OK
Here are the Logs you requested
DDS (Ver_09-05-14.01) - NTFSx86
Run by Blacklock at 16:43:58.51 on 13/06/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.326 [GMT 1:00]
AV: avast! antivirus 4.8.1335 [VPS 090612-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\sttray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Documents and Settings\Blacklock\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\HPZinw12.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Documents and Settings\Blacklock\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page =
hxxp://www.google.com/ig?hl=enuSearch Page =
hxxp://www.google.comuSearch Bar =
hxxp://www.google.com/ieuSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
mSearchAssistant =
hxxp://www.google.com/ieBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.2.2.28.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: {b744ed6d-2ca3-44df-83bb-75a8be1ee631} - c:\windows\system32\mljgh.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Google Update] "c:\documents and settings\blacklock\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Skype] "c:\program files\skype\\phone\Skype.exe" /nosplash /minimized
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [V0220Mon.exe] c:\windows\V0220Mon.exe
mRun: [CreativeTaskScheduler] "c:\program files\creative\shared files\CTSched.exe" /logon
mRun: [AVFX Engine] c:\program files\creative\creative live! cam\videofx\StartFX.exe
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [LyraHD2TrayApp] "c:\program files\thomson\lyra jukebox\lyrahdtrayapp\LYRAHD2TrayApp.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~2.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\windows\installer\{f128ba10-362e-11d3-81ab-00c04fb932ba}\4EBD23F5.exe
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -
res://c:\program files\bitcomet\tools\BitCometBHO_1.2.2.28.dll/206
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: runaware.com\www
DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
hxxp://www.kaspersky.com/kos/eng/partne ... nicode.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} -
hxxp://fpdownload.macromedia.com/get/sh ... tor/sw.cabDPF: {17492023-C23A-453E-A040-C7C580BBF700} -
hxxp://download.microsoft.com/download/ ... ontrol.cabDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -
hxxp://www.update.microsoft.com/windows ... 9504580593DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://download.macromedia.com/pub/shoc ... wflash.cabDPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} -
hxxp://ccfiles.creative.com/Web/softwar ... /CTPID.cabFilter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: ms-its51 - {F6F1E82D-DE4D-11D2-875C-0000F8105754} - c:\program files\common files\microsoft shared\information retrieval\itss51.dll
Handler: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - c:\progra~1\common~1\micros~1\refere~1\msref.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\mljgh.dll
============= SERVICES / DRIVERS ===============
R0 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2007-9-15 40840]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-6-11 130936]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-4-3 114768]
R1 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2007-9-15 66952]
R1 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2007-9-15 81288]
R2 a2free;a-squared Free Service;c:\program files\a-squared free\a2service.exe [2008-2-17 718880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-4-3 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2007-9-15 138680]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-7-25 210216]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-2-6 348752]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-2-6 1095560]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2007-9-15 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2007-9-15 352920]
R3 V0220Dev;Live! Cam Video IM;c:\windows\system32\drivers\V0220Dev.sys [2007-10-8 146112]
R3 V0220Vfx;V0220VFX;c:\windows\system32\drivers\V0220Vfx.sys [2007-10-8 6272]
S2 0236581237916216mcinstcleanup;McAfee Application Installer Cleanup (0236581237916216);c:\windows\temp\023658~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\023658~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]
S2 gupdate1c996c2fdc82446;Google Update Service (gupdate1c996c2fdc82446);c:\program files\google\update\GoogleUpdate.exe [2009-2-24 133104]
=============== Created Last 30 ================
2009-06-11 22:41 <DIR> --d----- c:\docume~1\blackl~1\applic~1\Malwarebytes
2009-06-11 22:40 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-11 22:40 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-06-11 22:40 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-06-11 22:40 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-06-11 22:16 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-06-11 22:16 130,936 a------- c:\windows\system32\drivers\PCTCore.sys
2009-06-11 22:16 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-06-11 22:16 <DIR> --d----- c:\program files\common files\PC Tools
2009-06-11 22:16 64,392 a------- c:\windows\system32\drivers\pctplsg.sys
2009-06-11 22:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-06-08 22:38 <DIR> --d----- c:\windows\system32\wbem\Repository
==================== Find3M ====================
2009-05-21 11:33 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-07 16:32 345,600 a------- c:\windows\system32\localspl.dll
2009-04-29 05:56 827,392 a------- c:\windows\system32\wininet.dll
2009-04-29 05:55 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-17 13:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-15 15:51 585,216 a------- c:\windows\system32\rpcrt4.dll
2009-04-08 22:25 3,366,912 a------- c:\windows\system32\GPhotos.scr
2008-08-07 22:15 87,608 a------- c:\docume~1\blackl~1\applic~1\inst.exe
2008-08-07 22:15 47,360 a------- c:\docume~1\blackl~1\applic~1\pcouffin.sys
2007-11-28 20:49 32 a------- c:\docume~1\alluse~1\applic~1\ezsid.dat
2008-08-29 17:52 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082920080830\index.dat
2008-08-30 22:00 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008083020080831\index.dat
============= FINISH: 16:45:03.34 ===============
Attach.txt
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-05-14.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 11/09/2007 10:20:40
System Uptime: 13/06/2009 16:31:23 (0 hours ago)
Motherboard: ELITEGROUP COMPUTER SYSTEM CO.,LTD. | | NFORCE6M-A
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ | Socket AM2 | 2109/201mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 69.106 GiB free.
D: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP601: 15/03/2009 19:23:58 - Software Distribution Service 3.0
RP602: 16/03/2009 15:54:48 - Software Distribution Service 3.0
RP603: 17/03/2009 16:54:17 - System Checkpoint
RP604: 18/03/2009 19:24:58 - System Checkpoint
RP605: 19/03/2009 20:42:26 - Software Distribution Service 3.0
RP606: 20/03/2009 21:34:30 - System Checkpoint
RP607: 22/03/2009 11:32:50 - System Checkpoint
RP608: 22/03/2009 13:08:00 - Installed Windows XP Creativity Fun Packs - Windows Movie Maker 2 - Titles
RP609: 23/03/2009 14:54:24 - Software Distribution Service 3.0
RP610: 24/03/2009 17:43:51 - System Checkpoint
RP611: 25/03/2009 19:29:20 - System Checkpoint
RP612: 26/03/2009 20:25:57 - Software Distribution Service 3.0
RP613: 28/03/2009 09:06:41 - System Checkpoint
RP614: 29/03/2009 22:05:23 - System Checkpoint
RP615: 30/03/2009 20:08:40 - Software Distribution Service 3.0
RP616: 31/03/2009 18:37:13 - Installed Java(TM) 6 Update 13
RP617: 01/04/2009 22:25:19 - System Checkpoint
RP618: 02/04/2009 19:36:15 - Software Distribution Service 3.0
RP619: 03/04/2009 22:44:39 - System Checkpoint
RP620: 06/04/2009 19:32:21 - Software Distribution Service 3.0
RP621: 07/04/2009 22:10:15 - System Checkpoint
RP622: 09/04/2009 19:22:46 - System Checkpoint
RP623: 11/04/2009 19:44:49 - System Checkpoint
RP624: 13/04/2009 08:49:11 - System Checkpoint
RP625: 13/04/2009 21:25:08 - Software Distribution Service 3.0
RP626: 14/04/2009 20:00:58 - Software Distribution Service 3.0
RP627: 15/04/2009 20:41:00 - System Checkpoint
RP628: 17/04/2009 20:23:28 - System Checkpoint
RP629: 19/04/2009 22:17:24 - System Checkpoint
RP630: 20/04/2009 20:00:20 - Software Distribution Service 3.0
RP631: 21/04/2009 22:51:35 - System Checkpoint
RP632: 23/04/2009 21:13:29 - Software Distribution Service 3.0
RP633: 24/04/2009 21:55:00 - System Checkpoint
RP634: 26/04/2009 18:27:36 - System Checkpoint
RP635: 27/04/2009 18:20:19 - Software Distribution Service 3.0
RP636: 28/04/2009 19:08:31 - System Checkpoint
RP637: 29/04/2009 20:07:11 - System Checkpoint
RP638: 30/04/2009 21:13:42 - Software Distribution Service 3.0
RP639: 01/05/2009 21:18:44 - System Checkpoint
RP640: 04/05/2009 19:39:10 - Software Distribution Service 3.0
RP641: 05/05/2009 19:58:44 - System Checkpoint
RP642: 07/05/2009 19:52:24 - Software Distribution Service 3.0
RP643: 08/05/2009 22:41:30 - System Checkpoint
RP644: 10/05/2009 12:10:12 - System Checkpoint
RP645: 11/05/2009 17:57:42 - Software Distribution Service 3.0
RP646: 12/05/2009 18:50:26 - System Checkpoint
RP647: 13/05/2009 20:00:39 - System Checkpoint
RP648: 13/05/2009 20:01:17 - Software Distribution Service 3.0
RP649: 14/05/2009 20:00:27 - Software Distribution Service 3.0
RP650: 15/05/2009 20:21:58 - System Checkpoint
RP651: 17/05/2009 18:38:44 - System Checkpoint
RP652: 18/05/2009 20:18:04 - Software Distribution Service 3.0
RP653: 19/05/2009 20:59:23 - System Checkpoint
RP654: 20/05/2009 21:05:25 - System Checkpoint
RP655: 21/05/2009 20:00:47 - Software Distribution Service 3.0
RP656: 22/05/2009 20:26:50 - System Checkpoint
RP657: 23/05/2009 21:27:38 - System Checkpoint
RP658: 25/05/2009 12:28:42 - System Checkpoint
RP659: 25/05/2009 20:00:23 - Software Distribution Service 3.0
RP660: 27/05/2009 15:41:09 - System Checkpoint
RP661: 28/05/2009 15:49:55 - System Checkpoint
RP662: 28/05/2009 20:00:26 - Software Distribution Service 3.0
RP663: 31/05/2009 20:51:15 - System Checkpoint
RP664: 01/06/2009 22:10:13 - Software Distribution Service 3.0
RP665: 03/06/2009 18:37:17 - System Checkpoint
RP666: 04/06/2009 20:47:26 - Software Distribution Service 3.0
RP667: 05/06/2009 22:49:59 - System Checkpoint
RP668: 07/06/2009 20:37:04 - System Checkpoint
RP669: 08/06/2009 16:53:03 - Software Distribution Service 3.0
RP670: 08/06/2009 21:34:50 - Restore Operation
RP671: 08/06/2009 21:40:49 - Software Distribution Service 3.0
RP672: 08/06/2009 22:33:00 - Restore Operation
RP673: 08/06/2009 22:33:52 - Restore Operation
RP674: 08/06/2009 22:53:02 - Software Distribution Service 3.0
RP675: 09/06/2009 11:19:27 - Unsigned driver install
RP676: 10/06/2009 18:04:47 - Installed Java(TM) 6 Update 14
RP677: 11/06/2009 19:43:20 - System Checkpoint
RP678: 11/06/2009 20:00:40 - Software Distribution Service 3.0
RP679: 12/06/2009 21:00:54 - System Checkpoint
==== Installed Programs ======================
a-squared Free 3.1
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 8.1.4
Adobe Setup
Adobe Shockwave Player
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced Video FX Engine
AiO_Scan_CDA
AiOSoftwareNPI
Apple Mobile Device Support
Apple Software Update
AutoUpdate
avast! Antivirus
Barbie ® Riding Club
BitComet 1.02
Bonjour
BTBusinessHub
BufferChm
CP_CalendarTemplates1
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Panorama1Config
cp_PosterPrintConfig
Creative Live! Cam Center
Creative Live! Cam Doodling
Creative Live! Cam Manager
Creative Live! Cam Video IM Driver (1.01.01.00)
Creative Live! Cam Video IM User's Guide (English)
Creative Photo Calendar
Creative Photo Manager
Creative Software AutoUpdate
Creative System Information
Critical Update for Windows Media Player 11 (KB959772)
CueTour
CustomerResearchQFolder
CutePDF Writer 2.7
Destinations
DeviceManagementQFolder
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DocProcQFolder
DocumentViewer
DocumentViewerQFolder
DVD Shrink 3.2
DVDFab Platinum 3.1.8.0
Electronic Arts Product Registration
Encarta Research Organizer World English
eSupportQFolder
Fax_CDA
Fugawi UK Digital Maps version 2
FugawiUK-2v2 - N. England and Central Scotland
FullDPAppQFolder
Google Chrome
Google Earth
Google Photos Screensaver
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Harry Potter and the Goblet of Fire™
Harry Potter and the Prisoner of Azkaban(TM)
Harry Potter II
Harry Potter TM
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Customer Participation Program 7.0
HP Document Viewer 7.0
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart Premier Software 6.5
HP Photosmart, Officejet and Deskjet 7.0.A
HP Product Assistant
HP Solution Center 7.0
HP Update
HPPhotoSmartExpress
HPProductAssistant
HPSSupply
IBM ViaVoice Command and Control Runtime 5.3 - UK English
IBM ViaVoice Outloud Runtime - UK English
InstantShareDevices
InstantShareDevicesMFC
iTunes
Japanese Fonts Support For Adobe Reader 8
Java(TM) 6 Update 14
Java(TM) 6 Update 7
Kaspersky Online Scanner
Logitech Gaming Software
Lyra Jukebox Applications
Malwarebytes' Anti-Malware
MarketResearch
McAfee SiteAdvisor
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft AutoRoute Express Europe 2000
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Encarta Interactive World Atlas 2000
Microsoft Home Publishing 2000
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2000 Standard
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works 2000
Microsoft Works 2000 Setup Launcher
MobileMe Control Panel
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
My pet Hotel
NCH Toolbox
Nero 7 Essentials
neroxml
NewCopy_CDA
NVIDIA Drivers
OCR Software by I.R.I.S 7.0
OpenOffice.org 3.0
PanoStandAlone
PDF Settings
Petz 4 (remove only)
PhotoGallery
Picasa 3
Pony Luv v1.3
PowerDVD
ProductContextNPI
QuickTime
RandMap
Readme
Scan
ScannerCopy
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Shop for HP Supplies
SigmaTel Audio
SkinsHP1
Skype™ 4.0
SlideShow
SolutionCenter
Sonic_PrimoSDK
SopCast 3.0.3
Spybot - Search & Destroy
Spyware Doctor 6.0
SpywareBlaster 4.2
Status
Switch Sound File Converter
TestDrive Client
TomTom HOME 2.5.2.60
Toolbox
TrayApp
Unload
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
VC_MergeModuleToMSI
WebFldrs XP
WebReg
WIDCOMM Bluetooth Software
Wildlife Park Gold
Win AVI HelixSDK
WinAVI Video Converter 9.0
Windows Defender
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Creativity Fun Packs - Windows Movie Maker 2 - Titles
Windows XP Service Pack 3
WinPatrol 2009
WinRAR archiver
==== Event Viewer Messages From Past Week ========
13/06/2009 16:33:43, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PC Tools Security Service service to connect.
13/06/2009 16:33:43, error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/06/2009 18:36:24, error: BROWSER [8007] - The browser was unable to update the service status bits. The data is the error.
11/06/2009 22:15:52, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
10/06/2009 18:02:28, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
09/06/2009 12:06:34, error: Service Control Manager [7031] - The a-squared Free Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
08/06/2009 22:48:02, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
08/06/2009 22:48:02, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\MFC80.DLL. Reference error message: The operation completed successfully. .
08/06/2009 22:48:02, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
08/06/2009 22:39:55, error: WinDefend [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.59.789.0 Loading engine version: 1.1.4602.0
08/06/2009 21:38:08, error: WinDefend [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.59.789.0 Loading engine version: 1.1.4701.0
08/06/2009 18:50:58, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
08/06/2009 16:52:21, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the avast! Web Scanner service to connect.
08/06/2009 16:52:21, error: Service Control Manager [7000] - The avast! Web Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
07/06/2009 19:38:37, error: Service Control Manager [7034] - The HP Port Resolver service terminated unexpectedly. It has done this 1 time(s).
07/06/2009 08:54:06, error: Service Control Manager [7034] - The avast! Web Scanner service terminated unexpectedly. It has done this 1 time(s).
==== End Of File ===========================
GMER 1.0.15.14972 -
http://www.gmer.netRootkit scan 2009-06-13 21:37:16
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF36896B8]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateKey [0xF72B9514]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcess [0xF72A8282]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcessEx [0xF72A8474]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteKey [0xF72B9D00]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteValueKey [0xF72B9FB8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF368914C]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwOpenKey [0xF72B83FA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF368908C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF36890F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF368976E]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwRenameKey [0xF72BA422]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF368972E]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwSetValueKey [0xF72B97D8]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwTerminateProcess [0xF72A7F32]
SSDT \SystemRoot\system32\drivers\iksysflt.sys (System Filter Device Driver/PCTools Research Pty Ltd.) ZwWriteVirtualMemory [0xF387B384]
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----