite Reader
Ahead Nero OEM
Ahead NeroVision Express
Amazon MP3 Downloader 1.0.8
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BlackBerry Desktop Software 6.0
Bluetooth Stack for Windows by Toshiba
Bonjour
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
CuteFTP 8 Home
Directory Submitter 1.0.24
DVD-RAM Driver
eBook Pro Business Edition
Facebook Plug-In
FXCM Trading Station
Good Keywords v2.01.100107
Google Toolbar for Internet Explorer
Google Update Helper
GoToMeeting 4.5.0.457
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for MSXML 2 (KB887606)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
ieSpell
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
iTunes
Java(TM) 6 Update 13
Junk Mail filter update
Keyword Cloud Generator 1.0.20
Lexmark 510 Series
Lexmark X1100 Series
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Messenger Plus! Live
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.3
Microsoft Office XP Professional with FrontPage
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Mozilla Firefox (3.6.13)
MSN
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyFreeCodec
Niche Store Writer 1.0
NoteTab Light 6 (Remove only)
O Dream Board
OGA Notifier 2.0.0048.0
PaperPort 8.0 SE
PC Connectivity Solution
PCFriendly
Personal License Update Wizard for Windows Media Player
Photo Story 3 for Windows
PowerDVD
Protector Suite 5.4
QuickTime
RealPlayer
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
SD Secure Module
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
 
dddattach.txt part 2

Security Update for Windows XP (KB982802)
Segoe UI
Sky Broadband
Sky Broadband Browser Branding
Skype Toolbars
Skype™ 4.2
SoundMAX
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
TOSHIBA Power Saver
TOSHIBA SD Memory Boot Utility
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
Turbo Lister 2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
web'n'walk USB manager
WebFldrs XP
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Hotfix - KB895181
Windows Media Player 11
Windows XP Service Pack 3
Xerox One Touch
Yahoo! Software Update

==== Event Viewer Messages From Past Week ========

28/02/2011 18:37:54, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
28/02/2011 18:37:12, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm Tosrfcom
28/02/2011 18:29:18, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
28/02/2011 16:29:32, error: Dhcp [1002] - The IP address lease 192.168.0.2 for the Network Card with network address 001302CCCF4D has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
28/02/2011 15:56:14, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service McMSCSvc with arguments "" in order to run the server: {03082469-BA75-44A5-89CB-D187F313E572}
28/02/2011 15:56:09, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Services service to connect.
28/02/2011 15:56:09, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Java Quick Starter service to connect.
28/02/2011 15:56:09, error: Service Control Manager [7000] - The McAfee Services service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
28/02/2011 15:56:09, error: Service Control Manager [7000] - The Java Quick Starter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
28/02/2011 15:43:37, error: Service Control Manager [7034] - The McAfee Services service terminated unexpectedly. It has done this 3 time(s).
28/02/2011 15:43:37, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Services service, but this action failed with the following error: An instance of the service is already running.
28/02/2011 15:42:37, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
28/02/2011 15:42:36, error: Service Control Manager [7000] - The LexBce Server service failed to start due to the following error: The pipe has been ended.
28/02/2011 15:42:34, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the SeaPort service to connect.
28/02/2011 15:42:34, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Proxy Service service to connect.
28/02/2011 15:42:34, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Personal Firewall Service service to connect.
28/02/2011 15:42:34, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Anti-Spam Service service to connect.
28/02/2011 15:42:34, error: Service Control Manager [7000] - The Yahoo! Updater service failed to start due to the following error: Access is denied.
28/02/2011 15:42:34, error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
28/02/2011 15:42:34, error: Service Control Manager [7000] - The McAfee Proxy Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
28/02/2011 15:42:34, error: Service Control Manager [7000] - The McAfee Personal Firewall Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
28/02/2011 15:42:34, error: Service Control Manager [7000] - The McAfee Anti-Spam Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
28/02/2011 13:41:26, error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).
28/02/2011 13:41:26, error: Service Control Manager [7034] - The TOSHIBA Bluetooth Service service terminated unexpectedly. It has done this 1 time(s).
28/02/2011 13:41:26, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
28/02/2011 13:41:26, error: Service Control Manager [7031] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
27/02/2011 20:14:31, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McNASvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
27/02/2011 19:28:35, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec mfehidk MPFP MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip Tosrfcom
27/02/2011 19:28:35, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
27/02/2011 19:28:35, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
27/02/2011 19:28:35, error: Service Control Manager [7001] - The fssfltr service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
27/02/2011 19:28:35, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
27/02/2011 19:28:35, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
27/02/2011 19:28:35, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
27/02/2011 19:28:35, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
27/02/2011 19:28:30, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
27/02/2011 19:28:18, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
27/02/2011 01:53:32, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
26/02/2011 23:54:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 157 time(s).
26/02/2011 23:54:39, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 152 time(s).
26/02/2011 23:54:38, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 151 time(s).
26/02/2011 23:54:08, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 149 time(s).
26/02/2011 23:44:49, error: Service Control Manager [7022] - The FsUsbExService service hung on starting.
26/02/2011 23:03:00, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 120 time(s).
26/02/2011 23:02:55, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 119 time(s).
26/02/2011 23:02:55, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 118 time(s).
26/02/2011 23:02:49, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 117 time(s).
26/02/2011 23:02:43, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 116 time(s).
26/02/2011 23:02:42, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 115 time(s).
26/02/2011 23:02:36, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 114 time(s).
26/02/2011 23:02:36, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 113 time(s).
26/02/2011 23:02:30, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 112 time(s).
26/02/2011 23:02:29, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 111 time(s).
26/02/2011 23:02:23, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 110 time(s).
26/02/2011 23:02:23, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 109 time(s).
26/02/2011 23:01:47, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 108 time(s).
26/02/2011 23:01:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 107 time(s).
26/02/2011 23:01:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 106 time(s).
26/02/2011 23:01:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 105 time(s).
26/02/2011 23:01:11, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 104 time(s).
26/02/2011 23:00:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 103 time(s).
26/02/2011 23:00:35, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 102 time(s).
26/02/2011 23:00:28, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 101 time(s).
26/02/2011 23:00:23, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 100 time(s).
26/02/2011 23:00:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 99 time(s).
26/02/2011 23:00:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 98 time(s).
26/02/2011 23:00:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 97 time(s).
26/02/2011 23:00:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 96 time(s).
26/02/2011 23:00:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 95 time(s).
26/02/2011 23:00:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 94 time(s).
26/02/2011 23:00:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 93 time(s).
26/02/2011 23:00:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 92 time(s).
26/02/2011 23:00:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 91 time(s).
26/02/2011 23:00:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 90 time(s).
26/02/2011 23:00:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 89 time(s).
26/02/2011 23:00:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 88 time(s).
26/02/2011 23:00:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 87 time(s).
26/02/2011 23:00:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 86 time(s).
26/02/2011 23:00:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 85 time(s).
26/02/2011 23:00:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 84 time(s).
26/02/2011 23:00:18, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 83 time(s).
26/02/2011 23:00:18, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 82 time(s).
26/02/2011 23:00:18, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 81 time(s).
26/02/2011 23:00:17, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 80 time(s).
26/02/2011 23:00:16, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 79 time(s).
26/02/2011 23:00:16, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 78 time(s).
26/02/2011 23:00:16, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 77 time(s).
26/02/2011 23:00:10, error: Service Control Manager [7034] - The McAfee Proxy Service service terminated unexpectedly. It has done this 3 time(s).
26/02/2011 23:00:10, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
26/02/2011 23:00:10, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
26/02/2011 22:59:45, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 76 time(s).
26/02/2011 22:59:42, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 75 time(s).
26/02/2011 22:59:42, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 74 time(s).
26/02/2011 22:59:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 73 time(s).
26/02/2011 22:59:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 72 time(s).
26/02/2011 22:59:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 71 time(s).
26/02/2011 22:59:41, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 70 time(s).
26/02/2011 22:59:39, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 69 time(s).
26/02/2011 22:59:39, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 68 time(s).
26/02/2011 22:59:39, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 67 time(s).
26/02/2011 22:59:39, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 66 time(s).
26/02/2011 22:59:38, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 65 time(s).
26/02/2011 22:59:37, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 64 time(s).
26/02/2011 22:59:37, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 63 time(s).
26/02/2011 22:59:36, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 62 time(s).
26/02/2011 22:59:33, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 61 time(s).
26/02/2011 22:59:33, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 60 time(s).
26/02/2011 22:59:32, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 59 time(s).
26/02/2011 22:59:32, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 58 time(s).
26/02/2011 22:59:32, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 57 time(s).
26/02/2011 22:59:27, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 56 time(s).
26/02/2011 22:59:27, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 55 time(s).
26/02/2011 22:59:27, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 54 time(s).
26/02/2011 22:59:26, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 53 time(s).
26/02/2011 22:59:26, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 52 time(s).
26/02/2011 22:59:25, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 51 time(s).
26/02/2011 22:59:25, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 50 time(s).
26/02/2011 22:59:24, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 49 time(s).
26/02/2011 22:59:24, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 48 time(s).
26/02/2011 22:59:24, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 47 time(s).
26/02/2011 22:59:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 46 time(s).
26/02/2011 22:59:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 45 time(s).
26/02/2011 22:59:22, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 44 time(s).
26/02/2011 22:59:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 43 time(s).
26/02/2011 22:59:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 42 time(s).
26/02/2011 22:59:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 41 time(s).
26/02/2011 22:59:21, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 40 time(s).
26/02/2011 22:59:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 39 time(s).
26/02/2011 22:59:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 38 time(s).
26/02/2011 22:59:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 37 time(s).
26/02/2011 22:59:20, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 36 time(s).
26/02/2011 22:59:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 35 time(s).
26/02/2011 22:59:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 34 time(s).
26/02/2011 22:59:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 33 time(s).
26/02/2011 22:59:19, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 32 time(s).
26/02/2011 22:59:15, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 31 time(s).
26/02/2011 22:59:14, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 30 time(s).
26/02/2011 22:59:14, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 29 time(s).
26/02/2011 22:59:14, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 28 time(s).
26/02/2011 22:59:14, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 27 time(s).
26/02/2011 22:59:14, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 26 time(s).
26/02/2011 22:59:10, error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/02/2011 22:59:10, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/02/2011 22:59:10, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Network Agent service to connect.
26/02/2011 22:59:10, error: Service Control Manager [7000] - The McAfee Network Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
26/02/2011 22:59:09, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 25 time(s).
26/02/2011 22:59:08, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 24 time(s).
26/02/2011 22:59:07, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 23 time(s).
26/02/2011 22:59:07, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 22 time(s).
26/02/2011 22:59:07, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 21 time(s).
26/02/2011 22:59:06, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 20 time(s).
26/02/2011 22:59:06, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 19 time(s).
26/02/2011 22:59:06, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 18 time(s).
26/02/2011 22:59:05, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 17 time(s).
26/02/2011 22:59:05, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 16 time(s).
26/02/2011 22:59:05, error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: Access is denied.
26/02/2011 22:59:05, error: DCOM [10005] - DCOM got error "%5" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
26/02/2011 22:59:04, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 15 time(s).
26/02/2011 22:59:03, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 14 time(s).
26/02/2011 22:59:03, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 13 time(s).
26/02/2011 22:59:03, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 12 time(s).
26/02/2011 22:59:03, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 11 time(s).
26/02/2011 22:59:02, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 9 time(s).
26/02/2011 22:59:02, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 10 time(s).
26/02/2011 22:59:01, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 8 time(s).
26/02/2011 22:59:01, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 7 time(s).
26/02/2011 22:58:58, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 6 time(s).
26/02/2011 22:58:57, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 5 time(s).
26/02/2011 22:58:57, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 4 time(s).
26/02/2011 22:58:57, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 3 time(s).
26/02/2011 22:58:55, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 2 time(s).
26/02/2011 22:58:55, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee SiteAdvisor Service service to connect.
26/02/2011 22:58:55, error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
26/02/2011 22:58:55, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
26/02/2011 22:58:54, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 5 time(s).
26/02/2011 22:58:48, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 4 time(s).
26/02/2011 22:58:42, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Spooler service.
26/02/2011 22:58:42, error: Service Control Manager [7000] - The LexBce Server service failed to start due to the following error: The pipe state is invalid.
26/02/2011 22:58:11, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 3 time(s).
26/02/2011 22:58:10, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 2 time(s).
26/02/2011 22:58:10, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
26/02/2011 22:58:10, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
26/02/2011 22:58:10, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
26/02/2011 22:58:09, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
26/02/2011 22:58:09, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).
26/02/2011 22:58:09, error: Service Control Manager [7034] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s).
26/02/2011 22:58:09, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 1 time(s).
26/02/2011 22:58:09, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
26/02/2011 22:58:09, error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).
26/02/2011 22:58:09, error: Service Control Manager [7034] - The FsUsbExService service terminated unexpectedly. It has done this 1 time(s).
26/02/2011 22:58:09, error: Service Control Manager [7034] - The DVD-RAM_Service service terminated unexpectedly. It has done this 1 time(s).
26/02/2011 22:58:09, error: Service Control Manager [7034] - The Device Error Recovery Service service terminated unexpectedly. It has done this 1 time(s).
26/02/2011 22:58:09, error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/02/2011 22:58:09, error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Run the configured recovery program.
26/02/2011 22:58:09, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/02/2011 22:58:09, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/02/2011 22:58:09, error: Service Control Manager [7022] - The McAfee Proxy Service service hung on starting.
26/02/2011 22:58:06, error: Service Control Manager [7022] - The Java Quick Starter service hung on starting.
26/02/2011 22:55:52, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Yahoo! Updater service to connect.
26/02/2011 22:55:52, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the TOSHIBA Bluetooth Service service to connect.
26/02/2011 22:55:52, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Real-time Scanner service to connect.
26/02/2011 22:55:52, error: Service Control Manager [7000] - The Yahoo! Updater service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
26/02/2011 22:55:52, error: Service Control Manager [7000] - The TOSHIBA Bluetooth Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
26/02/2011 22:55:52, error: Service Control Manager [7000] - The McAfee Services service failed to start due to the following error: The pipe has been ended.
26/02/2011 22:55:52, error: Service Control Manager [7000] - The McAfee Real-time Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
25/02/2011 17:20:34, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001302CCCF4D. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
25/02/2011 17:20:31, error: Dhcp [1002] - The IP address lease 192.168.0.2 for the Network Card with network address 001302CCCF4D has been denied by the DHCP server 82.113.68.58 (The DHCP Server sent a DHCPNACK message).
23/02/2011 16:37:36, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
23/02/2011 16:37:36, error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
23/02/2011 16:34:52, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
22/02/2011 15:59:44, error: Dhcp [1002] - The IP address lease 192.168.0.2 for the Network Card with network address 001302CCCF4D has been denied by the DHCP server 10.196.226.193 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================
 
Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

======================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
Combofix

I have to disable my other antivirus programmes to run this one but I can't find a way to do this without deleting them. There are no options for disabling. I have deleted McAfee but I think its too risky so will reinstall it until I work out what to do.

Gillian
 
Combofix

Hi, thanks for your patience!

Recycle came back.

I have run combofix three times (without antvirus on). When it gets to the end it restarts the computer and doesn't give me a report. I have searched for the filename that you specified but can't find it. It also reinstalled some Windows security restore programme that must have been deleted by virus.

Gillian
 
Combofix

Hi,
finally got Combo to run - here is the Rkill report followed by Combofix.

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 07/03/2011 at 15:40:08.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:

--------------------------------------------------------------------------------------------------------------
COMBOFIX


ComboFix 11-03-06.06 - Owner 07/03/2011 15:16:17.7.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1015.614 [GMT 0:00]
Running from: C:\Documents and Settings\All Users\Desktop\gill12ComboFix.exe


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


---- Previous Run -------

C:\Documents and Settings\Owner\g2mdlhlpx.exe
C:\Documents and Settings\Owner\GoToAssistDownloadHelper.exe
C:\Install.exe
C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl
C:\WINDOWS\system32\muzapp.exe

-- Previous Run --

C:\WINDOWS\system32\kernel32.dll . . . is infected!!

--------


((((((((((((((((((((((((( Files Created from 2011-02-07 to 2011-03-07 )))))))))))))))))))))))))))))))


2011-02-28 23:53:23 . 2011-03-01 00:12:19 -------- d-----w- C:\Temp
2011-02-27 00:46:43 . 2010-12-20 18:09:00 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-27 00:46:39 . 2010-12-20 18:08:40 20952 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-27 00:01:39 . 2011-02-27 00:01:39 -------- d-----w- C:\Program Files\ESET
2011-02-26 16:03:06 . 2011-02-28 18:28:50 -------- d-----w- C:\Documents and Settings\All Users\Application Data\gMpOpOg06300
2011-02-16 18:43:35 . 2011-02-16 18:43:35 -------- d-----w- C:\Program Files\MyFree Codec
2011-02-16 18:31:05 . 2011-02-17 14:42:46 -------- d-----w- C:\Documents and Settings\Owner\Local Settings\Application Data\Samsung
2011-02-16 17:38:36 . 2011-01-29 17:00:44 4659712 ----a-w- C:\WINDOWS\system32\Redemption.dll
2011-02-16 17:33:17 . 2011-02-16 17:33:17 -------- d-----w- C:\Documents and Settings\Owner\Local Settings\Application Data\Downloaded Installations
2011-02-16 17:22:39 . 2011-02-16 17:24:28 87340080 ----a-w- C:\Program Files\Kies_2.0.0.11014_49_2.exe
2011-02-16 16:21:30 . 2008-07-06 12:06:10 89088 ----a-w- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll.new
2011-02-16 16:20:25 . 2011-02-16 16:21:41 -------- d-----w- C:\e3e73489e9a60c045b91ecda
2011-02-16 16:00:03 . 2011-02-16 16:00:03 -------- d-----w- C:\Documents and Settings\All Users\Application Data\PC Suite
2011-02-16 16:00:00 . 2011-02-16 16:00:00 -------- d-----w- C:\Documents and Settings\Owner\Application Data\PC Suite
2011-02-16 15:47:54 . 2009-09-19 05:30:10 100224 ----a-w- C:\WINDOWS\system32\drivers\ss_bserd.sys
2011-02-16 15:47:53 . 2009-09-19 05:30:10 14848 ----a-w- C:\WINDOWS\system32\drivers\ss_bmdfl.sys
2011-02-16 15:47:53 . 2009-09-19 05:30:10 12416 ----a-w- C:\WINDOWS\system32\drivers\ss_bcmnt.sys
2011-02-16 15:47:53 . 2009-09-19 05:30:10 123648 ----a-w- C:\WINDOWS\system32\drivers\ss_bmdm.sys
2011-02-16 15:47:51 . 2009-09-19 05:30:10 98432 ----a-w- C:\WINDOWS\system32\drivers\ss_bbus.sys
2011-02-16 15:47:51 . 2009-09-19 05:30:10 12288 ----a-w- C:\WINDOWS\system32\drivers\ss_bwhnt.sys
2011-02-16 15:46:27 . 2011-02-16 15:46:27 -------- d-----w- C:\Program Files\DIFX
2011-02-16 15:46:24 . 2008-08-26 09:26:12 18816 ----a-w- C:\WINDOWS\system32\drivers\pccsmcfd.sys


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-01-29 17:00:24 . 2011-01-29 17:00:24 90112 ----a-w- C:\WINDOWS\MAMCityDownload.ocx
2011-01-29 17:00:24 . 2011-01-29 17:00:24 325552 ----a-w- C:\WINDOWS\MASetupCaller.dll
2011-01-29 17:00:24 . 2011-01-29 17:00:24 30568 ----a-w- C:\WINDOWS\MusiccityDownload.exe
2011-01-29 17:00:22 . 2011-01-29 17:00:22 143360 ----a-w- C:\WINDOWS\system32\3DAudio.ax
2011-01-21 14:44:37 . 2004-08-04 12:00:00 439296 ----a-w- C:\WINDOWS\system32\shimgvw.dll
2011-01-07 14:09:02 . 2004-08-04 12:00:00 290048 ----a-w- C:\WINDOWS\system32\atmfd.dll
2010-12-31 13:10:33 . 2004-08-04 12:00:00 1854976 ----a-w- C:\WINDOWS\system32\win32k.sys
2010-12-22 12:34:28 . 2004-08-04 12:00:00 301568 ----a-w- C:\WINDOWS\system32\kerberos.dll
2010-12-20 23:59:20 . 2004-08-04 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
2010-12-20 23:59:19 . 2004-08-04 12:00:00 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
2010-12-20 23:59:19 . 2004-08-04 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
2010-12-20 17:26:00 . 2004-08-04 12:00:00 730112 ----a-w- C:\WINDOWS\system32\lsasrv.dll
2010-12-20 12:55:26 . 2004-08-04 12:00:00 385024 ----a-w- C:\WINDOWS\system32\html.iec
2010-12-09 15:15:09 . 2004-08-04 12:00:00 718336 ----a-w- C:\WINDOWS\system32\ntdll.dll
2010-12-09 14:30:22 . 2004-08-04 12:00:00 33280 ----a-w- C:\WINDOWS\system32\csrsrv.dll
2010-12-09 13:42:26 . 2004-08-04 12:00:00 2148864 ----a-w- C:\WINDOWS\system32\ntoskrnl.exe
2010-12-09 13:07:07 . 2004-08-03 22:59:02 2027008 ----a-w- C:\WINDOWS\system32\ntkrnlpa.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 16:44:34 3883856]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-17 13:20:19 68856]
"HUAWEI 3G Data Card MTS"="C:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" [BU]
"Search Protection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [BU]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [BU]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2010-05-13 16:57:20 26192168]
"KiesHelper"="C:\Program Files\Samsung\Kies\KiesHelper.exe" [2011-01-29 23:11:32 888120]
"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" [2011-01-29 23:11:36 3372856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-10-29 15:11:46 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-10-29 15:11:44 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-10-29 15:11:50 118784]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 20:11:06 925696]
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 18:29:08 88203]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50:42 155648]
"PSQLLauncher"="C:\Program Files\Protector Suite QL\launcher.exe" [2006-05-05 17:36:28 30208]
"TPSMain"="TPSMain.exe" [2006-03-21 14:40:12 299008]
"TPSODDCtl"="TPSODDCtl.exe" [2006-03-21 14:40:14 102400]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 19:24:46 32768]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 09:43:48 57344]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2010-02-02 15:29:20 198160]
"IndexSearch"="C:\Program Files\Scansoft\PaperPort\IndexSearch.exe" [2002-09-23 08:50:26 36864]
"OneTouch Monitor"="C:\Program Files\Xerox One Touch\OneTouchMon.exe" [2003-06-12 15:14:00 86016]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2010-09-08 11:17:42 421888]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2010-11-17 20:59:04 421160]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 09:15:10 40368]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 18:37:40 932288]
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 00:12:16 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2008-2-13 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2006-05-05 17:48:24 40448 ----a-w- C:\WINDOWS\system32\psqlpwd.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"C:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 dgdersvc;Device Error Recovery Service;C:\WINDOWS\system32\dgdersvc.exe [22/12/2009 02:31:02 95568]
R2 FdRedir;FdRedir;C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [05/05/2006 18:00:02 13568]
R2 FileDisk2;FileDisk Protector Kernel Driver;C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys [05/05/2006 17:59:52 33024]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [08/09/2010 01:30:47 217088]
R2 smihlp;SMI helper driver;C:\Program Files\Protector Suite QL\smihlp.sys [05/05/2006 17:33:04 3456]
R3 dgderdrv;dgderdrv;C:\WINDOWS\system32\drivers\dgderdrv.sys [22/12/2009 02:31:02 18136]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [08/09/2010 01:30:48 36640]
S2 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [28/01/2010 21:08:54 135664]
S3 AIDA32Driver;AIDA32Driver;\??\D:\3942\aida32.sys --> D:\3942\aida32.sys [?]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [16/02/2011 15:47:51 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [16/02/2011 15:47:53 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [16/02/2011 15:47:53 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver;C:\WINDOWS\system32\drivers\ss_bserd.sys [16/02/2011 15:47:54 100224]

Contents of the 'Scheduled Tasks' folder

2011-02-15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50:20 . 2009-10-22 10:50:20]

2011-03-07 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-28 21:08:54 . 2010-01-28 21:07:32]

2011-03-07 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-28 21:08:54 . 2010-01-28 21:07:32]

2011-03-07 C:\WINDOWS\Tasks\OGALogon.job
- C:\WINDOWS\system32\OGAEXEC.exe [2009-08-03 15:07:42 . 2009-08-03 15:07:42]

2011-03-07 C:\WINDOWS\Tasks\WGASetup.job
- C:\WINDOWS\system32\KB905474\wgasetup.exe [2009-03-26 07:23:17 . 2009-03-10 22:18:08]


------- Supplementary Scan -------

uStart Page = hxxp://google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
FF - ProfilePath - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lhydjfig.default\
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Move Media Player: moveplayer@movenetworks.com - %profile%\extensions\moveplayer@movenetworks.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Java Quick Starter: jqs@sun.com - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true

- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
 
The log is incomplete (lower part is missing).
Please repost, or re-run Combofix.
 
This is the latest complete log.
ComboFix 11-03-07.02 - Owner 08/03/2011 1:33:56.8.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1015.608 [GMT 0:00]
Running from: C:\Documents and Settings\All Users\Desktop\gill12ComboFix.exe


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


-- Previous Run --

C:\WINDOWS\system32\kernel32.dll . . . is infected!!

--------


((((((((((((((((((((((((( Files Created from 2011-02-08 to 2011-03-08 )))))))))))))))))))))))))))))))


2011-03-07 22:53:01 . 2011-03-07 22:53:01 -------- d-----w- C:\Documents and Settings\Owner\Application Data\Avira
2011-03-07 22:50:02 . 2011-01-10 14:23:53 61960 ----a-w- C:\WINDOWS\system32\drivers\avgntflt.sys
2011-03-07 22:50:02 . 2011-01-10 14:23:53 135096 ----a-w- C:\WINDOWS\system32\drivers\avipbb.sys
2011-03-07 22:50:02 . 2010-06-17 14:27:24 45416 ----a-w- C:\WINDOWS\system32\drivers\avgntdd.sys
2011-03-07 22:50:02 . 2010-06-17 14:27:24 22360 ----a-w- C:\WINDOWS\system32\drivers\avgntmgr.sys
2011-03-07 22:49:49 . 2011-03-07 22:49:49 -------- d-----w- C:\Program Files\Avira
2011-03-07 22:49:49 . 2011-03-07 22:49:49 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Avira
2011-02-28 23:53:23 . 2011-03-01 00:12:19 -------- d-----w- C:\Temp
2011-02-27 00:46:43 . 2010-12-20 18:09:00 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-27 00:46:39 . 2010-12-20 18:08:40 20952 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-27 00:01:39 . 2011-02-27 00:01:39 -------- d-----w- C:\Program Files\ESET
2011-02-26 16:03:06 . 2011-02-28 18:28:50 -------- d-----w- C:\Documents and Settings\All Users\Application Data\gMpOpOg06300
2011-02-16 18:43:35 . 2011-02-16 18:43:35 -------- d-----w- C:\Program Files\MyFree Codec
2011-02-16 18:31:05 . 2011-02-17 14:42:46 -------- d-----w- C:\Documents and Settings\Owner\Local Settings\Application Data\Samsung
2011-02-16 17:38:36 . 2011-01-29 17:00:44 4659712 ----a-w- C:\WINDOWS\system32\Redemption.dll
2011-02-16 17:33:17 . 2011-02-16 17:33:17 -------- d-----w- C:\Documents and Settings\Owner\Local Settings\Application Data\Downloaded Installations
2011-02-16 17:22:39 . 2011-02-16 17:24:28 87340080 ----a-w- C:\Program Files\Kies_2.0.0.11014_49_2.exe
2011-02-16 16:21:30 . 2008-07-06 12:06:10 89088 ----a-w- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll.new
2011-02-16 16:20:25 . 2011-02-16 16:21:41 -------- d-----w- C:\e3e73489e9a60c045b91ecda
2011-02-16 16:00:03 . 2011-02-16 16:00:03 -------- d-----w- C:\Documents and Settings\All Users\Application Data\PC Suite
2011-02-16 16:00:00 . 2011-02-16 16:00:00 -------- d-----w- C:\Documents and Settings\Owner\Application Data\PC Suite
2011-02-16 15:47:54 . 2009-09-19 05:30:10 100224 ----a-w- C:\WINDOWS\system32\drivers\ss_bserd.sys
2011-02-16 15:47:53 . 2009-09-19 05:30:10 14848 ----a-w- C:\WINDOWS\system32\drivers\ss_bmdfl.sys
2011-02-16 15:47:53 . 2009-09-19 05:30:10 12416 ----a-w- C:\WINDOWS\system32\drivers\ss_bcmnt.sys
2011-02-16 15:47:53 . 2009-09-19 05:30:10 123648 ----a-w- C:\WINDOWS\system32\drivers\ss_bmdm.sys
2011-02-16 15:47:51 . 2009-09-19 05:30:10 98432 ----a-w- C:\WINDOWS\system32\drivers\ss_bbus.sys
2011-02-16 15:47:51 . 2009-09-19 05:30:10 12288 ----a-w- C:\WINDOWS\system32\drivers\ss_bwhnt.sys
2011-02-16 15:46:27 . 2011-02-16 15:46:27 -------- d-----w- C:\Program Files\DIFX
2011-02-16 15:46:24 . 2008-08-26 09:26:12 18816 ----a-w- C:\WINDOWS\system32\drivers\pccsmcfd.sys


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-01-29 17:00:24 . 2011-01-29 17:00:24 90112 ----a-w- C:\WINDOWS\MAMCityDownload.ocx
2011-01-29 17:00:24 . 2011-01-29 17:00:24 325552 ----a-w- C:\WINDOWS\MASetupCaller.dll
2011-01-29 17:00:24 . 2011-01-29 17:00:24 30568 ----a-w- C:\WINDOWS\MusiccityDownload.exe
2011-01-29 17:00:22 . 2011-01-29 17:00:22 143360 ----a-w- C:\WINDOWS\system32\3DAudio.ax
2011-01-21 14:44:37 . 2004-08-04 12:00:00 439296 ----a-w- C:\WINDOWS\system32\shimgvw.dll
2011-01-07 14:09:02 . 2004-08-04 12:00:00 290048 ----a-w- C:\WINDOWS\system32\atmfd.dll
2010-12-31 13:10:33 . 2004-08-04 12:00:00 1854976 ----a-w- C:\WINDOWS\system32\win32k.sys
2010-12-22 12:34:28 . 2004-08-04 12:00:00 301568 ----a-w- C:\WINDOWS\system32\kerberos.dll
2010-12-20 23:59:20 . 2004-08-04 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
2010-12-20 23:59:19 . 2004-08-04 12:00:00 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
2010-12-20 23:59:19 . 2004-08-04 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
2010-12-20 17:26:00 . 2004-08-04 12:00:00 730112 ----a-w- C:\WINDOWS\system32\lsasrv.dll
2010-12-20 12:55:26 . 2004-08-04 12:00:00 385024 ----a-w- C:\WINDOWS\system32\html.iec
2010-12-09 15:15:09 . 2004-08-04 12:00:00 718336 ----a-w- C:\WINDOWS\system32\ntdll.dll
2010-12-09 14:30:22 . 2004-08-04 12:00:00 33280 ----a-w- C:\WINDOWS\system32\csrsrv.dll
2010-12-09 13:42:26 . 2004-08-04 12:00:00 2148864 ----a-w- C:\WINDOWS\system32\ntoskrnl.exe
2010-12-09 13:07:07 . 2004-08-03 22:59:02 2027008 ----a-w- C:\WINDOWS\system32\ntkrnlpa.exe


((((((((((((((((((((((((((((( SnapShot@2011-03-07_15.24.07 )))))))))))))))))))))))))))))))))))))))))

+ 2011-03-08 01:19:15 . 2011-03-08 01:19:15 16384 C:\WINDOWS\temp\Perflib_Perfdata_ad4.dat
+ 2011-03-07 22:50:05 . 2010-06-17 14:27:22 28520 C:\WINDOWS\system32\drivers\ssmdrv.sys

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 16:44:34 3883856]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-17 13:20:19 68856]
"HUAWEI 3G Data Card MTS"="C:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 USB Modem.exe" [BU]
"Search Protection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [BU]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [BU]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2010-05-13 16:57:20 26192168]
"KiesHelper"="C:\Program Files\Samsung\Kies\KiesHelper.exe" [2011-01-29 23:11:32 888120]
"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" [2011-01-29 23:11:36 3372856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-10-29 15:11:46 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-10-29 15:11:44 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-10-29 15:11:50 118784]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 20:11:06 925696]
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 18:29:08 88203]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50:42 155648]
"PSQLLauncher"="C:\Program Files\Protector Suite QL\launcher.exe" [2006-05-05 17:36:28 30208]
"TPSMain"="TPSMain.exe" [2006-03-21 14:40:12 299008]
"TPSODDCtl"="TPSODDCtl.exe" [2006-03-21 14:40:14 102400]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 19:24:46 32768]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 09:43:48 57344]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2010-02-02 15:29:20 198160]
"IndexSearch"="C:\Program Files\Scansoft\PaperPort\IndexSearch.exe" [2002-09-23 08:50:26 36864]
"OneTouch Monitor"="C:\Program Files\Xerox One Touch\OneTouchMon.exe" [2003-06-12 15:14:00 86016]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2010-09-08 11:17:42 421888]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2010-11-17 20:59:04 421160]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 09:15:10 40368]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 18:37:40 932288]
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 14:23:29 281768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 00:12:16 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2008-2-13 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2006-05-05 17:48:24 40448 ----a-w- C:\WINDOWS\system32\psqlpwd.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"C:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 dgdersvc;Device Error Recovery Service;C:\WINDOWS\system32\dgdersvc.exe [22/12/2009 02:31:02 95568]
R2 FdRedir;FdRedir;C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [05/05/2006 18:00:02 13568]
R2 FileDisk2;FileDisk Protector Kernel Driver;C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys [05/05/2006 17:59:52 33024]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [08/09/2010 01:30:47 217088]
R2 smihlp;SMI helper driver;C:\Program Files\Protector Suite QL\smihlp.sys [05/05/2006 17:33:04 3456]
R3 dgderdrv;dgderdrv;C:\WINDOWS\system32\drivers\dgderdrv.sys [22/12/2009 02:31:02 18136]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [08/09/2010 01:30:48 36640]
S2 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [28/01/2010 21:08:54 135664]
S3 AIDA32Driver;AIDA32Driver;\??\D:\3942\aida32.sys --> D:\3942\aida32.sys [?]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [16/02/2011 15:47:51 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [16/02/2011 15:47:53 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [16/02/2011 15:47:53 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver;C:\WINDOWS\system32\drivers\ss_bserd.sys [16/02/2011 15:47:54 100224]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - FSUSBEXDISK

Contents of the 'Scheduled Tasks' folder

2011-02-15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50:20 . 2009-10-22 10:50:20]

2011-03-08 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-28 21:08:54 . 2010-01-28 21:07:32]

2011-03-07 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-28 21:08:54 . 2010-01-28 21:07:32]

2011-03-08 C:\WINDOWS\Tasks\OGALogon.job
- C:\WINDOWS\system32\OGAEXEC.exe [2009-08-03 15:07:42 . 2009-08-03 15:07:42]

2011-03-08 C:\WINDOWS\Tasks\WGASetup.job
- C:\WINDOWS\system32\KB905474\wgasetup.exe [2009-03-26 07:23:17 . 2009-03-10 22:18:08]


------- Supplementary Scan -------

uStart Page = hxxp://google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
FF - ProfilePath - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\lhydjfig.default\
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Move Media Player: moveplayer@movenetworks.com - %profile%\extensions\moveplayer@movenetworks.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Java Quick Starter: jqs@sun.com - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true

- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
 
Open Windows Explorer. Go Tools>Folder Options>View tab, put a checkmark next to Show hidden files, and folders.
Upload following files to http://www.virustotal.com/ for security check:
- C:\WINDOWS\system32\kernel32.dll
If the file is listed as already analyzed, click on Reanalyse file now button.
Post scan results.

=======================================================================

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

64-bit users go HERE
  • Double-click SystemLook.exe to run it.
  • Vista\Win 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following box into the main textfield:
    Code:
    :filefind
    kernel32.dll
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
 
Status
Not open for further replies.
Back