1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Long bootup and long program load

Discussion in 'Malware and Virus Removal Archive' started by warpy55, 2012/12/02.

Thread Status:
Not open for further replies.
  1. 2012/12/02
    warpy55

    warpy55 Well-Known Member Thread Starter

    Joined:
    2007/06/16
    Messages:
    88
    Likes Received:
    2
    [Inactive] Long bootup and long program load

    My laptop computer is having serious delay issues in booting up and loading programs. I was asked by administrator to provide these logs...

    I hope it can be sorted it is so frustrating...

    MBAM log

    Malwarebytes Anti-Malware 1.65.1.1000
    www.malwarebytes.org

    Database version: v2012.12.02.03

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 7.0.5730.13
    PaulW :: SGH8370J55 [administrator]

    3/12/2012 8:22:30 a.m.
    mbam-log-2012-12-03 (08-22-30).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 359807
    Time elapsed: 30 minute(s), 19 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 1
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    MBR CHECK

    aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
    Run date: 2012-12-03 09:21:31
    -----------------------------
    09:21:31.071 OS Version: Windows 5.1.2600 Service Pack 3
    09:21:31.071 Number of processors: 2 586 0x1706
    09:21:31.071 ComputerName: SGH8370J55 UserName: PaulW
    09:21:36.075 Initialze error 0
    09:23:14.107 AVAST engine defs: 12120101
    09:24:25.919 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    09:24:25.919 Disk 0 Vendor: FUJITSU_ 8909 Size: 152627MB BusType: 3
    09:24:25.966 Disk 0 MBR read successfully
    09:24:25.981 Disk 0 MBR scan
    09:24:26.794 Disk 0 unknown MBR code
    09:24:26.810 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 151589 MB offset 63
    09:24:26.857 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 1027 MB offset 310472190
    09:24:26.872 Disk 0 scanning sectors +312576705
    09:24:26.951 Disk 0 scanning C:\WINDOWS\system32\drivers
    09:24:26.966 Service scanning
    09:24:28.685 Modules scanning
    09:24:30.342 Disk 0 trace - called modules:
    09:24:30.405 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ACPI.sys iaStor.sys
    09:24:30.420 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a575030]
    09:24:30.436 3 CLASSPNP.SYS[f74e7fd7] -> nt!IofCallDriver -> [0x8a4b3830]
    09:24:30.436 5 hpdskflt.sys[f771833d] -> nt!IofCallDriver -> \Device\000000a4[0x8a456668]
    09:24:30.452 7 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x89ec7030]
    09:24:31.155 AVAST engine scan C:\WINDOWS
    09:24:31.718 AVAST engine scan C:\WINDOWS\system32
    09:24:32.624 AVAST engine scan C:\WINDOWS\system32\drivers
    09:24:33.249 AVAST engine scan C:\Documents and Settings\PaulW
    09:24:33.359 AVAST engine scan C:\Documents and Settings\All Users
    09:24:33.374 Scan finished successfully
    09:25:59.697 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\PaulW\Desktop\MBR.dat "
    09:25:59.728 The log file has been saved successfully to "C:\Documents and Settings\PaulW\Desktop\aswMBR.txt "

    DDS 1st log

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 7.0.6000.17114 BrowserJavaVersion: 1.6.0_37
    Run by PaulW at 9:32:50 on 2012-12-03
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1977.1126 [GMT 13:00]
    .
    AV: Symantec Endpoint Protection *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
    AV: Lavasoft Ad-Aware *Enabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
    FW: Lavasoft Ad-Aware *Disabled*
    .
    ============== Running Processes ================
    .
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Symantec AntiVirus\Smc.exe
    c:\Program Files\ActivIdentity\ActivClient\acevents.exe
    C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
    C:\Program Files\CheckPoint\SecuRemote\bin\SR_Watchdog.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\SCardSvr.exe
    C:\WINDOWS\system32\msdtc.exe
    c:\Program Files\ActivIdentity\ActivClient\accoca.exe
    C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\sqlservr.exe
    c:\xampp\mysql\bin\mysqld.exe
    C:\WINDOWS\system32\NLSSRV32.EXE
    C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    C:\Program Files\Soda PDF 2012\ConversionService.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\WINDOWS\system32\mqsvc.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\mqtgsvc.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Symantec AntiVirus\SmcGui.exe
    C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
    C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    c:\Program Files\ActivIdentity\ActivClient\acevents.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\WINDOWS\system32\AccelerometerSt.Exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
    C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\PC Speed Maximizer\Startw3i.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\WinTV\WinTV7\WinTVTray.exe
    C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\PROGRA~1\AD-AWA~1\AdAware.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F6C148BC798E88339CF60C507C60E476
    uDefault_Page_URL = hxxp://www.activecomponents.com
    mStart Page = hxxp://search.foxtab.com/?s=0&chnl=dcom&cd=2XzutBtN2Y1L1QzuyDyEyDyDyEtAyEyEyDtBtDtB0AtAzytAtDtN0D0TzutBtDtCtCtDzztCyD&cr=3592499
    mDefault_Page_URL = hxxp://www.activecomponents.com
    mSearchAssistant = about:blank
    uURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: Soda PDF 2012 Helper: {ebe8b562-cba0-40d8-b920-af7cfe0c9d94} - c:\program files\soda pdf 2012\PDFIEHelper.dll
    TB: Soda PDF 2012 Toolbar: {a8c9d542-fd91-4834-a2e8-adb9ae692b8b} - c:\program files\soda pdf 2012\PDFIEPlugin.dll
    TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
    uRun: [Startw3i] c:\program files\pc speed maximizer\Startw3i.exe
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [NokiaSuite.exe] c:\program files\nokia\nokia suite\NokiaSuite.exe -tray
    mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
    mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe "
    mRun: [Synchronization Manager] c:\windows\system32\mobsync.exe /logon
    mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [accrdsub] "c:\program files\actividentity\activclient\accrdsub.exe "
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
    mRun: [Nike+ Connect] "c:\program files\nike\nike+ connect\Nike+ Connect daemon.exe "
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [AccelerometerSysTrayApplet] c:\windows\system32\AccelerometerSt.Exe
    mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
    mRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe
    mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
    mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
    mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
    mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe "
    mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    StartupFolder: c:\docume~1\paulw\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\paulw\application data\dropbox\bin\Dropbox.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wintvr~1.lnk - c:\program files\wintv\wintv7\WinTVTray.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    uPolicies-Explorer: DisablePersonalDirChange = dword:1
    mPolicies-System: RunStartupScriptSync = dword:1
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
    IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    Trusted Zone: birddog
    Trusted Zone: microsoft.com
    Trusted Zone: mooney
    Trusted Zone: mooney
    Trusted Zone: stearman
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1233231198875
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 192.168.1.1 203.109.129.67
    TCP: Interfaces\{AC73A805-4F55-4FDA-AA7B-6D54429FB471} : DHCPNameServer = 192.168.1.1 203.109.129.67
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: ackpbsc - c:\windows\system32\ackpbsc.dll
    Notify: acunlock - c:\program files\actividentity\activclient\acunlock.dll
    Notify: igfxcui - igfxdev.dll
    Notify: NavLogon - <no file>
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\paulw\application data\mozilla\firefox\profiles\m1wr2fdz.default\
    FF - prefs.js: browser.startup.homepage - hxxp://nz.yahoo.com/?p=us
    FF - prefs.js: keyword.URL - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=url&toolbarid=adawaretb&u=F6C148BC798E88339CF60C507C60E476&q=
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\cieonetutilities_0eei\installr\2.bin\NP0eEISb.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: c:\program files\nokia\nokia suite\npNokiaSuiteEnabler.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll
    FF - plugin: c:\windows\system32\npdeployJava1.dll
    FF - plugin: c:\windows\system32\npptools.dll
    FF - plugin: c:\windows\system32\npwmsdrm.dll
    FF - ExtSQL: 2012-10-16 08:15; {87934c42-161d-45bc-8cef-ef18abe2a30c}; c:\documents and settings\paulw\application data\mozilla\firefox\profiles\m1wr2fdz.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
    FF - ExtSQL: 2012-10-16 08:16; jid1-yZwVFzbsyfMrqQ@jetpack; c:\documents and settings\paulw\application data\mozilla\firefox\profiles\m1wr2fdz.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
    FF - ExtSQL: 2012-10-16 14:06; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\mozilla firefox 4.0 beta 1\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
    FF - ExtSQL: 2012-10-25 13:22; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox 4.0 beta 1\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
    FF - ExtSQL: !HIDDEN! 2009-09-02 17:03; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2008-3-28 24064]
    R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2012-10-16 21240]
    R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-10-26 101112]
    R2 accoca;ActivClient Middleware Service;c:\program files\actividentity\activclient\accoca.exe [2007-5-16 182576]
    R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-9-20 1236368]
    R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-10-7 108392]
    R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-10-7 108392]
    R2 CP_OMDRV;Check Point Office Mode Module;c:\windows\system32\drivers\omdrv.sys [2007-1-4 36368]
    R2 HauppaugeTVServer;HauppaugeTVServer;c:\program files\wintv\tvserver\HauppaugeTVServer.exe [2012-11-3 577024]
    R2 MSSQL$ACT7;SQL Server (ACT7);c:\program files\microsoft sql server\mssql10_50.act7\mssql\binn\sqlservr.exe [2010-5-5 42884448]
    R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NLSSRV32.EXE [2012-2-8 70136]
    R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2011-12-19 3289032]
    R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2012-10-16 77816]
    R2 Soda PDF 2012 Service;Soda PDF 2012 Service;c:\program files\soda pdf 2012\ConversionService.exe [2012-4-20 723288]
    R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec antivirus\Rtvscan.exe [2009-10-7 2440632]
    R2 VNASC;Check Point Virtual Network Adapter - SecureClient;c:\windows\system32\drivers\vnasc.sys [2007-1-4 109008]
    R2 VPN-1;VPN-1 Module;c:\windows\system32\drivers\vpn.sys [2007-1-4 671312]
    R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2008-5-14 475520]
    R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-9-16 193840]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-10-30 106656]
    R3 FW1;SecuRemote Miniport;c:\windows\system32\drivers\fw.sys [2007-1-4 2234224]
    R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-4-5 41216]
    R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20121127.008\NAVENG.SYS [2012-11-28 92704]
    R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20121127.008\NAVEX15.SYS [2012-11-28 1601184]
    S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-9-10 18432]
    S2 hcw10cir;Hauppauge CIR Receiver;c:\windows\system32\drivers\hcw10cir.sys [2012-11-3 35328]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
    S3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [2010-5-15 20704]
    S3 hcw10bda;Hauppauge Cx2310x WinTV Capture;c:\windows\system32\drivers\hcw10bda.sys [2012-11-3 541184]
    S3 mbedComposite;mbedComposite;c:\windows\system32\drivers\mbedComposite.sys [2010-11-12 39984]
    S3 mbedSerial;mbedSerial;c:\windows\system32\drivers\mbedSerial.sys [2010-11-12 50736]
    S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11; "c:\program files\roxio creator 2009\digital home 11\roxioupnprenderer11.exe" --> c:\program files\roxio creator 2009\digital home 11\RoxioUPnPRenderer11.exe [?]
    S3 Soda PDF 2012 Helper Service;Soda PDF 2012 Helper Service;c:\program files\soda pdf 2012\HelperService.exe [2012-4-20 705880]
    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-5-5 44896]
    S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [2010-4-3 240608]
    S4 SQLAgent$ACT7;SQL Server Agent (ACT7);c:\program files\microsoft sql server\mssql10_50.act7\mssql\binn\SQLAGENT.EXE [2010-5-5 367456]
    .
    =============== File Associations ===============
    .
    ShellExec: Soda PDF 2012.exe: open= "c:\program files\soda pdf 2012\Soda PDF 2012.exe" "%1 "
    .
    =============== Created Last 30 ================
    .
    2012-11-27 20:35:30 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
    2012-11-27 20:33:23 -------- d-----w- c:\documents and settings\paulw\local settings\application data\NokiaAccount
    2012-11-27 20:31:22 -------- d-----w- c:\documents and settings\paulw\local settings\application data\Nokia
    2012-11-27 20:29:30 -------- d-----w- c:\program files\common files\Nokia
    2012-11-27 20:29:30 -------- d-----w- c:\documents and settings\all users\application data\Nokia
    2012-11-27 20:28:48 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
    2012-11-27 20:28:40 -------- d-----w- c:\program files\PC Connectivity Solution
    2012-11-27 20:28:29 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
    2012-11-27 20:28:27 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
    2012-11-27 20:28:25 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
    2012-11-27 20:28:16 605696 ----a-w- c:\windows\system32\nmwcdcocls.dll
    2012-11-27 20:28:16 18560 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
    2012-11-27 20:28:16 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
    2012-11-27 20:28:16 123904 ----a-w- c:\windows\system32\ccdcmbwu.dll
    2012-11-27 20:28:15 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
    2012-11-27 20:27:14 -------- d-----w- c:\program files\Nokia
    2012-11-27 20:27:14 -------- d-----w- c:\documents and settings\all users\application data\NokiaInstallerCache
    2012-11-19 18:55:44 58368 ------w- c:\windows\system32\dllcache\synceng.dll
    2012-11-08 02:25:42 -------- d-----w- c:\program files\Dropbox
    2012-11-03 02:47:34 -------- d-----w- C:\My Videos
    2012-11-03 00:58:28 -------- d-----w- c:\documents and settings\all users\application data\ArcSoft
    2012-11-03 00:57:45 393216 ----a-w- c:\windows\system32\MSLUP60.dll
    2012-11-03 00:57:43 256768 ----a-w- c:\windows\system32\MSLURT.dll
    2012-11-03 00:54:38 38672 ----a-w- c:\windows\system32\pcleUtil.dll
    2012-11-03 00:54:25 -------- d-----w- c:\program files\WinTV
    2012-11-03 00:54:24 142337 ----a-w- c:\windows\system32\Wait.exe
    2012-11-03 00:54:24 -------- d-----w- c:\documents and settings\all users\application data\Hauppauge
    2012-11-03 00:53:44 36921 ----a-w- c:\windows\system32\hcwutl32.dll
    2012-11-03 00:53:44 323640 ----a-w- c:\windows\system32\hcwpnp32.dll
    2012-11-03 00:53:44 118849 ----a-w- c:\windows\system32\hcwi2c32.dll
    2012-11-03 00:53:43 831554 ----a-w- c:\windows\system32\hcwtvwnd.dll
    2012-11-03 00:52:33 35328 ----a-r- c:\windows\system32\drivers\hcw10cir.sys
    2012-11-03 00:52:20 15232 ----a-w- c:\windows\system32\drivers\MPE.sys
    2012-11-03 00:52:20 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys
    .
    ==================== Find3M ====================
    .
    2012-11-08 02:30:41 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-11-08 02:30:40 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-10-22 08:37:31 1866368 ------w- c:\windows\system32\win32k.sys
    2012-10-02 18:04:21 58368 ------w- c:\windows\system32\synceng.dll
    2012-09-29 06:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-09-24 02:32:24 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
    2012-09-24 02:32:20 473072 ----a-w- c:\windows\system32\deployJava1.dll
    2012-09-24 00:51:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
    .
    ============= FINISH: 9:35:34.95 ===============

    DDS 2nd log

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 30/01/2009 12:45:03 a.m.
    System Uptime: 3/12/2012 9:05:57 a.m. (0 hours ago)
    .
    Motherboard: Hewlett-Packard | | 30DD
    Processor: Intel Pentium III Xeon processor | Intel(R) Genuine processor | 2238/266mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 148 GiB total, 87.561 GiB free.
    D: is FIXED (FAT32) - 1 GiB total, 0.976 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP690: 5/09/2012 8:12:12 a.m. - System Checkpoint
    RP691: 6/09/2012 8:38:16 a.m. - System Checkpoint
    RP692: 7/09/2012 2:09:53 p.m. - System Checkpoint
    RP693: 11/09/2012 6:31:49 a.m. - System Checkpoint
    RP694: 12/09/2012 9:18:23 a.m. - System Checkpoint
    RP695: 13/09/2012 11:57:14 a.m. - System Checkpoint
    RP696: 13/09/2012 2:27:39 p.m. - Software Distribution Service 3.0
    RP697: 18/09/2012 8:02:22 a.m. - System Checkpoint
    RP698: 19/09/2012 11:15:24 a.m. - System Checkpoint
    RP699: 19/09/2012 1:23:48 p.m. - Software Distribution Service 3.0
    RP700: 25/09/2012 11:00:49 a.m. - System Checkpoint
    RP701: 25/09/2012 1:16:12 p.m. - Software Distribution Service 3.0
    RP702: 27/09/2012 4:16:45 p.m. - System Checkpoint
    RP703: 1/10/2012 1:11:15 p.m. - System Checkpoint
    RP704: 2/10/2012 3:32:05 p.m. - System Checkpoint
    RP705: 9/10/2012 11:39:53 a.m. - System Checkpoint
    RP706: 11/10/2012 11:07:43 a.m. - System Checkpoint
    RP707: 11/10/2012 4:27:28 p.m. - Software Distribution Service 3.0
    RP708: 16/10/2012 7:47:55 a.m. - System Checkpoint
    RP709: 16/10/2012 2:05:47 p.m. - Removed Java(TM) 6 Update 26
    RP710: 18/10/2012 10:32:11 a.m. - System Checkpoint
    RP711: 25/10/2012 1:22:05 p.m. - Installed Java(TM) 6 Update 37
    RP712: 30/10/2012 6:33:39 a.m. - System Checkpoint
    RP713: 1/11/2012 9:10:28 a.m. - System Checkpoint
    RP714: 1/11/2012 6:16:27 p.m. - Removed Google Earth.
    RP715: 1/11/2012 6:19:44 p.m. - Removed Google Drive
    RP716: 1/11/2012 6:24:59 p.m. - Removed PayPal Payment Request Wizard For Outlook
    RP717: 1/11/2012 7:17:37 p.m. - Removed Sage ACT! Pro 2012
    RP718: 3/11/2012 1:57:41 p.m. - Installed ShowBiz
    RP719: 6/11/2012 9:43:06 a.m. - System Checkpoint
    RP720: 7/11/2012 11:53:20 a.m. - System Checkpoint
    RP721: 12/11/2012 9:36:16 a.m. - System Checkpoint
    RP722: 14/11/2012 8:59:52 a.m. - System Checkpoint
    RP723: 20/11/2012 9:01:15 a.m. - System Checkpoint
    RP724: 20/11/2012 1:16:55 p.m. - Software Distribution Service 3.0
    RP725: 21/11/2012 2:23:02 p.m. - System Checkpoint
    RP726: 27/11/2012 8:42:10 a.m. - System Checkpoint
    RP727: 28/11/2012 9:17:45 a.m. - System Checkpoint
    RP728: 28/11/2012 9:35:30 a.m. - Installed Windows XP Wdf01009.
    RP729: 29/11/2012 3:05:01 p.m. - System Checkpoint
    RP730: 30/11/2012 3:05:30 p.m. - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    2007 Microsoft Office system
    Activation Assistant for the 2007 Microsoft Office suites
    ActivClient 6.1 x86
    Ad-Aware Antivirus
    Ad-Aware Security Add-on
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.4)
    Agere Systems HDA Modem
    Apple Software Update
    ArcSoft ShowBiz
    CameraHelperMsi
    CCleaner
    Check Point VPN-1 SecuRemote/SecureClient NGX HFA2 EA
    Chinese Traditional Fonts Support For Adobe Reader X
    Critical Update for Windows Media Player 11 (KB959772)
    CutePDF Writer 2.6
    DraftSight
    Dropbox
    erLT
    FastStone Capture 5.3
    Free RAR Extract Frog
    FUJIFILM USB Driver
    Hauppauge WinTV 7
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB915800-v4)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB949764)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB969084)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP 3D DriveGuard
    HP Doc Viewer
    HP Help and Support
    HP Integrated Module with Bluetooth wireless technology
    HP Quick Launch Buttons 6.40 D3
    HP QuickLook 2
    HP Software Setup 5.00.A.5
    HP User Guide Bluetooth Addendum 0062
    HP User Guides 0097
    HP Webcam
    HP Webcam Application
    HP Wireless Assistant
    Intel(R) Graphics Media Accelerator Driver
    Intel® Matrix Storage Manager
    Japanese Fonts Support For Adobe Reader X
    Java Auto Updater
    Java(TM) 6 Update 37
    KeePass Password Safe 1.17
    Korean Fonts Support For Adobe Reader 9
    LiveUpdate 3.3 (Symantec Corporation)
    Logitech Unifying Software 2.00
    Logitech Vid HD
    Logitech Webcam Software
    LWS Facebook
    LWS Gallery
    LWS Help_main
    LWS Launcher
    LWS Motion Detection
    LWS Pictures And Video
    LWS Twitter
    LWS Video Mask Maker
    LWS VideoEffects
    LWS Webcam Software
    LWS WLM Plugin
    LWS YouTube Plugin
    Malwarebytes Anti-Malware version 1.65.1.1000
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656370)
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Hybrid 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft SQL Server 2008 R2
    Microsoft SQL Server 2008 R2 Native Client
    Microsoft SQL Server 2008 R2 RsFx Driver
    Microsoft SQL Server 2008 R2 Setup (English)
    Microsoft SQL Server 2008 Setup Support Files
    Microsoft SQL Server Browser
    Microsoft SQL Server Native Client
    Microsoft SQL Server VSS Writer
    Microsoft Sync Framework 2.0 Core Components (x86) ENU
    Microsoft Sync Framework 2.0 Provider Services (x86) ENU
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft_VC100_CRT_SP1_x86
    Mozilla Firefox (3.6.6)
    Mozilla Firefox 16.0 (x86 en-US)
    Mozilla Maintenance Service
    Mozilla Thunderbird 9.0.1 (x86 en-US)
    MSVC80_x86_v2
    MSVC90_x86
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6.0 Parser
    Nike+ Connect
    Nokia Connectivity Cable Driver
    Nokia Suite
    Northwoods Software Mail Merge
    NTPort Library Driver 2.8
    NXP Product Selector Guide
    office Convert Pdf to Jpg Jpeg Tiff Free 6.5
    OGA Notifier 2.0.0048.0
    PC Connectivity Solution
    QuickTime
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB2183461)
    Security Update for Windows Internet Explorer 7 (KB2360131)
    Security Update for Windows Internet Explorer 7 (KB2416400)
    Security Update for Windows Internet Explorer 7 (KB2482017)
    Security Update for Windows Internet Explorer 7 (KB2497640)
    Security Update for Windows Internet Explorer 7 (KB2530548)
    Security Update for Windows Internet Explorer 7 (KB2544521)
    Security Update for Windows Internet Explorer 7 (KB2559049)
    Security Update for Windows Internet Explorer 7 (KB2586448)
    Security Update for Windows Internet Explorer 7 (KB2618444)
    Security Update for Windows Internet Explorer 7 (KB2647516)
    Security Update for Windows Internet Explorer 7 (KB2675157)
    Security Update for Windows Internet Explorer 7 (KB2699988)
    Security Update for Windows Internet Explorer 7 (KB2722913)
    Security Update for Windows Internet Explorer 7 (KB2744842)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 7 (KB978207)
    Security Update for Windows Internet Explorer 7 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Search 4 - KB963093
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2483614)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Skype Toolbars
    Skypeâ„¢ 5.10
    SmartSound Quicktracks Plugin
    Soda PDF 2012
    Solar Installation Utility 3.01
    SQL Server 2008 R2 Common Files
    SQL Server 2008 R2 Database Engine Services
    SQL Server 2008 R2 Database Engine Shared
    Sql Server Customer Experience Improvement Program
    Symantec Endpoint Protection
    Synaptics Pointing Device Driver
    UM-CAM 2.108.2A
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 7 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    USB Driver Vers. 3.2
    VLC media player 1.0.5
    WebFldrs XP
    Windows Driver Package - Nokia pccsmcfd "LegacyDriver" (05/31/2012 7.1.2.0)
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Search 4.0
    Windows Small Business Server 2008 ClientAgent
    Windows Small Business Server 2008 WMI Provider
    Windows XP Service Pack 3
    Youtube Downloader HD v. 2.9.2
    .
    ==== Event Viewer Messages From Past Week ========
    .
    30/11/2012 5:48:16 p.m., error: FW1 [1] - FW1: FW-1: last packet seen 3486 seconds ago, assumin-->
    30/11/2012 5:48:16 p.m., error: FW1 [1] - FW1: -->g clock change.
    3/12/2012 9:23:14 a.m., error: System Error [1003] - Error code 100000d1, parameter1 011d4005, parameter2 0000001c, parameter3 00000001, parameter4 7c918bd0.
    3/12/2012 8:05:15 a.m., error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    3/12/2012 8:04:53 a.m., error: FW1 [1] - FW1: FW-1: last packet seen 224187 seconds ago, assum-->
    3/12/2012 8:04:53 a.m., error: FW1 [1] - FW1: -->ing clock change.
    29/11/2012 8:38:29 a.m., error: Dhcp [1002] - The IP address lease 192.168.109.247 for the Network Card with network address 0016EAC7455A has been denied by the DHCP server 2.2.2.2 (The DHCP Server sent a DHCPNACK message).
    29/11/2012 7:53:53 p.m., error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
    29/11/2012 7:25:07 a.m., error: NETLOGON [5719] - No Domain Controller is available for domain ACTIVE due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
    29/11/2012 7:24:47 a.m., error: Dhcp [1002] - The IP address lease 10.1.1.115 for the Network Card with network address 0016EAC7455A has been denied by the DHCP server 2.2.2.2 (The DHCP Server sent a DHCPNACK message).
    29/11/2012 10:40:05 a.m., error: Dhcp [1002] - The IP address lease 192.168.109.247 for the Network Card with network address 0016EAC7455A has been denied by the DHCP server 192.168.180.1 (The DHCP Server sent a DHCPNACK message).
    29/11/2012 1:27:23 p.m., error: Dhcp [1002] - The IP address lease 192.168.182.252 for the Network Card with network address 0016EAC7455A has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    29/11/2012 1:27:14 p.m., error: Dhcp [1002] - The IP address lease 10.1.1.123 for the Network Card with network address 001F299C1EA6 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    27/11/2012 7:06:36 a.m., error: FW1 [1] - FW1: FW-1: last packet seen -4 seconds ago, assuming -->
    27/11/2012 7:06:36 a.m., error: FW1 [1] - FW1: -->clock change.
    27/11/2012 7:06:11 a.m., error: Service Control Manager [7022] - The mysql service hung on starting.
    27/11/2012 7:04:26 a.m., error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).
    27/11/2012 7:04:26 a.m., error: Service Control Manager [7000] - The Hauppauge CIR Receiver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    .
    ==== End Of File ===========================



    regards Paul
     
    warpy55,
    #1
  2. 2012/12/02
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ==================================

    You're running two AV programs, Lavasoft Ad-Aware and Norton.
    You must uninstall one of them.
    I suggest Lavasoft goes.

    Next...

    • Download RogueKiller on the desktop
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
     
    broni,
    #2


  3. to hide this advert.

Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...