The time service will not change the system time by more than -54000 seconds.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. Create new restore point before proceeding with the next step....

Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights. Please refer to Attach.txt .

When the scan is finished and no malware has been found select "Exit ".

Please copy and paste the contents of that file here. ===================================================================== Download MBRCheck to your desktop Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run

  1. Then do a "Perform Full Scan"Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update
  3. You probably did ask for install a tool in order to login 支付宝。The reason is from here:http://ask.alipay.com/help/show_help----6515288-.htmYou can either just uninstall it or click on "disable the notifications" during the notification
  4. According to the program's creator Quick Scan will do just fine.).Click Scan.When the scan is complete, click OK, then Show Results to view the results.If Malware is found...Be sure that everything
  5. Please download Malwarebytes' Anti-Malware from HERE or HERENote: If you already have Malwarebytes' Anti-Malware, just run and update it..
  6. uStart Page = hxxp://mail.google.com/ uSearch Bar = Preserve uSearch Page = hxxp://www.google.com uProxyOverride = BHO: AutorunsDisabled - BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: BOC ProcessProtect
  8. If an infected file is detected, the default action will be Cure, click on Continue.
  9. From the last SDFix log & somewhere else I saw a User Account name "ASPNET", which I have no idea where it came from, and I cannot locate it from Control

* In the Task Manager, Processes Tab, there are 5 svchost.exe running under Syetem and 2 svchost.exe running under Network Service ......

Keep updating me regarding your computer behavior, good, or bad. It has done this 13 time(s).12/12/2008 10:22:32 PM, error: Service Control Manager [7034] - The visualgsm service terminated unexpectedly.

It has done this 10 time(s).12/12/2008 9:08:32 PM, error: Service Control Manager [7034] - The visualGSMSMPPReceiver service terminated unexpectedly.

Wait until the Status box shows Deleting Finished.

Started by touchring , Dec 22 2008 07:04 AM
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/ Download Malwarebytes Anti-Rootkit to your desktop. It has done this 3 time(s).12/12/2008 5:38:19 PM, error: Service Control Manager [7011] - Timeout (240000 milliseconds) waiting for a transaction response from the service.12/12/2008 5:37:00 PM, error: Service Control Manager

Once the computer is totally clean, I'll certainly let you know. C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\TAMSvr.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\alipay\aliedit\\AlipaySecSvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Microsoft Device Health\DhMachineSvc.exe c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe c:\Program Files\O2Micro Flash Let it finish. scanning hidden autostart entries ...scanning hidden files ...

If more than one log is produced post all logs.
Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 16/09/2014 Scan Time: 6:39:36 AM Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|> is working properly.==== End Of File ===========================

Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_VID&000205AC_PID&12A0\7&477F254&0&18345141B64E_C00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_VID&000205AC_PID&12A0\7&477F254&0&18345141B64E_C00000000 Service: . ==== System Restore Points =================== . As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Extract (unzip) its contents to your desktop. This is a china address and highly suspicious, but the fact that zonealarm only captured cscript.exe gives me no further clue which might be the calling application.3.