Results 1 to 8 of 8
  1. #1
    Member
    Join Date
    Mar 2012
    Posts
    5
    Points
    0

    Default what do i fix on hijack this

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:56:37, on 25/03/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\PixArt\PAC7302\Monitor.exe
    C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE
    C:\Program Files\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\AVG\AVG2012\avgemcx.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - (no file)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
    O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL
    O2 - BHO: script helper for ie - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - C:\Program Files\ReImageCompanion\jsloader.dll (file missing)
    O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
    O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
    O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE
    O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=gmdfpnpdmnjaffhcdbobdjpolhpacaem
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKLM\..\Policies\Explorer\Run: [52846] C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\msdubm.cmd
    O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - ESC Trusted Zone: http://*.update.microsoft.com
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
    O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/Messen....cab109791.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - (no file)
    O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - (no file)
    O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - (no file)
    O20 - AppInit_DLLs: C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll
    O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    --
    End of file - 8026 bytes

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hi wooty1,

    Welcome to Help2Go!

    Please describe all the symptoms you have on this computer, crashes, redirects, programs trying to perform a scans, etc.

    We need to see some information about what is happening in your machine. Please perform the following scan:
    • Download DDS by sUBs from one of the following links. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

    Information on A/V control HERE

    This will get you started and help our expert to better help you.

    Joe

  3. #3
    Member
    Join Date
    Mar 2012
    Posts
    5
    Points
    0

    Default

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by User at 17:47:31 on 2012-03-25
    Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1022.522 [GMT 1:00]
    .
    AV: Virgin Media Security *Enabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\PixArt\PAC7302\Monitor.exe
    C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE
    C:\Program Files\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    svchost.exe
    C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\AVG\AVG2012\avgemcx.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = <local>
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - No File
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\wi371a~1\datamngr\BROWSE~1.DLL
    BHO: ReImage Browser Helper: {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - c:\program files\reimagecompanion\jsloader.dll
    BHO: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - No File
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
    TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File
    TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
    mRun: [DATAMNGR] c:\progra~1\wi371a~1\datamngr\DATAMN~1.EXE
    mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    mRun: [Browser companion helper] c:\program files\browsercompanion\BCHelper.exe /T=3 /CHI=gmdfpnpdmnjaffhcdbobdjpolhpacaem
    dRunOnce: [RunNarrator] Narrator.exe
    mExplorerRun: [52846] c:\docume~1\alluse~1\locals~1\temp\msdubm.cmd
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {41564D57-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
    DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{A0F9F018-B760-4C77-BA25-CA6706F11087} : DhcpNameServer = 192.168.1.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    Notify: igfxcui - igfxsrvc.dll
    Notify: TPSvc - TPSvc.dll
    AppInit_DLLs: c:\progra~1\wi371a~1\datamngr\datamngr.dll c:\progra~1\wi371a~1\datamngr\IEBHO.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
    R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
    S2 avp;Gdihook5;c:\windows\system32\svchost.exe -k netsvcs [2004-8-12 14336]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-12 135664]
    S2 mclserviceatl;Wusb54gv2svc;c:\windows\system32\svchost.exe -k netsvcs [2004-8-12 14336]
    S2 mcrdsvc;Se58bus;c:\windows\system32\svchost.exe -k netsvcs [2004-8-12 14336]
    S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [2010-8-11 20160]
    S3 cpuz132;cpuz132;\??\c:\docume~1\user\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\user\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
    S3 cpuz134;cpuz134;\??\c:\docume~1\user\locals~1\temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\user\locals~1\temp\cpuz134\cpuz134_x32.sys [?]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-12 135664]
    S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2012-3-19 50704]
    .
    =============== Created Last 30 ================
    .
    2012-03-25 15:25:47 388096 ----a-r- c:\documents and settings\user\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2012-03-25 13:53:35 -------- d-----w- c:\documents and settings\user\local settings\application data\FixItCenter
    2012-03-25 13:50:33 -------- d-----w- c:\windows\MATS
    2012-03-25 13:50:31 -------- d-----w- c:\program files\Microsoft Fix it Center
    2012-03-19 19:07:34 -------- d--h--w- C:\$AVG
    2012-03-19 18:45:25 -------- d-----w- c:\documents and settings\user\application data\AVG2012
    2012-03-19 18:44:42 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
    2012-03-19 18:43:33 -------- d-----w- c:\windows\system32\drivers\AVG
    2012-03-19 18:43:33 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
    2012-03-19 18:42:38 -------- d-----w- c:\program files\AVG
    2012-03-19 18:38:34 -------- d-----w- c:\documents and settings\all users\application data\MFAData
    2012-03-19 13:12:00 -------- d-----w- c:\documents and settings\all users\application data\529C5357000435DB6A56DD76D151FC4E
    2012-03-19 09:15:45 50704 ----a-w- c:\windows\system32\drivers\npf.sys
    2012-03-19 09:15:45 281104 ----a-w- c:\windows\system32\wpcap.dll
    2012-03-19 09:15:45 100880 ----a-w- c:\windows\system32\Packet.dll
    2012-03-19 09:01:56 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
    2012-03-06 09:11:16 -------- d-----w- c:\documents and settings\user\local settings\application data\Solid State Networks
    .
    ==================== Find3M ====================
    .
    2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
    2012-01-13 20:10:19 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll
    2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    .
    ============= FINISH: 17:48:33.56 ===============

  4. #4
    Member
    Join Date
    Mar 2012
    Posts
    5
    Points
    0

    Default notepad result

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by User at 17:47:31 on 2012-03-25
    Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1022.522 [GMT 1:00]
    .
    AV: Virgin Media Security *Enabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\PixArt\PAC7302\Monitor.exe
    C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE
    C:\Program Files\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    svchost.exe
    C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\AVG\AVG2012\avgemcx.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = <local>
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - No File
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\wi371a~1\datamngr\BROWSE~1.DLL
    BHO: ReImage Browser Helper: {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - c:\program files\reimagecompanion\jsloader.dll
    BHO: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - No File
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
    TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File
    TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
    mRun: [DATAMNGR] c:\progra~1\wi371a~1\datamngr\DATAMN~1.EXE
    mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    mRun: [Browser companion helper] c:\program files\browsercompanion\BCHelper.exe /T=3 /CHI=gmdfpnpdmnjaffhcdbobdjpolhpacaem
    dRunOnce: [RunNarrator] Narrator.exe
    mExplorerRun: [52846] c:\docume~1\alluse~1\locals~1\temp\msdubm.cmd
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {41564D57-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
    DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{A0F9F018-B760-4C77-BA25-CA6706F11087} : DhcpNameServer = 192.168.1.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    Notify: igfxcui - igfxsrvc.dll
    Notify: TPSvc - TPSvc.dll
    AppInit_DLLs: c:\progra~1\wi371a~1\datamngr\datamngr.dll c:\progra~1\wi371a~1\datamngr\IEBHO.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
    R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
    S2 avp;Gdihook5;c:\windows\system32\svchost.exe -k netsvcs [2004-8-12 14336]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-12 135664]
    S2 mclserviceatl;Wusb54gv2svc;c:\windows\system32\svchost.exe -k netsvcs [2004-8-12 14336]
    S2 mcrdsvc;Se58bus;c:\windows\system32\svchost.exe -k netsvcs [2004-8-12 14336]
    S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [2010-8-11 20160]
    S3 cpuz132;cpuz132;\??\c:\docume~1\user\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\user\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
    S3 cpuz134;cpuz134;\??\c:\docume~1\user\locals~1\temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\user\locals~1\temp\cpuz134\cpuz134_x32.sys [?]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-12 135664]
    S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2012-3-19 50704]
    .
    =============== Created Last 30 ================
    .
    2012-03-25 15:25:47 388096 ----a-r- c:\documents and settings\user\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2012-03-25 13:53:35 -------- d-----w- c:\documents and settings\user\local settings\application data\FixItCenter
    2012-03-25 13:50:33 -------- d-----w- c:\windows\MATS
    2012-03-25 13:50:31 -------- d-----w- c:\program files\Microsoft Fix it Center
    2012-03-19 19:07:34 -------- d--h--w- C:\$AVG
    2012-03-19 18:45:25 -------- d-----w- c:\documents and settings\user\application data\AVG2012
    2012-03-19 18:44:42 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
    2012-03-19 18:43:33 -------- d-----w- c:\windows\system32\drivers\AVG
    2012-03-19 18:43:33 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
    2012-03-19 18:42:38 -------- d-----w- c:\program files\AVG
    2012-03-19 18:38:34 -------- d-----w- c:\documents and settings\all users\application data\MFAData
    2012-03-19 13:12:00 -------- d-----w- c:\documents and settings\all users\application data\529C5357000435DB6A56DD76D151FC4E
    2012-03-19 09:15:45 50704 ----a-w- c:\windows\system32\drivers\npf.sys
    2012-03-19 09:15:45 281104 ----a-w- c:\windows\system32\wpcap.dll
    2012-03-19 09:15:45 100880 ----a-w- c:\windows\system32\Packet.dll
    2012-03-19 09:01:56 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
    2012-03-06 09:11:16 -------- d-----w- c:\documents and settings\user\local settings\application data\Solid State Networks
    .
    ==================== Find3M ====================
    .
    2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
    2012-01-13 20:10:19 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll
    2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    .
    ============= FINISH: 17:48:33.56 ===============
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 26/11/2009 17:02:09
    System Uptime: 25/03/2012 14:59:30 (3 hours ago)
    .
    Motherboard: Dell Computer Corp. | | 02X378
    Processor: Intel(R) Pentium(R) 4 CPU 2.00GHz | Microprocessor | 1992/400mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 19 GiB total, 3.638 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: IDE\CDROMCOMPAQ_CD-224E__________________________9.0B____\5&3A919BC3&0&0.0.0
    Manufacturer: (Standard CD-ROM drives)
    Name: COMPAQ CD-224E
    PNP Device ID: IDE\CDROMCOMPAQ_CD-224E__________________________9.0B____\5&3A919BC3&0&0.0.0
    Service: cdrom
    .
    ==== System Restore Points ===================
    .
    RP644: 24/02/2012 08:03:17 - System Checkpoint
    RP645: 25/02/2012 09:46:20 - System Checkpoint
    RP646: 26/02/2012 10:25:57 - System Checkpoint
    RP647: 27/02/2012 18:35:28 - System Checkpoint
    RP648: 28/02/2012 18:39:35 - System Checkpoint
    RP649: 29/02/2012 18:39:53 - System Checkpoint
    RP650: 01/03/2012 18:48:26 - System Checkpoint
    RP651: 02/03/2012 19:40:25 - System Checkpoint
    RP652: 03/03/2012 20:13:15 - System Checkpoint
    RP653: 04/03/2012 20:50:52 - System Checkpoint
    RP654: 06/03/2012 07:36:56 - System Checkpoint
    RP655: 06/03/2012 09:13:33 - Removed Adobe Reader 9.5.0.
    RP656: 06/03/2012 09:13:54 - Installed Adobe Reader X (10.1.2).
    RP657: 07/03/2012 09:21:39 - System Checkpoint
    RP658: 08/03/2012 09:46:01 - System Checkpoint
    RP659: 09/03/2012 09:52:08 - System Checkpoint
    RP660: 10/03/2012 11:18:39 - System Checkpoint
    RP661: 11/03/2012 12:16:04 - System Checkpoint
    RP662: 12/03/2012 12:44:28 - System Checkpoint
    RP663: 13/03/2012 13:31:26 - System Checkpoint
    RP664: 14/03/2012 03:00:16 - Software Distribution Service 3.0
    RP665: 15/03/2012 14:58:59 - System Checkpoint
    RP666: 16/03/2012 15:37:25 - System Checkpoint
    RP667: 17/03/2012 15:51:03 - System Checkpoint
    RP668: 18/03/2012 16:09:48 - System Checkpoint
    RP669: 19/03/2012 18:42:37 - Installed AVG 2012
    RP670: 19/03/2012 18:43:12 - Installed AVG 2012
    RP671: 20/03/2012 15:53:24 - Software Distribution Service 3.0
    RP672: 21/03/2012 10:35:19 - Restore Operation
    RP673: 21/03/2012 10:37:51 - Restore Operation
    RP674: 21/03/2012 10:40:41 - Restore Operation
    RP675: 22/03/2012 16:33:29 - System Checkpoint
    RP676: 23/03/2012 17:44:55 - System Checkpoint
    RP677: 24/03/2012 08:16:54 - Restore Operation
    RP678: 24/03/2012 08:21:28 - Restore Operation
    RP679: 24/03/2012 08:25:06 - Restore Operation
    RP680: 24/03/2012 08:30:46 - Restore Operation
    RP681: 24/03/2012 08:34:37 - Restore Operation
    RP682: 24/03/2012 10:04:48 - Restore Operation
    RP683: 24/03/2012 10:07:23 - Restore Operation
    RP684: 24/03/2012 10:10:45 - Restore Operation
    RP685: 24/03/2012 10:13:27 - Restore Operation
    RP686: 24/03/2012 10:18:13 - Restore Operation
    RP687: 24/03/2012 10:22:35 - Restore Operation
    RP688: 24/03/2012 10:25:22 - Restore Operation
    RP689: 24/03/2012 10:27:45 - Restore Operation
    .
    ==== Installed Programs ======================
    .
    ABBYY FineReader 6.0 Sprint
    ABBYY FineReader 9.0 Sprint
    Adobe AIR
    Adobe Flash Player 10 Plugin
    Adobe Flash Player 11 ActiveX
    Adobe Reader X (10.1.2)
    Adobe Shockwave Player 11.6
    ArcSoft PhotoImpression 5
    ArcSoft VideoImpression 2
    AVG 2012
    Betfred Poker
    CCleaner
    Epson Easy Photo Print 2
    Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
    Epson Event Manager
    EPSON Scan
    EPSON SX130 Series Printer Uninstall
    Google Chrome
    Google Update Helper
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB976002-v5)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Intel(R) Extreme Graphics Driver
    Intel(R) PRO Network Adapters and Drivers
    Internet Explorer (Enable DEP)
    Java(TM) 6 Update 16
    Junk Mail filter update
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Automated Troubleshooting Services Shim
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Fix it Center
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    OpenOffice.org 3.1
    RPS CRT
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2497640)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player (KB979402)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165-v2)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Segoe UI
    swMSM
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB978506)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    User's Guide EPSON SX130 Series
    VC80CRTRedist - 8.0.50727.6195
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows iLivid Toolbar
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows PowerShell(TM) 1.0
    Windows XP Service Pack 3
    .
    ==== Event Viewer Messages From Past Week ========
    .
    25/03/2012 13:06:00, error: Schedule [7901] - The At28.job command failed to start due to the following error: %%2147942402
    25/03/2012 13:06:00, error: Schedule [7901] - The At27.job command failed to start due to the following error: %%2147942402
    25/03/2012 12:06:00, error: Schedule [7901] - The At26.job command failed to start due to the following error: %%2147942402
    25/03/2012 12:06:00, error: Schedule [7901] - The At25.job command failed to start due to the following error: %%2147942402
    24/03/2012 17:06:00, error: Schedule [7901] - The At36.job command failed to start due to the following error: %%2147942402
    24/03/2012 17:06:00, error: Schedule [7901] - The At35.job command failed to start due to the following error: %%2147942402
    24/03/2012 08:02:50, error: Service Control Manager [7023] - The USBDeviceService service terminated with the following error: The specified module could not be found.
    24/03/2012 08:02:50, error: Service Control Manager [7023] - The Spupdsvc service terminated with the following error: The specified module could not be found.
    24/03/2012 08:02:50, error: Service Control Manager [7023] - The LoopBeMidi1 service terminated with the following error: The specified module could not be found.
    24/03/2012 08:02:50, error: Service Control Manager [7023] - The Houdiniserver service terminated with the following error: The specified module could not be found.
    24/03/2012 08:02:50, error: Service Control Manager [7023] - The Framework service terminated with the following error: The specified module could not be found.
    23/03/2012 21:14:50, error: Service Control Manager [7023] - The Srescan service terminated with the following error: Access is denied.
    23/03/2012 15:59:30, error: Service Control Manager [7023] - The TMBMServer service terminated with the following error: The specified module could not be found.
    23/03/2012 15:59:30, error: Service Control Manager [7023] - The Sgectl service terminated with the following error: The specified module could not be found.
    23/03/2012 15:59:30, error: Service Control Manager [7023] - The Pimsgss service terminated with the following error: The specified module could not be found.
    23/03/2012 15:59:30, error: Service Control Manager [7023] - The Phnxvcdservice service terminated with the following error: The specified module could not be found.
    23/03/2012 15:59:30, error: Service Control Manager [7023] - The Gdihook5 service terminated with the following error: The specified module could not be found.
    23/03/2012 15:59:30, error: Service Control Manager [7023] - The Dlacdbhm service terminated with the following error: The specified module could not be found.
    22/03/2012 16:06:00, error: Schedule [7901] - The At33.job command failed to start due to the following error: %%2147942402
    22/03/2012 14:08:12, error: Service Control Manager [7023] - The Wlidsvc service terminated with the following error: The specified module could not be found.
    22/03/2012 14:08:12, error: Service Control Manager [7023] - The Radiosvr service terminated with the following error: The specified module could not be found.
    22/03/2012 14:08:12, error: Service Control Manager [7023] - The LPCFilter service terminated with the following error: The specified module could not be found.
    22/03/2012 14:08:12, error: Service Control Manager [7023] - The JiaoIO service terminated with the following error: The specified module could not be found.
    22/03/2012 14:08:12, error: Service Control Manager [7023] - The Dot4usb service terminated with the following error: The specified module could not be found.
    22/03/2012 14:08:12, error: Service Control Manager [7023] - The Dnsexit service terminated with the following error: The specified module could not be found.
    22/03/2012 14:08:12, error: Service Control Manager [7023] - The Cyberpowerups service terminated with the following error: The specified module could not be found.
    22/03/2012 14:08:12, error: Service Control Manager [7023] - The Ctsfm2k service terminated with the following error: The specified module could not be found.
    22/03/2012 14:08:12, error: Service Control Manager [7023] - The Contentfilter service terminated with the following error: The specified module could not be found.
    22/03/2012 14:08:12, error: Service Control Manager [7023] - The Bthmodem service terminated with the following error: The specified module could not be found.
    22/03/2012 14:08:12, error: Service Control Manager [7023] - The Avgio service terminated with the following error: The specified module could not be found.
    21/03/2012 18:14:45, error: Service Control Manager [7023] - The Blfp service terminated with the following error: Access is denied.
    21/03/2012 17:59:44, error: Service Control Manager [7023] - The Winproxy service terminated with the following error: Access is denied.
    21/03/2012 17:59:00, error: Service Control Manager [7023] - The Tme3srv service terminated with the following error: The specified module could not be found.
    21/03/2012 17:59:00, error: Service Control Manager [7023] - The Rollbackclientservice service terminated with the following error: The specified module could not be found.
    21/03/2012 17:59:00, error: Service Control Manager [7023] - The Forcewarewebinterface service terminated with the following error: The specified module could not be found.
    21/03/2012 17:59:00, error: Service Control Manager [7023] - The Dlpwd service terminated with the following error: Access is denied.
    21/03/2012 11:06:00, error: Schedule [7901] - The At24.job command failed to start due to the following error: %%2147942402
    21/03/2012 11:06:00, error: Schedule [7901] - The At23.job command failed to start due to the following error: %%2147942402
    21/03/2012 10:57:17, error: Service Control Manager [7023] - The Rollbackclientservice service terminated with the following error: Access is denied.
    21/03/2012 10:42:16, error: Service Control Manager [7023] - The Forcewarewebinterface service terminated with the following error: Access is denied.
    21/03/2012 10:41:34, error: Service Control Manager [7023] - The Tme3srv service terminated with the following error: Access is denied.
    21/03/2012 10:41:34, error: Service Control Manager [7023] - The Aswlsvc service terminated with the following error: The specified module could not be found.
    21/03/2012 10:41:22, error: System Error [1003] - Error code 1000000a, parameter1 80adb1f1, parameter2 00000002, parameter3 00000001, parameter4 804dbc8e.
    21/03/2012 10:38:47, error: Service Control Manager [7023] - The Aswlsvc service terminated with the following error: Access is denied.
    21/03/2012 10:38:46, error: Service Control Manager [7023] - The Mgisvr service terminated with the following error: The specified module could not be found.
    21/03/2012 10:36:10, error: Service Control Manager [7023] - The Mgisvr service terminated with the following error: Access is denied.
    21/03/2012 10:23:09, error: Service Control Manager [7023] - The Oracleservicelocalora service terminated with the following error: The specified module could not be found.
    21/03/2012 10:19:38, error: Service Control Manager [7023] - The ZTEusbmdm6k service terminated with the following error: The specified module could not be found.
    21/03/2012 10:19:38, error: Service Control Manager [7023] - The Tifm21 service terminated with the following error: The specified module could not be found.
    21/03/2012 10:19:38, error: Service Control Manager [7023] - The Tfsnboio service terminated with the following error: The specified module could not be found.
    21/03/2012 10:19:38, error: Service Control Manager [7023] - The Oracleservicelocalora service terminated with the following error: Access is denied.
    21/03/2012 10:19:38, error: Service Control Manager [7023] - The Mcvsrte service terminated with the following error: The specified module could not be found.
    21/03/2012 10:19:38, error: Service Control Manager [7023] - The Lxrsii1s service terminated with the following error: The specified module could not be found.
    21/03/2012 10:19:38, error: Service Control Manager [7023] - The Licensemanagersocket service terminated with the following error: The specified module could not be found.
    21/03/2012 10:19:38, error: Service Control Manager [7023] - The F700iob service terminated with the following error: The specified module could not be found.
    21/03/2012 10:19:38, error: Service Control Manager [7023] - The Ageremodemaudio service terminated with the following error: The specified module could not be found.
    21/03/2012 10:19:38, error: Service Control Manager [7023] - The {85ccb53b-23d8-4e73-b1b7-9ddb71827d9b} service terminated with the following error: The specified module could not be found.
    21/03/2012 09:13:08, error: Service Control Manager [7023] - The F700iob service terminated with the following error: Access is denied.
    21/03/2012 09:06:00, error: Schedule [7901] - The At20.job command failed to start due to the following error: %%2147942402
    21/03/2012 09:06:00, error: Schedule [7901] - The At19.job command failed to start due to the following error: %%2147942402
    21/03/2012 08:58:11, error: Service Control Manager [7023] - The Tifm21 service terminated with the following error: Access is denied.
    21/03/2012 08:43:04, error: Service Control Manager [7023] - The Ageremodemaudio service terminated with the following error: Access is denied.
    21/03/2012 08:27:59, error: Service Control Manager [7023] - The Lxrsii1s service terminated with the following error: Access is denied.
    21/03/2012 08:27:16, error: Service Control Manager [7023] - The ZTEusbmdm6k service terminated with the following error: Access is denied.
    20/03/2012 20:26:17, error: Service Control Manager [7023] - The Licensemanagersocket service terminated with the following error: Access is denied.
    20/03/2012 20:11:16, error: Service Control Manager [7023] - The Tfsnboio service terminated with the following error: Access is denied.
    20/03/2012 19:56:16, error: Service Control Manager [7023] - The {85ccb53b-23d8-4e73-b1b7-9ddb71827d9b} service terminated with the following error: Access is denied.
    20/03/2012 19:55:35, error: Service Control Manager [7023] - The Mcvsrte service terminated with the following error: Access is denied.
    20/03/2012 18:17:51, error: Service Control Manager [7023] - The SndTDriverV32 service terminated with the following error: The specified module could not be found.
    20/03/2012 18:17:51, error: Service Control Manager [7023] - The Npkcsvc service terminated with the following error: The specified module could not be found.
    20/03/2012 18:17:51, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: The specified module could not be found.
    20/03/2012 18:10:23, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Aexnsclienttransport service to connect.
    20/03/2012 18:06:00, error: Schedule [7901] - The At38.job command failed to start due to the following error: %%2147942402
    20/03/2012 18:06:00, error: Schedule [7901] - The At37.job command failed to start due to the following error: %%2147942402
    20/03/2012 17:54:43, error: Service Control Manager [7023] - The SndTDriverV32 service terminated with the following error: Access is denied.
    20/03/2012 17:54:03, error: Service Control Manager [7023] - The Wg5n service terminated with the following error: The specified module could not be found.
    20/03/2012 17:54:03, error: Service Control Manager [7023] - The Speedfan service terminated with the following error: The specified module could not be found.
    20/03/2012 17:54:03, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: Access is denied.
    20/03/2012 17:54:03, error: Service Control Manager [7023] - The Help and Support service terminated with the following error: The specified module could not be found.
    20/03/2012 17:54:03, error: Service Control Manager [7023] - The Emclisrv service terminated with the following error: The specified module could not be found.
    20/03/2012 15:53:00, error: Service Control Manager [7023] - The Npkcsvc service terminated with the following error: Access is denied.
    20/03/2012 15:52:00, error: Service Control Manager [7023] - The Wg5n service terminated with the following error: Access is denied.
    20/03/2012 15:41:36, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Cdrom redbook
    20/03/2012 15:41:36, error: Service Control Manager [7023] - The Speedfan service terminated with the following error: Access is denied.
    20/03/2012 15:41:36, error: Service Control Manager [7023] - The Sisidex service terminated with the following error: The specified module could not be found.
    20/03/2012 15:41:36, error: Service Control Manager [7023] - The Emclisrv service terminated with the following error: Access is denied.
    20/03/2012 15:37:45, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
    20/03/2012 15:36:26, error: Dhcp [1002] - The IP address lease 192.168.0.14 for the Network Card with network address 000BDB580D87 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    19/03/2012 20:16:53, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
    19/03/2012 20:06:01, error: Schedule [7901] - The At42.job command failed to start due to the following error: %%2147942402
    19/03/2012 20:06:01, error: Schedule [7901] - The At41.job command failed to start due to the following error: %%2147942402
    19/03/2012 19:06:01, error: Schedule [7901] - The At40.job command failed to start due to the following error: General access denied error
    19/03/2012 19:06:00, error: Schedule [7901] - The At39.job command failed to start due to the following error: General access denied error
    19/03/2012 18:36:49, error: Dhcp [1002] - The IP address lease 192.168.1.66 for the Network Card with network address 000BDB580D87 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
    19/03/2012 14:06:00, error: Schedule [7901] - The At29.job command failed to start due to the following error: %%2147942402
    19/03/2012 14:01:16, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 000BDB580D87 has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
    19/03/2012 13:16:18, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    19/03/2012 13:16:18, error: Service Control Manager [7034] - The ABBYY FineReader 9.0 Sprint Licensing Service service terminated unexpectedly. It has done this 1 time(s).
    19/03/2012 12:14:39, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 000BDB580D87 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    .
    ==== End Of File ===========================

  5. #5
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hi wooty1,

    Can you describe the problems you have? Pop ups, redirects, etc. This will give a better idea on how to proceed.

  6. #6
    Member
    Join Date
    Mar 2012
    Posts
    5
    Points
    0

    Default

    an error message displays on start up 'GENERIC HOST WIN32 encountered a problem and needs to close' i think this maybe a virus or a worm. I have run anti virus scans but cannot get rid of the problem as i think is the reason my google browser will not load

  7. #7
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Please remove these programs from your add / remove list.
    • Java(TM) 6 Update 16
    • Windows iLivid Toolbar


    Close all browser windows, including this one. Only have Hijackthis open. Do a System scan only Place a check mark in the following Entries

    O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - (no file)
    O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL
    O2 - BHO: script helper for ie - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - C:\Program Files\ReImageCompanion\jsloader.dll (file missing)
    O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - (no file
    O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
    O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE
    O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - (no file)
    O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - (no file)
    O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - (no file)
    O20 - AppInit_DLLs: C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll
    O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing)


    Click Fixed Checked
    Close Hijackthis
    Reboot the computer

    Search for this Folder if found delete it. c:\program files\Windows iLivid Toolbar<--folder
    Search for and delete this file if found. C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll<--File

    Post a fresh Hijackthis log.

    Did you run Malwarebytes? If you still have the log post it. You may find it under the logs tab in the malwarebytes program interface.

  8. The Following User Says Thank You to zep516 For This Useful Post:


  9. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    wooty1,

    Are you still with us? I'd like you to carry out 2 more additional scans to have a look at.

    Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
    • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
      Vista/Windows 7 users right-click and select Run As Administrator.
    • If TDSSKiller does not run, try renaming it.
    • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
    • Click the Start Scan button.
    • Do not use the computer during the scan
    • If the scan completes with nothing found, click Close to exit.
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
      Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
    • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C.
    • Copy and paste the contents of that file in your next reply.


    Next

    Install Recovery Console and Run ComboFix

    This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

    Download Combofix from any of the links below, and save it to your desktop.

    Link 1
    Link 2
    • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
    • Close any open windows, including this one.
    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • If you did not have it installed, you will see the prompt below. Choose YES.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
    should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
    Leave your computer alone while ComboFix is running.
    ComboFix will restart your computer if malware is found; allow it to do so.


    Note: Please Do NOT mouseclick combofixs window while its running because it may cause it to stall.

  10. The Following User Says Thank You to zep516 For This Useful Post: