Hi,
My computer keeps shutting down unexpectedly. When I restart I'm prompted by windows to start in safe mode. Starting safe mode with networking it still happens.
I have windows install discs and am running Windows 7 (Home Premium) Service Pack 1 32-bit
Here are the scan files you require. I could not get the gmer.exe fully working. Only managed an ark.txt file with the 'sections' info.
Thanks in advance for any help.
Euan
DDS (Ver_2012-10-19.01) - NTFS_x86 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.9.2
Run by Euan at 20:49:01 on 2012-10-18
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3582.2567 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = c:\windows\system32\ezShellStart.exe,
BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [Google Update] "d:\users\euan\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Spotify] "d:\users\euan\appdata\roaming\spotify\spotify.exe" /uri spotify:autostart
uRun: [Spotify Web Helper] "d:\users\euan\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Cmaudio8788] RunDll32 cmicnfgp.cpl,CMICtrlWnd
mRun: [Cmaudio8788GX] c:\windows\system\HsMgr.exe Envoke
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IJNetworkScannerSelectorEX] c:\program files\canon\ij network scanner selector ex\CNMNSST.exe /FORCE
StartupFolder: d:\users\euan\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - d:\users\euan\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: d:\users\euan\appdata\roaming\micros~1\windows\startm~1\programs\startup\metoff~1.lnk - c:\program files\met office desktop widget\Met Office Desktop Widget.exe
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{9FA5EAC4-D164-4833-AB58-56E0588589E2} : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - c:\windows\system32\ezUPBHook.dll
SEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
LSA: Authentication Packages = msv1_0 setuid
LSA: Notification Packages = scecli CPNP CPNP CPNP
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
================= FIREFOX ===================
.
FF - ProfilePath - d:\users\euan\appdata\roaming\mozilla\firefox\profiles\7w8v31m1.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig\r
FF - prefs.js: keyword.URL - hxxp://www.google.co.uk/search?btnG=Google+Search&q=
FF - prefs.js: network.proxy.type - 4
FF - component: d:\users\euan\appdata\roaming\mozilla\firefox\profiles\7w8v31m1.default\extensions\{6ac85730-7d0f-4de0-b3fa-21142dd85326}\platform\winnt\components\ColorZilla.dll
FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
FF - plugin: d:\users\euan\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: d:\users\euan\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: d:\users\euan\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - ExtSQL: 2012-09-10 15:17; {75CEEE46-9B64-46f8-94BF-54012DE155F0}; d:\users\euan\appdata\roaming\mozilla\firefox\profiles\7w8v31m1.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 amacpi;Microsoft Away Mode System;c:\windows\system32\drivers\null.sys [2009-7-14 4608]
R3 busenum;Synology Virtual USB Hub;c:\windows\system32\drivers\busenum.sys [2011-2-18 46304]
S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-11 176128]
S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\belkin\belkin usb print and storage center\BkBackupScheduler.exe [2012-5-23 152576]
S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\belkin\belkin usb print and storage center\Bkapcs.exe [2012-5-23 49152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-1-17 21992]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-7 136176]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 99272]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [2012-5-23 247320]
S2 SynoDrService;SynoDrService;c:\program files\synology data replicator 3\SynoDrService.exe [2010-1-12 245760]
S2 UsbClientService;UsbClientService;c:\program files\synology\assistant\UsbClientService.exe [2011-2-18 245760]
S3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-4-20 7772160]
S3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-4-20 243712]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2010-4-29 26112]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 cmudaxp;ASUS Xonar DS Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2011-8-17 1760256]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-7-30 83168]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-10-1 49088]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-7-28 1511872]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-7 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-3 114144]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB32.sys [2009-6-10 1311232]
S3 postgresql-9.1;postgresql-9.1 - PostgreSQL Server 9.1;C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N "postgresql-9.1" -D "C:/Program Files/PostgreSQL/9.1/data" -w --> C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N postgresql-9.1 [?]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-11-23 189440]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [2007-4-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [2007-4-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [2007-4-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [2007-4-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [2007-4-23 98568]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-2-16 181432]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-19 52224]
S3 uberSVNportal;WANdisco uberSVN Portal;c:\program files\wandisco\ubersvn\tomcat\bin\tomcat6.exe [2011-8-2 74752]
S3 WANdiscouberSVNSubversionServer;WANdisco uberSVN Subversion Server;c:\program files\wandisco\ubersvn\bin\httpd.exe [2011-7-19 17920]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-15 1343400]
S4 RsFx0200;RsFx0200 Driver;c:\windows\system32\drivers\RsFx0200.sys [2012-2-11 268888]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql11.sqlexpress\mssql\binn\SQLAGENT.EXE [2012-2-11 438360]
.
=============== File Associations ===============
.
FileExt: .reg: Applications\TextPad.exe="c:\program files\textpad 5\TextPad.exe" -s "%1" [UserChoice]
FileExt: .js: jsfile="c:\program files\adobe\adobe dreamweaver cs3\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-10-18 10:58:10 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-18 10:23:59 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-18 10:23:46 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-18 10:21:20 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-18 10:21:16 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-10-18 10:21:06 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-18 10:21:05 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-18 10:17:30 6918632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{38f81599-9931-4231-8a79-cf24eb72a17f}\mpengine.dll
2012-10-09 08:16:10 6980552 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-10-08 18:15:33 -------- d-----w- c:\programdata\Canon IJ Network Tool
2012-10-08 18:15:25 323584 ----a-w- c:\windows\system32\CNC_AUL.dll
2012-10-08 18:15:25 286720 ----a-w- c:\windows\system32\CNC_AUC.dll
2012-10-08 18:15:25 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2012-10-08 18:15:25 114688 ----a-w- c:\windows\system32\CNC_AUU.dll
2012-10-08 18:15:25 114688 ----a-w- c:\windows\system32\CNC_AUI.dll
2012-10-08 18:14:34 83968 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPPAU.DLL
2012-10-08 18:14:34 29184 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPDAU.DLL
2012-10-08 18:13:48 310272 ----a-w- c:\windows\system32\CNMLMAU.DLL
2012-10-08 18:13:35 184320 ----a-w- c:\windows\system32\CNMIUAU.DLL
2012-10-08 17:59:03 363008 ----a-w- c:\windows\system32\CNMNPPM.DLL
2012-10-08 17:59:03 35328 ----a-w- c:\windows\system32\CNMNPUI.DLL
2012-10-08 17:59:03 -------- d-----w- c:\windows\system32\STRING
2012-10-05 22:18:27 740784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b8edcdd0-7f7b-4341-bd50-916566aece42}\gapaengine.dll
2012-10-01 20:43:46 -------- d-s---w- d:\users\euan\Google Drive
2012-10-01 16:40:57 -------- d-----w- c:\windows\en-gb
2012-10-01 16:40:39 49088 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-10-01 16:40:31 -------- d-----w- c:\windows\en
2012-10-01 16:38:14 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-10-01 16:38:14 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-10-01 16:38:13 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-10-01 16:38:13 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-10-01 16:35:35 89944 ----a-w- c:\program files\common files\windows live\.cache\c49344201cd9ff207\DSETUP.dll
2012-10-01 16:35:35 537432 ----a-w- c:\program files\common files\windows live\.cache\c49344201cd9ff207\DXSETUP.exe
2012-10-01 16:35:35 1801048 ----a-w- c:\program files\common files\windows live\.cache\c49344201cd9ff207\dsetup32.dll
2012-10-01 16:35:07 89944 ----a-w- c:\program files\common files\windows live\.cache\b627cd2b1cd9ff203\DSETUP.dll
2012-10-01 16:35:07 537432 ----a-w- c:\program files\common files\windows live\.cache\b627cd2b1cd9ff203\DXSETUP.exe
2012-10-01 16:35:07 1801048 ----a-w- c:\program files\common files\windows live\.cache\b627cd2b1cd9ff203\dsetup32.dll
2012-10-01 16:35:03 525656 ----a-w- c:\program files\common files\windows live\.cache\b356e21e1cd9ff202\DXSETUP.exe
2012-10-01 16:35:03 1691480 ----a-w- c:\program files\common files\windows live\.cache\b356e21e1cd9ff202\dsetup32.dll
2012-10-01 16:35:02 94040 ----a-w- c:\program files\common files\windows live\.cache\b356e21e1cd9ff202\DSETUP.dll
2012-09-26 08:57:48 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-18 21:59:13 -------- d-----w- d:\users\euan\appdata\local\Nik Software
.
==================== Find3M ====================
.
2012-09-01 09:11:56 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-01 09:11:55 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-30 21:03:50 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 21:03:50 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-22 17:16:54 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16:46 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16:46 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16:36 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 17:40:31 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 17:40:01 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 15:33:28 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-02 16:57:20 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-07-30 12:32:08 83168 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-07-28 01:54:00 321472 ----a-w- c:\windows\WLXPGSS.SCR
2012-07-26 18:08:06 862664 ----a-w- c:\windows\system32\msvcr110.dll
2012-07-26 18:08:06 534480 ----a-w- c:\windows\system32\msvcp110.dll
2012-07-26 18:08:06 251864 ----a-w- c:\windows\system32\vccorlib110.dll
2012-07-26 18:08:06 153536 ----a-w- c:\windows\system32\atl110.dll
2012-07-26 18:08:06 115656 ----a-w- c:\windows\system32\vcomp110.dll
.
============= FINISH: 20:52:03.80 ===============
My computer keeps shutting down unexpectedly. When I restart I'm prompted by windows to start in safe mode. Starting safe mode with networking it still happens.
I have windows install discs and am running Windows 7 (Home Premium) Service Pack 1 32-bit
Here are the scan files you require. I could not get the gmer.exe fully working. Only managed an ark.txt file with the 'sections' info.
Thanks in advance for any help.
Euan
DDS (Ver_2012-10-19.01) - NTFS_x86 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.9.2
Run by Euan at 20:49:01 on 2012-10-18
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3582.2567 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = c:\windows\system32\ezShellStart.exe,
BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [Google Update] "d:\users\euan\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Spotify] "d:\users\euan\appdata\roaming\spotify\spotify.exe" /uri spotify:autostart
uRun: [Spotify Web Helper] "d:\users\euan\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Cmaudio8788] RunDll32 cmicnfgp.cpl,CMICtrlWnd
mRun: [Cmaudio8788GX] c:\windows\system\HsMgr.exe Envoke
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IJNetworkScannerSelectorEX] c:\program files\canon\ij network scanner selector ex\CNMNSST.exe /FORCE
StartupFolder: d:\users\euan\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - d:\users\euan\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: d:\users\euan\appdata\roaming\micros~1\windows\startm~1\programs\startup\metoff~1.lnk - c:\program files\met office desktop widget\Met Office Desktop Widget.exe
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{9FA5EAC4-D164-4833-AB58-56E0588589E2} : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - c:\windows\system32\ezUPBHook.dll
SEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
LSA: Authentication Packages = msv1_0 setuid
LSA: Notification Packages = scecli CPNP CPNP CPNP
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
================= FIREFOX ===================
.
FF - ProfilePath - d:\users\euan\appdata\roaming\mozilla\firefox\profiles\7w8v31m1.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig\r
FF - prefs.js: keyword.URL - hxxp://www.google.co.uk/search?btnG=Google+Search&q=
FF - prefs.js: network.proxy.type - 4
FF - component: d:\users\euan\appdata\roaming\mozilla\firefox\profiles\7w8v31m1.default\extensions\{6ac85730-7d0f-4de0-b3fa-21142dd85326}\platform\winnt\components\ColorZilla.dll
FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
FF - plugin: d:\users\euan\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: d:\users\euan\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: d:\users\euan\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - ExtSQL: 2012-09-10 15:17; {75CEEE46-9B64-46f8-94BF-54012DE155F0}; d:\users\euan\appdata\roaming\mozilla\firefox\profiles\7w8v31m1.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 amacpi;Microsoft Away Mode System;c:\windows\system32\drivers\null.sys [2009-7-14 4608]
R3 busenum;Synology Virtual USB Hub;c:\windows\system32\drivers\busenum.sys [2011-2-18 46304]
S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-11 176128]
S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\belkin\belkin usb print and storage center\BkBackupScheduler.exe [2012-5-23 152576]
S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\belkin\belkin usb print and storage center\Bkapcs.exe [2012-5-23 49152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-1-17 21992]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-7 136176]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 99272]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [2012-5-23 247320]
S2 SynoDrService;SynoDrService;c:\program files\synology data replicator 3\SynoDrService.exe [2010-1-12 245760]
S2 UsbClientService;UsbClientService;c:\program files\synology\assistant\UsbClientService.exe [2011-2-18 245760]
S3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-4-20 7772160]
S3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-4-20 243712]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2010-4-29 26112]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 cmudaxp;ASUS Xonar DS Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2011-8-17 1760256]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-7-30 83168]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-10-1 49088]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-7-28 1511872]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-7 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-3 114144]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB32.sys [2009-6-10 1311232]
S3 postgresql-9.1;postgresql-9.1 - PostgreSQL Server 9.1;C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N "postgresql-9.1" -D "C:/Program Files/PostgreSQL/9.1/data" -w --> C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N postgresql-9.1 [?]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-11-23 189440]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [2007-4-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [2007-4-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [2007-4-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [2007-4-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [2007-4-23 98568]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-2-16 181432]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-19 52224]
S3 uberSVNportal;WANdisco uberSVN Portal;c:\program files\wandisco\ubersvn\tomcat\bin\tomcat6.exe [2011-8-2 74752]
S3 WANdiscouberSVNSubversionServer;WANdisco uberSVN Subversion Server;c:\program files\wandisco\ubersvn\bin\httpd.exe [2011-7-19 17920]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-15 1343400]
S4 RsFx0200;RsFx0200 Driver;c:\windows\system32\drivers\RsFx0200.sys [2012-2-11 268888]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql11.sqlexpress\mssql\binn\SQLAGENT.EXE [2012-2-11 438360]
.
=============== File Associations ===============
.
FileExt: .reg: Applications\TextPad.exe="c:\program files\textpad 5\TextPad.exe" -s "%1" [UserChoice]
FileExt: .js: jsfile="c:\program files\adobe\adobe dreamweaver cs3\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-10-18 10:58:10 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-18 10:23:59 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-18 10:23:46 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-18 10:21:20 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-18 10:21:16 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-10-18 10:21:06 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-18 10:21:05 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-18 10:17:30 6918632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{38f81599-9931-4231-8a79-cf24eb72a17f}\mpengine.dll
2012-10-09 08:16:10 6980552 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-10-08 18:15:33 -------- d-----w- c:\programdata\Canon IJ Network Tool
2012-10-08 18:15:25 323584 ----a-w- c:\windows\system32\CNC_AUL.dll
2012-10-08 18:15:25 286720 ----a-w- c:\windows\system32\CNC_AUC.dll
2012-10-08 18:15:25 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2012-10-08 18:15:25 114688 ----a-w- c:\windows\system32\CNC_AUU.dll
2012-10-08 18:15:25 114688 ----a-w- c:\windows\system32\CNC_AUI.dll
2012-10-08 18:14:34 83968 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPPAU.DLL
2012-10-08 18:14:34 29184 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPDAU.DLL
2012-10-08 18:13:48 310272 ----a-w- c:\windows\system32\CNMLMAU.DLL
2012-10-08 18:13:35 184320 ----a-w- c:\windows\system32\CNMIUAU.DLL
2012-10-08 17:59:03 363008 ----a-w- c:\windows\system32\CNMNPPM.DLL
2012-10-08 17:59:03 35328 ----a-w- c:\windows\system32\CNMNPUI.DLL
2012-10-08 17:59:03 -------- d-----w- c:\windows\system32\STRING
2012-10-05 22:18:27 740784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b8edcdd0-7f7b-4341-bd50-916566aece42}\gapaengine.dll
2012-10-01 20:43:46 -------- d-s---w- d:\users\euan\Google Drive
2012-10-01 16:40:57 -------- d-----w- c:\windows\en-gb
2012-10-01 16:40:39 49088 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-10-01 16:40:31 -------- d-----w- c:\windows\en
2012-10-01 16:38:14 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-10-01 16:38:14 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-10-01 16:38:13 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-10-01 16:38:13 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-10-01 16:35:35 89944 ----a-w- c:\program files\common files\windows live\.cache\c49344201cd9ff207\DSETUP.dll
2012-10-01 16:35:35 537432 ----a-w- c:\program files\common files\windows live\.cache\c49344201cd9ff207\DXSETUP.exe
2012-10-01 16:35:35 1801048 ----a-w- c:\program files\common files\windows live\.cache\c49344201cd9ff207\dsetup32.dll
2012-10-01 16:35:07 89944 ----a-w- c:\program files\common files\windows live\.cache\b627cd2b1cd9ff203\DSETUP.dll
2012-10-01 16:35:07 537432 ----a-w- c:\program files\common files\windows live\.cache\b627cd2b1cd9ff203\DXSETUP.exe
2012-10-01 16:35:07 1801048 ----a-w- c:\program files\common files\windows live\.cache\b627cd2b1cd9ff203\dsetup32.dll
2012-10-01 16:35:03 525656 ----a-w- c:\program files\common files\windows live\.cache\b356e21e1cd9ff202\DXSETUP.exe
2012-10-01 16:35:03 1691480 ----a-w- c:\program files\common files\windows live\.cache\b356e21e1cd9ff202\dsetup32.dll
2012-10-01 16:35:02 94040 ----a-w- c:\program files\common files\windows live\.cache\b356e21e1cd9ff202\DSETUP.dll
2012-09-26 08:57:48 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-18 21:59:13 -------- d-----w- d:\users\euan\appdata\local\Nik Software
.
==================== Find3M ====================
.
2012-09-01 09:11:56 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-01 09:11:55 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-30 21:03:50 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 21:03:50 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-22 17:16:54 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16:46 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16:46 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16:36 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 17:40:31 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 17:40:01 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 15:33:28 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-02 16:57:20 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-07-30 12:32:08 83168 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-07-28 01:54:00 321472 ----a-w- c:\windows\WLXPGSS.SCR
2012-07-26 18:08:06 862664 ----a-w- c:\windows\system32\msvcr110.dll
2012-07-26 18:08:06 534480 ----a-w- c:\windows\system32\msvcp110.dll
2012-07-26 18:08:06 251864 ----a-w- c:\windows\system32\vccorlib110.dll
2012-07-26 18:08:06 153536 ----a-w- c:\windows\system32\atl110.dll
2012-07-26 18:08:06 115656 ----a-w- c:\windows\system32\vcomp110.dll
.
============= FINISH: 20:52:03.80 ===============