I can't connect to the internet except in safe mode.

Solved
By tizapaine
Jan 29, 2014
  1. I don't know wheather Im infected or not, but I cannot get IE to connect to cable wifi internet,,,,although I can do so when Im in safe mode as Im now doing.
    Im running win xp pro, and IE8.
    While in safe mode I did all the scans I could think of , Ive used Norman and Megabytes, they found nothing.
    It is only this desktop that I'm having trouble with, my laptop is working fine in wifi. so I guess Im infected with something because I can't connect with IE and also Firefox.

    Can someone please help me as Im starting to hit the bottle very shortly. lol

    thank you
    Eddie
  2. Broni

    Broni Malware Annihilator Posts: 46,169   +251

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
  3. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org
    Database version: v2014.01.27.03
    Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
    Internet Explorer 8.0.6001.18702
    Administrator :: VERITON-65D9F13 [administrator]
    30/01/2014 19:07:37
    mbam-log-2014-01-30 (19-07-37).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 244512
    Time elapsed: 42 minute(s), 43 second(s)
    MemoDDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.45.2
    Run by Administrator at 19:52:46 on 2014-01-30
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3058.2549 [GMT 11:00]
    .
    AV: PC Cleaner Pro *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
    AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    FW: COMODO Firewall *Enabled*
    .
    ============== Running Processes ================
    .
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxps://www.google.com.au/
    uSearch Page = hxxp://www.google.com
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
    uRun: [ISUSPM] "c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe" -scheduler
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [PhilipsRemote] c:\program files\musicmatch\musicmatch jukebox\PhilipsRemote.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [PDFHook] c:\program files\nuance\pdf viewer plus\pdfpro5hook.exe
    mRun: [PDF5 Registry Controller] c:\program files\nuance\pdf viewer plus\RegistryController.exe
    mRun: [NBAgent] "c:\program files\nero\nero 11\nero backitup\NBAgent.exe" /WinStart
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
    mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
    mRun: [iKeyWorks] c:\progra~1\a4tech\keyboard\Ikeymain.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [ControlCenter4] c:\program files\controlcenter4\BrCcBoot.exe /autorun
    mRun: [BrStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN
    mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - <orphaned>
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1384231888281
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346294734281
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
    DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{629BBAC6-C1C9-4A33-ACA7-3B9F201C4CE8} : DHCPNameServer = 192.168.0.1
    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\qr4qejpf.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282495&CUI=UN29370041163711109&UM=1&SearchSource=3&q={searchTerms}&sspv=TB_CER
    FF - prefs.js: browser.search.selectedEngine - Yahoo!
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?octid=CT3282495&ctid=CT3282495&SearchSource=2&CUI=UN29370041163711109&UM=2&q=
    FF - prefs.js: keyword.enabled - false
    FF - prefs.js: network.proxy.type - 4
    FF - plugin: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\qr4qejpf.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\plugins\np-mswmp.dll
    FF - plugin: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\qr4qejpf.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\plugins\npConduitFirefoxPlugin.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
    FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
    FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
    FF - ExtSQL: 2013-12-09 19:26; PrivDog@AdTrustMedia.com; c:\documents and settings\administrator\application data\mozilla\firefox\profiles\qr4qejpf.default\extensions\PrivDog@AdTrustMedia.com
    .
    ---- FIREFOX POLICIES ----
    .
    .
    .
    .
    .
    FF - user.js: plugin.state.npconduitfirefoxplugin - 0
    .
    FF - user.js: browser.search.defaultenginename - FindWide
    FF - user.js: browser.keywordURLPromptDeclined - 1
    .
    FF - user.js: browser.startup.page - 1
    .
    .
    .
    FF - user.js: browser.newtab.url -
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2012-1-22 56496]
    R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2012-1-22 12464]
    R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2013-9-24 15704]
    R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2013-9-24 30552]
    R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-1-23 36608]
    S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 214696]
    S0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [2012-9-9 51144]
    S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-5-27 24408]
    S1 cmdGuard;COMODO Internet Security Driver;c:\windows\system32\drivers\cmdGuard.sys [2013-11-14 587864]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-6 5814392]
    S2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2007-10-9 38144]
    S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\nuance\paperport\PDFProFiltSrvPP.exe [2010-3-9 144672]
    S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680]
    S2 UacFlt;Philips Composite Class Filter Driver;c:\windows\system32\drivers\uacbflt.sys [2002-6-14 21276]
    S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-11-14 1691480]
    S3 andnetadb;ADB Interface DriverNet;c:\windows\system32\drivers\lgandnetadb.sys --> c:\windows\system32\drivers\lgandnetadb.sys [?]
    S3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\drivers\lgandnetdiag.sys --> c:\windows\system32\drivers\lgandnetdiag.sys [?]
    S3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\drivers\lgandnetmodem.sys --> c:\windows\system32\drivers\lgandnetmodem.sys [?]
    S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\drivers\lgandnetndis.sys --> c:\windows\system32\drivers\lgandnetndis.sys [?]
    S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys --> c:\windows\system32\drivers\androidusb.sys [?]
    S3 APL531;OVT Scanner 16-bit;c:\windows\system32\drivers\OVTX16.sys [2012-1-25 154112]
    S3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [2014-1-24 1763584]
    S3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2012-6-29 245760]
    S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
    S3 cpuz134;cpuz134;\??\c:\docume~1\admini~1\locals~1\temp\hbcd\pcwizard\pcwiz_x32.sys --> c:\docume~1\admini~1\locals~1\temp\hbcd\pcwizard\pcwiz_x32.sys [?]
    S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys --> c:\windows\system32\drivers\massfilter_hs.sys [?]
    S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2011-9-8 30576]
    S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2009-7-31 341504]
    S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys --> c:\windows\system32\drivers\wg111v2.sys [?]
    S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2012-9-3 13024]
    S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    S3 zghsdiag;ZTE General Handset Diagnostic Port;c:\windows\system32\drivers\zghsdiag.sys --> c:\windows\system32\drivers\zghsdiag.sys [?]
    .
    =============== File Associations ===============
    .
    ShellExec: BlazeDVD.exe: open=".\BlazePhotoUI.exe" "%1"
    .
    =============== Created Last 30 ================
    .
    2014-01-29 05:04:49 7760024 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1c775e79-4f44-4945-8916-a1dc3b88815b}\mpengine.dll
    2014-01-29 04:17:40 410784 ----a-w- c:\windows\system32\drivers\thmhtvhy.sys
    2014-01-29 04:13:48 410784 ----a-w- c:\windows\system32\drivers\avsxyhfe.sys
    2014-01-27 04:14:16 -------- dc-h--w- c:\windows\ie8
    2014-01-27 03:32:53 -------- d-----w- c:\program files\Microsoft ATS
    2014-01-27 02:21:12 -------- d-----w- C:\d8e371acf69840d372
    2014-01-27 01:31:56 7760024 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2014-01-24 10:12:23 -------- d-----w- C:\1a443f8837eeb4b3b47499
    2014-01-24 05:35:51 1763584 ----a-w- c:\windows\system32\drivers\athuw.sys
    2014-01-24 05:35:51 1763584 ----a-w- c:\windows\system32\athuw.sys
    .
    ==================== Find3M ====================
    .
    2014-01-19 07:32:23 231584 -c----w- c:\windows\system32\MpSigStub.exe
    2013-12-03 00:07:22 891976 ----a-w- c:\windows\system32\RTSndMgr.CPL
    2013-12-03 00:07:22 84584 ----a-w- c:\windows\SOUNDMAN.EXE
    2013-12-03 00:07:22 359016 ----a-w- c:\windows\vncutil.exe
    2013-12-03 00:07:19 9721960 ----a-w- c:\windows\RTLCPL.EXE
    2013-12-03 00:07:19 1523416 ----a-w- c:\windows\RtlUpd.exe
    2013-12-03 00:07:16 5589720 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
    2013-12-03 00:07:11 86232 ----a-w- c:\windows\system32\RtkCoInstIIXP.dll
    2013-12-03 00:07:11 20145368 ----a-w- c:\windows\RTHDCPL.EXE
    2013-12-03 00:07:11 129640 ----a-w- c:\windows\RtkAudioService.exe
    2013-12-03 00:07:02 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
    2013-12-03 00:07:01 2180712 ----a-w- c:\windows\MicCal.exe
    2013-12-03 00:06:56 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL
    2013-12-03 00:06:56 2815592 ----a-w- c:\windows\ALCWZRD.EXE
    2013-12-03 00:06:56 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
    2013-12-03 00:06:54 64104 ----a-w- c:\windows\ALCMTR.EXE
    2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
    2013-11-19 14:10:09 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-11-19 14:10:09 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-11-14 04:41:47 83808 ----a-w- c:\windows\system32\NicInstE.dll
    2013-11-14 04:41:47 309048 -c--a-w- c:\windows\system32\Prounstl.exe
    2013-11-14 04:41:47 28272 ----a-w- c:\windows\system32\NicCo2.dll
    2013-11-14 04:41:46 254336 ----a-w- c:\windows\system32\drivers\e1e5132.sys
    2013-11-14 04:41:46 121440 ----a-w- c:\windows\system32\e1000msg.dll
    2013-11-14 04:40:28 1833576 ----a-w- c:\windows\SkyTel.exe
    2013-11-14 04:40:26 11368 ----a-w- c:\windows\system32\RtkCoLDRXP.dll
    2013-11-14 00:38:08 587864 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
    2013-11-14 00:38:02 36000 ----a-w- c:\windows\system32\cmdcsr.dll
    2013-11-13 19:27:56 65184 ----a-w- c:\windows\apppatch\MATSShim.DLL
    2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll
    2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll
    2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll
    2013-01-10 02:34:48 134400 --sha-r- c:\windows\system32\hal.dll
    2013-07-04 03:03:25 2149888 --sha-r- c:\windows\system32\ntoskrnl.exe
    2013-01-10 02:34:49 574976 -csha-r- c:\windows\system32\drivers\ntfs.sys
    .
    ============= FINISH: 19:53:52.48 ===============
    ry Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 0
    (No malicious items detected)
    Registry Values Detected: 0
    (No malicious items detected)
    Registry Data Items Detected: 0
    (No malicious items detected)
    Folders Detected: 0
    (No malicious items detected)
    Files Detected: 0
    (No malicious items detected)
    (end).
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 16/05/2011 1:38:18 PM
    System Uptime: 30/01/2014 7:04:46 PM (0 hours ago)
    .
    Motherboard: Acer | | EQ35M
    Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz | CPU 1 | 2327/333mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 466 GiB total, 65.257 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description: PCI Serial Port
    Device ID: PCI\VEN_8086&DEV_29B7&SUBSYS_26361019&REV_02\3&11583659&0&1B
    Manufacturer:
    Name: PCI Serial Port
    PNP Device ID: PCI\VEN_8086&DEV_29B7&SUBSYS_26361019&REV_02\3&11583659&0&1B
    Service:
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Intel(R) 82566DM-2 Gigabit Network Connection
    Device ID: PCI\VEN_8086&DEV_10BD&SUBSYS_26361019&REV_02\3&11583659&0&C8
    Manufacturer: Intel
    Name: Intel(R) 82566DM-2 Gigabit Network Connection
    PNP Device ID: PCI\VEN_8086&DEV_10BD&SUBSYS_26361019&REV_02\3&11583659&0&C8
    Service: e1express
    .
    ==== System Restore Points ===================
    .
    RP1: 28/01/2014 10:54:55 PM - System Checkpoint
    RP2: 29/01/2014 4:04:12 PM - Software Distribution Service 3.0
    RP3: 30/01/2014 5:43:48 PM - Software Distribution Service 3.0
    .
    ==== Installed Programs ======================
    .
    .
    A4Tech iKeyWorks 7.72
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.9)
    AMD APP SDK Runtime
    AMD Catalyst Install Manager
    Apple Application Support
    Apple Software Update
    AVG 2013
    Belarc Advisor 8.1
    BlazePhoto 2.0
    Brother MFL-Pro Suite MFC-J430W
    CCleaner
    CP_Package_Variety1
    CP_Package_Variety2
    CP_Package_Variety3
    Destinations
    DeviceManagementQFolder
    DocProc
    DVD Decoder Pak for Windows XP
    eSupportQFolder
    Express Burn Disc Burning Software
    Express Rip
    Google Update Helper
    Hewlett-Packard ACLM.NET v1.1.0.0
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB2779562)
    HP Product Assistant
    HPProductAssistant
    InstantShareAlert
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Network Connections Drivers
    Intel® Management Engine Interface
    Internet Explorer (Enable DEP)
    IrfanView (remove only)
    Java 7 Update 45
    Java Auto Updater
    Java(TM) 6 Update 45
    JYKRecorder
    Malwarebytes Anti-Malware version 1.75.0.1300
    MarketResearch
    MCCI(r)Firmware Update Driver for MTK
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB2833941)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Automated Troubleshooting Services Shim
    Microsoft Corporation
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft LifeCam
    Microsoft PowerPoint Viewer
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft User-Mode Driver Framework Feature Pack 1.9
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft_VC100_CRT_SP1_x86
    Mozilla Firefox 22.0 (x86 en-US)
    Mozilla Maintenance Service
    MSVC80_x86_v2
    MSVC90_x86
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2721691)
    MSXML 4.0 SP3 Parser (KB2758694)
    MSXML 4.0 SP3 Parser (KB973685)
    Nero 11 Mini Repack
    Nero Backup Drivers
    neroxml
    Nuance PaperPort 12
    Nuance PDF Viewer Plus
    OpenOffice 4.0.0
    OVT Scanner 16Bit
    PanoStandAlone
    PaperPort Image Printer
    Photo Express LE
    Picasa 3
    Picasa Uploader
    QuickTime
    Realtek High Definition Audio Driver
    Scan
    ScannerCopy
    Scansoft PDF Professional
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
    Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2898785)
    Security Update for Windows Media Player (KB2834904-v2)
    Security Update for Windows Media Player (KB2834904)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2753842-v2)
    Security Update for Windows XP (KB2753842)
    Security Update for Windows XP (KB2757638)
    Security Update for Windows XP (KB2758857)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB2770660)
    Security Update for Windows XP (KB2778344)
    Security Update for Windows XP (KB2779030)
    Security Update for Windows XP (KB2780091)
    Security Update for Windows XP (KB2799494)
    Security Update for Windows XP (KB2802968)
    Security Update for Windows XP (KB2807986)
    Security Update for Windows XP (KB2808735)
    Security Update for Windows XP (KB2813170)
    Security Update for Windows XP (KB2813345)
    Security Update for Windows XP (KB2820197)
    Security Update for Windows XP (KB2820917)
    Security Update for Windows XP (KB2829361)
    Security Update for Windows XP (KB2834886)
    Security Update for Windows XP (KB2839229)
    Security Update for Windows XP (KB2845187)
    Security Update for Windows XP (KB2847311)
    Security Update for Windows XP (KB2849470)
    Security Update for Windows XP (KB2850851)
    Security Update for Windows XP (KB2850869)
    Security Update for Windows XP (KB2859537)
    Security Update for Windows XP (KB2862152)
    Security Update for Windows XP (KB2862330)
    Security Update for Windows XP (KB2862335)
    Security Update for Windows XP (KB2864063)
    Security Update for Windows XP (KB2868038)
    Security Update for Windows XP (KB2868626)
    Security Update for Windows XP (KB2876217)
    Security Update for Windows XP (KB2876315)
    Security Update for Windows XP (KB2876331)
    Security Update for Windows XP (KB2883150)
    Security Update for Windows XP (KB2884256)
    Security Update for Windows XP (KB2892075)
    Security Update for Windows XP (KB2893294)
    Security Update for Windows XP (KB2893984)
    Security Update for Windows XP (KB2898715)
    Security Update for Windows XP (KB2900986)
    Security Update for Windows XP (KB2914368)
    Security Update for Windows XP (KB923789)
    Segoe UI
    Skype Click to Call
    Skype™ 6.10
    SolutionCenter
    Status
    System Requirements Lab for Intel
    TL-WN822N/TL-WN821N Driver
    TrayApp
    Uninstall OVT Scanner 16-bit
    Unload
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2492386)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB2863058)
    Update for Windows XP (KB2904266)
    VCRedistSetup
    VLC media player 2.0.6
    WavePad Sound Editor
    WebFldrs XP
    WebReg
    Windows Driver Package - OmniVision (APL531) Image (01/01/2010 2.0.0.1)
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Management Framework Core
    Windows Media Format 11 runtime
    Windows Media Player 11
    .
    ==== Event Viewer Messages From Past Week ========
    .
    26/01/2014 8:25:13 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: iaStor Soluto
    26/01/2014 5:17:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    26/01/2014 5:15:18 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD cmdGuard cmdHlp Fips intelppm IPSec MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss Soluto Tcpip
    26/01/2014 5:15:18 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
    26/01/2014 5:15:18 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    26/01/2014 5:15:18 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    25/01/2014 8:50:59 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cmdGuard Fips intelppm MpFilter Soluto
    25/01/2014 8:50:39 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    24/01/2014 9:40:22 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Soluto
    24/01/2014 9:40:22 PM, error: Service Control Manager [7022] - The MSCamSvc service hung on starting.
    24/01/2014 9:38:57 PM, error: Service Control Manager [7024] - The AVG WatchDog service terminated with service-specific error 3758161981 (0xE001003D).
    24/01/2014 9:38:57 PM, error: Service Control Manager [7003] - The AVGIDSAgent service depends on the following nonexistent service: AVGIDSDriver
    24/01/2014 4:48:54 PM, error: Service Control Manager [7034] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s).
    24/01/2014 4:48:47 PM, error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    24/01/2014 4:48:15 PM, error: Service Control Manager [7034] - The Telnet service terminated unexpectedly. It has done this 1 time(s).
    24/01/2014 4:47:52 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    24/01/2014 4:47:31 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
    24/01/2014 4:47:25 PM, error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
    24/01/2014 3:36:12 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
    24/01/2014 3:36:12 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
    24/01/2014 3:36:11 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    24/01/2014 3:34:26 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Net.Tcp Port Sharing Service service to connect.
    24/01/2014 3:34:26 PM, error: Service Control Manager [7000] - The Net.Tcp Port Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    24/01/2014 3:28:08 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    24/01/2014 3:28:08 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
    24/01/2014 3:28:08 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
    24/01/2014 3:22:09 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
    24/01/2014 3:22:09 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
    24/01/2014 3:22:08 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    24/01/2014 3:07:51 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072efd Error description: A connection with the server could not be established
    24/01/2014 3:07:51 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072efd Error description: A connection with the server could not be established
    24/01/2014 3:07:24 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    24/01/2014 3:07:24 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    24/01/2014 2:37:10 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    24/01/2014 2:37:10 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
    24/01/2014 2:37:10 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
    24/01/2014 2:30:13 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    24/01/2014 2:30:13 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
    24/01/2014 2:30:13 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.163.1864.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?Lin...4.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10100.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
    .
    ==== End Of File ===========================
  4. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    I hope this is OK. looking at this report I didn't know I had half of the stuff there, really needs a jolly good clean out.

    thank you for helping me

    Ed.
  5. Broni

    Broni Malware Annihilator Posts: 46,169   +251

    [​IMG] You're running two AV programs, AVG and MSE.
    You must uninstall one of them.
    If AVG use AVG Remover: http://www.avg.com/us-en/utilities

    [​IMG] Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.
  6. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2014 01
    Ran by Administrator (administrator) on VERITON-65D9F13 on 31-01-2014 11:15:40
    Running from C:\Documents and Settings\Administrator\Desktop
    Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
    Internet Explorer Version 8
    Boot Mode: Safe Mode (with Networking)
    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
    ==================== Processes (Whitelisted) ===================
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Microsoft Corporation) C:\Program Files\Outlook Express\msimn.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe

    ==================== Registry (Whitelisted) ==================
    HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20145368 2013-12-03] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-02] (Research In Motion Limited)
    HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
    HKLM\...\Run: [PhilipsRemote] - C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\PhilipsRemote.exe [69632 2002-10-24] ()
    HKLM\...\Run: [PDFHook] - C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
    HKLM\...\Run: [PDF5 Registry Controller] - C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
    HKLM\...\Run: [NBAgent] - C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2011-09-20] (Nero AG)
    HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
    HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
    HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
    HKLM\...\Run: [iKeyWorks] - C:\Program Files\A4Tech\Keyboard\Ikeymain.exe [65536 2012-04-04] (A4Tech Co.,Ltd.)
    HKLM\...\Run: [ControlCenter4] - C:\Program Files\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
    HKLM\...\Run: [BrStsMon00] - C:\Program Files\Browny02\Brother\BrStMonW.exe [2629632 2011-05-19] (Brother Industries, Ltd.)
    HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
    HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
    HKLM\...\RunOnce: [AvgRemover] - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\1SFENEO5\avg_remover_stf_x86_2014_4116[1].exe /run_number=2 /ndis_nextstep=4 [3386520 2014-01-31] (AVG Technologies CZ, s.r.o.)
    HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
    HKCU\...\Run: [ISUSPM] - C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
    HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
    ==================== Internet (Whitelisted) ====================
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.au/
    SearchScopes: HKCU - DefaultScope {D7CBCAA0-D279-4927-9FB0-756AB5C87445} URL = https://www.google.com/search?q={searchTerms}
    SearchScopes: HKCU - {D7CBCAA0-D279-4927-9FB0-756AB5C87445} URL = https://www.google.com/search?q={searchTerms}
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - No Name - {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - No File
    Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
    Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    Toolbar: HKCU - No Name - {B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - No File
    Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    Toolbar: HKCU - No Name - {29B27261-6B27-4127-A673-482962FE82EB} - No File
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1384231888281
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
    DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
    Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
    Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Hosts: 127.0.0.1 localhost
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default
    FF user.js: detected! => C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default\user.js
    FF NewTab: user_pref("browser.newtab.url", "");
    FF DefaultSearchEngine: FindWide
    FF SelectedSearchEngine: Yahoo!
    FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?octid=CT3282495&ctid=CT3282495&SearchSource=2&CUI=UN29370041163711109&UM=2&q=
    FF NetworkProxy: "type", 4
    FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
    FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
    FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default\searchplugins\nchen-customized-web-search.xml
    FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default\searchplugins\privitize.xml
    FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default\searchplugins\yahoo_ff.xml
    FF Extension: MixiDJ Toolbar - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default\Extensions\ffxtlbr@mixidj.com [2013-05-05]
    FF Extension: PrivDog - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default\Extensions\PrivDog@AdTrustMedia.com [2014-01-25]
    FF Extension: NCH EN - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default\Extensions\{37483b40-c254-4a72-bda4-22ee90182c1e} [2013-07-22]
    FF Extension: Torntv 2 - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default\Extensions\torntv2@torntv.com.xpi [2013-06-25]
    FF Extension: Torntv - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default\Extensions\torntv@torntv.com.xpi [2012-11-17]
    FF Extension: Start Page - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi [2014-01-25]
    FF Extension: Qantas Frequent Flyer Toolbar - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qr4qejpf.default\Extensions\{a154b67f-376c-4644-a5d2-bad67c0e5f90}.xpi [2013-07-16]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-21]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2013-08-21]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-21]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
    Chrome:
    =======
    CHR HomePage: hxxp://au.yahoo.com?fr=fpc-comodo
    CHR RestoreOnStartup: "hxxp://au.yahoo.com?fr=fpc-comodo"
    CHR DefaultSearchKeyword: yahoo.com search
    CHR DefaultSearchProvider: Yahoo
    CHR DefaultSearchURL: http://au.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=402027&p={searchTerms}
    CHR DefaultNewTabURL:
    CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-25]
    CHR Extension: (PrivDog) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja [2013-12-09]
    CHR Extension: (Google Search) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-25]
    CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2013-11-25]
    CHR Extension: (Domain Error Assistant) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2013-11-25]
    CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-29]
    CHR Extension: (Slick Savings) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2013-11-28]
    CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-25]
    CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp [2013-11-25]
    CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-25]
    CHR HKLM\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files\AdTrustMedia\PrivDog\PrivDog_chrome.crx [2013-11-25]
    CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
    CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.2.crx [2013-11-06]
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
    CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
    CHR HKLM\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files\TornTV.com\torn2_10.crx [2013-04-26]
    CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
    ========================== Services (Whitelisted) =================
    S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.)
    S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
    S2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
    S2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
    S2 MaxBackServiceInt; "C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe" [x]
    ==================== Drivers (Whitelisted) ====================
    S2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2013-03-27] (Cisco Systems, Inc.)
    S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2013-12-03] (Creative)
    S3 APL531; C:\WINDOWS\System32\Drivers\OVTX16.sys [154112 2010-10-28] (Omnivision Technologies, Inc.)
    R3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2011-07-28] (Atheros Communications, Inc.)
    S1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [24408 2012-03-07] (AVAST Software)
    S3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
    S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
    R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15704 2013-09-24] (COMODO)
    S1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [587864 2013-11-14] (COMODO)
    R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [30552 2013-09-24] (COMODO)
    S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
    S2 EAPPkt; C:\WINDOWS\System32\DRIVERS\EAPPkt.sys [38144 2007-10-09] (Realtek)
    S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
    S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2005-10-21] (HP)
    S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
    R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [36608 2011-05-16] (Infineon Technologies AG)
    R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [96216 2013-09-24] (COMODO)
    S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2013-12-03] (Creative Technology Ltd.)
    S0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
    S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
    S3 RTL8187B; C:\WINDOWS\System32\DRIVERS\wg111v3.sys [341504 2009-07-31] (Realtek Semiconductor Corporation )
    S0 Soluto; C:\WINDOWS\System32\DRIVERS\Soluto.sys [51144 2012-09-06] (Soluto LTD.)
    S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13024 2012-10-02] ()
    S2 UacFlt; C:\WINDOWS\System32\DRIVERS\uacbflt.sys [21276 2002-06-14] (Micronas GmbH)
    S3 andnetadb; System32\Drivers\lgandnetadb.sys [x]
    S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [x]
    S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [x]
    S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [x]
    S3 androidusb; System32\Drivers\androidusb.sys [x]
    S3 cpuz134; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\HBCD\PCWizard\pcwiz_x32.sys [x]
    S3 massfilter_hs; system32\drivers\massfilter_hs.sys [x]
    S3 RTLWUSB; system32\DRIVERS\wg111v2.sys [x]
    U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
    S3 taphss; No ImagePath
    U3 TrueSight; \??\C:\WINDOWS\system32\TrueSight.sys [x]
    U1 WS2IFSL;
    S3 zghsdiag; system32\DRIVERS\zghsdiag.sys [x]
    ==================== NetSvcs (Whitelisted) ===================

    ==================== One Month Created Files and Folders ========
    2014-01-31 11:15 - 2014-01-31 11:16 - 00018549 _____ C:\Documents and Settings\Administrator\Desktop\FRST.txt
    2014-01-31 11:15 - 2014-01-31 11:15 - 00000000 ____D C:\FRST
    2014-01-31 11:14 - 2014-01-31 11:14 - 01137152 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
    2014-01-30 18:19 - 2014-01-30 18:19 - 00104656 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2014-01-30 16:57 - 2014-01-30 16:57 - 00027934 _____ C:\Documents and Settings\Administrator\My Documents\attach.txt
    2014-01-30 16:57 - 2014-01-30 16:57 - 00015969 _____ C:\Documents and Settings\Administrator\My Documents\dds.txt
    2014-01-30 16:40 - 2014-01-30 16:40 - 00688992 ____R (Swearware) C:\Documents and Settings\Administrator\Desktop\dds.com
    2014-01-29 15:17 - 2014-01-29 15:17 - 00410784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\thmhtvhy.sys
    2014-01-29 15:13 - 2014-01-29 15:13 - 00410784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\avsxyhfe.sys
    2014-01-28 20:52 - 2014-01-30 18:19 - 00000412 _____ C:\WINDOWS\wiadebug.log
    2014-01-28 20:52 - 2014-01-30 18:19 - 00000049 _____ C:\WINDOWS\wiaservc.log
    2014-01-28 20:52 - 2014-01-28 20:52 - 00000000 ____N C:\WINDOWS\Sti_Trace.log
    2014-01-28 20:51 - 2014-01-30 18:19 - 00010914 _____ C:\WINDOWS\SchedLgU.Txt
    2014-01-28 20:46 - 2014-01-31 11:09 - 00347583 _____ C:\WINDOWS\WindowsUpdate.log
    2014-01-27 15:14 - 2014-01-27 15:15 - 00000000 __HDC C:\WINDOWS\ie8
    2014-01-27 14:32 - 2014-01-27 14:32 - 00000000 ____D C:\Program Files\Microsoft ATS
    2014-01-27 13:21 - 2014-01-27 13:21 - 00000000 ____D C:\d8e371acf69840d372
    2014-01-25 20:36 - 2014-01-25 20:36 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
    2014-01-25 20:36 - 2014-01-25 20:36 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
    2014-01-25 20:36 - 2014-01-25 20:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2014-01-24 21:12 - 2014-01-24 21:12 - 00000000 ____D C:\1a443f8837eeb4b3b47499
    2014-01-24 19:06 - 2014-01-24 19:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
    2014-01-24 16:36 - 2014-01-24 16:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TP-LINK
    2014-01-24 16:35 - 2011-08-01 22:15 - 00008818 _____ C:\WINDOWS\system32\netathuw.cat
    2014-01-24 16:35 - 2011-07-28 19:06 - 01763584 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athuw.sys
    2014-01-24 16:35 - 2011-07-28 19:06 - 01763584 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\athuw.sys
    2014-01-19 20:34 - 2014-01-19 20:34 - 00006686 _____ C:\Documents and Settings\Administrator\My Documents\cc_20140119_203453.reg
    ==================== One Month Modified Files and Folders =======
    2014-01-31 11:16 - 2014-01-31 11:15 - 00018549 _____ C:\Documents and Settings\Administrator\Desktop\FRST.txt
    2014-01-31 11:15 - 2014-01-31 11:15 - 00000000 ____D C:\FRST
    2014-01-31 11:14 - 2014-01-31 11:14 - 01137152 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
    2014-01-31 11:12 - 2003-04-01 01:00 - 00012712 _____ C:\WINDOWS\system32\wpa.dbl
    2014-01-31 11:09 - 2014-01-28 20:46 - 00347583 _____ C:\WINDOWS\WindowsUpdate.log
    2014-01-31 11:09 - 2011-05-16 14:40 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
    2014-01-30 20:29 - 2011-09-18 21:43 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
    2014-01-30 19:16 - 2013-11-19 13:03 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
    2014-01-30 18:19 - 2014-01-30 18:19 - 00104656 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2014-01-30 18:19 - 2014-01-28 20:52 - 00000412 _____ C:\WINDOWS\wiadebug.log
    2014-01-30 18:19 - 2014-01-28 20:52 - 00000049 _____ C:\WINDOWS\wiaservc.log
    2014-01-30 18:19 - 2014-01-28 20:51 - 00010914 _____ C:\WINDOWS\SchedLgU.Txt
    2014-01-30 18:19 - 2011-05-16 14:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2014-01-30 18:18 - 2011-05-16 15:53 - 00000000 ____D C:\WINDOWS\Microsoft.NET
    2014-01-30 18:16 - 2011-05-17 00:31 - 00622766 ____C C:\WINDOWS\system32\PerfStringBackup.INI
    2014-01-30 18:08 - 2012-10-04 13:08 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2014-01-30 17:40 - 2013-05-05 23:36 - 00000290 _____ C:\WINDOWS\Tasks\Express FilesUpdate.job
    2014-01-30 17:40 - 2011-07-21 21:44 - 00000328 ___SH C:\WINDOWS\Tasks\MNYCCYR.job
    2014-01-30 16:57 - 2014-01-30 16:57 - 00027934 _____ C:\Documents and Settings\Administrator\My Documents\attach.txt
    2014-01-30 16:57 - 2014-01-30 16:57 - 00015969 _____ C:\Documents and Settings\Administrator\My Documents\dds.txt
    2014-01-30 16:40 - 2014-01-30 16:40 - 00688992 ____R (Swearware) C:\Documents and Settings\Administrator\Desktop\dds.com
    2014-01-30 16:36 - 2011-05-16 16:18 - 00001919 ____C C:\WINDOWS\epplauncher.mif
    2014-01-30 13:40 - 2011-05-17 00:24 - 00000000 ____D C:\WINDOWS\pchealth
    2014-01-29 15:58 - 2011-05-22 20:26 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\vlc
    2014-01-29 15:52 - 2011-05-16 14:40 - 00000000 ____D C:\Documents and Settings\Administrator
    2014-01-29 15:17 - 2014-01-29 15:17 - 00410784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\thmhtvhy.sys
    2014-01-29 15:13 - 2014-01-29 15:13 - 00410784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\avsxyhfe.sys
    2014-01-28 23:04 - 2011-05-17 00:27 - 00000211 ___SH C:\boot.ini
    2014-01-28 23:04 - 2003-04-01 01:00 - 00000685 _____ C:\WINDOWS\win.ini
    2014-01-28 23:04 - 2003-04-01 01:00 - 00000256 _____ C:\WINDOWS\system.ini
    2014-01-28 23:01 - 2011-12-15 11:54 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\Unused Desktop Shortcuts
    2014-01-28 22:54 - 2011-05-16 14:34 - 00000000 ____D C:\WINDOWS\system32\Restore
    2014-01-28 20:52 - 2014-01-28 20:52 - 00000000 ____N C:\WINDOWS\Sti_Trace.log
    2014-01-27 20:40 - 2013-12-12 17:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
    2014-01-27 20:38 - 2013-12-11 18:16 - 00000000 ____D C:\Recuva
    2014-01-27 16:03 - 2011-05-18 21:24 - 00000000 ____D C:\WINDOWS\ie8updates
    2014-01-27 15:19 - 2011-05-17 00:24 - 00000000 ____D C:\WINDOWS\Help
    2014-01-27 15:15 - 2014-01-27 15:14 - 00000000 __HDC C:\WINDOWS\ie8
    2014-01-27 15:15 - 2011-05-17 00:24 - 00000000 ____D C:\WINDOWS\Media
    2014-01-27 14:32 - 2014-01-27 14:32 - 00000000 ____D C:\Program Files\Microsoft ATS
    2014-01-27 13:21 - 2014-01-27 13:21 - 00000000 ____D C:\d8e371acf69840d372
    2014-01-27 12:56 - 2011-05-16 14:34 - 00000000 ____D C:\Program Files\Online Services
    2014-01-26 20:20 - 2013-04-10 21:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2813170$
    2014-01-26 14:24 - 2011-05-16 15:30 - 00000000 ____D C:\WINDOWS\system32\Lang
    2014-01-26 14:13 - 2013-12-09 19:34 - 00000000 ___SD C:\Documents and Settings\All Users\Application Data\Shared Space
    2014-01-26 14:13 - 2013-02-05 15:06 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\Ebay Selling
    2014-01-25 20:51 - 2011-05-22 12:20 - 00000000 ____D C:\WINDOWS\Minidump
    2014-01-25 20:47 - 2012-01-07 21:25 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Mozilla
    2014-01-25 20:36 - 2014-01-25 20:36 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
    2014-01-25 20:36 - 2014-01-25 20:36 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
    2014-01-25 20:36 - 2014-01-25 20:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2014-01-25 20:36 - 2013-08-21 14:35 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2014-01-25 10:40 - 2012-09-12 14:46 - 00000456 ____H C:\WINDOWS\Tasks\Norton Security Scan for Administrator.job
    2014-01-24 22:32 - 2013-04-03 08:53 - 00000000 ____D C:\Program Files\LG Electronics
    2014-01-24 22:28 - 2011-05-16 14:40 - 00000803 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
    2014-01-24 21:37 - 2011-05-22 09:22 - 00000000 __SHD C:\WINDOWS\CSC
    2014-01-24 21:12 - 2014-01-24 21:12 - 00000000 ____D C:\1a443f8837eeb4b3b47499
    2014-01-24 20:20 - 2011-05-20 15:33 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Skype
    2014-01-24 19:42 - 2013-12-09 19:42 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
    2014-01-24 19:16 - 2013-07-11 12:40 - 00000000 ____D C:\WINDOWS\system32\MRT
    2014-01-24 19:10 - 2011-05-20 15:34 - 83425928 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2014-01-24 19:06 - 2014-01-24 19:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
    2014-01-24 17:10 - 2012-01-31 14:21 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
    2014-01-24 17:09 - 2011-05-16 15:52 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2014-01-24 16:55 - 2013-11-14 10:51 - 00000000 ____D C:\Program Files\Common Files\Spigot
    2014-01-24 16:53 - 2013-03-28 12:46 - 00524288 _____ C:\WINDOWS\system32\config\ACS.evt
    2014-01-24 16:36 - 2014-01-24 16:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TP-LINK
    2014-01-24 16:35 - 2011-05-16 15:31 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
    2014-01-24 15:54 - 2012-06-12 13:14 - 00000000 ____D C:\Program Files\VS Revo Group
    2014-01-24 15:53 - 2013-12-09 17:41 - 00000000 ____D C:\Program Files\MediaMonkey
    2014-01-24 15:46 - 2011-10-18 12:29 - 00000000 ____D C:\Program Files\IObit
    2014-01-24 14:44 - 2013-03-28 11:54 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TP-LINK
    2014-01-19 20:34 - 2014-01-19 20:34 - 00006686 _____ C:\Documents and Settings\Administrator\My Documents\cc_20140119_203453.reg
    2014-01-19 18:32 - 2011-05-18 15:47 - 00231584 ____C (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2014-01-19 13:37 - 2012-01-31 14:21 - 00000785 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
    2014-01-19 13:37 - 2011-05-16 14:40 - 00000738 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
    2014-01-16 17:25 - 2013-12-15 17:31 - 00000000 ____D C:\5949b32e9d93995e4642
    2014-01-16 17:25 - 2012-08-27 10:15 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google
    2014-01-16 17:21 - 2011-05-18 18:30 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
    2014-01-16 17:19 - 2011-05-19 14:07 - 00000000 ____D C:\Program Files\Google
    2014-01-12 13:37 - 2013-12-09 17:41 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\MediaMonkey
    Some content of TEMP:
    ====================
    C:\Documents and Settings\Administrator\Local Settings\Temp\ntdll_dump.dll

    ==================== Bamital & volsnap Check =================
    C:\WINDOWS\explorer.exe => MD5 is legit
    C:\WINDOWS\system32\winlogon.exe => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit
    C:\WINDOWS\system32\User32.dll => MD5 is legit
    C:\WINDOWS\system32\userinit.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
    ==================== End Of Log ============================
  7. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-01-2014 01
    Ran by Administrator at 2014-01-31 11:16:52
    Running from C:\Documents and Settings\Administrator\Desktop
    Boot Mode: Safe Mode (with Networking)
    ==========================================================

    ==================== Security Center ========================
    AV: PC Cleaner Pro (Disabled - Up to date) {737A8864-C2D9-4337-B49A-B5E35815B9BB}
    AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    FW: COMODO Firewall (Disabled) {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
    ==================== Installed Programs ======================
    (Version: 6.5 - Ulead Systems)
    A4Tech iKeyWorks 7.72 (Version: - )
    Adobe Flash Player 11 ActiveX (Version: 11.9.900.152 - Adobe Systems Incorporated)
    Adobe Flash Player 11 Plugin (Version: 11.9.900.117 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.9) (Version: 10.1.9 - Adobe Systems Incorporated)
    AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
    AMD Catalyst Install Manager (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
    Apple Application Support (Version: 2.3.4 - Apple Inc.)
    Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
    Belarc Advisor 8.1 (Version: - )
    BlazePhoto 2.0 (Version: - )
    Brother MFL-Pro Suite MFC-J430W (Version: 1.0.19.0 - Brother Industries, Ltd.)
    CCleaner (Version: 4.08 - Piriform)
    CP_Package_Variety1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
    CP_Package_Variety2 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
    CP_Package_Variety3 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
    Destinations (Version: 53.0.13.000 - Hewlett-Packard) Hidden
    DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    DocProc (Version: 5.2.0.0 - Hewlett-Packard) Hidden
    DVD Decoder Pak for Windows XP (Version: 1.0.0 - roddy2000@hotbox.ru)
    eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    Express Burn Disc Burning Software (Version: - NCH Software)
    Express Rip (Version: 1.92 - NCH Software)
    Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
    Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
    HP Product Assistant (Version: 100.000.001.000 - Hewlett-Packard) Hidden
    HPProductAssistant (Version: 53.0.13.000 - Hewlett-Packard) Hidden
    InstantShareAlert (Version: 1.00.0000 - HP) Hidden
    Intel(R) Graphics Media Accelerator Driver (Version: 6.14.10.5218 - Intel Corporation)
    Intel(R) Network Connections Drivers (Version: 18.3 - Intel)
    Intel® Management Engine Interface (Version: - Intel Corporation)
    Internet Explorer (Enable DEP) (Version: - )
    IrfanView (remove only) (Version: 4.35 - Irfan Skiljan)
    Java 7 Update 45 (Version: 7.0.450 - Oracle)
    Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    Java(TM) 6 Update 45 (Version: 6.0.450 - Oracle)
    JYKRecorder (Version: 1.0.0 - JiaYinKing)
    Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
    MarketResearch (Version: 53.0.13.000 - Hewlett-Packard) Hidden
    MCCI(r)Firmware Update Driver for MTK (Version: 1.00.0000 - MCCI)
    Microsoft .NET Framework 1.1 (Version: - )
    Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
    Microsoft .NET Framework 1.1 Security Update (KB2698023) (Version: - )
    Microsoft .NET Framework 1.1 Security Update (KB2833941) (Version: - )
    Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
    Microsoft Automated Troubleshooting Services Shim (Version: - )
    Microsoft Corporation (Version: 9.0.30729.1 - Microsoft Corporation) Hidden
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version: - Microsoft Corporation) Hidden
    Microsoft LifeCam (Version: 3.22.270.0 - Microsoft Corporation)
    Microsoft PowerPoint Viewer (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
    Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
    Microsoft User-Mode Driver Framework Feature Pack 1.9 (Version: - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
    Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0 - Mozilla)
    Mozilla Maintenance Service (Version: 22.0 - Mozilla)
    MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
    MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
    MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (Version: 4.30.2100.0 - Microsoft Corporation)
    Nero 11 Mini Repack (Version: - )
    Nero Backup Drivers (Version: 1.0.10000.1.0 - Nero AG)
    neroxml (Version: 1.0.0 - Nero AG) Hidden
    Nuance PaperPort 12 (Version: 12.1.0000 - Nuance Communications, Inc.)
    Nuance PDF Viewer Plus (Version: 5.30.3290 - Nuance Communications, Inc)
    OpenOffice 4.0.0 (Version: 4.00.9702 - Apache Software Foundation)
    OVT Scanner 16Bit (HKCU Version: 1.1 - Author)
    OVT Scanner 16Bit (Version: 1.1 - Author) Hidden
    PanoStandAlone (Version: 53.0.13.000 - Hewlett-Packard) Hidden
    PaperPort Image Printer (Version: 1.00.0001 - Nuance Communications, Inc.)
    Photo Express LE
    Picasa 3 (Version: 3.9 - Google, Inc.)
    Picasa Uploader (Version: 0.5 - UNKNOWN)
    Picasa Uploader (Version: 0.5 - UNKNOWN) Hidden
    QuickTime (Version: 7.74.80.86 - Apple Inc.)
    Realtek High Definition Audio Driver (Version: 5.10.0.7083 - Realtek Semiconductor Corp.)
    Scan (Version: 7.0.0.0 - Hewlett-Packard) Hidden
    ScannerCopy (Version: 5.2.0.0 - Hewlett-Packard) Hidden
    Scansoft PDF Professional (Version: - ) Hidden
    Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
    Skype Click to Call (Version: 6.13.13771 - Skype Technologies S.A.)
    Skype™ 6.10 (Version: 6.10.104 - Skype Technologies S.A.)
    SolutionCenter (Version: 50.0.152.000 - Hewlett-Packard) Hidden
    Status (Version: 53.0.13.000 - Hewlett-Packard) Hidden
    System Requirements Lab for Intel (Version: 4.5.15.0 - Husdawg, LLC)
    TL-WN822N/TL-WN821N Driver (Version: 1.0.0 - TP-LINK)
    TrayApp (Version: 53.0.13.000 - Hewlett-Packard) Hidden
    Uninstall OVT Scanner 16-bit (Version: - )
    Unload (Version: 5.0.0 - Hewlett-Packard) Hidden
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2467659) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2492386) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2641690) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2661254-v2) (Version: 2 - Microsoft Corporation)
    Update for Windows XP (KB2718704) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2736233) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2749655) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2863058) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2904266) (Version: 1 - Microsoft Corporation)
    VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
    VLC media player 2.0.6 (Version: 2.0.6 - VideoLAN)
    WavePad Sound Editor (Version: 5.48 - NCH Software)
    WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
    WebReg (Version: 70.0.170.000 - Hewlett-Packard) Hidden
    Windows Driver Package - OmniVision (APL531) Image (01/01/2010 2.0.0.1) (Version: 01/01/2010 2.0.0.1 - OmniVision)
    Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)
    Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
    Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    Windows Live Essentials (Version: 14.0.8117.0416 - Microsoft Corporation)
    Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
    Windows Management Framework Core (Version: - Microsoft Corporation)
    Windows Media Format 11 runtime (Version: - )
    Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
    Windows Media Player 11 (Version: - )
    Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
    ==================== Restore Points =========================
    28-01-2014 11:54:55 System Checkpoint
    29-01-2014 05:04:12 Software Distribution Service 3.0
    30-01-2014 06:43:48 Software Distribution Service 3.0
    ==================== Hosts content: ==========================
    2003-04-01 01:00 - 2014-01-29 15:35 - 00000741 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    ==================== Scheduled Tasks (whitelisted) =============
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
    Task: C:\WINDOWS\Tasks\Express FilesUpdate.job => C:\Program Files\ExpressFiles\EFUpdater.exe
    Task: C:\WINDOWS\Tasks\expressburnShakeIcon.job => C:\Program Files\NCH Software\ExpressBurn\expressburn.exe
    Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
    Task: C:\WINDOWS\Tasks\MNYCCYR.job => ?
    Task: C:\WINDOWS\Tasks\Norton Security Scan for Administrator.job => C:\PROGRA~1\NORTON~3\Engine\373~1.16\Nss.exe
    ==================== Loaded Modules (whitelisted) =============

    ==================== Alternate Data Streams (whitelisted) =========
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:22446EB0
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:373E1720
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
    ==================== Safe Mode (whitelisted) ===================
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
    ==================== Faulty Device Manager Devices =============
    Name: PCI Serial Port
    Description: PCI Serial Port
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
    Name: Intel(R) 82566DM-2 Gigabit Network Connection
    Description: Intel(R) 82566DM-2 Gigabit Network Connection
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service: e1express
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    ==================== Event log errors: =========================
    Application errors:
    ==================
    Error: (01/30/2014 04:36:17 PM) (Source: Microsoft Security Client Setup) (User: )
    Description: HRESULT:0x8004FF11
    Description:. 0x8004FF11.
    Error: (01/28/2014 11:03:36 PM) (Source: crypt32) (User: )
    Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
    Error: (01/28/2014 09:03:37 PM) (Source: crypt32) (User: )
    Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
    Error: (01/27/2014 03:30:30 PM) (Source: crypt32) (User: )
    Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
    Error: (01/27/2014 03:23:27 PM) (Source: crypt32) (User: )
    Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
    Error: (01/27/2014 03:05:32 PM) (Source: Userenv) (User: NT AUTHORITY)
    Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
    Error: (01/27/2014 03:05:32 PM) (Source: Userenv) (User: NT AUTHORITY)
    Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
    Error: (01/27/2014 03:05:31 PM) (Source: Userenv) (User: NT AUTHORITY)
    Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
    Error: (01/27/2014 03:05:31 PM) (Source: Userenv) (User: NT AUTHORITY)
    Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
    Error: (01/27/2014 00:34:56 PM) (Source: crypt32) (User: )
    Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

    System errors:
    =============
    Error: (01/26/2014 08:25:13 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    iaStor
    Soluto
    Error: (01/26/2014 08:25:13 PM) (Source: Service Control Manager) (User: )
    Description: The MSCamSvc service hung on starting.
    Error: (01/26/2014 08:23:13 PM) (Source: Service Control Manager) (User: )
    Description: The AVG WatchDog service terminated with service-specific error 3758161981 (0xE001003D).
    Error: (01/26/2014 08:23:13 PM) (Source: Service Control Manager) (User: )
    Description: The AVGIDSAgent service depends on the following nonexistent service: AVGIDSDriver
    Error: (01/26/2014 08:19:12 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}
    Error: (01/26/2014 05:17:52 PM) (Source: DCOM) (User: VERITON-65D9F13)
    Description: DCOM got error "%%1084" attempting to start the service wuauserv with arguments ""
    in order to run the server:
    {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    Error: (01/26/2014 05:15:18 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    AFD
    cmdGuard
    cmdHlp
    Fips
    intelppm
    IPSec
    MpFilter
    MRxSmb
    NetBIOS
    NetBT
    RasAcd
    Rdbss
    Soluto
    Tcpip
    Error: (01/26/2014 05:15:18 PM) (Source: Service Control Manager) (User: )
    Description: The AVGIDSAgent service depends on the following nonexistent service: AVGIDSDriver
    Error: (01/26/2014 05:15:18 PM) (Source: Service Control Manager) (User: )
    Description: The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
    %%31
    Error: (01/26/2014 05:15:18 PM) (Source: Service Control Manager) (User: )
    Description: The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
    %%31

    Microsoft Office Sessions:
    =========================
    Error: (01/30/2014 04:36:17 PM) (Source: Microsoft Security Client Setup)(User: )
    Description: HRESULT:0x8004FF11
    Description:. 0x8004FF11.
    Error: (01/28/2014 11:03:36 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.
    Error: (01/28/2014 09:03:37 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.
    Error: (01/27/2014 03:30:30 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.
    Error: (01/27/2014 03:23:27 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.
    Error: (01/27/2014 03:05:32 PM) (Source: Userenv)(User: NT AUTHORITY)
    Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
    Error: (01/27/2014 03:05:32 PM) (Source: Userenv)(User: NT AUTHORITY)
    Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
    Error: (01/27/2014 03:05:31 PM) (Source: Userenv)(User: NT AUTHORITY)
    Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
    Error: (01/27/2014 03:05:31 PM) (Source: Userenv)(User: NT AUTHORITY)
    Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
    Error: (01/27/2014 00:34:56 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

    ==================== Memory info ===========================
    Percentage of memory in use: 12%
    Total physical RAM: 3058.04 MB
    Available physical RAM: 2663.97 MB
    Total Pagefile: 6996.62 MB
    Available Pagefile: 6812.67 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1910.63 MB
    ==================== Drives ================================
    Drive c: () (Fixed) (Total:465.75 GB) (Free:65.68 GB) NTFS ==>[Drive with boot components (Windows XP)]
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: E90BE90B)
    Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
    ==================== End Of Log ============================
  8. Broni

    Broni Malware Annihilator Posts: 46,169   +251

    I don't see anything serious there so far.

    Download following program from Safe Mode with Networking but run it from normal mode.

    Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center/Action Center
      • Windows Update
      • Windows Defender
      • Other Services
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.
  9. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    Farbar Service Scanner Version: 08-01-2014
    Ran by Administrator (administrator) on 31-01-2014 at 15:14:30
    Running from "C:\Documents and Settings\Administrator\Desktop"
    Microsoft Windows XP Professional Service Pack 3 (X86)
    Boot Mode: Normal
    ****************************************************************
    Internet Services:
    ============
    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Attempt to access Google IP returned error. Google IP is offline
    Attempt to access Google.com returned error: Google.com is offline
    Attempt to access Yahoo.com returned error: Yahoo.com is offline

    Windows Firewall:
    =============
    Firewall Disabled Policy:
    ==================

    System Restore:
    ============
    System Restore Disabled Policy:
    ========================

    Security Center:
    ============

    Windows Update:
    ============
    BITS Service is not running. Checking service configuration:
    The start type of BITS service is set to Demand. The default start type is Auto.
    The ImagePath of BITS service is OK.
    The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".
    cryptsvc Service is not running. Checking service configuration:
    The start type of cryptsvc service is set to Demand. The default start type is Auto.
    The ImagePath of cryptsvc service is OK.
    The ServiceDll of cryptsvc: "%SystemRoot%\System32\cryptsvc.dll".

    Windows Autoupdate Disabled Policy:
    ============================

    Other Services:
    ==============

    File Check:
    ========
    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
    C:\WINDOWS\system32\netman.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\srsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
    C:\WINDOWS\system32\qmgr.dll => MD5 is legit
    C:\WINDOWS\system32\es.dll => MD5 is legit
    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit
    Extra List:
    =======
    AegisP(15) cmdHlp(19) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
    0x1A0000000500000001000000020000000300000004000000130000000B00000008000000090000000A00000006000000070000000C0000000D0000000E0000000F0000001000000011000000120000001400000015000000160000001700000018000000190000001A000000
    IpSec Tag value is correct.
    **** End of log ****
  10. Broni

    Broni Malware Annihilator Posts: 46,169   +251

    Go Start>Run, type:
    services.msc
    Click OK.

    Services window will open.
    Find two services:
    - Background Intelligent Transfer Service
    - Cryptographic Services

    Right click on each service, click "Properties" and under "Startup type" select "Automatic" from drop-down menu.
    OK your way out.

    Restart computer in normal mode.
    Post fresh FSS log.
  11. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    Farbar Service Scanner Version: 08-01-2014
    Ran by Administrator (administrator) on 31-01-2014 at 16:30:02
    Running from "C:\Documents and Settings\Administrator\Desktop"
    Microsoft Windows XP Professional Service Pack 3 (X86)
    Boot Mode: Normal
    ****************************************************************
    Internet Services:
    ============
    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Attempt to access Google IP returned error. Google IP is offline
    Attempt to access Google.com returned error: Google.com is offline
    Attempt to access Yahoo.com returned error: Yahoo.com is offline

    Windows Firewall:
    =============
    Firewall Disabled Policy:
    ==================

    System Restore:
    ============
    System Restore Disabled Policy:
    ========================

    Security Center:
    ============

    Windows Update:
    ============
    cryptsvc Service is not running. Checking service configuration:
    The start type of cryptsvc service is OK.
    The ImagePath of cryptsvc service is OK.
    The ServiceDll of cryptsvc: "%SystemRoot%\System32\cryptsvc.dll".

    Windows Autoupdate Disabled Policy:
    ============================

    Other Services:
    ==============

    File Check:
    ========
    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
    C:\WINDOWS\system32\netman.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\srsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
    C:\WINDOWS\system32\qmgr.dll => MD5 is legit
    C:\WINDOWS\system32\es.dll => MD5 is legit
    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit
    Extra List:
    =======
    AegisP(15) cmdHlp(19) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
    0x1A0000000500000001000000020000000300000004000000130000000B00000008000000090000000A00000006000000070000000C0000000D0000000E0000000F0000001000000011000000120000001400000015000000160000001700000018000000190000001A000000
    IpSec Tag value is correct.
    **** End of log ****
     
  12. Broni

    Broni Malware Annihilator Posts: 46,169   +251

  13. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    Hello Broni.
    I had trouble with the restore point, couldn't get the wizard to work , so I just clicked on create a restore point and it started from today, I hope that was right.

    Farbar Service Scanner Version: 08-01-2014
    Ran by Administrator (administrator) on 01-02-2014 at 11:15:29
    Running from "C:\Documents and Settings\Administrator\Desktop"
    Microsoft Windows XP Professional Service Pack 3 (X86)
    Boot Mode: Normal
    ****************************************************************
    Internet Services:
    ============
    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Attempt to access Google IP returned error. Google IP is offline
    Attempt to access Google.com returned error: Google.com is offline
    Attempt to access Yahoo.com returned error: Yahoo.com is offline

    Windows Firewall:
    =============
    Firewall Disabled Policy:
    ==================

    System Restore:
    ============
    System Restore Disabled Policy:
    ========================

    Security Center:
    ============

    Windows Update:
    ============
    Windows Autoupdate Disabled Policy:
    ============================

    Other Services:
    ==============

    File Check:
    ========
    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
    C:\WINDOWS\system32\netman.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\srsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
    C:\WINDOWS\system32\qmgr.dll => MD5 is legit
    C:\WINDOWS\system32\es.dll => MD5 is legit
    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit
    Extra List:
    =======
    AegisP(15) cmdHlp(19) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
    0x1A0000000500000001000000020000000300000004000000130000000B00000008000000090000000A00000006000000070000000C0000000D0000000E0000000F0000001000000011000000120000001400000015000000160000001700000018000000190000001A000000
    IpSec Tag value is correct.
    **** End of log ****
  14. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    Broni.
    My OS is Win,XP pro, and my internet is cable Wi-Fi, my computer is about 10 metres from the modem I also have a TP-Link range extender connect.

    There is something that I never gave much attention too, when I startup my comp. is very slow.
    During the startup I have text on the screen saying,
    E61-Media test failed, check cables.
    MOF- Exiting Intel boot group.
    Did a search on this and the way I read it I should not have this , would that be right ?.
    Does it make musm difference to what your doing for me.

    Eddie.
  15. Broni

    Broni Malware Annihilator Posts: 46,169   +251

    This is exactly what you were supposed to do.

    FSS log looks good now.

    Go to BIOS (let me know if you don't know how). Make sure, that the boot order reads: floppy, CD, HD
    Disable Boot from Network (wording is different on every machine, may say Integrated NIC, Network, PXE-xxxxxxx)

    Next run this from normal mode...

    Please download MiniToolBox, save it to your desktop and run it.

    Checkmark following boxes:
    • Report IE Proxy Settings
    • Report FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Devices (do NOT change any settings)
    Click Go and post the result.
  16. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    I'm not sure about the BOIS.

    I clicked on DEL. on startup, what I found was.
    1st. ST 3500413 AS I guess its the HD
    2nd. PO-HL-DT-ST. DVDRAM guessing dvd drive
    3rd. Removable Dev.
    I made number 1 as first boot?.


    I did'nt see where to disable booting from Network.
  17. Broni

    Broni Malware Annihilator Posts: 46,169   +251

    You went to the right place.

    (wording is different on every machine, may say Integrated NIC, Network, PXE-xxxxxxx)

    Didn't see anything like that?
  18. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    No , there is nothing except what I put as 1 2 3 , thats all nothing that I can see.
    That was why I was wondering if I had gone to the wrong place for the bios,,
     
  19. Broni

    Broni Malware Annihilator Posts: 46,169   +251

    Go ahead with MiniToolbox log for now.
  20. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    Hello Broni.
    MiniToolBox by Farbar Version: 23-01-2014
    Ran by Administrator (administrator) on 02-02-2014 at 11:21:22
    Running from "C:\Documents and Settings\Administrator\Desktop"
    Microsoft Windows XP Professional Service Pack 3 (X86)
    Boot Mode: Normal
    ***************************************************************************
    ========================= Flush DNS: ===================================

    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================
    Proxy is not enabled.
    No Proxy Server is set.
    "Reset IE Proxy Settings": IE Proxy Settings were reset.
    ========================= FF Proxy Settings: ==============================
    "network.proxy.type", 4
    "Reset FF Proxy Settings": Firefox Proxy settings were reset.
    ========================= Hosts content: =================================
    127.0.0.1 localhost
    ========================= IP Configuration: ================================
    TP-LINK Wireless USB Adapter = Wireless Network Connection 6 (Connected)
    Intel(R) 82566DM-2 Gigabit Network Connection = Local Area Connection (Media disconnected)

    # ----------------------------------
    # Interface IP Configuration
    # ----------------------------------
    pushd interface ip

    # Interface IP Configuration for "Local Area Connection"
    set address name="Local Area Connection" source=dhcp
    set dns name="Local Area Connection" source=dhcp register=PRIMARY
    set wins name="Local Area Connection" source=dhcp
    # Interface IP Configuration for "Wireless Network Connection 6"
    set address name="Wireless Network Connection 6" source=dhcp
    set dns name="Wireless Network Connection 6" source=dhcp register=PRIMARY
    set wins name="Wireless Network Connection 6" source=dhcp

    popd
    # End of interface IP configuration

    Windows IP Configuration
    Host Name . . . . . . . . . . . . : veriton-65d9f13
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Unknown
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    Ethernet adapter Local Area Connection:
    Media State . . . . . . . . . . . : Media disconnected
    Description . . . . . . . . . . . : Intel(R) 82566DM-2 Gigabit Network Connection
    Physical Address. . . . . . . . . : 00-25-11-15-0E-7E
    Ethernet adapter Wireless Network Connection 6:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : TP-LINK Wireless USB Adapter
    Physical Address. . . . . . . . . : A0-F3-C1-26-6F-9C
    Dhcp Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    IP Address. . . . . . . . . . . . : 192.168.0.4
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.0.1
    DHCP Server . . . . . . . . . . . : 192.168.0.1
    DNS Servers . . . . . . . . . . . : 192.168.0.1
    Lease Obtained. . . . . . . . . . : Sunday, 2 February 2014 11:19:08
    Lease Expires . . . . . . . . . . : Monday, 3 February 2014 11:19:08
    DNS request timed out.
    timeout was 2 seconds.
    Server: UnKnown
    Address: 192.168.0.1
    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.

    Pinging google.com [74.125.237.195] with 32 bytes of data:
    Request timed out.
    Request timed out.
    Ping statistics for 74.125.237.195:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
    DNS request timed out.
    timeout was 2 seconds.
    Server: UnKnown
    Address: 192.168.0.1
    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.

    Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
    Request timed out.
    Request timed out.
    Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    0x1 ........................... MS TCP Loopback interface
    0x10003 ...00 25 11 15 0e 7e ...... Intel(R) 82566DM-2 Gigabit Network Connection
    0x10004 ...a0 f3 c1 26 6f 9c ...... TP-LINK Wireless USB Adapter
    ===========================================================================
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.4 20
    127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
    192.168.0.0 255.255.255.0 192.168.0.4 192.168.0.4 20
    192.168.0.4 255.255.255.255 127.0.0.1 127.0.0.1 20
    192.168.0.255 255.255.255.255 192.168.0.4 192.168.0.4 20
    224.0.0.0 240.0.0.0 192.168.0.4 192.168.0.4 20
    255.255.255.255 255.255.255.255 192.168.0.4 10003 1
    255.255.255.255 255.255.255.255 192.168.0.4 192.168.0.4 1
    Default Gateway: 192.168.0.1
    ===========================================================================
    Persistent Routes:
    None
    ========================= Winsock entries =====================================
    Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
    Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog5 04 C:\WINDOWS\system32\nwprovau.dll [142336] (Microsoft Corporation)
    Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
    Catalog9 14 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
    Catalog9 15 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
    ========================= Event log errors: ===============================
    Application errors:
    ==================
    Error: (01/30/2014 04:36:17 PM) (Source: Microsoft Security Client Setup) (User: )
    Description: HRESULT:0x8004FF11
    Description:. 0x8004FF11.
    Error: (01/28/2014 11:03:36 PM) (Source: crypt32) (User: )
    Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
    Error: (01/28/2014 09:03:37 PM) (Source: crypt32) (User: )
    Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
    Error: (01/27/2014 03:30:30 PM) (Source: crypt32) (User: )
    Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
    Error: (01/27/2014 03:23:27 PM) (Source: crypt32) (User: )
    Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
    Error: (01/27/2014 03:05:32 PM) (Source: Userenv) (User: NT AUTHORITY)
    Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
    Error: (01/27/2014 03:05:32 PM) (Source: Userenv) (User: NT AUTHORITY)
    Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
    Error: (01/27/2014 03:05:31 PM) (Source: Userenv) (User: NT AUTHORITY)
    Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
    Error: (01/27/2014 03:05:31 PM) (Source: Userenv) (User: NT AUTHORITY)
    Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
    Error: (01/27/2014 00:34:56 PM) (Source: crypt32) (User: )
    Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

    System errors:
    =============
    Error: (02/02/2014 11:20:35 AM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    Soluto
    Error: (02/02/2014 11:20:35 AM) (Source: Service Control Manager) (User: )
    Description: The MSCamSvc service hung on starting.
    Error: (02/02/2014 11:13:39 AM) (Source: DCOM) (User: NT AUTHORITY)
    Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}
    Error: (02/02/2014 10:56:11 AM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    cmdGuard
    Fips
    intelppm
    MpFilter
    Soluto
    Error: (02/02/2014 10:55:00 AM) (Source: DCOM) (User: NT AUTHORITY)
    Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}
    Error: (02/01/2014 08:01:36 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}
    Error: (02/01/2014 05:17:09 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    cmdGuard
    Fips
    intelppm
    MpFilter
    Soluto
    Error: (02/01/2014 05:15:56 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}
    Error: (02/01/2014 05:03:28 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}
    Error: (02/01/2014 05:02:30 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Microsoft Office Sessions:
    =========================
    Error: (01/30/2014 04:36:17 PM) (Source: Microsoft Security Client Setup)(User: )
    Description: HRESULT:0x8004FF11
    Description:. 0x8004FF11.
    Error: (01/28/2014 11:03:36 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.
    Error: (01/28/2014 09:03:37 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.
    Error: (01/27/2014 03:30:30 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.
    Error: (01/27/2014 03:23:27 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.
    Error: (01/27/2014 03:05:32 PM) (Source: Userenv)(User: NT AUTHORITY)
    Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
    Error: (01/27/2014 03:05:32 PM) (Source: Userenv)(User: NT AUTHORITY)
    Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
    Error: (01/27/2014 03:05:31 PM) (Source: Userenv)(User: NT AUTHORITY)
    Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
    Error: (01/27/2014 03:05:31 PM) (Source: Userenv)(User: NT AUTHORITY)
    Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
    Error: (01/27/2014 00:34:56 PM) (Source: crypt32)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

    =========================== Installed Programs ============================
    (Version: 6.5)
    A4Tech iKeyWorks 7.72
    Adobe Flash Player 11 ActiveX (Version: 11.9.900.152)
    Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
    Adobe Reader X (10.1.9) (Version: 10.1.9)
    AMD APP SDK Runtime (Version: 2.5.793.1)
    AMD Catalyst Install Manager (Version: 3.0.851.0)
    Apple Application Support (Version: 2.3.4)
    Apple Software Update (Version: 2.1.3.127)
    Belarc Advisor 8.1
    BlazePhoto 2.0
    Brother MFL-Pro Suite MFC-J430W (Version: 1.0.19.0)
    CCleaner (Version: 4.08)
    CP_Package_Variety1 (Version: 53.0.13.000)
    CP_Package_Variety2 (Version: 53.0.13.000)
    CP_Package_Variety3 (Version: 53.0.13.000)
    Destinations (Version: 53.0.13.000)
    DeviceManagementQFolder (Version: 1.00.0000)
    DocProc (Version: 5.2.0.0)
    DVD Decoder Pak for Windows XP (Version: 1.0.0)
    eSupportQFolder (Version: 1.00.0000)
    Express Burn Disc Burning Software
    Express Rip (Version: 1.92)
    Google Update Helper (Version: 1.3.22.3)
    Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
    HP Product Assistant (Version: 100.000.001.000)
    HPProductAssistant (Version: 53.0.13.000)
    InstantShareAlert (Version: 1.00.0000)
    Intel(R) Graphics Media Accelerator Driver (Version: 6.14.10.5218)
    Intel(R) Network Connections Drivers (Version: 18.3)
    Intel® Management Engine Interface
    Internet Explorer (Enable DEP)
    IrfanView (remove only) (Version: 4.35)
    Java 7 Update 45 (Version: 7.0.450)
    Java Auto Updater (Version: 2.1.9.8)
    Java(TM) 6 Update 45 (Version: 6.0.450)
    JYKRecorder (Version: 1.0.0)
    Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
    MarketResearch (Version: 53.0.13.000)
    MCCI(r)Firmware Update Driver for MTK (Version: 1.00.0000)
    Microsoft .NET Framework 1.1 (Version: 1.1.4322)
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB2833941)
    Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
    Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
    Microsoft Application Error Reporting (Version: 12.0.6012.5000)
    Microsoft Automated Troubleshooting Services Shim
    Microsoft Corporation (Version: 9.0.30729.1)
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft LifeCam (Version: 3.22.270.0)
    Microsoft PowerPoint Viewer (Version: 14.0.7015.1000)
    Microsoft Security Client (Version: 4.4.0304.0)
    Microsoft Security Essentials (Version: 4.4.304.0)
    Microsoft User-Mode Driver Framework Feature Pack 1.9
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
    Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
    Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
    Mozilla Maintenance Service (Version: 22.0)
    MSVC80_x86_v2 (Version: 1.0.3.0)
    MSVC90_x86 (Version: 1.0.1.2)
    MSVCRT (Version: 14.0.1468.721)
    MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
    MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
    MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
    MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
    MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
    MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
    Nero 11 Mini Repack
    Nero Backup Drivers (Version: 1.0.10000.1.0)
    neroxml (Version: 1.0.0)
    Nuance PaperPort 12 (Version: 12.1.0000)
    Nuance PDF Viewer Plus (Version: 5.30.3290)
    OpenOffice 4.0.0 (Version: 4.00.9702)
    OVT Scanner 16Bit (Version: 1.1)
    PanoStandAlone (Version: 53.0.13.000)
    PaperPort Image Printer (Version: 1.00.0001)
    Photo Express LE
    Picasa 3 (Version: 3.9)
    Picasa Uploader (Version: 0.5)
    QuickTime (Version: 7.74.80.86)
    Realtek High Definition Audio Driver (Version: 5.10.0.7083)
    Scan (Version: 7.0.0.0)
    ScannerCopy (Version: 5.2.0.0)
    Scansoft PDF Professional
    Segoe UI (Version: 14.0.4327.805)
    Skype Click to Call (Version: 6.13.13771)
    Skype™ 6.10 (Version: 6.10.104)
    SolutionCenter (Version: 50.0.152.000)
    Status (Version: 53.0.13.000)
    System Requirements Lab for Intel (Version: 4.5.15.0)
    TL-WN822N/TL-WN821N Driver (Version: 1.0.0)
    TrayApp (Version: 53.0.13.000)
    Uninstall OVT Scanner 16-bit
    Unload (Version: 5.0.0)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
    Update for Windows XP (KB2467659) (Version: 1)
    Update for Windows XP (KB2492386) (Version: 1)
    Update for Windows XP (KB2641690) (Version: 1)
    Update for Windows XP (KB2661254-v2) (Version: 2)
    Update for Windows XP (KB2718704) (Version: 1)
    Update for Windows XP (KB2736233) (Version: 1)
    Update for Windows XP (KB2749655) (Version: 1)
    Update for Windows XP (KB2863058) (Version: 1)
    Update for Windows XP (KB2904266) (Version: 1)
    VCRedistSetup (Version: 1.0.0)
    VLC media player 2.0.6 (Version: 2.0.6)
    WavePad Sound Editor (Version: 5.48)
    WebFldrs XP (Version: 9.50.7523)
    WebReg (Version: 70.0.170.000)
    Windows Driver Package - OmniVision (APL531) Image (01/01/2010 2.0.0.1) (Version: 01/01/2010 2.0.0.1)
    Windows Internet Explorer 8 (Version: 20090308.140743)
    Windows Live Call (Version: 14.0.8117.0416)
    Windows Live Communications Platform (Version: 14.0.8117.416)
    Windows Live Essentials (Version: 14.0.8117.0416)
    Windows Live Essentials (Version: 14.0.8117.416)
    Windows Live Messenger (Version: 14.0.8117.0416)
    Windows Management Framework Core
    Windows Media Format 11 runtime
    Windows Media Player 11
    ========================= Devices: ================================
    Name: ACPI Multiprocessor PC
    Description: ACPI Multiprocessor PC
    Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard computers)
    Service: \Driver\ACPI_HAL
    Name: Microsoft ACPI-Compliant System
    Description: Microsoft ACPI-Compliant System
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: ACPI
    Name: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
    Description: Intel Processor
    Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
    Manufacturer: Intel
    Service: intelppm
    Name: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
    Description: Intel Processor
    Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
    Manufacturer: Intel
    Service: intelppm
    Name: PCI bus
    Description: PCI bus
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: pci
    Name: Intel(R) Q35 Express Chipset Processor to I/O Controller - 29B0
    Description: Intel(R) Q35 Express Chipset Processor to I/O Controller - 29B0
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service:
    Name: Intel(R) Q35 Express Chipset Family
    Description: Intel(R) Q35 Express Chipset Family
    Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel Corporation
    Service: ialm
    Name: Plug and Play Monitor
    Description: Plug and Play Monitor
    Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard monitor types)
    Service:
    Name: Plug and Play Monitor
    Description: Plug and Play Monitor
    Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard monitor types)
    Service:
    Name: Intel(R) Management Engine Interface
    Description: Intel(R) Management Engine Interface
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service: HECI
    Name: Standard Dual Channel PCI IDE Controller
    Description: Standard Dual Channel PCI IDE Controller
    Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard IDE ATA/ATAPI controllers)
    Service: pciide
    Name: Primary IDE Channel
    Description: Primary IDE Channel
    Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard IDE ATA/ATAPI controllers)
    Service: atapi
    Name: Secondary IDE Channel
    Description: Secondary IDE Channel
    Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard IDE ATA/ATAPI controllers)
    Service: atapi
    Name: PCI Serial Port
    Description: PCI Serial Port
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
    Name: Intel(R) 82566DM-2 Gigabit Network Connection
    Description: Intel(R) 82566DM-2 Gigabit Network Connection
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service: e1express
    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2937
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2937
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci
    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub
    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2938
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2938
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci
    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub
    Name: Unknown Device
    Description: Unknown Device
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service:
    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2939
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2939
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci
    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub
    Name: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293C
    Description: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293C
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: Intel
    Service: usbehci
    Name: USB 2.0 Root Hub
    Description: USB 2.0 Root Hub
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: NEC
    Service: usbhub
    Name: USB Composite Device
    Description: USB Composite Device
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbccgp
    Name: Microsoft LifeCam Cinema
    Description: Microsoft LifeCam Cinema
    Class Guid: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
    Manufacturer: Microsoft
    Service: usbvideo
    Name: Cinema - Microsoft LifeCam.
    Description: Microsoft LifeCam Cinema.
    Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: usbaudio
    Name: Microsoft UAA Bus Driver for High Definition Audio
    Description: Microsoft UAA Bus Driver for High Definition Audio
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: HDAudBus
    Name: Realtek High Definition Audio
    Description: Realtek High Definition Audio
    Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Realtek
    Service: IntcAzAudAddService
    Name: Intel(R) ICH9 Family PCI Express Root Port 1 - 2940
    Description: Intel(R) ICH9 Family PCI Express Root Port 1 - 2940
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service: pci
    Name: Intel(R) ICH9 Family PCI Express Root Port 2 - 2942
    Description: Intel(R) ICH9 Family PCI Express Root Port 2 - 2942
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service: pci
    Name: Intel(R) ICH9 Family PCI Express Root Port 3 - 2944
    Description: Intel(R) ICH9 Family PCI Express Root Port 3 - 2944
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service: pci
    Name: Intel(R) ICH9 Family PCI Express Root Port 4 - 2946
    Description: Intel(R) ICH9 Family PCI Express Root Port 4 - 2946
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service: pci
    Name: Intel(R) ICH9 Family PCI Express Root Port 5 - 2948
    Description: Intel(R) ICH9 Family PCI Express Root Port 5 - 2948
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service: pci
    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2934
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2934
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci
    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub
    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2935
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2935
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci
    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub
    Name: Intel(R) ICH9 Family USB Universal Host Controller - 2936
    Description: Intel(R) ICH9 Family USB Universal Host Controller - 2936
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: Intel
    Service: usbuhci
    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub
    Name: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293A
    Description: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293A
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: Intel
    Service: usbehci
    Name: USB 2.0 Root Hub
    Description: USB 2.0 Root Hub
    Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
    Manufacturer: NEC
    Service: usbhub
    Name: TP-LINK Wireless USB Adapter
    Description: TP-LINK Wireless USB Adapter
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: TP-LINK
    Service: AR9271
    Name: Intel(R) 82801 PCI Bridge - 244E
    Description: Intel(R) 82801 PCI Bridge - 244E
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service: pci
    Name: Intel(R) ICH9DO LPC Interface Controller - 2914
    Description: Intel(R) ICH9DO LPC Interface Controller - 2914
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service: isapnp
    Name: ISAPNP Read Data Port
    Description: ISAPNP Read Data Port
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: Programmable interrupt controller
    Description: Programmable interrupt controller
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: Direct memory access controller
    Description: Direct memory access controller
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: System timer
    Description: System timer
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: System CMOS/real time clock
    Description: System CMOS/real time clock
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: System speaker
    Description: System speaker
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: Numeric data processor
    Description: Numeric data processor
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: ECP Printer Port (LPT1)
    Description: ECP Printer Port
    Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard port types)
    Service: Parport
    Name: Printer Port Logical Interface
    Description: Printer Port Logical Interface
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
    Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
    Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard keyboards)
    Service: i8042prt
    Name: Microsoft PS/2 Mouse
    Description: Microsoft PS/2 Mouse
    Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: i8042prt
    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: High precision event timer
    Description: High precision event timer
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: Intel(R) 82802 Firmware Hub Device
    Description: Intel(R) 82802 Firmware Hub Device
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service:
    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: Communications Port (COM1)
    Description: Communications Port
    Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard port types)
    Service: Serial
    Name: Communications Port (COM2)
    Description: Communications Port
    Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard port types)
    Service: Serial
    Name: Infineon Trusted Platform Module
    Description: Infineon Trusted Platform Module
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Infineon Technologies AG
    Service: IFXTPM
    Name: Intel(R) 82801HR/HH/HO SATA RAID Controller
    Description: Intel(R) 82801HR/HH/HO SATA RAID Controller
    Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service: iaStor
    Name: HL-DT-ST DVDRAM GSA-H62N
    Description: CD-ROM Drive
    Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard CD-ROM drives)
    Service: cdrom
    Name: ST3500413AS
    Description: Disk drive
    Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard disk drives)
    Service: disk
    Name: Intel(R) ICH9 Family SMBus Controller - 2930
    Description: Intel(R) ICH9 Family SMBus Controller - 2930
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service:
    Name: Intel(R) ICH9 Family Thermal Subsystem - 2932
    Description: Intel(R) ICH9 Family Thermal Subsystem - 2932
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Intel
    Service:
    Name: System board
    Description: System board
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: System board
    Description: System board
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: ACPI Power Button
    Description: ACPI Power Button
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: ACPI Thermal Zone
    Description: ACPI Thermal Zone
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: ACPI Fixed Feature Button
    Description: ACPI Fixed Feature Button
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service:
    Name: Logical Disk Manager
    Description: Logical Disk Manager
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: dmio
    Name: Volume Manager
    Description: Volume Manager
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: ftdisk
    Name: Generic volume
    Description: Generic volume
    Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
    Manufacturer: Microsoft
    Service:
    Name: AEGIS Protocol (IEEE 802.1x) v3.7.5.0
    Description: AEGIS Protocol (IEEE 802.1x) v3.7.5.0
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: AegisP
    Name: AFD
    Description: AFD
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: AFD
    Name: Beep
    Description: Beep
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Beep
    Name: COMODO Internet Security Helper Driver
    Description: COMODO Internet Security Helper Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: cmdHlp
    Name: cpudrv
    Description: cpudrv
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: cpudrv
    Name: cpuz134
    Description: cpuz134
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: cpuz134
    Name: dmboot
    Description: dmboot
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: dmboot
    Name: dmload
    Description: dmload
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: dmload
    Name: Realtek EAPPkt Protocol
    Description: Realtek EAPPkt Protocol
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: EAPPkt
    Name: Fips
    Description: Fips
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Fips
    Name: Generic Packet Classifier
    Description: Generic Packet Classifier
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Gpc
    Name: HTTP
    Description: HTTP
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: HTTP
    Name: COMODO Internet Security Firewall Driver
    Description: COMODO Internet Security Firewall Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Inspect
    Name: IntelIde
    Description: IntelIde
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: IntelIde
    Name: IP Traffic Filter Driver
    Description: IP Traffic Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: IpFilterDriver
    Name: IP Network Address Translator
    Description: IP Network Address Translator
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: IpNat
    Name: IPSEC driver
    Description: IPSEC driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: IPSec
    Name: ksecdd
    Description: ksecdd
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ksecdd
    Name: mnmdd
    Description: mnmdd
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: mnmdd
    Name: mountmgr
    Description: mountmgr
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: mountmgr
    Name: Nero Backup Volume Filter Driver
    Description: Nero Backup Volume Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NBVol
    Name: Nero Backup Volume Upper Filter Driver
    Description: Nero Backup Volume Upper Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NBVolUp
    Name: NDIS System Driver
    Description: NDIS System Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NDIS
    Name: Remote Access NDIS TAPI Driver
    Description: Remote Access NDIS TAPI Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NdisTapi
    Name: NDIS Usermode I/O Protocol
    Description: NDIS Usermode I/O Protocol
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Ndisuio
    Name: NDProxy
    Description: NDProxy
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NDProxy
    Name: NetBios over Tcpip
    Description: NetBios over Tcpip
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NetBT
    Name: Null
    Description: Null
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Null
    Name: PartMgr
    Description: PartMgr
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: PartMgr
    Name: ParVdm
    Description: ParVdm
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ParVdm
    Name: Remote Access Auto Connection Driver
    Description: Remote Access Auto Connection Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RasAcd
    Name: RDPCDD
    Description: RDPCDD
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPCDD
    Name: TCP/IP Protocol Driver
    Description: TCP/IP Protocol Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Tcpip
    Name: VgaSave
    Description: VgaSave
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: VgaSave
    Name: VolSnap
    Description: VolSnap
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: VolSnap
    Name: Remote Access IP ARP Driver
    Description: Remote Access IP ARP Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Wanarp
    Name: Kernel Mode Driver Frameworks service
    Description: Kernel Mode Driver Frameworks service
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Wdf01000
    Name: Windows Driver Foundation - User-mode Driver Framework Platform Driver
    Description: Windows Driver Foundation - User-mode Driver Framework Platform Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: WudfPf
    Name: Audio Codecs
    Description: Audio Codecs
    Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: audstub
    Name: Legacy Audio Drivers
    Description: Legacy Audio Drivers
    Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: audstub
    Name: Media Control Devices
    Description: Media Control Devices
    Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: audstub
    Name: Legacy Video Capture Devices
    Description: Legacy Video Capture Devices
    Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: audstub
    Name: Video Codecs
    Description: Video Codecs
    Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: audstub
    Name: Standard Modem
    Description: Standard Modem
    Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard Modem Types)
    Service: Modem
    Name: WAN Miniport (L2TP)
    Description: WAN Miniport (L2TP)
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: Rasl2tp
    Name: WAN Miniport (IP)
    Description: WAN Miniport (IP)
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: NdisWan
    Name: WAN Miniport (PPPOE)
    Description: WAN Miniport (PPPOE)
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: RasPppoe
    Name: WAN Miniport (PPTP)
    Description: WAN Miniport (PPTP)
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: PptpMiniport
    Name: WAN Miniport (IP) - Packet Scheduler Miniport
    Description: Packet Scheduler Miniport
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: PSched
    Name: Intel(R) 82566DM-2 Gigabit Network Connection - Packet Scheduler Miniport
    Description: Packet Scheduler Miniport
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: PSched
    Name: TP-LINK Wireless USB Adapter - Packet Scheduler Miniport
    Description: Packet Scheduler Miniport
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: PSched
    Name: Direct Parallel
    Description: Direct Parallel
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: Raspti
    Name: RIM Virtual Serial Port v2 (COM4)
    Description: RIM Virtual Serial Port v2
    Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
    Manufacturer: RIM Virtual Serial Ports
    Service: RimVSerPort
    Name: RIM Virtual Serial Port v2 (COM5)
    Description: RIM Virtual Serial Port v2
    Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
    Manufacturer: RIM Virtual Serial Ports
    Service: RimVSerPort
    Name: Terminal Server Device Redirector
    Description: Terminal Server Device Redirector
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: rdpdr
    Name: Terminal Server Keyboard Driver
    Description: Terminal Server Keyboard Driver
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: TermDD
    Name: Terminal Server Mouse Driver
    Description: Terminal Server Mouse Driver
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: TermDD
    Name: Plug and Play Software Device Enumerator
    Description: Plug and Play Software Device Enumerator
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: swenum
    Name: Microsoft WINMM WDM Audio Compatibility Driver
    Description: Microsoft WINMM WDM Audio Compatibility Driver
    Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: wdmaud
    Name: Microsoft Kernel System Audio Device
    Description: Microsoft Kernel System Audio Device
    Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: sysaudio
    Name: Microcode Update Device
    Description: Microcode Update Device
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: update
    Name: Microsoft System Management BIOS Driver
    Description: Microsoft System Management BIOS Driver
    Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standard system devices)
    Service: mssmbios

    **** End of log ****
  21. Broni

    Broni Malware Annihilator Posts: 46,169   +251

    Get ethernet cable and connect the computer to the router using it.
    See if you can get connected.
  22. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    After much movement with this computer had to move to another room didn't have a 15 mt, cable.
    OK, got comp. hookedup but had no luck.
    the task bar is telling me I'm hookedup, but IE cannot open, in normal mode.

    I'm now in safe mode but I'm not sure if I'm connect to Wi-Fi or Lan.

    since moving this comp. I'm being told that the windows needs to be activeated with in 3 days, what can we do about this.

    I might go fishing tonight and this computer may come with me I could with a new anker.Lol
  23. Broni

    Broni Malware Annihilator Posts: 46,169   +251

    Make sure your ethernet cable is still connected and post new FSS log from normal mode.
  24. tizapaine

    tizapaine TechSpot Member Topic Starter Posts: 50

    Farbar Service Scanner Version: 08-01-2014
    Ran by Administrator (administrator) on 03-02-2014 at 11:19:51
    Running from "C:\Documents and Settings\Administrator\Desktop"
    Microsoft Windows XP Professional Service Pack 3 (X86)
    Boot Mode: Normal
    ****************************************************************
    Internet Services:
    ============
    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Attempt to access Google IP returned error. Google IP is offline
    Attempt to access Google.com returned error: Google.com is offline
    Attempt to access Yahoo.com returned error: Yahoo.com is offline

    Windows Firewall:
    =============
    Firewall Disabled Policy:
    ==================

    System Restore:
    ============
    System Restore Disabled Policy:
    ========================

    Security Center:
    ============

    Windows Update:
    ============
    Windows Autoupdate Disabled Policy:
    ============================

    Other Services:
    ==============

    File Check:
    ========
    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
    C:\WINDOWS\system32\netman.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\srsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
    C:\WINDOWS\system32\qmgr.dll => MD5 is legit
    C:\WINDOWS\system32\es.dll => MD5 is legit
    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit
    Extra List:
    =======
    AegisP(15) cmdHlp(19) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
    0x1A0000000500000001000000020000000300000004000000130000000B00000008000000090000000A00000006000000070000000C0000000D0000000E0000000F0000001000000011000000120000001400000015000000160000001700000018000000190000001A000000
    IpSec Tag value is correct.
    **** End of log ****

    I still cannot connect in normal mode, I'm in safe mode .
  25. Broni

    Broni Malware Annihilator Posts: 46,169   +251

    While in safe mode...

    Go Start>Run (Start Search in Vista/7), type in:
    msconfig
    Click OK (hit Enter in Vista/7).

    Click on Startup tab.
    Click Disable all
    IMPORTANT! In case of laptop, make sure, you do NOT disable any keyboard, or touchpad entries.

    Click Services tab.
    Put checkmark in Hide all Microsoft services
    Click Disable all.

    Click OK.
    Restart computer in Normal Mode.

    NOTE. If you use different firewall, than Windows firewall, turn Windows firewall on, just for this test, since your regular firewall won't be running.
    If you use Windows firewall, you're fine.

    Same problem?


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.