Hi,
I hope you are able to help me. My computer has been randomly blue-screening, and then it tells me it has a probably with spooldr.sys - not that I can find that file anywhere.
Anyway, I've followed the instructions about getting the logs, and here they are:
Malwarebytes:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.16.11
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Helen :: HELENXP2 [administrator]
17/11/2012 7:20:37 PM
mbam-log-2012-11-17 (19-20-37).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 205084
Time elapsed: 15 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 18/03/2012 6:51:21 PM
System Uptime: 17/11/2012 7:17:08 PM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | EP41-UD3L
Processor: Intel Pentium III Xeon processor | Socket 775 | 2999/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 281 GiB total, 185.283 GiB free.
D: is FIXED (NTFS) - 200 GiB total, 114.092 GiB free.
G: is FIXED (NTFS) - 10 GiB total, 9.3 GiB free.
H: is FIXED (NTFS) - 100 GiB total, 89.401 GiB free.
K: is CDROM (UDF)
M: is FIXED (NTFS) - 40 GiB total, 23.211 GiB free.
P: is FIXED (NTFS) - 100 GiB total, 72.604 GiB free.
R: is FIXED (NTFS) - 112 GiB total, 98.631 GiB free.
V: is FIXED (NTFS) - 200 GiB total, 137.806 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Video Controller
Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_665F107D&REV_05\4&BC67B8D&0&00F0
Manufacturer:
Name: Multimedia Video Controller
PNP Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_665F107D&REV_05\4&BC67B8D&0&00F0
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Controller
Device ID: PCI\VEN_14F1&DEV_8802&SUBSYS_665F107D&REV_05\4&BC67B8D&0&02F0
Manufacturer:
Name: Multimedia Controller
PNP Device ID: PCI\VEN_14F1&DEV_8802&SUBSYS_665F107D&REV_05\4&BC67B8D&0&02F0
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Network Controller
Device ID: PCI\VEN_1814&DEV_0201&SUBSYS_700A1799&REV_01\4&BC67B8D&0&10F0
Manufacturer:
Name: Network Controller
PNP Device ID: PCI\VEN_1814&DEV_0201&SUBSYS_700A1799&REV_01\4&BC67B8D&0&10F0
Service:
.
==== System Restore Points ===================
.
RP172: 19/08/2012 5:26:39 PM - System Checkpoint
RP173: 20/08/2012 5:30:09 PM - System Checkpoint
RP174: 21/08/2012 5:59:37 PM - System Checkpoint
RP175: 23/08/2012 1:40:41 PM - System Checkpoint
RP176: 24/08/2012 1:44:22 PM - System Checkpoint
RP177: 25/08/2012 1:52:11 PM - System Checkpoint
RP178: 26/08/2012 4:09:39 PM - System Checkpoint
RP179: 27/08/2012 4:36:07 PM - System Checkpoint
RP180: 28/08/2012 4:47:37 PM - System Checkpoint
RP181: 29/08/2012 5:29:12 PM - System Checkpoint
RP182: 31/08/2012 11:22:22 AM - System Checkpoint
RP183: 2/09/2012 2:14:23 PM - System Checkpoint
RP184: 3/09/2012 5:05:10 PM - System Checkpoint
RP185: 4/09/2012 5:16:12 PM - System Checkpoint
RP186: 9/09/2012 8:16:46 PM - System Checkpoint
RP187: 10/09/2012 9:15:56 PM - System Checkpoint
RP188: 12/09/2012 12:55:41 PM - System Checkpoint
RP189: 14/09/2012 7:29:37 PM - Software Distribution Service 3.0
RP190: 15/09/2012 7:59:26 PM - System Checkpoint
RP191: 16/09/2012 8:35:31 PM - System Checkpoint
RP192: 18/09/2012 11:33:30 AM - System Checkpoint
RP193: 19/09/2012 8:06:29 PM - System Checkpoint
RP194: 21/09/2012 6:29:00 PM - System Checkpoint
RP195: 22/09/2012 7:15:35 PM - System Checkpoint
RP196: 23/09/2012 12:02:04 PM - Software Distribution Service 3.0
RP197: 24/09/2012 3:56:45 PM - System Checkpoint
RP198: 25/09/2012 4:12:59 PM - System Checkpoint
RP199: 7/10/2012 6:26:59 PM - System Checkpoint
RP200: 8/10/2012 7:02:01 PM - System Checkpoint
RP201: 9/10/2012 7:15:49 PM - System Checkpoint
RP202: 11/10/2012 2:07:26 PM - Software Distribution Service 3.0
RP203: 12/10/2012 3:18:26 PM - System Checkpoint
RP204: 13/10/2012 7:36:30 PM - System Checkpoint
RP205: 14/10/2012 7:45:33 PM - System Checkpoint
RP206: 15/10/2012 7:52:55 PM - System Checkpoint
RP207: 16/10/2012 9:50:32 PM - System Checkpoint
RP208: 19/10/2012 5:13:27 PM - System Checkpoint
RP209: 20/10/2012 6:02:31 PM - System Checkpoint
RP210: 21/10/2012 6:23:11 PM - System Checkpoint
RP211: 22/10/2012 6:46:45 PM - System Checkpoint
RP212: 23/10/2012 12:54:49 PM - Installed e-tax 2012
RP213: 24/10/2012 1:17:03 PM - System Checkpoint
RP214: 26/10/2012 7:59:19 PM - System Checkpoint
RP215: 27/10/2012 8:06:58 PM - Installed J2SE Runtime Environment 5.0
RP216: 28/10/2012 4:39:34 PM - Installed The Sims 3
RP217: 29/10/2012 7:53:05 PM - System Checkpoint
RP218: 30/10/2012 8:10:35 PM - System Checkpoint
RP219: 31/10/2012 9:56:00 PM - System Checkpoint
RP220: 2/11/2012 10:20:21 AM - System Checkpoint
RP221: 3/11/2012 10:27:32 AM - System Checkpoint
RP222: 4/11/2012 1:27:20 PM - System Checkpoint
RP223: 5/11/2012 3:45:55 PM - System Checkpoint
RP224: 6/11/2012 5:19:14 PM - System Checkpoint
RP225: 6/11/2012 8:40:02 PM - Installed Java(TM) 6 Update 37
RP226: 8/11/2012 9:56:10 AM - System Checkpoint
RP227: 9/11/2012 9:58:31 AM - System Checkpoint
RP228: 10/11/2012 11:38:32 AM - System Checkpoint
RP229: 11/11/2012 12:34:08 PM - System Checkpoint
RP230: 12/11/2012 12:35:44 PM - System Checkpoint
RP231: 13/11/2012 2:30:50 PM - System Checkpoint
RP232: 14/11/2012 3:33:02 PM - System Checkpoint
RP233: 15/11/2012 2:26:02 PM - Software Distribution Service 3.0
RP234: 16/11/2012 3:03:48 PM - System Checkpoint
RP235: 16/11/2012 9:20:58 PM - Installed Windows Media Player 11
RP236: 16/11/2012 9:22:12 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Digital Editions
Adobe Flash Player 11 Plugin
Adobe Flash Player ActiveX
Adobe Photoshop 5.5
Adobe Reader X (10.1.4)
Amazon Kindle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio 5.5
Belkin 802.11g Wireless PCI Card
Bonjour
Browser Configuration Utility
Canon CanoScan Toolbox 5.0
CanoScan LiDE 600F
Codec-TS SDK
CommonCents 3.0
De-interlace SDK
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Drive Manager
Dropbox
DVDFab 8.1.8.5 (24/05/2012) Qt
e-tax 2012
Energy Saver Advance B8.1208.1
FileZilla Client 3.5.3
GIMP 2.8.0
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
hp officejet 6100 series
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp officejet 6100 series
iTunes
J2SE Runtime Environment 5.0
Java Auto Updater
Java(TM) 6 Update 37
Logitech Audio Echo Cancellation Component
Logitech QuickCam
Logitech Video Enumerator
Logitech® Camera Driver
Malwarebytes Anti-Malware version 1.65.1.1000
McAfee AntiVirus Plus
McAfee Security Scan Plus
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Money
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Office XP Professional with FrontPage
Microsoft Software Update for Web Folders (English) 14
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Mozilla Firefox 16.0.2 (x86 en-GB)
Mozilla Maintenance Service
Mozilla Thunderbird 16.0.2 (x86 en-GB)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MVision
NVIDIA Drivers
Origin
Paragon Hard Disk Manager 6.0
Picasa 3
PlaySAFE
Presto! PageManager 7.15.14
PrimoPDF
PrimoPDF -- brought to you by Nitro PDF Software
PrimoPDF Redistribution Package
QFolder
QuickTime
Rapid CSS 2007 v8.31
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
ScanSoft OmniPage SE 4.0
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647516)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Skype™ 5.10
The Sims™ 3
TT-SB SDK
UltraEdit-32
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinFast PVR2
.
==== Event Viewer Messages From Past Week ========
.
17/11/2012 6:53:49 PM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
17/11/2012 6:22:21 PM, error: PCTCore [280] -
15/11/2012 4:08:07 PM, error: System Error [1003] - Error code 10000050, parameter1 bad0b114, parameter2 00000000, parameter3 805bbab6, parameter4 00000002.
13/11/2012 9:20:57 PM, error: System Error [1003] - Error code 10000050, parameter1 bad0b158, parameter2 00000000, parameter3 805bc245, parameter4 00000002.
.
==== End Of File ===========================
dds.txt:
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37
Run by Helen at 19:57:04 on 2012-11-17
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.2558.1840 [GMT 11:00]
.
AV: PC Tools Spyware Doctor *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\notepad.exe
c:\PROGRA~1\mcafee\SITEAD~1\saui.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: DeviceVM Url Search Hook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - c:\windows\system32\dvmurl.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120627111848.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam10\QuickCam10.exe" /hide
mRun: [LVCOMSX] "c:\program files\common files\logitech\lcommgr\LVComSX.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\helen\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\helen\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hp\digital imaging\bin\hpotdd01.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\office~1.lnk - c:\program files\hp\digital imaging\bin\hposol08.exe
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{B3DD3AB3-B38F-49FA-9AD8-7823B0D1BF67} : DHCPNameServer = 10.1.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\helen\application data\mozilla\firefox\profiles\vtm12p15.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2012-09-23 20:45; firefox@zemanta.com; c:\documents and settings\helen\application data\mozilla\firefox\profiles\vtm12p15.default\extensions\firefox@zemanta.com.xpi
FF - ExtSQL: 2012-11-06 20:40; jqs@sun.com; c:\program files\java\jre6\lib\deploy\jqs\ff
FF - ExtSQL: 2012-11-06 20:40; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-10-15 464304]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2012-3-18 89792]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-3-18 214904]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-3-18 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-3-18 214904]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-3-18 214904]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-3-18 166288]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-3-18 161632]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-3-18 151880]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-3-18 57600]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-3-18 180848]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-3-18 59456]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-3-18 340920]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2012-3-18 83856]
S2 GEST Service;GEST Service for program management.;c:\program files\gigabyte\energysaver\GSvr.exe [2012-3-18 68136]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.207\McCHSvc.exe [2011-6-18 237008]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2012-3-18 83856]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-3-18 87656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-5-18 121192]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-5-18 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-5-18 136680]
.
=============== File Associations ===============
.
FileExt: .js: UltraEdit.js="c:\program files\idm computer solutions\ultraedit-32\uedit32.exe" "%1"
.
=============== Created Last 30 ================
.
2012-11-17 08:07:44 -------- d-----w- c:\documents and settings\helen\application data\Malwarebytes
2012-11-17 07:59:25 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-11-17 07:57:51 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-17 07:57:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-17 07:12:30 -------- d-----w- c:\program files\PC Tools
2012-11-17 07:08:36 202280 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-11-17 07:08:35 -------- d-----w- c:\program files\common files\PC Tools
2012-11-17 07:03:41 -------- d-----w- c:\documents and settings\all users\application data\PC Tools
2012-11-17 07:03:39 -------- d-----w- c:\documents and settings\helen\application data\TestApp
2012-11-16 10:24:26 221184 ----a-w- c:\windows\system32\wmpns.dll
2012-11-16 10:24:18 -------- d-----w- c:\program files\Windows Media Connect 2
2012-11-16 08:44:00 -------- d-----w- C:\drive backup
2012-11-06 09:40:48 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-06 09:40:48 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-11-06 09:40:48 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-31 00:18:56 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2012-10-31 00:18:56 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-10-31 00:18:53 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2012-10-31 00:18:53 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-10-30 10:05:40 -------- d-----w- c:\documents and settings\helen\local settings\application data\etax2012
2012-10-23 01:54:51 -------- d-----w- c:\program files\etax2012
.
==================== Find3M ====================
.
2012-11-17 08:17:46 16608 ----a-w- c:\windows\gdrv.sys
2012-11-13 10:29:42 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-13 10:29:40 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ------w- c:\windows\system32\html.iec
2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:33:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58:09 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-21 03:01:22 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 03:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll
.
============= FINISH: 19:57:39.14 ===============
I hope you are able to help me. My computer has been randomly blue-screening, and then it tells me it has a probably with spooldr.sys - not that I can find that file anywhere.
Anyway, I've followed the instructions about getting the logs, and here they are:
Malwarebytes:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.16.11
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Helen :: HELENXP2 [administrator]
17/11/2012 7:20:37 PM
mbam-log-2012-11-17 (19-20-37).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 205084
Time elapsed: 15 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 18/03/2012 6:51:21 PM
System Uptime: 17/11/2012 7:17:08 PM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | EP41-UD3L
Processor: Intel Pentium III Xeon processor | Socket 775 | 2999/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 281 GiB total, 185.283 GiB free.
D: is FIXED (NTFS) - 200 GiB total, 114.092 GiB free.
G: is FIXED (NTFS) - 10 GiB total, 9.3 GiB free.
H: is FIXED (NTFS) - 100 GiB total, 89.401 GiB free.
K: is CDROM (UDF)
M: is FIXED (NTFS) - 40 GiB total, 23.211 GiB free.
P: is FIXED (NTFS) - 100 GiB total, 72.604 GiB free.
R: is FIXED (NTFS) - 112 GiB total, 98.631 GiB free.
V: is FIXED (NTFS) - 200 GiB total, 137.806 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Video Controller
Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_665F107D&REV_05\4&BC67B8D&0&00F0
Manufacturer:
Name: Multimedia Video Controller
PNP Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_665F107D&REV_05\4&BC67B8D&0&00F0
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Controller
Device ID: PCI\VEN_14F1&DEV_8802&SUBSYS_665F107D&REV_05\4&BC67B8D&0&02F0
Manufacturer:
Name: Multimedia Controller
PNP Device ID: PCI\VEN_14F1&DEV_8802&SUBSYS_665F107D&REV_05\4&BC67B8D&0&02F0
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Network Controller
Device ID: PCI\VEN_1814&DEV_0201&SUBSYS_700A1799&REV_01\4&BC67B8D&0&10F0
Manufacturer:
Name: Network Controller
PNP Device ID: PCI\VEN_1814&DEV_0201&SUBSYS_700A1799&REV_01\4&BC67B8D&0&10F0
Service:
.
==== System Restore Points ===================
.
RP172: 19/08/2012 5:26:39 PM - System Checkpoint
RP173: 20/08/2012 5:30:09 PM - System Checkpoint
RP174: 21/08/2012 5:59:37 PM - System Checkpoint
RP175: 23/08/2012 1:40:41 PM - System Checkpoint
RP176: 24/08/2012 1:44:22 PM - System Checkpoint
RP177: 25/08/2012 1:52:11 PM - System Checkpoint
RP178: 26/08/2012 4:09:39 PM - System Checkpoint
RP179: 27/08/2012 4:36:07 PM - System Checkpoint
RP180: 28/08/2012 4:47:37 PM - System Checkpoint
RP181: 29/08/2012 5:29:12 PM - System Checkpoint
RP182: 31/08/2012 11:22:22 AM - System Checkpoint
RP183: 2/09/2012 2:14:23 PM - System Checkpoint
RP184: 3/09/2012 5:05:10 PM - System Checkpoint
RP185: 4/09/2012 5:16:12 PM - System Checkpoint
RP186: 9/09/2012 8:16:46 PM - System Checkpoint
RP187: 10/09/2012 9:15:56 PM - System Checkpoint
RP188: 12/09/2012 12:55:41 PM - System Checkpoint
RP189: 14/09/2012 7:29:37 PM - Software Distribution Service 3.0
RP190: 15/09/2012 7:59:26 PM - System Checkpoint
RP191: 16/09/2012 8:35:31 PM - System Checkpoint
RP192: 18/09/2012 11:33:30 AM - System Checkpoint
RP193: 19/09/2012 8:06:29 PM - System Checkpoint
RP194: 21/09/2012 6:29:00 PM - System Checkpoint
RP195: 22/09/2012 7:15:35 PM - System Checkpoint
RP196: 23/09/2012 12:02:04 PM - Software Distribution Service 3.0
RP197: 24/09/2012 3:56:45 PM - System Checkpoint
RP198: 25/09/2012 4:12:59 PM - System Checkpoint
RP199: 7/10/2012 6:26:59 PM - System Checkpoint
RP200: 8/10/2012 7:02:01 PM - System Checkpoint
RP201: 9/10/2012 7:15:49 PM - System Checkpoint
RP202: 11/10/2012 2:07:26 PM - Software Distribution Service 3.0
RP203: 12/10/2012 3:18:26 PM - System Checkpoint
RP204: 13/10/2012 7:36:30 PM - System Checkpoint
RP205: 14/10/2012 7:45:33 PM - System Checkpoint
RP206: 15/10/2012 7:52:55 PM - System Checkpoint
RP207: 16/10/2012 9:50:32 PM - System Checkpoint
RP208: 19/10/2012 5:13:27 PM - System Checkpoint
RP209: 20/10/2012 6:02:31 PM - System Checkpoint
RP210: 21/10/2012 6:23:11 PM - System Checkpoint
RP211: 22/10/2012 6:46:45 PM - System Checkpoint
RP212: 23/10/2012 12:54:49 PM - Installed e-tax 2012
RP213: 24/10/2012 1:17:03 PM - System Checkpoint
RP214: 26/10/2012 7:59:19 PM - System Checkpoint
RP215: 27/10/2012 8:06:58 PM - Installed J2SE Runtime Environment 5.0
RP216: 28/10/2012 4:39:34 PM - Installed The Sims 3
RP217: 29/10/2012 7:53:05 PM - System Checkpoint
RP218: 30/10/2012 8:10:35 PM - System Checkpoint
RP219: 31/10/2012 9:56:00 PM - System Checkpoint
RP220: 2/11/2012 10:20:21 AM - System Checkpoint
RP221: 3/11/2012 10:27:32 AM - System Checkpoint
RP222: 4/11/2012 1:27:20 PM - System Checkpoint
RP223: 5/11/2012 3:45:55 PM - System Checkpoint
RP224: 6/11/2012 5:19:14 PM - System Checkpoint
RP225: 6/11/2012 8:40:02 PM - Installed Java(TM) 6 Update 37
RP226: 8/11/2012 9:56:10 AM - System Checkpoint
RP227: 9/11/2012 9:58:31 AM - System Checkpoint
RP228: 10/11/2012 11:38:32 AM - System Checkpoint
RP229: 11/11/2012 12:34:08 PM - System Checkpoint
RP230: 12/11/2012 12:35:44 PM - System Checkpoint
RP231: 13/11/2012 2:30:50 PM - System Checkpoint
RP232: 14/11/2012 3:33:02 PM - System Checkpoint
RP233: 15/11/2012 2:26:02 PM - Software Distribution Service 3.0
RP234: 16/11/2012 3:03:48 PM - System Checkpoint
RP235: 16/11/2012 9:20:58 PM - Installed Windows Media Player 11
RP236: 16/11/2012 9:22:12 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Digital Editions
Adobe Flash Player 11 Plugin
Adobe Flash Player ActiveX
Adobe Photoshop 5.5
Adobe Reader X (10.1.4)
Amazon Kindle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio 5.5
Belkin 802.11g Wireless PCI Card
Bonjour
Browser Configuration Utility
Canon CanoScan Toolbox 5.0
CanoScan LiDE 600F
Codec-TS SDK
CommonCents 3.0
De-interlace SDK
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Drive Manager
Dropbox
DVDFab 8.1.8.5 (24/05/2012) Qt
e-tax 2012
Energy Saver Advance B8.1208.1
FileZilla Client 3.5.3
GIMP 2.8.0
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
hp officejet 6100 series
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp officejet 6100 series
iTunes
J2SE Runtime Environment 5.0
Java Auto Updater
Java(TM) 6 Update 37
Logitech Audio Echo Cancellation Component
Logitech QuickCam
Logitech Video Enumerator
Logitech® Camera Driver
Malwarebytes Anti-Malware version 1.65.1.1000
McAfee AntiVirus Plus
McAfee Security Scan Plus
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Money
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Office XP Professional with FrontPage
Microsoft Software Update for Web Folders (English) 14
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Mozilla Firefox 16.0.2 (x86 en-GB)
Mozilla Maintenance Service
Mozilla Thunderbird 16.0.2 (x86 en-GB)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MVision
NVIDIA Drivers
Origin
Paragon Hard Disk Manager 6.0
Picasa 3
PlaySAFE
Presto! PageManager 7.15.14
PrimoPDF
PrimoPDF -- brought to you by Nitro PDF Software
PrimoPDF Redistribution Package
QFolder
QuickTime
Rapid CSS 2007 v8.31
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
ScanSoft OmniPage SE 4.0
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647516)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Skype™ 5.10
The Sims™ 3
TT-SB SDK
UltraEdit-32
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinFast PVR2
.
==== Event Viewer Messages From Past Week ========
.
17/11/2012 6:53:49 PM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
17/11/2012 6:22:21 PM, error: PCTCore [280] -
15/11/2012 4:08:07 PM, error: System Error [1003] - Error code 10000050, parameter1 bad0b114, parameter2 00000000, parameter3 805bbab6, parameter4 00000002.
13/11/2012 9:20:57 PM, error: System Error [1003] - Error code 10000050, parameter1 bad0b158, parameter2 00000000, parameter3 805bc245, parameter4 00000002.
.
==== End Of File ===========================
dds.txt:
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37
Run by Helen at 19:57:04 on 2012-11-17
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.2558.1840 [GMT 11:00]
.
AV: PC Tools Spyware Doctor *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\notepad.exe
c:\PROGRA~1\mcafee\SITEAD~1\saui.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: DeviceVM Url Search Hook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - c:\windows\system32\dvmurl.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120627111848.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam10\QuickCam10.exe" /hide
mRun: [LVCOMSX] "c:\program files\common files\logitech\lcommgr\LVComSX.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\helen\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\helen\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hp\digital imaging\bin\hpotdd01.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\office~1.lnk - c:\program files\hp\digital imaging\bin\hposol08.exe
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{B3DD3AB3-B38F-49FA-9AD8-7823B0D1BF67} : DHCPNameServer = 10.1.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\helen\application data\mozilla\firefox\profiles\vtm12p15.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2012-09-23 20:45; firefox@zemanta.com; c:\documents and settings\helen\application data\mozilla\firefox\profiles\vtm12p15.default\extensions\firefox@zemanta.com.xpi
FF - ExtSQL: 2012-11-06 20:40; jqs@sun.com; c:\program files\java\jre6\lib\deploy\jqs\ff
FF - ExtSQL: 2012-11-06 20:40; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-10-15 464304]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2012-3-18 89792]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-3-18 214904]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-3-18 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-3-18 214904]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-3-18 214904]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-3-18 166288]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-3-18 161632]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-3-18 151880]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-3-18 57600]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-3-18 180848]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-3-18 59456]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-3-18 340920]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2012-3-18 83856]
S2 GEST Service;GEST Service for program management.;c:\program files\gigabyte\energysaver\GSvr.exe [2012-3-18 68136]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.207\McCHSvc.exe [2011-6-18 237008]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2012-3-18 83856]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-3-18 87656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-5-18 121192]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-5-18 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-5-18 136680]
.
=============== File Associations ===============
.
FileExt: .js: UltraEdit.js="c:\program files\idm computer solutions\ultraedit-32\uedit32.exe" "%1"
.
=============== Created Last 30 ================
.
2012-11-17 08:07:44 -------- d-----w- c:\documents and settings\helen\application data\Malwarebytes
2012-11-17 07:59:25 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-11-17 07:57:51 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-17 07:57:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-17 07:12:30 -------- d-----w- c:\program files\PC Tools
2012-11-17 07:08:36 202280 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-11-17 07:08:35 -------- d-----w- c:\program files\common files\PC Tools
2012-11-17 07:03:41 -------- d-----w- c:\documents and settings\all users\application data\PC Tools
2012-11-17 07:03:39 -------- d-----w- c:\documents and settings\helen\application data\TestApp
2012-11-16 10:24:26 221184 ----a-w- c:\windows\system32\wmpns.dll
2012-11-16 10:24:18 -------- d-----w- c:\program files\Windows Media Connect 2
2012-11-16 08:44:00 -------- d-----w- C:\drive backup
2012-11-06 09:40:48 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-06 09:40:48 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-11-06 09:40:48 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-31 00:18:56 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2012-10-31 00:18:56 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-10-31 00:18:53 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2012-10-31 00:18:53 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-10-30 10:05:40 -------- d-----w- c:\documents and settings\helen\local settings\application data\etax2012
2012-10-23 01:54:51 -------- d-----w- c:\program files\etax2012
.
==================== Find3M ====================
.
2012-11-17 08:17:46 16608 ----a-w- c:\windows\gdrv.sys
2012-11-13 10:29:42 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-13 10:29:40 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ------w- c:\windows\system32\html.iec
2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:33:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58:09 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-21 03:01:22 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 03:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll
.
============= FINISH: 19:57:39.14 ===============