Page 1 of 4 1234 LastLast
Results 1 to 10 of 40

Thread: Spybot and HJT won't run

  1. #1
    Junior Member
    Join Date
    Nov 2009
    Posts
    25

    Default Spybot and HJT won't run

    I think i have a malware problem and it isn't letting me run spybot, Something has changed the file names in the folder with what looks like (HGFDFTDYDFGYTDT) that! i have been through renaming the .scr and .exe files and it then will allow spybot to open and let me do anything except when you go to check for problems, it then just closes spybot and when you go to re open spybot it comes up with a windows box that says either the file is write-protected or the user does not have permission to access this file,
    I then downloaded HJT and installed it alright i did a scan and save and it got halfway through it and the program shutdown and then now when you go to reopen it it comes up with the same box as with spybot. What can i do now please?

  2. #2
    Junior Member
    Join Date
    Nov 2009
    Posts
    25

    Default

    I was able to get a win32kdiag log, well part of it anyway, i will post it up here, hopefully it may help

  3. #3
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Open notepad and then copy and paste the bolded lines below into it. Go to File > save as and name the file fixes.bat, change the Save as type to all files and save it to your desktop.
    @ECHO OFF
    DIR /a/s C:\WINDOWS\scecli.dll C:\WINDOWS\netlogon.dll C:\WINDOWS\eventlog.dll C:\Windows\cngaudit.dll >Log.txt
    START Log.txt
    DEL %0

    Double-click on fixes.bat file to execute it. Notepad should open up. Post back its contents, please.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  4. #4
    Junior Member
    Join Date
    Nov 2009
    Posts
    25

    Default

    This is the log file you requested, thank you for helping

    Volume in drive C has no label.
    Volume Serial Number is B8E0-0EAF

    Directory of C:\WINDOWS\$NtServicePackUninstall$

    28/02/2006 11:00 PM 180,224 scecli.dll

    Directory of C:\WINDOWS\$NtServicePackUninstall$

    28/02/2006 11:00 PM 407,040 netlogon.dll

    Directory of C:\WINDOWS\$NtServicePackUninstall$

    28/02/2006 11:00 PM 55,808 eventlog.dll
    3 File(s) 643,072 bytes

    Directory of C:\WINDOWS\ServicePackFiles\i386

    14/04/2008 11:12 AM 181,248 scecli.dll

    Directory of C:\WINDOWS\ServicePackFiles\i386

    14/04/2008 11:12 AM 407,040 netlogon.dll

    Directory of C:\WINDOWS\ServicePackFiles\i386

    14/04/2008 11:11 AM 56,320 eventlog.dll
    3 File(s) 644,608 bytes

    Directory of C:\WINDOWS\system32

    14/04/2008 11:12 AM 181,248 scecli.dll

    Directory of C:\WINDOWS\system32

    14/04/2008 11:12 AM 407,040 netlogon.dll

    Directory of C:\WINDOWS\system32

    14/04/2008 11:11 AM 61,952 eventlog.dll
    3 File(s) 650,240 bytes

    Total Files Listed:
    9 File(s) 1,937,920 bytes
    0 Dir(s) 12,910,960,640 bytes free

  5. #5
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi again

    • Download The Avenger by Swandog46 from here.
    • Unzip/extract it to a folder on your desktop.
    • Double click on avenger.exe to run The Avenger.
    • Click OK.
    • Make sure that the box next to Scan for rootkits has a tick in it and that the box next to Automatically disable any rootkits found does not have a tick in it.
    • Copy all of the text in the below textbox to the clibpboard by highlighting it and then pressing Ctrl+C.
      Code:
      Files to move:
      C:\WINDOWS\ServicePackFiles\i386\eventlog.dll|C:\WINDOWS\system32\eventlog.dll
    • In the avenger window, click the Paste Script from Clipboard, button.
    • Click the Execute button.
    • You will be asked Are you sure you want to execute the current script?.
    • Click Yes.
    • You will now be asked First step completed --- The Avenger has been successfully set up to run on next boot. Reboot now?.
    • Click Yes.
    • Your PC will now be rebooted.
    • Note: If the above script contains Drivers to delete: or Drivers to disable:, then The Avenger will require two reboots to complete its operation.
    • If that is the case, it will force a BSOD on the first reboot. This is normal & expected behaviour.
    • After your PC has completed the necessary reboots, a log should automatically open. If it does not automatically open, then the log can be found at %systemdrive%\avenger.txt (typically C:\avenger.txt).
    • Please post this log in your next reply.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  6. #6
    Junior Member
    Join Date
    Nov 2009
    Posts
    25

    Default

    Here is the log

    Logfile of The Avenger Version 2.0, (c) by Swandog46
    http://swandog46.geekstogo.com

    Platform: Windows XP

    *******************

    Script file opened successfully.
    Script file read successfully.

    Backups directory opened successfully at C:\Avenger

    *******************

    Beginning to process script file:

    Rootkit scan active.
    No rootkits found!

    File move operation "C:\WINDOWS\ServicePackFiles\i386\eventlog.dll|C:\WINDOWS\system32\eventlog.dll" completed successfully.

    Completed script processing.

    *******************

    Finished! Terminate.

  7. #7
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Good. Let's continue.

    Please save this file to your desktop. Click on Start->Run, and copy-paste the following command (the bolded text) into the Open box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.
    "%userprofile%\desktop\win32kdiag.exe" -f -r


    Download DDS and save it to your desktop from here or here or here.
    Disable any script blocker, and then double click dds.scr to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop. Post them back to your topic.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  8. #8
    Junior Member
    Join Date
    Nov 2009
    Posts
    25

    Default

    the requsted logs

    Running from: C:\Documents and Settings\Daddy\desktop\win32kdiag.exe

    Log file at : C:\Documents and Settings\Daddy\Desktop\Win32kDiag.txt

    Removing all found mount points.

    Attempting to reset file permissions.

    WARNING: Could not get backup privileges!

    Searching 'C:\WINDOWS'...



    Found mount point : C:\WINDOWS\addins\addins

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\addins\addins

    Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10B.tmp\ZAP10B.tmp

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10B.tmp\ZAP10B.tmp

    Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11F.tmp\ZAP11F.tmp

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11F.tmp\ZAP11F.tmp

    Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP134.tmp\ZAP134.tmp

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP134.tmp\ZAP134.tmp

    Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20A.tmp\ZAP20A.tmp

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20A.tmp\ZAP20A.tmp

    Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BC.tmp\ZAP2BC.tmp

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BC.tmp\ZAP2BC.tmp

    Found mount point : C:\WINDOWS\assembly\temp\temp

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\assembly\temp\temp

    Found mount point : C:\WINDOWS\assembly\tmp\tmp

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\assembly\tmp\tmp

    Found mount point : C:\WINDOWS\Cache\Adobe Reader 6.0.1\Adobe Reader 6.0.1

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\Cache\Adobe Reader 6.0.1\Adobe Reader 6.0.1

    Found mount point : C:\WINDOWS\Config\Config

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\Config\Config

    Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

    Found mount point : C:\WINDOWS\Debug\UserMode\UserMode

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\Debug\UserMode\UserMode

    Found mount point : C:\WINDOWS\ftpcache\ftpcache

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\ftpcache\ftpcache

    Found mount point : C:\WINDOWS\ime\chsime\applets\applets

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\ime\chsime\applets\applets

    Found mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets

    Found mount point : C:\WINDOWS\ime\imejp\applets\applets

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\ime\imejp\applets\applets

    Found mount point : C:\WINDOWS\ime\imejp98\imejp98

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\ime\imejp98\imejp98

    Found mount point : C:\WINDOWS\ime\imjp8_1\applets\applets

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\ime\imjp8_1\applets\applets

    Found mount point : C:\WINDOWS\ime\imkr6_1\applets\applets

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\ime\imkr6_1\applets\applets

    Found mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts

    Found mount point : C:\WINDOWS\ime\shared\res\res

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\ime\shared\res\res

    Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

    Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

    Found mount point : C:\WINDOWS\java\classes\classes

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\java\classes\classes

    Found mount point : C:\WINDOWS\java\trustlib\trustlib

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\java\trustlib\trustlib

    Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

    Found mount point : C:\WINDOWS\msapps\msinfo\msinfo

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\msapps\msinfo\msinfo

    Found mount point : C:\WINDOWS\mui\mui

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\mui\mui

    Found mount point : C:\WINDOWS\pchealth\ErrorRep\QHEADLES\QHEADLES

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\pchealth\ErrorRep\QHEADLES\QHEADLES

    Found mount point : C:\WINDOWS\pchealth\ErrorRep\QSIGNOFF\QSIGNOFF

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\pchealth\ErrorRep\QSIGNOFF\QSIGNOFF

    Found mount point : C:\WINDOWS\pchealth\helpctr\BATCH\BATCH

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\pchealth\helpctr\BATCH\BATCH

    Cannot access: C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe

    Attempting to restore permissions of : C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe

    Found mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint

    Found mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles

    Found mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs

    Found mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS

    Found mount point : C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM

    Found mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp

    Found mount point : C:\WINDOWS\PIF\PIF

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\PIF\PIF

    Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\Registration\CRMLog\CRMLog

    Found mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded

    Found mount point : C:\WINDOWS\SoftwareDistribution\Download\355f788b6de8a3ec79e9aa172e6317f1\backup\backup

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\SoftwareDistribution\Download\355f788b6de8a3ec79e9aa172e6317f1\backup\backup

    Found mount point : C:\WINDOWS\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\backup\backup

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\backup\backup

    Found mount point : C:\WINDOWS\SoftwareDistribution\Download\5cfa09586faf6d9470f0c817d855bb6b\backup\backup

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\SoftwareDistribution\Download\5cfa09586faf6d9470f0c817d855bb6b\backup\backup

    Found mount point : C:\WINDOWS\SoftwareDistribution\Download\85947e1a809663c7f480717673587a59\backup\backup

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\SoftwareDistribution\Download\85947e1a809663c7f480717673587a59\backup\backup

    Found mount point : C:\WINDOWS\SoftwareDistribution\Download\9868363812bbe4a0a4d814b7943ba906\backup\backup

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\SoftwareDistribution\Download\9868363812bbe4a0a4d814b7943ba906\backup\backup

    Found mount point : C:\WINDOWS\SoftwareDistribution\Download\b7b0631e184025ba37e5a4ec1d8637e7\backup\backup

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\SoftwareDistribution\Download\b7b0631e184025ba37e5a4ec1d8637e7\backup\backup

    Found mount point : C:\WINDOWS\SoftwareDistribution\Download\d3767eab8f4479a8d252b47e8ec225c8\backup\backup

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\SoftwareDistribution\Download\d3767eab8f4479a8d252b47e8ec225c8\backup\backup

    Found mount point : C:\WINDOWS\SoftwareDistribution\Download\de81b460c3abcfc5b8494c785a5f3944\backup\backup

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\SoftwareDistribution\Download\de81b460c3abcfc5b8494c785a5f3944\backup\backup

    Found mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment

    Found mount point : C:\WINDOWS\SxsCaPendDel\SxsCaPendDel

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\SxsCaPendDel\SxsCaPendDel

    Cannot access: C:\WINDOWS\system32\MRT.exe

    Attempting to restore permissions of : C:\WINDOWS\system32\MRT.exe

    Found mount point : C:\WINDOWS\temp\0ded3eab-b941-4455-81d3-51ab90b4c063\0ded3eab-b941-4455-81d3-51ab90b4c063

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\temp\0ded3eab-b941-4455-81d3-51ab90b4c063\0ded3eab-b941-4455-81d3-51ab90b4c063

    Found mount point : C:\WINDOWS\temp\7ea24853-aeda-4ef8-9bbf-1fc9dd16f9dc\7ea24853-aeda-4ef8-9bbf-1fc9dd16f9dc

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\temp\7ea24853-aeda-4ef8-9bbf-1fc9dd16f9dc\7ea24853-aeda-4ef8-9bbf-1fc9dd16f9dc

    Found mount point : C:\WINDOWS\temp\96907fcd-7dd1-4633-8931-2d8e5865706a\96907fcd-7dd1-4633-8931-2d8e5865706a

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\temp\96907fcd-7dd1-4633-8931-2d8e5865706a\96907fcd-7dd1-4633-8931-2d8e5865706a

    Found mount point : C:\WINDOWS\temp\c8dd9e49-b1b0-424e-9763-b77c1de0589b\c8dd9e49-b1b0-424e-9763-b77c1de0589b

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\temp\c8dd9e49-b1b0-424e-9763-b77c1de0589b\c8dd9e49-b1b0-424e-9763-b77c1de0589b

    Found mount point : C:\WINDOWS\temp\f681da11-17af-4ab4-8797-bd79291e258f\f681da11-17af-4ab4-8797-bd79291e258f

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\temp\f681da11-17af-4ab4-8797-bd79291e258f\f681da11-17af-4ab4-8797-bd79291e258f

    Found mount point : C:\WINDOWS\temp\Google Toolbar\Google Toolbar

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\temp\Google Toolbar\Google Toolbar

    Found mount point : C:\WINDOWS\temp\History\Results\Results

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\temp\History\Results\Results

    Found mount point : C:\WINDOWS\temp\RtSigs\Data\Data

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\temp\RtSigs\Data\Data

    Found mount point : C:\WINDOWS\temp\WDF13.tmp\WDF13.tmp

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\temp\WDF13.tmp\WDF13.tmp

    Found mount point : C:\WINDOWS\temp\WDFE.tmp\WDFE.tmp

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\temp\WDFE.tmp\WDFE.tmp

    Found mount point : C:\WINDOWS\WinSxS\InstallTemp\InstallTemp

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\WinSxS\InstallTemp\InstallTemp

    Found mount point : C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2

    Found mount point : C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303

    Mount point destination : \Device\__max++>\^

    Removing mount point : C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303



    Finished!

  9. #9
    Junior Member
    Join Date
    Nov 2009
    Posts
    25

    Default

    DDS (Ver_09-09-29.01) - NTFSx86
    Run by Daddy at 22:33:47.70 on Tue 24/11/2009
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3582.2823 [GMT 11:00]

    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\Program Files\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    svchost.exe
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\iWin Games\iWinTrusted.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\system32\hphmon05.exe
    C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
    C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
    C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\PROGRA~1\Webshots\webshots.scr
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Daddy\Desktop\dds.com

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com.au/
    uInternet Connection Wizard,ShellNext = hxxp://redirect.zonelabs.com/redirect/route?oem=1025&prod=0&mode=1&app=inclient&version=7.0.473.000&lang=en&locale=en-AU&date=-86400&link_id=4&dest=try_product&lic=j5hvqhisiu3s4he7bhx644bu4g0
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
    BHO: iWin Toolbar: {ce0c2586-da36-452b-acdb-320d9bcb19bf} - c:\program files\iwin\tbiWi1.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: iWin Toolbar: {ce0c2586-da36-452b-acdb-320d9bcb19bf} - c:\program files\iwin\tbiWi1.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No File
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
    mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
    mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
    mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
    mRun: [HPHmon05] c:\windows\system32\hphmon05.exe
    mRun: [DiscWizardMonitor.exe] c:\program files\seagate\discwizard\DiscWizardMonitor.exe
    mRun: [AcronisTimounterMonitor] c:\program files\seagate\discwizard\TimounterMonitor.exe
    mRun: [Seagate Scheduler2 Service] "c:\program files\common files\seagate\schedule2\schedhlp.exe"
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\daddy\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\Launcher.exe
    StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Adobe Reader Speed Launch.lnk.disabled
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    Trusted Zone: bigpond.com\my
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    Notify: avgrsstarter - avgrsstx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: CShellExecuteHookImpl Object: {57b86673-276a-48b2-bae7-c6dbb3020eb8} - c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
    LSA: Authentication Packages = msv1_0 relog_ap

    ============= SERVICES / DRIVERS ===============

    R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-7-8 335240]
    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-7-8 27784]
    R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-7-8 108552]
    R2 iWinTrusted;iWinTrusted;c:\program files\iwin games\iWinTrusted.exe [2009-9-3 78104]
    R2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\common files\seagate\schedule2\schedul2.exe [2008-6-24 431384]
    S1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver;\??\c:\program files\grisoft\avg anti-spyware 7.5\guard.sys --> c:\program files\grisoft\avg anti-spyware 7.5\guard.sys [?]
    S1 AvgAsCln;AVG Anti-Spyware Clean Driver;c:\windows\system32\drivers\avgascln.sys --> c:\windows\system32\drivers\AvgAsCln.sys [?]
    S2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard;c:\program files\grisoft\avg anti-spyware 7.5\guard.exe --> c:\program files\grisoft\avg anti-spyware 7.5\guard.exe [?]
    S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe --> c:\progra~1\avg\avg8\avgemc.exe [?]
    S2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-12 297752]
    S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [2009-7-28 152576]
    S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
    S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

    =============== Created Last 30 ================

    2009-11-16 09:11 <DIR> --d-h--- c:\windows\PIF
    2009-11-16 09:01 <DIR> --d----- c:\docume~1\daddy\applic~1\Malwarebytes
    2009-11-16 09:01 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-11-16 09:01 19,160 a------- c:\windows\system32\drivers\mbam.sys
    2009-11-16 09:01 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
    2009-11-16 09:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2009-11-15 16:54 <DIR> --d----- c:\program files\Trend Micro
    2009-11-08 22:22 <DIR> --d----- c:\program files\Spybot - Search & Destroy
    2009-11-08 20:27 <DIR> --d----- c:\windows\system32\wbem\Repository
    2009-11-08 20:21 <DIR> --d----- c:\docume~1\daddy\applic~1\AVG8
    2009-11-08 20:21 <DIR> --d-h--- C:\$AVG8.VAULT$
    2009-11-03 22:25 <DIR> --d----- C:\$AVG
    2009-11-03 22:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
    2009-11-03 22:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg9
    2009-11-03 12:39 <DIR> --d----- C:\ProgramData
    2009-10-28 14:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Alawar Stargaze

    ==================== Find3M ====================

    2009-11-03 22:24 12,464 a------- c:\windows\system32\avgrsstx(2).dll
    2009-09-12 01:18 136,192 a------- c:\windows\system32\msv1_0.dll
    2009-09-05 08:03 58,880 a------- c:\windows\system32\msasn1.dll
    2009-08-29 19:08 916,480 a------- c:\windows\system32\wininet.dll
    2008-09-16 21:32 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008091620080917\index.dat
    2008-09-16 21:32 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\index.dat

    ============= FINISH: 22:34:01.98 ===============

  10. #10
    Junior Member
    Join Date
    Nov 2009
    Posts
    25

    Default

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-09-29.01)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 7/07/2008 6:50:23 PM
    System Uptime: 24/11/2009 10:06:28 PM (0 hours ago)

    Motherboard: Gigabyte Technology Co., Ltd. | | GA-M52S-S3P
    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+ | Socket M2 | 3013/200mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 38 GiB total, 12.467 GiB free.
    D: is CDROM ()
    F: is Removable
    G: is CDROM ()
    H: is FIXED (NTFS) - 466 GiB total, 412.593 GiB free.

    ==== Disabled Device Manager Items =============

    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
    Description: Nokia Windows Portable Device Driver
    Device ID: ROOT\WPD\0000
    Manufacturer: Nokia
    Name: Nokia E51
    PNP Device ID: ROOT\WPD\0000
    Service: WUDFRd

    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
    Description: Nokia 6120 classic
    Device ID: ROOT\WPD\0001
    Manufacturer: Nokia
    Name: Nokia 6120 classic
    PNP Device ID: ROOT\WPD\0001
    Service: WUDFRd

    ==== System Restore Points ===================

    RP394: 24/11/2009 10:31:16 PM - Software Distribution Service 3.0

    ==== Installed Programs ======================

    Abdio Free MP4 Player (Free)
    Adobe Flash Player 10 ActiveX
    Adobe Reader 7.0
    Adobe Shockwave Player
    Barbie(TM) Diaries High School Mystery
    Bookworm Adventures 2 (remove only)
    Bookworm Adventures: The Monkey King (remove only)
    Cars Demo
    Collapse! Crunch
    Critical Update for Windows Media Player 11 (KB959772)
    DigitImg
    Disney-Pixar Ratatouille Demo
    Disney-Pixar WALL-E
    DVD Shrink 3.2
    Eureka's 1000 Games
    Farm Frenzy 2 (remove only)
    Farm Frenzy 3 (remove only)
    ffdshow [rev 2202] [2008-10-10]
    Free DVD Creator version 2.0
    FW LiveUpdate
    Google Earth
    Google Toolbar for Internet Explorer
    High Definition Audio Driver Package - KB888111
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    HP Memories Disc
    HP Software Update
    iWin Games (remove only)
    iWin Toolbar
    Java(TM) 6 Update 12
    Java(TM) 6 Update 4
    Java(TM) 6 Update 7
    K-Lite Codec Pack 4.9.0 (Standard)
    Logitech QuickCam
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Standard Edition 2003
    Microsoft User-Mode Driver Framework Feature Pack 1.5
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    MSVC80_x86
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 6.0 Parser
    Nero 7 Essentials
    neroxml
    Nokia Connectivity Cable Driver
    Nokia Flashing Cable Driver
    Nokia PC Suite
    Nokia Software Updater
    NVIDIA Drivers
    OGA Notifier 1.7.0105.35.0
    overland
    PC Connectivity Solution
    Photosmart 140,240,7200,7600,7700,7900 Series
    Picture Package Music Transfer
    PS7900
    PSShortcuts
    PSUsage
    QFolder
    RealArcade
    Realtek Card Reader
    REALTEK GbE & FE Ethernet PCI NIC Driver
    Realtek High Definition Audio Driver
    Rugrats in Paris
    SAMSUNG CDMA Modem Driver Set
    SAMSUNG Mobile Composite Device Software
    SAMSUNG Mobile Modem Driver Set
    Samsung Mobile phone USB driver Software
    SAMSUNG Mobile USB Modem 1.0 Software
    SAMSUNG Mobile USB Modem Software
    Samsung PC Studio 3
    Samsung PC Studio 3 USB Driver Installer
    Seagate*DiscWizard
    SeaTools for Windows
    Security Update for CAPICOM (KB931906)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB936782)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Shockwave
    Sony Picture Utility
    SpecOps
    Spybot - Search & Destroy
    The Sims 2
    The Sims 2 Glamour Life Stuff
    The Sims 2 University
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB971180)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB973815)
    VideoLAN VLC media player 0.8.6d
    WebFldrs XP
    Webshots Desktop
    Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
    Windows Driver Package - Nokia Modem (05/22/2008 3.8)
    Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)
    Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    Yahoo! Messenger
    Yahoo! Toolbar

    ==== Event Viewer Messages From Past Week ========

    24/11/2009 10:31:00 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000003A' while processing the file 'addins' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
    23/11/2009 9:46:45 PM, error: Service Control Manager [7031] - The .NET Runtime Optimization Service v2.0.50727_X86 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 960000 milliseconds: Restart the service.
    23/11/2009 9:44:24 PM, error: Service Control Manager [7031] - The .NET Runtime Optimization Service v2.0.50727_X86 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    23/11/2009 9:39:22 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVG Anti-Spyware Driver AvgAsCln
    23/11/2009 9:39:14 PM, error: Service Control Manager [7024] - The AVG8 WatchDog service terminated with service-specific error 3758161981 (0xE001003D).
    23/11/2009 9:39:14 PM, error: Service Control Manager [7001] - The AVG8 E-mail Scanner service depends on the AVG8 WatchDog service which failed to start because of the following error: The service has returned a service-specific error code.
    23/11/2009 9:39:14 PM, error: Service Control Manager [7000] - The AVG Anti-Spyware Guard service failed to start due to the following error: The system cannot find the file specified.

    ==== End Of File ===========================

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •