here is everything
Thanks so far
D.
ComboFix 10-05-22.03 - Bastiaan 05/24/2010 20:21:10.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.439 [GMT 1:00]
Running from: c:\documents and settings\Bastiaan\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Bastiaan\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ThreatFire *On-access scanning enabled* (Updated) {67B2B9A1-25C8-4057-962D-807958FFC9E3}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
FILE ::
"c:\documents and settings\Administrator\Start Menu\Programs\Startup\"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\~0
c:\documents and settings\Bastiaan\Application Data\Microsoft\HTML Help\hh.dat
c:\documents and settings\LocalService\Application Data\Microsoft\HTML Help\hh.dat
.
((((((((((((((((((((((((( Files Created from 2010-04-24 to 2010-05-24 )))))))))))))))))))))))))))))))
.
2010-05-23 13:37 . 2006-11-01 13:06 162616 ----a-w- c:\windows\RegDelNull.exe
2010-05-15 15:11 . 2010-05-16 23:10 -------- d-----w- c:\windows\system32\MpEngineStore
2010-05-15 13:40 . 2010-05-15 09:39 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-05-15 09:40 . 2010-02-04 15:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-05-15 09:40 . 2010-05-15 09:39 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-05-15 09:34 . 2010-05-15 09:35 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-05-13 19:19 . 2010-05-13 19:19 -------- d-----w- c:\documents and settings\Bastiaan\Application Data\Malwarebytes
2010-05-13 19:19 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-13 19:19 . 2010-05-13 19:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-13 19:18 . 2010-05-13 19:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-13 19:18 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-13 12:55 . 2010-05-13 12:55 -------- d-----w- c:\documents and settings\NetworkService\Application Data\AdobeUM
2010-05-13 12:33 . 2010-05-13 12:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-24 20:30 . 2007-01-02 13:15 -------- d-----w- c:\program files\SpeedFan
2010-05-24 19:59 . 2010-02-07 11:36 6286514 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-05-24 06:14 . 2009-10-19 21:09 -------- d-----w- c:\program files\LogMeIn
2010-05-23 21:47 . 2009-10-10 08:38 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\Sleep.exe
2010-05-23 21:47 . 2008-09-26 12:11 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-05-23 21:47 . 2008-09-26 12:11 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCS.exe
2010-05-23 21:47 . 2009-10-09 10:01 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-05-23 21:47 . 2009-10-09 10:01 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2010-05-23 21:47 . 2009-10-09 10:01 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2010-05-23 20:49 . 2008-01-16 20:39 -------- d-----w- c:\documents and settings\Bastiaan\Application Data\Reys
2010-05-23 10:31 . 2008-06-02 15:56 -------- d-----w- c:\documents and settings\Bastiaan\Application Data\Jarte
2010-05-20 23:56 . 2008-03-12 14:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-05-20 23:56 . 2008-03-12 14:16 -------- d-----w- c:\program files\SpywareBlaster
2010-05-18 21:23 . 2010-05-18 21:23 388096 ----a-r- c:\documents and settings\Bastiaan\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-05-17 12:59 . 2010-05-17 12:59 4 ----a-w- c:\windows\system32\config\systemprofile\Application Data\ofubwi.dat
2010-05-15 13:39 . 2007-04-27 21:33 -------- d-----w- c:\program files\DeadDiskDoctor
2010-05-15 09:35 . 2007-08-21 13:21 -------- d-----w- c:\program files\Lavasoft
2010-05-15 09:34 . 2007-08-21 13:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-05-14 06:48 . 2009-12-09 12:43 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-05-13 19:33 . 2010-05-13 19:33 4093280 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgui.exe
2010-05-13 19:32 . 2010-05-13 19:32 2064224 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtray.exe
2010-05-13 19:32 . 2010-05-13 19:32 1276768 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe
2010-05-13 19:31 . 2010-05-13 19:31 1245464 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgabout.dll
2010-05-13 19:31 . 2010-05-13 19:31 4258144 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcorex.dll
2010-05-13 19:24 . 2010-05-13 19:24 1689952 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll
2010-05-13 19:22 . 2006-12-15 01:20 -------- d-----w- c:\program files\Java
2010-05-06 17:51 . 2007-01-01 23:07 -------- d-----w- c:\program files\FlashGet
2010-04-13 18:44 . 2010-04-10 13:01 37287265 --sha-w- c:\windows\system32\a3df.sys
2010-04-12 22:03 . 2010-04-10 19:15 0 ----a-w- c:\windows\system32\Ac3audioa.sys
2010-04-10 13:48 . 2010-04-10 13:39 -------- d-----w- c:\program files\JDownloader
2010-03-26 09:33 . 2010-04-28 18:04 1496064 ----a-w- c:\documents and settings\Bastiaan\Application Data\Mozilla\Firefox\Profiles\zwjo3skh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-03-26 09:33 . 2010-04-28 18:04 43008 ----a-w- c:\documents and settings\Bastiaan\Application Data\Mozilla\Firefox\Profiles\zwjo3skh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-03-26 09:33 . 2010-04-28 18:04 339456 ----a-w- c:\documents and settings\Bastiaan\Application Data\Mozilla\Firefox\Profiles\zwjo3skh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-03-26 09:32 . 2010-04-28 18:04 346112 ----a-w- c:\documents and settings\Bastiaan\Application Data\Mozilla\Firefox\Profiles\zwjo3skh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-03-24 22:31 . 2009-12-09 13:05 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-24 22:31 . 2009-12-09 13:05 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-24 22:29 . 2009-12-09 13:05 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-10 06:15 . 2002-08-29 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-24 23:36 . 2010-02-24 23:36 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-02-24 23:36 . 2010-02-24 23:36 47360 ----a-w- c:\documents and settings\Bastiaan\Application Data\pcouffin.sys
2010-02-24 23:36 . 2010-02-24 23:36 47360 ----a-w- c:\documents and settings\Bastiaan\Application Data\pcouffin.sys
2010-02-24 12:31 . 2002-08-29 12:00 454016 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2007-04-27 21:34 . 2007-04-27 21:34 0 ----a-w- c:\program files\Common Files\dht342126
1998-12-09 02:53 . 1998-12-09 02:53 99840 ----a-w- c:\program files\Common Files\IRAABOUT.DLL
1998-12-09 02:53 . 1998-12-09 02:53 70144 ----a-w- c:\program files\Common Files\IRAMDMTR.DLL
1998-12-09 02:53 . 1998-12-09 02:53 48640 ----a-w- c:\program files\Common Files\IRALPTTR.DLL
1998-12-09 02:53 . 1998-12-09 02:53 31744 ----a-w- c:\program files\Common Files\IRAWEBTR.DLL
1998-12-09 02:53 . 1998-12-09 02:53 186368 ----a-w- c:\program files\Common Files\IRAREG.DLL
1998-12-09 02:53 . 1998-12-09 02:53 17920 ----a-w- c:\program files\Common Files\IRASRIAL.DLL
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-05 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2010-05-23 90112]
"speedfan"="c:\program files\SpeedFan\speedfan.exe" [2009-11-25 4009592]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2010-05-23 131072]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
udty.exe [2010-5-23 123904]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-11-25 113664]
Logitech SetPoint.lnk.disabled [2007-2-25 1646]
Windows Search.lnk.disabled [2009-1-10 1787]
Yahoo! Autosync.lnk.disabled [2008-11-26 796]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-28 18:34 87352 ----a-w- c:\windows\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0lsdelete
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sdCoreService"=3 (0x3)
"sdAuxService"=3 (0x3)
"CachemanXPService"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"tgsrvc_TalkTalk"=2 (0x2)
"sprtsvc_TalkTalk"=2 (0x2)
"rpcapd"=3 (0x3)
"O&O Defrag"=2 (0x2)
"NeroRegInCDSrv"=2 (0x2)
"gusvc"=3 (0x3)
"gupdate1c8c1bc51a95b48"=2 (0x2)
"Bonjour Service"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
"TomTomHOMEService"=2 (0x2)
"NBService"=3 (0x3)
"InCDsrv"=2 (0x2)
"LexBceS"=2 (0x2)
"avg9wd"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"threadfire"="c:\program files\ThreatFire\TFGui.exe"
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" -s
"Google Update"="c:\documents and settings\Bastiaan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"IconixOEAddOn"="c:\program files\Iconix\OEAddOn\OEdmn_3.exe"
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
"Logitech Hardware Abstraction Layer"=KHALMNPR.EXE
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Radio Downloader"="c:\program files\Radio Downloader\Radio Downloader.exe" /hidemainwindow
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" -hide
"avgnt"="c:\program files\AVG\AVG9\avgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Kontiki\\KService.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont.exe"=
"c:\\Program Files\\Common Files\\SupportSoft\\bin\\tgsrvc.exe"=
"c:\\Program Files\\TalkTalk\\agent\\bin\\bcont_nm.exe"=
"c:\\Program Files\\TalkTalk\\bin\\sprtcmd.exe"=
"c:\\Program Files\\SPSSInc\\SPSS16\\spss.com"=
"c:\\Program Files\\SPSSInc\\SPSS16\\spss.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [5/15/2010 10:40 AM 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/9/2009 2:05 PM 216200]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/29/2008 5:03 PM 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/29/2008 5:03 PM 51440]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2/4/2010 4:52 PM 1314704]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [8/11/2008 12:41 PM 12856]
R2 PDRJNDL;PDRJNDL;c:\program files\Dekart\Private Disk Light\pdrjndl.sys [11/5/2004 4:35 PM 16512]
R2 PRVDISK;PRVDISK;c:\program files\Dekart\Private Disk Light\prvdisk.sys [11/5/2004 4:35 PM 14976]
R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [3/15/2010 2:47 PM 779496]
S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [3/15/2010 2:47 PM 0]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1/25/2007 6:31 PM 42000]
S3 SaiH0460;SaiH0460;c:\windows\system32\drivers\SaiH0460.sys [11/3/2005 11:52 AM 176640]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/16/2006 5:51 PM 4096]
S4 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [12/9/2009 1:43 PM 308064]
S4 CachemanXPService;CachemanXP;c:\progra~1\CACHEM~1\CachemanXP.exe [3/10/2007 4:50 PM 208384]
S4 gupdate1c8c1bc51a95b48;Google Update Service (gupdate1c8c1bc51a95b48);c:\program files\Google\Update\GoogleUpdate.exe [2/25/2010 9:48 PM 135664]
S4 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe --> c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe [?]
S4 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [5/25/2008 1:10 PM 337800]
S4 sprtsvc_TalkTalk;SupportSoft Sprocket Service (TalkTalk);c:\program files\TalkTalk\bin\sprtsvc.exe [10/12/2007 8:33 AM 202016]
S4 tgsrvc_TalkTalk;SupportSoft Repair Service (TalkTalk);c:\program files\Common Files\SupportSoft\bin\tgsrvc.exe [8/2/2007 1:42 PM 148768]
S4 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [11/13/2009 12:31 PM 92008]
.
Contents of the 'Scheduled Tasks' folder
2010-05-24 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 23:56]
2010-05-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:57]
2010-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 20:46]
2010-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 20:46]
2010-05-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1035525444-725345543-1003Core.job
- c:\documents and settings\Bastiaan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-20 13:33]
2010-05-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1035525444-725345543-1003UA.job
- c:\documents and settings\Bastiaan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-20 13:33]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.mail.yahoo.com/uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = *.local
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Download With NetLeech
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimage
IE: StumbleUpon: &Blog This
Trusted Zone: stumbleupon.com
DPF: DirectAnimation Java Classes -
file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Bastiaan\Application Data\Mozilla\Firefox\Profiles\zwjo3skh.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.co.uk/FF - component: c:\documents and settings\Bastiaan\Application Data\Mozilla\Firefox\Profiles\zwjo3skh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\documents and settings\Bastiaan\Local Settings\Application Data\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npagent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npBBCPlugin.dll
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-05-24 21:27
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="309A178F34D54D781CEF5FA4644DC95FA6ECF48CBA8E8D991E08D6AF4AE028BFD086236BE7A76701D7984677D4C1329BB803806E48812CDE4DDA30D4C52AFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933BA7FD869164D67949DB7CE019D40AA5CA6171C11EC38DE3DFE4E3900A8582C1F6DEADF89C6AF6C037083389ACA6F6D49B6A448A06982DF8210CEC6C7AD1AB35C900009334CBBE99A0E453C4844E1B932646776884EA50465111C8DFD1C8499F9984FCA33EC25D0FAC1F760BDEA41E48A1E813B5D5B0C30C2603E999E2031AC2E06F17F9D09E64CC151646B49740B18F78E8B69443CD0AA6B2F40EA4AF97FEF8FB103722C1641BB71595617DCAA003085B7A34A892F596D92052FF3C2FC93199CC6A1E5BA9DB7346D4A1F128D6D26BC216EE9969A894825CD391E9E71125492B4C1F10FCBBB137B80E692FB16ADC4049EDB867D0CB08B339B7B2447E236ECFB1CF69C168324608E57C68A6D53F1E97BB1FA21239321CE2DD8CCDC3C45794C27F90D4A982999ED1B8457E1EFC8D46752F69E671E8CE904DD4A83E442ED00261A5DFEAEA72CF5D1067B567B001A0452696C6A8C7AF52EE34117C860925401708F351A7AC69CA663E718D83B9193C20352735745B47125658AC91A75D613CA66775603E5F1AE2E3D0995468889A16697585431CAC1C899C89DD2C9CE316CBB88F279B02D133C2042EB17D9D1C2D6D9F077371BDB88646B8F9405FD9A34C2499959396C108D41A694439FA4060BE79B33DEAC08B8E2538E80BC18308C699E7B9F339754D1B460FE9D759B099B23303C4874A542A8A14908A498282E5BCB2B6D67C2785E39D2DB7A889FD6BF89432D645D5079E474861DF54ADCB298C0CA39D17FF6A5CD14A41E7E461082D44D1301CCE33F61E0E9C94A8684721C67FB4BBB6A3AF7C8C0AFDAB4030A4BB427673271449041FC7C5994EDFB29F82D62CE264B11AE20F423E11ACE174D88666ADC33E72DDC0BCDCE9B07CB2E51BF8FA801A5A3B139FD1C3901FCC2DACAB2F428B69AF1FD0505BA468635CB09DC4DD2AA5C8BA5CB78541998680F0984836922B900E2C23F0CCC0E227BA3788B6C5BEAAF300AD275CF19A62EF8D13FDC3C819250CAF9AF12B531F5F7584FFE4867D6AE504E4AD455E5F6E5B616BA24C0FB81D06E2BC232A68BB885AF06A73467F6615A7B8E69F72826CB5BC526B11FA18F244AED3A926944591933876C8D8EA489D10DF14B742BBEBF2CEE421694B70586DACEF8933315C4B2C2D70F795929CD52AFC94AE2F102FB25DC6DE655B41B0535C7951059639D956B52B3AB1F56C046C539F7EDB7D9B5D90F590741D6D61ACDB3C23607AFD48B3B9C9EE71653433B071E606399B0162163F7CFCF371433A921DED730853E"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(820)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
- - - - - - - > 'explorer.exe'(368)
c:\program files\Trusteer\Rapport\bin\rooksbas.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\Trusteer\Rapport\bin\RapportService.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\program files\ATI Technologies\ATI.ACE\CLI.EXE
c:\program files\LogMeIn\x86\LMIGuardian.exe
.
**************************************************************************
.
Completion time: 2010-05-24 21:40:03 - machine was rebooted
ComboFix-quarantined-files.txt 2010-05-24 20:39
ComboFix2.txt 2010-05-23 13:28
ComboFix3.txt 2010-05-22 16:22
C:\DeQuarantine.txt
Pre-Run: 124,783,542,272 bytes free
Post-Run: 124,736,147,456 bytes free
- - End Of File - - BBCB98E7A78844E384391734DE112496
DeQuarantine.txt :
C:\QooBox\Quarantine\c\documents and settings\Bastiaan\Application Data\Microsoft\HTML Help\hh.dat.vir -> c:\documents and settings\Bastiaan\Application Data\Microsoft\HTML Help\hh.dat ( 10452 bytes )
C:\QooBox\Quarantine\c\documents and settings\LocalService\Application Data\Microsoft\HTML Help\hh.dat.vir -> c:\documents and settings\LocalService\Application Data\Microsoft\HTML Help\hh.dat ( 8590 bytes )
DDS (Ver_10-03-17.01) - NTFSx86
Run by Bastiaan at 22:04:29.84 on Mon 05/24/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.249 [GMT 1:00]
AV: ThreatFire *On-access scanning enabled* (Updated) {67B2B9A1-25C8-4057-962D-807958FFC9E3}
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bastiaan\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page =
hxxp://www.mail.yahoo.com/uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = *.local
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll
BHO: LF_BHO Class: {43d29d14-460e-4f3a-9037-e60f11ef12f0} - c:\windows\system32\LightFrame3IECOM.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll
BHO: IEHandler Class: {f4a27d22-e603-4b1b-b8d0-1cf7d57e56f2} - c:\program files\netleech\IEExt.dll
TB: StumbleUpon Toolbar: {5093eb4c-3e93-40ab-9266-b607ba87bdc8} - c:\program files\stumbleupon\StumbleUponIEBar.dll
TB: FlashGet: {e0e899ab-f487-11d5-8d29-0050ba6940e3} - c:\program files\flashget\fgiebar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
EB: Ask PopSwatter: {72fe8681-0bfa-471b-9b2a-b37ed68dd09e} - c:\windows\system32\shdocvw.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"
mRun: [speedfan] c:\program files\speedfan\speedfan.exe
mRun: [NVMixerTray] "c:\program files\nvidia corporation\nvmixer\NVMixerTray.exe"
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Logitech SetPoint.lnk.disabled
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Windows Search.lnk.disabled
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Yahoo! Autosync.lnk.disabled
IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm
IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm
IE: Download With NetLeech
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimage
IE: StumbleUpon: &Blog This
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}
Trusted Zone: stumbleupon.com
DPF: DirectAnimation Java Classes -
file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} -
hxxp://download.microsoft.com/download/ ... ontrol.cabDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -
hxxp://update.microsoft.com/microsoftup ... 1600666250DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -
hxxp://update.microsoft.com/microsoftup ... 1600652500DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
hxxp://fpdownload.macromedia.com/get/fl ... rashim.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://fpdownload.macromedia.com/pub/sh ... wflash.cabNotify: AtiExtEvent - Ati2evxx.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\bastiaan\applic~1\mozilla\firefox\profiles\zwjo3skh.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.co.uk/FF - component: c:\documents and settings\bastiaan\application data\mozilla\firefox\profiles\zwjo3skh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\documents and settings\bastiaan\local settings\application data\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npagent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npBBCPlugin.dll
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-5-15 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-9 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-9 29512]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-2-29 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-2-29 51440]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2010-2-5 486280]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1314704]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-8-11 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-10-19 47640]
R2 PDRJNDL;PDRJNDL;c:\program files\dekart\private disk light\pdrjndl.sys [2004-11-5 16512]
R2 PRVDISK;PRVDISK;c:\program files\dekart\private disk light\prvdisk.sys [2004-11-5 14976]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2010-3-15 779496]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2010-3-15 0]
S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2008-5-25 42376]
S3 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2008-5-25 66952]
S3 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2008-5-25 81288]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-1-25 42000]
S3 SaiH0460;SaiH0460;c:\windows\system32\drivers\SaiH0460.sys [2005-11-3 176640]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]
S4 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-12-9 308064]
S4 CachemanXPService;CachemanXP;c:\progra~1\cachem~1\CachemanXP.exe [2007-3-10 208384]
S4 gupdate1c8c1bc51a95b48;Google Update Service (gupdate1c8c1bc51a95b48);c:\program files\google\update\GoogleUpdate.exe [2010-2-25 135664]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
S4 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\nero\nero 7\incd\nbhregincdsrv.exe --> c:\program files\nero\nero 7\incd\NBHRegInCDSrv.exe [?]
S4 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-5-25 337800]
S4 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-5-25 1017224]
S4 sprtsvc_TalkTalk;SupportSoft Sprocket Service (TalkTalk);c:\program files\talktalk\bin\sprtsvc.exe [2007-10-12 202016]
S4 tgsrvc_TalkTalk;SupportSoft Repair Service (TalkTalk);c:\program files\common files\supportsoft\bin\tgsrvc.exe [2007-8-2 148768]
S4 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-11-13 92008]
=============== Created Last 30 ================
2010-05-23 20:54:26 0 ---ha-w- C:\KUKU300a
2010-05-23 13:37:54 162616 ----a-w- c:\windows\RegDelNull.exe
2010-05-22 13:48:30 0 d-sha-r- C:\cmdcons
2010-05-22 13:43:56 77312 ----a-w- c:\windows\MBR.exe
2010-05-22 13:43:55 98816 ----a-w- c:\windows\sed.exe
2010-05-22 13:43:55 256512 ----a-w- c:\windows\PEV.exe
2010-05-22 13:43:55 161792 ----a-w- c:\windows\SWREG.exe
2010-05-15 15:11:09 0 d-----w- c:\windows\system32\MpEngineStore
2010-05-15 14:58:55 173 ----a-w- c:\windows\system32\MRT.INI
2010-05-15 13:40:05 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-05-15 09:40:13 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-05-15 09:40:04 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-05-15 09:34:58 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-05-13 19:19:47 0 d-----w- c:\docume~1\bastiaan\applic~1\Malwarebytes
2010-05-13 19:19:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-13 19:19:12 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-05-13 19:18:33 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-13 19:18:33 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
==================== Find3M ====================
2010-04-13 18:44:07 37287265 --sha-w- c:\windows\system32\a3df.sys
2010-03-24 22:31:00 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-24 23:36:40 47360 ----a-w- c:\docume~1\bastiaan\applic~1\pcouffin.sys
2007-04-27 21:34:21 0 ----a-w- c:\program files\common files\dht342126
1998-12-09 02:53:54 99840 ----a-w- c:\program files\common files\IRAABOUT.DLL
1998-12-09 02:53:54 70144 ----a-w- c:\program files\common files\IRAMDMTR.DLL
1998-12-09 02:53:54 48640 ----a-w- c:\program files\common files\IRALPTTR.DLL
1998-12-09 02:53:54 31744 ----a-w- c:\program files\common files\IRAWEBTR.DLL
1998-12-09 02:53:54 186368 ----a-w- c:\program files\common files\IRAREG.DLL
1998-12-09 02:53:54 17920 ----a-w- c:\program files\common files\IRASRIAL.DLL
============= FINISH: 22:08:16.62 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-03-17.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/8/2008 1:33:50 PM
System Uptime: 5/24/2010 8:59:00 PM (2 hours ago)
Motherboard: | | nVidia-nForce2
Processor: AMD Athlon(tm) XP 2200+ | Socket A | 1670/133mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 298 GiB total, 116.147 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 396.1 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is FIXED (NTFS) - 932 GiB total, 798.091 GiB free.
==== Disabled Device Manager Items =============
Class GUID: {4D36E969-E325-11CE-BFC1-08002BE10318}
Description: Standard floppy disk controller
Device ID: ACPI\PNP0700\3&13C0B0C5&0
Manufacturer: (Standard floppy disk controllers)
Name: Standard floppy disk controller
PNP Device ID: ACPI\PNP0700\3&13C0B0C5&0
Service: fdc
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia E71
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia E71
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
==== System Restore Points ===================
RP1: 5/22/2010 3:04:55 PM - ComboFix created restore point
RP2: 5/24/2010 3:03:44 AM - System Checkpoint
==== Installed Programs ======================
3DMark05
AAC Decoder
AAC Parser (remove only)
AC-3 ACM Codec
AC3+DTS XForm (remove only)
AC3Filter (remove only)
ACDSee 5.0 Standard Trial
Ad-Aware
Ad-Aware Email Scanner for Outlook
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 6.0
Adobe Photoshop CS3
Adobe Reader 7.0.8
Adobe Setup
Adobe Shockwave Player
Adobe SVG Viewer
Apple Mobile Device Support
Apple Software Update
Aspi Installer
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
Atomic Clock Sync
Audacity 1.2.6
Audacity 1.3.7 (Unicode)
Audible Download Manager
AutoUpdate
AVG Free 9.0
AVI Joiner
Battle of Britain II
Battlecraft 1942
Battlefield 1942
Battlefield 1942: Secret Weapons of WWII
Battlefield 1942: The Road To Rome
BBC iPlayer Download Manager
Bonjour
BookDB2
Bulk Image Downloader v2.2.0.0
C-Media WDM Audio Driver
CachemanXP 1.12
Canon MP Navigator EX 1.0
Canon MP610 series
Canon MP610 series User Registration
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
CCE Basic Trial Version
CD-LabelPrint
CD Audio Reader Filter (remove only)
CD Bremse 1.47
CDXA Image Reader Filter (SVCD/XCD) (remove only)
ClipMagic 3.2.2
Compatibility Pack for the 2007 Office system
CompuApps SwissKnife V3
ConnectGoV5UpdateVer2
Core AAC Decoder (remove only)
CoreFLAC Audio Decoder+Source Filter (remove only)
CoreVorbis Audio Decoder (remove only)
Creative Removable Disk Manager
Critical Update for Windows Media Player 11 (KB959772)
Cycle Calculator for Women
DeadDiskDoctor
Defcon v1.4
Dekart Private Disk Light 1.22
Digital Video Repair 1.0
DirectVobSub (remove only)
DirectX Happy Uninstall v4.1
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
doPDF 6.0 printer
DVD Decrypter (Remove Only)
DVD Ripper Burner 7.0.0.0
DVDFab (remove only)
DVDFab 6.2.1.8 (31/12/2009)
DVDFab Decrypter 3.0.8.6
ExtractNow
FAT32 Format
ffdshow [rev 610] [2006-12-01]
FlashGet 1.9.0.1012
FlashGet(Jetcar) 1.80
Flickr Uploadr 2.5.0.15
FLVPlayer4Free Free FLV Player 2.2.0.0
Free DWG Viewer 6.0
FreshDiagnose
GetASFStream
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
H.264 Decoder
HiJackThis
HijackThis 2.0.2
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Iconix™ eMail ID
Illiminable FLAC (remove only)
Indeo® software
Internet Organizer Pro 2.1
iTunes
Jarte 3.2
JDownloader
JGoodies JDiskReport 1.2.4
Lexmark Supplies Monitor
Lexmark Z25-Z35
LightFrame 3
Logitech SetPoint
LogMeIn
Malwarebytes' Anti-Malware
Matroska (remove only)
MediaCoder 0.6.1
MediaJoin
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0
Microsoft Application Error Reporting
Microsoft Calculator Plus
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Premium
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C Runtime
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mini-Cam USB Camera (SC-120)
MKV Splitter
Monkey Audio Source Filter (remove only)
MotionDV STUDIO 5.6E LE for DV
Mozilla Firefox (3.6)
Mozilla Thunderbird (2.0.0.12)
MSVC80_x86
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Nero 7 Ultra Edition
neroxml
NetLeech
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia Software Updater
NVIDIA Drivers
NvMixer
O&O Defrag Professional Edition
OpenSource OGG Splitter (remove only)
Panasonic DVC USB Driver
PartitionMagic
PC Connectivity Solution
PDF Password Remover v3.0
PhotoScape
PowerDVD
PowerQuest PartitionMagic 8.0
programma Biblio
QuickTime
Radio Downloader
RadLight MPC DirectShow Filter (remove only)
RadLight OptimFROG DirectShow Filter (remove only)
RapidShare Manager
Rapport
RealMedia (remove only)
Realtek AC'97 Audio
Rename4u
Saitek SST Programming Software
ScanSoft OmniPage SE 4
screensaver_100
screenSaverVariation2008
SDP Downloader
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980232)
Segoe UI
Serif PhotoPlus 5.5
SHOUTcast Source (remove only)
Skype 2.5
SMPlayer 0.5.62
Soltek Hardware Monitor
SpeedFan (remove only)
SPSS 16.0 for Windows
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
Spyware Doctor 5.5
SpywareBlaster 4.3
STOIK Capturer
StumbleUpon IE Toolbar
SUPERAntiSpyware Free Edition
SweetMovieLife 1.0E
System Requirements Lab
TalkTalk Assist & Go
Teach2000 8.19
TomTom HOME 2.7.3.1894
TomTom HOME Visual Studio Merge Modules
TrueCrypt
UKPDS Risk Engine v2.0
Uninstall Startup Inspector
Unlocker 1.8.5
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows XP (KB894391)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB920872)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB Storage Driver
VC 9.0 Runtime
VC80CRTRedist - 8.0.50727.762
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.2
WD Diagnostics
WebFldrs XP
Winamp
Windows Communication Foundation
Windows Defender
Windows Driver Package - Nokia Modem (05/22/2008 3.
Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)
Windows Driver Package - Nokia Modem (06/01/2009 4.1)
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Presentation Foundation
Windows Search 4.0
Windows Workflow Foundation
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinPcap 4.0
WinRAR archiver
WinZip
WM Downloader 2.9.1.100 2007.03.24
WM Recorder 12.1
XML Paper Specification Shared Components Pack 1.0
xplorer² lite
Yahoo! Autosync
YPOPs! 0.9.7.3
Zappit!
Zilla Data Nuker 2.0.0.0
ZoneAlarm
Zoom Player (remove only)
==== Event Viewer Messages From Past Week ========
5/24/2010 7:26:10 PM, error: Service Control Manager [7000] - The Rapport Management Service service failed to start due to the following error: The system cannot find the file specified.
5/23/2010 10:55:51 AM, error: Service Control Manager [7024] - The InCD Helper service terminated with service-specific error 1 (0x1).
5/23/2010 1:25:15 PM, error: Service Control Manager [7034] - The InCD Helper service terminated unexpectedly. It has done this 1 time(s).
5/23/2010 1:25:14 PM, error: Service Control Manager [7034] - The SupportSoft Sprocket Service (TalkTalk) service terminated unexpectedly. It has done this 1 time(s).
5/23/2010 1:25:14 PM, error: Service Control Manager [7034] - The SupportSoft Repair Service (TalkTalk) service terminated unexpectedly. It has done this 1 time(s).
5/23/2010 1:25:14 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s).
5/23/2010 1:25:14 PM, error: Service Control Manager [7034] - The LogMeIn service terminated unexpectedly. It has done this 1 time(s).
5/23/2010 1:25:14 PM, error: Service Control Manager [7034] - The LogMeIn Maintenance Service service terminated unexpectedly. It has done this 1 time(s).
5/23/2010 1:25:14 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
5/23/2010 1:25:14 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
5/23/2010 1:25:13 PM, error: Service Control Manager [7034] - The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).
5/23/2010 1:25:13 PM, error: Service Control Manager [7034] - The PLFlash DeviceIoControl Service service terminated unexpectedly. It has done this 1 time(s).
5/23/2010 1:25:13 PM, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 1 time(s).
5/23/2010 1:25:13 PM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).
5/23/2010 1:25:13 PM, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
5/23/2010 1:25:13 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/22/2010 2:32:06 PM, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: The system cannot find the file specified.
5/22/2010 2:31:41 PM, error: SRService [104] - The System Restore initialization process failed.
5/22/2010 1:59:15 PM, error: Service Control Manager [7034] - The AVG Free WatchDog service terminated unexpectedly. It has done this 2 time(s).
5/22/2010 1:58:45 PM, error: Service Control Manager [7031] - The AVG Free WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
5/18/2010 7:15:09 PM, error: ati2mtag [45062] - CRT invalid display type
5/18/2010 7:09:50 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the TrueVector Internet Monitor service to connect.
5/18/2010 7:09:50 PM, error: Service Control Manager [7000] - The TrueVector Internet Monitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/18/2010 7:09:50 PM, error: Service Control Manager [7000] - The O&O Defrag service failed to start due to the following error: The system cannot find the file specified.
5/18/2010 7:09:50 PM, error: Service Control Manager [7000] - The Nero Registry InCD Service service failed to start due to the following error: The system cannot find the file specified.
5/18/2010 7:09:39 PM, error: Print [23] - Printer PDF4U Adobe PDF Creator failed to initialize because a suitable PDF4U Adobe PDF Creator driver could not be found.
5/18/2010 7:08:38 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
5/18/2010 7:08:38 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
==== End Of File ===========================