laralara
-
Posts
60 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by laralara
-
I just tried to install Adobe Reader 9.5.0 and got this message: Setup has detected that you already have a more functional product installed. Setup will now terminate.
-
This is what it said yesterday before I uninstalled ComboFix, etc [shell_NotifyIcon]Failed to perform desired action. Error code 0 I went ahead and uninstalled ComboFix, and updated Java, etc last night. This morning, when I booted, it took a while and then I got "Shell_NotifyIcon Failed to perform desired action. Error code: 2" So it's basically still doing what it's been doing. I "randomly" can boot with no problem, then sometimes I get the error code 0 and then sometimes it takes a while to boot and I get error code 2. The error codes show up shortly after booting, I just didn't notice it yesterday... By the way, I had a hard time uninstalling ComboFix. I couldn't do it from the Window run box. So I renamed it uninstall.exe but after double clicking it, it seemed like it was going to run again as it was complaining about my anti virus being on. I clicked "cancel" and then it said ComboFix was uninstalled. I hope that didn't mess anything up.- I'm going to update Adobe Reader 9 now. Thank you so much for working with me.
-
I just noticed that there is still an error code 0. Does that mean anything?
-
# AdwCleaner v2.007 - Logfile created 11/14/2012 at 19:01:46 # Updated 06/11/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : sharon - SHUTTLE # Boot Mode : Normal # Running from : C:\Documents and Settings\sharon\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\Documents and Settings\sharon\Application Data\Mozilla\Firefox\Profiles\nuy0i18j.default\searchplugins\Search_Results.xml File Deleted : C:\Documents and Settings\sharon\Application Data\Mozilla\Firefox\Profiles\nuy0i18j.default\searchplugins\yahoo-zugo.xml File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml File Deleted : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia Folder Deleted : C:\Documents and Settings\sharon\Application Data\AVG Secure Search Folder Deleted : C:\Documents and Settings\sharon\Application Data\searchquband Folder Deleted : C:\Documents and Settings\sharon\Local Settings\Application Data\Conduit Folder Deleted : C:\Documents and Settings\sharon\Start Menu\Programs\vGrabber Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\Trymedia Folder Deleted : C:\Program Files\v-Grabber ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\ConduitSearchScopes Key Deleted : HKCU\Software\Headlight Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3059010 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Freeze.com ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Documents and Settings\jun\Application Data\Mozilla\Firefox\Profiles\dfhy4j44.default\prefs.js Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search"); Profile name : default File : C:\Documents and Settings\sharon\Application Data\Mozilla\Firefox\Profiles\nuy0i18j.default\prefs.js C:\Documents and Settings\sharon\Application Data\Mozilla\Firefox\Profiles\nuy0i18j.default\user.js ... Deleted ! Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Deleted : user_pref("browser.search.defaultthis.engineName", "Vgrabber Customized Web Search"); Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3059010&Sea[...] Deleted : user_pref("browser.search.order.1", "Search Results"); Profile name : default File : C:\Documents and Settings\Rachel\Application Data\Mozilla\Firefox\Profiles\64uuh40b.default\prefs.js Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search"); -\\ Google Chrome v24.0.1312.14 File : C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Deleted [l.28] : urls_to_restore_on_startup = [ "hxxp://www.bing.com/", [ "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=48" ] ] Deleted [l.5195] : urls_to_restore_on_startup = [ "hxxp://www.bing.com/", [ "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=48" ] ] File : C:\Documents and Settings\Rachel\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [4743 octets] - [14/11/2012 16:47:30] AdwCleaner[s1].txt - [4721 octets] - [14/11/2012 19:01:46] ########## EOF - C:\AdwCleaner[s1].txt - [4781 octets] ########## Results of screen317's Security Check version 0.99.54 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Symantec Endpoint Protection Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Yahoo! Anti-Spy SUPERAntiSpyware Malwarebytes Anti-Malware version 1.65.1.1000 Java 2 Runtime Environment Standard Edition v1.3.1_02 JavaFX 2.1.1 Java 6 Update 30 Java 7 Update 5 Java 6 Update 7 Java version out of Date! Adobe Flash Player 11.4.402.287 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (16.0.2) ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 1% ````````````````````End of Log``````````````````````
-
Here you go: # AdwCleaner v2.007 - Logfile created 11/14/2012 at 16:47:30 # Updated 06/11/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : sharon - SHUTTLE # Boot Mode : Normal # Running from : C:\Documents and Settings\sharon\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Documents and Settings\sharon\Application Data\Mozilla\Firefox\Profiles\nuy0i18j.default\searchplugins\Search_Results.xml File Found : C:\Documents and Settings\sharon\Application Data\Mozilla\Firefox\Profiles\nuy0i18j.default\searchplugins\yahoo-zugo.xml File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml File Found : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml Folder Found : C:\Documents and Settings\All Users\Application Data\boost_interprocess Folder Found : C:\Documents and Settings\All Users\Application Data\Trymedia Folder Found : C:\Documents and Settings\sharon\Application Data\AVG Secure Search Folder Found : C:\Documents and Settings\sharon\Application Data\searchquband Folder Found : C:\Documents and Settings\sharon\Local Settings\Application Data\Conduit Folder Found : C:\Documents and Settings\sharon\Start Menu\Programs\vGrabber Folder Found : C:\Program Files\Conduit Folder Found : C:\Program Files\Trymedia Folder Found : C:\Program Files\v-Grabber ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AVG Secure Search Key Found : HKCU\Software\ConduitSearchScopes Key Found : HKCU\Software\Headlight Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKCU\Software\Softonic Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3059010 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\Freeze.com Key Found : HKU\S-1-5-21-515967899-790525478-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Documents and Settings\jun\Application Data\Mozilla\Firefox\Profiles\dfhy4j44.default\prefs.js Found : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Found : user_pref("browser.search.selectedEngine", "AVG Secure Search"); Profile name : default File : C:\Documents and Settings\sharon\Application Data\Mozilla\Firefox\Profiles\nuy0i18j.default\prefs.js Found : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Found : user_pref("browser.search.defaultthis.engineName", "Vgrabber Customized Web Search"); Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3059010&Sea[...] Found : user_pref("browser.search.order.1", "Search Results"); Profile name : default File : C:\Documents and Settings\Rachel\Application Data\Mozilla\Firefox\Profiles\64uuh40b.default\prefs.js Found : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Found : user_pref("browser.search.selectedEngine", "AVG Secure Search"); -\\ Google Chrome v24.0.1312.14 File : C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Found [l.28] : urls_to_restore_on_startup = [ "hxxp://www.bing.com/", [ "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=48" ] ] Found [l.5192] : urls_to_restore_on_startup = [ "hxxp://www.bing.com/", [ "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=48" ] ] File : C:\Documents and Settings\Rachel\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [4614 octets] - [14/11/2012 16:47:30] ########## EOF - C:\AdwCleaner[R1].txt - [4674 octets] ##########
-
Here is the ComboFix log ComboFix 12-11-14.01 - sharon 11/14/2012 13:38:52.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1075 [GMT -8:00] Running from: c:\documents and settings\sharon\Desktop\ComboFix.exe AV: Symantec Endpoint Protection *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C} FW: Symantec Endpoint Protection *Disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\_ctypes.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\_elementtree.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\_hashlib.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\_socket.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\_ssl.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\pyexpat.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\pysqlite2._sqlite.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\python26.dll c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\pythoncom26.dll c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\PyWinTypes26.dll c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\select.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\unicodedata.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\win32api.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\win32com.shell.shell.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\win32crypt.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\win32event.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\win32file.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\win32inet.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\win32pdh.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\win32process.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\win32profile.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\win32security.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\win32ts.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\windows._cacheinvalidation.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wx._controls_.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wx._core_.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wx._gdi_.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wx._html2.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wx._misc_.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wx._windows_.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wx._wizard.pyd c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wxbase293u_net_vc.dll c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wxbase293u_vc.dll c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wxmsw293u_adv_vc.dll c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wxmsw293u_core_vc.dll c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wxmsw293u_html_vc.dll c:\docume~1\sharon\LOCALS~1\Temp\_MEI19402\wxmsw293u_webview_vc.dll c:\documents and settings\sharon\Application Data\AdobeDLM.log c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\_ctypes.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\_elementtree.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\_hashlib.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\_socket.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\_ssl.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\pyexpat.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\pysqlite2._sqlite.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\python26.dll c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\pythoncom26.dll c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\PyWinTypes26.dll c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\select.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\unicodedata.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\win32api.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\win32com.shell.shell.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\win32crypt.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\win32event.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\win32file.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\win32inet.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\win32pdh.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\win32process.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\win32profile.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\win32security.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\win32ts.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\windows._cacheinvalidation.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wx._controls_.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wx._core_.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wx._gdi_.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wx._html2.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wx._misc_.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wx._windows_.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wx._wizard.pyd c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wxbase293u_net_vc.dll c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wxbase293u_vc.dll c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wxmsw293u_adv_vc.dll c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wxmsw293u_core_vc.dll c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wxmsw293u_html_vc.dll c:\documents and settings\sharon\Local Settings\Temp\_MEI19402\wxmsw293u_webview_vc.dll c:\documents and settings\sharon\Local Settings\Temporary Internet Files\cookies.sqlite c:\documents and settings\sharon\WINDOWS c:\program files\Common c:\windows\Downloaded Program Files\f3initialsetup1.0.0.15.inf c:\windows\EventSystem.log c:\windows\Firehand Lightning Screen Saver.cfg c:\windows\system32\100.tmp c:\windows\system32\178.tmp c:\windows\system32\1D4.tmp c:\windows\system32\PowerToyReadme.htm c:\windows\system32\SET598.tmp c:\windows\system32\SET5A4.tmp c:\windows\system32\URTTemp c:\windows\system32\URTTemp\regtlib.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_RKHIT -------\Service_RkHit . . ((((((((((((((((((((((((( Files Created from 2012-10-14 to 2012-11-14 ))))))))))))))))))))))))))))))) . . 2012-11-06 15:08 . 2012-11-06 15:08 -------- d-----w- c:\documents and settings\sharon\Application Data\SUPERAntiSpyware.com 2012-11-06 15:07 . 2012-11-07 16:18 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-11-06 15:07 . 2012-11-06 15:07 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2012-11-02 14:35 . 2012-11-02 14:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Freemake 2012-11-02 14:34 . 2012-11-02 14:35 -------- d-----w- c:\program files\Freemake 2012-11-01 16:19 . 2012-04-09 07:40 79360 ----a-w- c:\windows\system32\ff_vfw.dll 2012-11-01 16:13 . 2012-11-01 16:13 -------- d-----w- c:\program files\Common Files\xing shared 2012-11-01 15:47 . 2012-11-01 15:47 -------- d-----w- c:\documents and settings\sharon\Application Data\Digiarty 2012-11-01 15:47 . 2012-11-01 15:47 -------- d-----w- c:\program files\Digiarty . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-09 00:27 . 2012-09-25 23:43 174056 ----a-w- c:\windows\system32\drivers\wpshelper.sys 2012-10-22 08:37 . 2004-08-04 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-10-10 07:22 . 2012-05-05 16:23 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-10 07:22 . 2011-05-21 01:52 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-10 07:22 . 2012-10-10 06:22 10220472 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2012-10-02 18:04 . 2004-08-04 12:00 58368 ----a-w- c:\windows\system32\synceng.dll 2012-09-30 02:54 . 2012-09-14 17:01 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-25 23:41 . 2012-09-25 23:41 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL 2012-09-25 23:41 . 2012-09-25 23:41 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2012-09-21 14:50 . 2012-09-14 16:47 105088 ----a-w- c:\windows\system32\drivers\av5flt.sys 2012-08-28 15:14 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07 . 2004-08-04 12:00 385024 ------w- c:\windows\system32\html.iec 2012-08-24 13:53 . 2004-08-04 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-21 13:33 . 2004-08-04 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-21 12:58 . 2004-08-03 22:59 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-11-06 19:52 . 2012-11-06 19:51 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn9\yt.dll" [2012-06-11 1524056] . [HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}] [HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1] [HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}] [HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-10-25 22:45 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-03 111856] "OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-21 719672] "InstallIQUpdater"="c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-08-10 1176064] "GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-10-25 16052192] "12F9BEC1EC6BE2D5615C75033DB928BBBB2922E8._service_run"="c:\documents and settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [2012-11-06 1247768] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-06 4763008] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2010-01-25 115560] "Communicator"="c:\program files\Microsoft Lync\communicator.exe" [2012-09-29 12105344] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-11-01 296096] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968] . c:\documents and settings\sharon\Start Menu\Programs\Startup\ OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk backup=c:\windows\pss\McAfee Security Scan.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk backup=c:\windows\pss\Windows Search.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^sharon^Start Menu^Programs^Startup^Seagate NA0JGNRB Product Registration.lnk] path=c:\documents and settings\sharon\Start Menu\Programs\Startup\Seagate NA0JGNRB Product Registration.lnk backup=c:\windows\pss\Seagate NA0JGNRB Product Registration.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2011-09-27 14:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] 2010-03-13 22:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2008-04-14 00:12 110592 ----a-w- c:\windows\system32\bthprops.cpl . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Communicator] 2012-09-29 04:44 12105344 ----a-w- c:\program files\Microsoft Lync\communicator.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EverioService] 2006-11-23 05:10 151552 ----a-w- c:\program files\CyberLink\PCM4Everio\EverioService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] 2007-11-08 07:56 166424 ----a-r- c:\windows\system32\hkcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2007-11-08 07:56 141848 ----a-r- c:\windows\system32\igfxtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-11-13 08:24 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 18:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] 2007-11-08 07:56 137752 ----a-r- c:\windows\system32\igfxpers.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2007-10-25 03:57 16855552 ------r- c:\windows\RTHDCPL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2007-10-11 03:04 1826816 ------r- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-17 18:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YMailAdvisor] 2009-05-08 10:53 174424 ----a-w- c:\program files\Yahoo!\Common\YMailAdvisor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection] 2009-02-03 13:15 111856 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe"= "c:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe"= "c:\\Documents and Settings\\sharon\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "c:\\Documents and Settings\\sharon\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\Smc.exe"= "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE"= "c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"= "c:\\Program Files\\Microsoft Lync\\communicator.exe"= "c:\\Program Files\\Microsoft Lync\\UcMapi.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [5/8/2006 9:46 AM 4064] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 8:27 AM 12880] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 1:55 PM 67664] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [8/11/2011 3:38 PM 116608] R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [10/21/2011 3:23 PM 196176] R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [10/13/2011 5:21 PM 249648] R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [8/25/2011 5:53 PM 13672] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [9/14/2012 9:01 AM 399432] R2 ReplicaSysMon;Seagate Replica System Monitor;c:\program files\Seagate Replica\bin\ReplicaSysMon.exe [3/31/2011 11:46 AM 416208] R2 Seagate-Replica-Svc;Seagate Replica Service;c:\program files\Seagate Replica\bin\Seagate-Replica-Svc.exe [3/31/2011 11:46 AM 1947600] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/25/2012 3:45 PM 106656] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9/14/2012 9:01 AM 22856] S0 jrvtbk;jrvtbk;c:\windows\system32\drivers\tguv.sys --> c:\windows\system32\drivers\tguv.sys [?] S0 pkixkats;pkixkats;c:\windows\system32\drivers\uijs.sys --> c:\windows\system32\drivers\uijs.sys [?] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9/14/2012 9:01 AM 676936] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [12/2/2009 3:02 PM 23888] S3 FANTOM;LEGO MINDSTORMS NXT Driver;c:\windows\system32\drivers\fantom.sys [3/10/2006 2:55 PM 39424] S3 Ftdippk2sacs;Ftdippk2sacs; [x] S3 Pdrprsp;Pdrprsp; [x] S3 RDID1059;Cakewalk Music Connector 1;c:\windows\system32\drivers\Rdwm1059.sys [10/21/2006 5:24 PM 66674] S3 Wptaontfhm;Wptaontfhm; [x] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] 2009-03-08 11:32 128512 ----a-w- c:\windows\system32\advpack.dll . Contents of the 'Scheduled Tasks' folder . 2012-11-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 07:22] . 2012-11-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 20:34] . 2012-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-25 23:47] . 2012-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-25 23:47] . 2012-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-790525478-682003330-1004Core.job - c:\documents and settings\sharon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-26 01:55] . 2012-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-790525478-682003330-1004UA.job - c:\documents and settings\sharon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-26 01:55] . 2012-11-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-515967899-790525478-682003330-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 21:27] . 2012-11-12 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-790525478-682003330-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 21:27] . 2012-11-14 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task a11f6e15-a95d-420c-9ca2-958410e41e78.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52] . 2012-11-10 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task de10ebce-b45f-49d3-ac39-e198ae5e3843.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/?ilc=1 uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com IE: &Google Search IE: &Translate English Word IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm IE: Backward Links IE: Cached Snapshot of Page IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: Similar Pages IE: Translate Page into English IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm Trusted Zone: intuit.com\ttlc Trusted Zone: turbotax.com TCP: DhcpNameServer = 192.168.1.254 DPF: {26B2A5DA-BFD6-422F-A89A-28A54C74B12B} - hxxp://www.costcophotocenter.com/upload/activex/v3_0_0_4/PhotoCenter_ActiveX_Control.cab DPF: {DEA6994F-3ED5-40BC-B5E3-0FD02411B1B4} - hxxp://www.costcophotocenter.com/upload/activex/v3_0_0_1/PhotoCenter_ActiveX_Control.cab? FF - ProfilePath - c:\documents and settings\sharon\Application Data\Mozilla\Firefox\Profiles\nuy0i18j.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3059010&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?fr=fp-tyc8 FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc8&p= FF - ExtSQL: 2012-11-01 09:13; {0153E448-190B-4987-BDE1-F256CADA672F}; c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - ExtSQL: 2012-11-02 07:35; fmconverter@gmail.com; c:\program files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox FF - ExtSQL: 2019-09-25 23:40; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\documents and settings\sharon\Application Data\Mozilla\Firefox\Profiles\nuy0i18j.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi FF - ExtSQL: !HIDDEN! 2009-09-02 06:20; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - user.js: yahoo.ytff.general.dontshowhpoffer - true . - - - - ORPHANS REMOVED - - - - . Toolbar-10 - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) HKCU-Run-VoipStunt - c:\program files\VoipStunt.com\VoipStunt\VoipStunt.exe HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe HKCU-Run-RepairSolutions - c:\program files\RepairSolutions\RepairSolutions.exe HKCU-Run-Pando - c:\program files\Pando Networks\Pando\Pando.exe Notify-avldr - (no file) SafeBoot-Symantec Antvirus MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe MSConfigStartUp-AVG_UI - c:\program files\AVG\AVG2013\avgui.exe MSConfigStartUp-nwiz - nwiz.exe MSConfigStartUp-ROC_ROC_NT - c:\program files\AVG Secure Search\ROC_ROC_NT.exe MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe MSConfigStartUp-vProt - c:\program files\AVG Secure Search\vprot.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-11-14 14:25 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . . c:\docume~1\sharon\LOCALS~1\Temp\_MEI24802\support c:\docume~1\sharon\LOCALS~1\Temp\_MEI24802\support\gen_py c:\docume~1\sharon\LOCALS~1\Temp\_MEI24802\support\gen_py\__init__.py 0 bytes . scan completed successfully hidden files: 3 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Seagate-Replica-Svc] "ImagePath"="c:\program files\Seagate Replica\bin\Seagate-Replica-Svc.exe /startedbyscm:FE2355B7-40E2EE35-RebitSvcModule" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(3648) c:\windows\system32\WININET.dll c:\program files\Google\Drive\googledrivesync32.dll c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~3\Office14\1033\GrooveIntlResource.dll c:\program files\iTunes\iTunesMiniPlayer.dll c:\program files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Symantec\Symantec Endpoint Protection\Smc.exe c:\program files\Common Files\Symantec Shared\ccSvcHst.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe c:\program files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe c:\program files\Common Files\Motive\McciCMService.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\windows\system32\dllhost.exe c:\program files\Symantec\Symantec Endpoint Protection\Rtvscan.exe c:\windows\system32\SearchIndexer.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files\Canon\CAL\CALMAIN.exe c:\windows\system32\dllhost.exe c:\windows\system32\msdtc.exe c:\program files\Symantec\Symantec Endpoint Protection\SmcGui.exe c:\program files\Seagate Replica\bin\Seagate-Replica-Autoplay.exe c:\program files\Seagate Replica\bin\Seagate-Replica-Tray.exe c:\progra~1\Yahoo!\MESSEN~1\ymsgr_tray.exe . ************************************************************************** . Completion time: 2012-11-14 14:34:54 - machine was rebooted ComboFix-quarantined-files.txt 2012-11-14 22:34 . Pre-Run: 405,210,607,616 bytes free Post-Run: 426,953,527,296 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect C:\wubildr.mbr = "Ubuntu" . - - End Of File - - 8E1BB86D4F6FBCA0AE059B650EB748C7 Thanks!
-
Thanks for the prompt response, I just want to back up my computer before i do the ComboFix, I'm so scared of doing it because of all the warnings....
-
<p> </p> <pre> --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1009 © Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 8.0.6001.18702 Java version: 1.6.0_30 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.199000 GHz Memory total: 2138222592, free: 799772672 ------------ Kernel report ------------ 11/12/2012 09:50:16 ------------ Loaded modules ----------- \WINDOWS\system32\ntkrnlpa.exe \WINDOWS\system32\hal.dll \WINDOWS\system32\KDCOM.DLL \WINDOWS\system32\BOOTVID.dll ACPI.sys \WINDOWS\system32\DRIVERS\WMILIB.SYS pci.sys isapnp.sys ohci1394.sys \WINDOWS\system32\DRIVERS\1394BUS.SYS pciide.sys \WINDOWS\system32\DRIVERS\PCIIDEX.SYS MountMgr.sys ftdisk.sys dmload.sys dmio.sys PartMgr.sys VolSnap.sys atapi.sys disk.sys \WINDOWS\system32\DRIVERS\CLASSPNP.SYS fltmgr.sys sr.sys PxHelp20.sys KSecDD.sys WudfPf.sys Ntfs.sys NDIS.sys sfhlp02.sys sfdrv01.sys Mup.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\igxpmp32.sys \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\system32\DRIVERS\l251x86.sys \SystemRoot\system32\DRIVERS\usbuhci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\fdc.sys \SystemRoot\system32\DRIVERS\parport.sys \SystemRoot\system32\DRIVERS\ASACPI.sys \SystemRoot\system32\DRIVERS\i8042prt.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\serial.sys \SystemRoot\system32\DRIVERS\serenum.sys \SystemRoot\system32\DRIVERS\imapi.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\system32\DRIVERS\redbook.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\System32\Drivers\GEARAspiWDM.sys \SystemRoot\system32\DRIVERS\audstub.sys \SystemRoot\system32\DRIVERS\rasirda.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\psched.sys \SystemRoot\system32\DRIVERS\msgpc.sys \SystemRoot\system32\DRIVERS\ptilink.sys \SystemRoot\system32\DRIVERS\raspti.sys \SystemRoot\system32\DRIVERS\rdpdr.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\system32\DRIVERS\teefer2.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\update.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RtkHDAud.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\flpydisk.sys \SystemRoot\System32\Drivers\SRTSP.SYS \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20121111.008\NAVEX15.SYS \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20121111.008\NAVENG.SYS \SystemRoot\system32\DRIVERS\usbprint.sys \SystemRoot\System32\Drivers\SRTSPX.SYS \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\System32\Drivers\Cdr4_xp.SYS \SystemRoot\System32\Drivers\Cdralw2k.SYS \SystemRoot\System32\Drivers\Fs_Rec.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\Drivers\ATMhelpr.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\Drivers\mnmdd.SYS \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\rasacd.sys \SystemRoot\system32\DRIVERS\ipsec.sys \SystemRoot\system32\DRIVERS\tcpip.sys \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys \SystemRoot\system32\DRIVERS\ipnat.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\System32\Drivers\SYMTDI.SYS \SystemRoot\system32\DRIVERS\netbt.sys \SystemRoot\System32\drivers\afd.sys \SystemRoot\system32\DRIVERS\netbios.sys \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\System32\Drivers\Fips.SYS \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys \SystemRoot\System32\Drivers\Cdfs.SYS \SystemRoot\System32\Drivers\dump_atapi.sys \SystemRoot\System32\Drivers\dump_WMILIB.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\watchdog.sys \SystemRoot\System32\drivers\dxg.sys \SystemRoot\System32\drivers\dxgthk.sys \SystemRoot\System32\igxpgd32.dll \SystemRoot\System32\igxprd32.dll \SystemRoot\System32\igxpdv32.DLL \SystemRoot\System32\igxpdx32.DLL \??\C:\WINDOWS\system32\drivers\mbam.sys \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys \SystemRoot\system32\DRIVERS\irda.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\System32\ATMFD.DLL \??\C:\WINDOWS\system32\drivers\WpsHelper.sys \SystemRoot\system32\DRIVERS\mrxdav.sys \SystemRoot\System32\drivers\BrPar.sys \SystemRoot\System32\Drivers\ParVdm.SYS \SystemRoot\System32\Drivers\DgiVecp.sys \SystemRoot\system32\DRIVERS\srv.sys \SystemRoot\System32\Drivers\Fastfat.SYS \SystemRoot\system32\drivers\wdmaud.sys \SystemRoot\system32\drivers\sysaudio.sys \SystemRoot\system32\DRIVERS\ipfltdrv.sys \SystemRoot\System32\Drivers\HTTP.sys \SystemRoot\System32\Drivers\SYMREDRV.SYS \??\C:\DOCUME~1\sharon\LOCALS~1\Temp\mbr.sys \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys \WINDOWS\system32\ntdll.dll ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffffff8a7b6030 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-e\ Lower Device Object: 0xffffffff8a762d98 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi DriverEntry returned 0x0 Function returned 0x0 Downloaded database version: v2012.11.12.04 Downloaded database version: v2012.11.09.02 Initializing... Done! Scanning directory: C:\WINDOWS\system32\drivers... <<<2>>> Device number: 0, partition: 1 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffffff8a7b6030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff8a75a340, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff8a7b6030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff8a75ca98, DeviceName: \Device\0000007e\, DriverName: \Driver\ACPI\ DevicePointer: 0xffffffff8a762d98, DeviceName: \Device\Ide\IdeDeviceP2T0L0-e\, DriverName: \Driver\atapi\ ------------ End ---------- Upper DeviceData: 0xffffffffe718c2d0, 0xffffffff8a7b6030, 0xffffffff88a5d8b0 Lower DeviceData: 0xffffffffe851ac68, 0xffffffff8a762d98, 0xffffffff8a125848 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 30D5EE0B Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 1953520002 Partition file system is NTFS Partition is bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 1000204886016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)... Done! Performing system, memory and registry scan... Read File: File "C:\Documents and Settings\sharon\Local Settings\Temp\DDMCache\How.I.Met.Your.Mother.S01E09.couchpotatoes.forumotion.net.DVDRip.XviD-TOPAZ_ns.avi" is sparse (flags = 32768) Read File: File "C:\Documents and Settings\sharon\Local Settings\Temp\DDMCache\How.I.Met.Your.Mother.S01E09.couchpotatoes.forumotion.net.DVDRip.XviD-TOPAZ_ns.avi" is sparse (flags = 32768) Read File: File "C:\WINDOWS\$NtUninstallKB915865$\update.ver" is compressed (flags = 1) Read File: File "C:\WINDOWS\$NtUninstallKB915865$\updatebr.inf" is compressed (flags = 1) Done! Scan finished</pre> <p> </p> <p> </p> <p> </p> <pre> Malwarebytes Anti-Rootkit 1.1.0.1009 www.malwarebytes.org Database version: v2012.11.12.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 sharon :: SHUTTLE [administrator] 11/12/2012 1:06:33 PM mbar-log-2012-11-12 (13-06-33).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: PUP | PUM | P2P Objects scanned: 41629 Time elapsed: 3 hour(s), 15 minute(s), 46 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)</pre>
-
RogueKiller V8.2.3 [11/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website: http://tigzy.geekstogo.com/roguekiller.php Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : sharon [Admin rights] Mode : Scan -- Date : 11/12/2012 09:36:01 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 1 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ SSDT[12] : NtAlertResumeThread @ 0x805D4BDC -> HOOKED (Unknown @ 0x8A1BD598) SSDT[13] : NtAlertThread @ 0x805D4B8C -> HOOKED (Unknown @ 0x8A02C3E0) SSDT[17] : NtAllocateVirtualMemory @ 0x805A8AC2 -> HOOKED (Unknown @ 0x8A148348) SSDT[31] : NtConnectPort @ 0x805A45D8 -> HOOKED (Unknown @ 0x8A027178) SSDT[43] : NtCreateMutant @ 0x806176AE -> HOOKED (Unknown @ 0x8A19A898) SSDT[53] : NtCreateThread @ 0x805D1038 -> HOOKED (Unknown @ 0x8A7B0500) SSDT[83] : NtFreeVirtualMemory @ 0x805B2FBA -> HOOKED (Unknown @ 0x8A0298B8) SSDT[89] : NtImpersonateAnonymousToken @ 0x805F9258 -> HOOKED (Unknown @ 0x8A1A3878) SSDT[91] : NtImpersonateThread @ 0x805D7860 -> HOOKED (Unknown @ 0x8A48CBF8) SSDT[108] : NtMapViewOfSection @ 0x805B2042 -> HOOKED (Unknown @ 0x8A1B8A10) SSDT[114] : NtOpenEvent @ 0x8060F06C -> HOOKED (Unknown @ 0x8A19AEC0) SSDT[123] : NtOpenProcessToken @ 0x805EDF26 -> HOOKED (Unknown @ 0x8A272648) SSDT[129] : NtOpenThreadToken @ 0x805EDF44 -> HOOKED (Unknown @ 0x8A02A990) SSDT[206] : NtResumeThread @ 0x805D4A18 -> HOOKED (Unknown @ 0x8A4B36C0) SSDT[213] : NtSetContextThread @ 0x805D2C1A -> HOOKED (Unknown @ 0x8A677860) SSDT[228] : NtSetInformationProcess @ 0x805CDEA0 -> HOOKED (Unknown @ 0x8A19B888) SSDT[229] : NtSetInformationThread @ 0x805CC124 -> HOOKED (Unknown @ 0x8A02CEB0) SSDT[253] : NtSuspendProcess @ 0x805D4AE0 -> HOOKED (Unknown @ 0x8A026488) SSDT[254] : NtSuspendThread @ 0x805D4952 -> HOOKED (Unknown @ 0x8A2A8AB8) SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS @ 0xA867D640) SSDT[258] : NtTerminateThread @ 0x805D24D2 -> HOOKED (Unknown @ 0x8A2B6458) SSDT[267] : NtUnmapViewOfSection @ 0x805B2E50 -> HOOKED (Unknown @ 0x8A1963A0) SSDT[277] : NtWriteVirtualMemory @ 0x805B43D4 -> HOOKED (Unknown @ 0x8A029948) S_SSDT[383] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x88CCE1E8) ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST31000528AS +++++ --- User --- [MBR] d73962480abac290be476a68dab61ebd [bSP] 0dc9148d47c877cfd41a21fd99980882 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_11122012_02d0936.txt >> RKreport[1]_S_11122012_02d0936.txt
-
Sometimes my computer boots fine and quickly with no error code. Then sometimes I get an error code 0 and then at times I get an error code 2 and it takes quite a while to start up. Here is the DDS.txt from today after it started up with an error code 2 . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-07.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 5/6/2006 5:31:58 PM System Uptime: 11/12/2012 7:26:18 AM (1 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5GC-MX/1333 Processor: Intel® Core2 Duo CPU E4500 @ 2.20GHz | LGA 775 | 2199/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 932 GiB total, 382.879 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP446: 8/14/2012 2:31:18 PM - System Checkpoint RP447: 8/15/2012 4:04:09 PM - System Checkpoint RP448: 8/15/2012 7:56:44 PM - Software Distribution Service 3.0 RP449: 8/16/2012 9:01:13 PM - System Checkpoint RP450: 8/17/2012 9:06:26 PM - System Checkpoint RP451: 8/18/2012 9:48:17 PM - System Checkpoint RP452: 8/20/2012 12:25:47 PM - System Checkpoint RP453: 8/21/2012 2:31:51 PM - System Checkpoint RP454: 8/22/2012 2:40:03 PM - System Checkpoint RP455: 8/23/2012 3:12:37 PM - System Checkpoint RP456: 8/25/2012 10:25:27 AM - System Checkpoint RP457: 8/26/2012 10:51:05 AM - System Checkpoint RP458: 8/27/2012 11:22:00 AM - System Checkpoint RP459: 8/28/2012 2:53:19 PM - System Checkpoint RP460: 8/29/2012 7:36:02 PM - System Checkpoint RP461: 8/31/2012 8:54:44 AM - System Checkpoint RP462: 9/1/2012 10:43:10 AM - System Checkpoint RP463: 9/2/2012 1:27:13 PM - System Checkpoint RP464: 9/3/2012 1:33:44 PM - System Checkpoint RP465: 9/4/2012 2:57:21 PM - System Checkpoint RP466: 9/5/2012 3:52:15 PM - System Checkpoint RP467: 9/6/2012 4:33:44 PM - System Checkpoint RP468: 9/9/2012 12:04:12 AM - System Checkpoint RP469: 9/10/2012 6:11:54 AM - System Checkpoint RP470: 9/11/2012 6:55:30 AM - System Checkpoint RP471: 9/12/2012 12:05:55 AM - Software Distribution Service 3.0 RP472: 9/13/2012 11:02:40 AM - System Checkpoint RP473: 9/14/2012 1:15:55 PM - System Checkpoint RP474: 9/15/2012 10:32:27 PM - System Checkpoint RP475: 9/16/2012 3:29:49 PM - Installed calibre RP476: 9/16/2012 3:31:14 PM - Removed calibre RP477: 9/17/2012 10:01:20 PM - System Checkpoint RP478: 9/18/2012 10:21:26 PM - System Checkpoint RP479: 9/19/2012 8:39:14 PM - Restore Operation RP480: 9/19/2012 8:58:07 PM - Restore Operation RP481: 9/19/2012 9:17:08 PM - Restore Operation RP482: 9/20/2012 9:55:15 PM - System Checkpoint RP483: 9/21/2012 8:40:18 AM - Installed AVG 2013 RP484: 9/21/2012 8:40:57 AM - Installed AVG 2013 RP485: 9/22/2012 4:47:27 AM - Software Distribution Service 3.0 RP486: 9/23/2012 5:10:28 PM - System Checkpoint RP487: 9/24/2012 6:56:26 PM - System Checkpoint RP488: 9/25/2012 8:02:50 AM - Restore Operation RP489: 9/25/2012 3:42:18 PM - Software Distribution Service 3.0 RP490: 9/25/2012 4:25:08 PM - Removed AVG 2013 RP491: 9/25/2012 4:27:26 PM - Removed AVG 2013 RP492: 9/25/2012 4:39:40 PM - Installed Symantec Endpoint Protection. RP493: 9/26/2012 9:50:02 AM - Software Distribution Service 3.0 RP494: 9/27/2012 4:57:35 PM - System Checkpoint RP495: 9/27/2012 6:29:20 PM - Software Distribution Service 3.0 RP496: 9/28/2012 6:53:01 PM - System Checkpoint RP497: 10/10/2012 12:27:29 AM - System Checkpoint RP498: 10/10/2012 12:58:38 AM - Software Distribution Service 3.0 RP499: 10/11/2012 10:08:16 AM - System Checkpoint RP500: 10/12/2012 11:39:41 AM - System Checkpoint RP501: 10/13/2012 11:57:41 AM - System Checkpoint RP502: 10/14/2012 3:41:15 PM - System Checkpoint RP503: 10/15/2012 9:42:21 PM - System Checkpoint RP504: 10/16/2012 10:59:02 PM - System Checkpoint RP505: 10/17/2012 11:30:23 PM - System Checkpoint RP506: 10/19/2012 10:21:38 AM - System Checkpoint RP507: 10/20/2012 12:05:43 PM - System Checkpoint RP508: 10/21/2012 12:40:08 PM - System Checkpoint RP509: 10/22/2012 2:03:26 PM - System Checkpoint RP510: 10/23/2012 3:34:13 PM - System Checkpoint RP511: 10/24/2012 6:13:33 PM - System Checkpoint RP512: 10/26/2012 12:14:28 AM - System Checkpoint RP513: 10/27/2012 12:20:17 AM - System Checkpoint RP514: 10/28/2012 12:22:40 PM - Installed calibre RP515: 10/28/2012 12:28:25 PM - Removed calibre RP516: 10/29/2012 12:34:47 PM - System Checkpoint RP517: 10/30/2012 12:45:06 PM - System Checkpoint RP518: 10/31/2012 2:53:37 PM - System Checkpoint RP519: 11/1/2012 4:01:51 PM - System Checkpoint RP520: 11/2/2012 4:16:30 PM - System Checkpoint RP521: 11/3/2012 8:22:26 PM - System Checkpoint RP522: 11/4/2012 10:27:52 PM - System Checkpoint RP523: 11/5/2012 10:36:46 PM - System Checkpoint RP524: 11/6/2012 11:17:53 PM - System Checkpoint RP525: 11/8/2012 10:58:35 AM - System Checkpoint RP526: 11/10/2012 10:54:28 AM - System Checkpoint RP527: 11/11/2012 11:46:22 AM - System Checkpoint . ==== Installed Programs ====================== . 7-Zip 4.65 Acrobat.com Adobe Acrobat Reader 3.01 Adobe AIR Adobe Digital Editions Adobe Download Manager 2.0 (Remove Only) Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop CS Adobe Photoshop Elements 2.0 Adobe Reader X (10.1.4) Adobe Shockwave Player 11.5 Adobe Type Manager 4.0 Alchemy Deluxe 1.5y Amazon MP3 Downloader 1.0.17 AnalogX Capture AnswerWorks 4.0 Runtime - English AnswerWorks 5.0 English Runtime Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® L2 Fast Ethernet Driver ATT-PRT22 Audacity 1.2.4 Audacity Recovery Utility AVS Update Manager 1.0 AVS Video Converter 8 AVS4YOU Software Navigator 1.4 AXIS Media Control Bing Bar Bonjour Brother HL-5250DN calibre Canon Camera Access Library Canon Camera Support Core Library Canon Camera Window DC_DV 5 for ZoomBrowser EX Canon CanoScan Toolbox 4.1 Canon DIGITAL CAMERA Solution Disk Software Guide Canon G.726 WMP-Decoder Canon i850 CANON iMAGE GATEWAY MyCamera Download Plugin CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon MOV Decoder Canon MOV Encoder Canon MovieEdit Task for ZoomBrowser EX Canon MP Navigator EX 1.0 Canon PhotoRecord Canon PowerShot ELPH 100 HS_IXUS 115 HS Camera User Guide Canon RAW Image Task for ZoomBrowser EX Canon RemoteCapture Task for ZoomBrowser EX Canon Utilities CameraWindow DC Canon Utilities CameraWindow DC 8 Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities CameraWindow Launcher Canon Utilities Easy-PhotoPrint Canon Utilities EOS Utility Canon Utilities Movie Uploader for YouTube Canon Utilities MyCamera Canon Utilities MyCamera DC Canon Utilities PhotoStitch Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CanoScan LiDE 90 Carmen Sandiego Math Detective Combined Community Codec Pack 2008-01-24 Cosmopolitan Fashion Makeover Deluxe Critical Update for Windows Media Player 11 (KB959772) CutePDF Writer 2.8 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Digital Photo Navigator 1.5 Discovering French, Nouveau! Take-Home Tutor Blanc DivX Web Player Documentation of lcc-win32 DVD Flick 1.3.0.7 eMedia Piano and Keyboard Method ffdshow v1.2.4422 [2012-04-09] Finale NotePad 2002 Firehand Ember Firehand Lightning Firehand Lightning Photo Album Viewer Firehand Lightning Screen Saver Firehand Lightning Slideshow Player Freemake Video Converter version 3.1.2 Garfield's Typing Pal GIMPshop 2.2.8 Google Chrome Google Drive Google Earth Google Talk (remove only) Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper Guitar Guru Version 2.2.5.0 High Definition Audio Driver Package - KB888111 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) iDump (Backing up your iPod) Image Resizer Powertoy for Windows XP InstallIQ Updater Intel RSX 3D Intel® Graphics Media Accelerator Driver InterActual Player iPod for Windows 2006-06-28 IrfanView (remove only) iTunes J2SE Runtime Environment 5.0 Update 6 J2SE Runtime Environment 5.0 Update 9 Java 2 Runtime Environment Standard Edition v1.3.1_02 Java Auto Updater Java 6 Update 30 Java 6 Update 7 Java 7 Update 5 JavaFX 2.1.1 Junk Mail filter update Korean Fonts Support For Adobe Reader 9 lcc-win32 version 3.2 (base system) LEGO MINDSTORMS NXT Dynamic Block Update LEGO® MINDSTORMS® NXT - English Language Pack LEGO® MINDSTORMS® NXT Driver LEGO® MINDSTORMS® NXT Software v1.0 LiveUpdate 3.3 (Symantec Corporation) Malwarebytes Anti-Malware version 1.65.1.1000 Math Advantage Geometry Math Contests Grades 4-8 32-bit McAfee Security Scan Memory Savior v2.0 MicroMachines V4 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Lync 2010 Microsoft National Language Support Downlevel APIs Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft Software Update for Web Folders (English) 14 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Move Networks Media Player for Internet Explorer Mozilla Firefox 16.0.2 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Musicnotes Player V1.23.1 and Viewer Musition 3 Demo Musition 3 Student Edition MyHeritage Family Tree Builder MyPublisher BookMaker Napster Napster Burn Engine Nero Suite Online help of lcc-win32 OpenOffice.org 3.2 Oregon Trail® 5 OTOY Pando PayPal Plug-In Piano Suite Lite Picasa 2 PowerCinema NE for Everio PowerDirector Express PowerProducer Production Explorer v3.0 Python 3.1.3 QuickTime Rainbow Reefs dx 1280x1024 Screen Saver RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 RemoteCapture Task 1.0.3 Seagate Replica v3.0.1801.8554 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Segoe UI Shockwave SmartMusic 2012 Snapshot Viewer Spellbound! Spelling Dictionaries Support For Adobe Reader 9 SUPERAntiSpyware Symantec Endpoint Protection Synthesia (remove only) The Print Shop TurboTax 2008 TurboTax 2008 wcaiper TurboTax 2008 WinPerFedFormset TurboTax 2008 WinPerProgramHelp TurboTax 2008 WinPerReleaseEngine TurboTax 2008 WinPerTaxSupport TurboTax 2008 WinPerUserEducation TurboTax 2008 wrapper TurboTax 2009 TurboTax 2009 wcaiper TurboTax 2009 WinPerFedFormset TurboTax 2009 WinPerReleaseEngine TurboTax 2009 WinPerTaxSupport TurboTax 2009 wrapper TurboTax 2010 TurboTax 2010 wcaiper TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 wrapper TurboTax 2011 TurboTax 2011 wcaiper TurboTax 2011 WinPerFedFormset TurboTax 2011 WinPerReleaseEngine TurboTax 2011 WinPerTaxSupport TurboTax 2011 wrapper TurboTax Deluxe 2007 Ubuntu Unity Web Player Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Windows Internet Explorer 8 (KB2447568) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB976662) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2492386) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VC80CRTRedist - 8.0.50727.4053 ViceVersa Pro 2 (Build 2010) WebFldrs XP win32 online help Winamp Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live OneCare safety scanner Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Management Framework Core Windows Media Format 11 runtime Windows Media Player 11 Windows Search 4.0 Windows XP Service Pack 3 WinX HD Video Converter Deluxe 3.12.4 Writing and Grammar Bronze Yahoo! Anti-Spy Yahoo! Browser Services Yahoo! Install Manager Yahoo! Internet Mail Yahoo! Mail Advisor Yahoo! Messenger Yahoo! Search Protection Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 11/9/2012 6:07:35 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect. 11/9/2012 6:07:35 AM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 11/9/2012 6:06:56 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect. 11/9/2012 6:06:56 AM, error: Service Control Manager [7000] - The LiveUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 11/9/2012 6:06:56 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435} 11/9/2012 6:06:01 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Seagate Replica System Monitor service to connect. 11/9/2012 6:06:01 AM, error: Service Control Manager [7000] - The Seagate Replica System Monitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 11/7/2012 8:20:21 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: sfsync04 11/7/2012 8:20:15 AM, error: Service Control Manager [7000] - The Pdrprsp service failed to start due to the following error: The system cannot find the file specified. 11/7/2012 8:20:15 AM, error: Service Control Manager [7000] - The Ftdippk2sacs service failed to start due to the following error: The system cannot find the path specified. 11/10/2012 10:06:49 AM, error: Service Control Manager [7000] - The Distributed Transaction Coordinator service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 11/10/2012 10:06:48 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Distributed Transaction Coordinator service to connect. . ==== End Of File ===========================
-
. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 5/6/2006 5:31:58 PM System Uptime: 9/15/2012 9:05:12 PM (2 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5GC-MX/1333 Processor: Intel® Core™2 Duo CPU E4500 @ 2.20GHz | LGA 775 | 2199/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 932 GiB total, 397.714 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP394: 6/17/2012 9:34:37 PM - System Checkpoint RP395: 6/18/2012 10:38:30 PM - System Checkpoint RP396: 6/20/2012 7:45:48 AM - System Checkpoint RP397: 6/21/2012 11:31:14 AM - System Checkpoint RP398: 6/22/2012 12:35:40 PM - System Checkpoint RP399: 6/24/2012 10:35:29 AM - System Checkpoint RP400: 6/25/2012 10:38:15 AM - System Checkpoint RP401: 6/26/2012 11:12:22 AM - System Checkpoint RP402: 6/27/2012 11:54:13 AM - System Checkpoint RP403: 6/28/2012 12:16:08 PM - System Checkpoint RP404: 6/29/2012 12:52:33 PM - System Checkpoint RP405: 6/30/2012 6:39:21 PM - System Checkpoint RP406: 7/1/2012 7:37:18 PM - System Checkpoint RP407: 7/2/2012 7:38:51 PM - System Checkpoint RP408: 7/3/2012 8:46:11 PM - System Checkpoint RP409: 7/4/2012 9:31:41 PM - System Checkpoint RP410: 7/5/2012 9:49:05 PM - System Checkpoint RP411: 7/7/2012 10:03:42 PM - System Checkpoint RP412: 7/8/2012 10:11:48 PM - System Checkpoint RP413: 7/9/2012 6:23:59 AM - Removed Skype™ 5.8 RP414: 7/9/2012 6:25:05 AM - Removed Skype Click to Call RP415: 7/10/2012 10:00:18 AM - System Checkpoint RP416: 7/11/2012 8:22:48 PM - Software Distribution Service 3.0 RP417: 7/12/2012 10:48:34 PM - System Checkpoint RP418: 7/14/2012 11:00:18 AM - System Checkpoint RP419: 7/15/2012 12:07:01 PM - System Checkpoint RP420: 7/16/2012 12:25:32 PM - System Checkpoint RP421: 7/17/2012 12:58:22 PM - System Checkpoint RP422: 7/18/2012 2:26:26 PM - System Checkpoint RP423: 7/19/2012 5:11:41 PM - System Checkpoint RP424: 7/20/2012 6:35:06 PM - System Checkpoint RP425: 7/21/2012 8:25:32 PM - System Checkpoint RP426: 7/22/2012 8:27:14 PM - System Checkpoint RP427: 7/23/2012 8:49:48 PM - Installed Java™ 7 Update 5 RP428: 7/23/2012 8:50:42 PM - Installed JavaFX 2.1.1 RP429: 7/24/2012 9:20:59 PM - System Checkpoint RP430: 7/25/2012 10:05:11 PM - System Checkpoint RP431: 7/26/2012 11:20:37 PM - System Checkpoint RP432: 7/28/2012 11:38:29 AM - System Checkpoint RP433: 7/29/2012 1:28:20 PM - System Checkpoint RP434: 7/30/2012 1:35:27 PM - System Checkpoint RP435: 7/31/2012 2:12:31 PM - System Checkpoint RP436: 8/1/2012 5:17:16 PM - System Checkpoint RP437: 8/2/2012 8:15:58 PM - System Checkpoint RP438: 8/3/2012 9:16:24 PM - System Checkpoint RP439: 8/4/2012 10:05:54 PM - System Checkpoint RP440: 8/6/2012 10:20:29 AM - System Checkpoint RP441: 8/7/2012 12:26:37 PM - System Checkpoint RP442: 8/8/2012 12:48:47 PM - System Checkpoint RP443: 8/9/2012 10:48:43 PM - System Checkpoint RP444: 8/11/2012 10:33:53 AM - System Checkpoint RP445: 8/13/2012 12:14:15 PM - System Checkpoint RP446: 8/14/2012 2:31:18 PM - System Checkpoint RP447: 8/15/2012 4:04:09 PM - System Checkpoint RP448: 8/15/2012 7:56:44 PM - Software Distribution Service 3.0 RP449: 8/16/2012 9:01:13 PM - System Checkpoint RP450: 8/17/2012 9:06:26 PM - System Checkpoint RP451: 8/18/2012 9:48:17 PM - System Checkpoint RP452: 8/20/2012 12:25:47 PM - System Checkpoint RP453: 8/21/2012 2:31:51 PM - System Checkpoint RP454: 8/22/2012 2:40:03 PM - System Checkpoint RP455: 8/23/2012 3:12:37 PM - System Checkpoint RP456: 8/25/2012 10:25:27 AM - System Checkpoint RP457: 8/26/2012 10:51:05 AM - System Checkpoint RP458: 8/27/2012 11:22:00 AM - System Checkpoint RP459: 8/28/2012 2:53:19 PM - System Checkpoint RP460: 8/29/2012 7:36:02 PM - System Checkpoint RP461: 8/31/2012 8:54:44 AM - System Checkpoint RP462: 9/1/2012 10:43:10 AM - System Checkpoint RP463: 9/2/2012 1:27:13 PM - System Checkpoint RP464: 9/3/2012 1:33:44 PM - System Checkpoint RP465: 9/4/2012 2:57:21 PM - System Checkpoint RP466: 9/5/2012 3:52:15 PM - System Checkpoint RP467: 9/6/2012 4:33:44 PM - System Checkpoint RP468: 9/9/2012 12:04:12 AM - System Checkpoint RP469: 9/10/2012 6:11:54 AM - System Checkpoint RP470: 9/11/2012 6:55:30 AM - System Checkpoint RP471: 9/12/2012 12:05:55 AM - Software Distribution Service 3.0 RP472: 9/13/2012 11:02:40 AM - System Checkpoint RP473: 9/14/2012 1:15:55 PM - System Checkpoint RP474: 9/15/2012 10:32:27 PM - System Checkpoint . ==== Installed Programs ====================== . . 7-Zip 4.65 Acrobat.com Adobe Acrobat Reader 3.01 Adobe AIR Adobe Digital Editions Adobe Download Manager 2.0 (Remove Only) Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop CS Adobe Photoshop Elements 2.0 Adobe Reader X (10.1.4) Adobe Shockwave Player 11.5 Adobe Type Manager 4.0 Alchemy Deluxe 1.5y Amazon MP3 Downloader 1.0.17 AnalogX Capture AnswerWorks 4.0 Runtime - English AnswerWorks 5.0 English Runtime Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® L2 Fast Ethernet Driver ATT-PRT22 Audacity 1.2.4 Audacity Recovery Utility AVS Update Manager 1.0 AVS Video Converter 8 AVS4YOU Software Navigator 1.4 AXIS Media Control Bing Bar Bonjour Brother HL-5250DN calibre Canon Camera Access Library Canon Camera Support Core Library Canon Camera Window DC_DV 5 for ZoomBrowser EX Canon CanoScan Toolbox 4.1 Canon DIGITAL CAMERA Solution Disk Software Guide Canon G.726 WMP-Decoder Canon i850 CANON iMAGE GATEWAY MyCamera Download Plugin CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon MOV Decoder Canon MOV Encoder Canon MovieEdit Task for ZoomBrowser EX Canon MP Navigator EX 1.0 Canon PhotoRecord Canon PowerShot ELPH 100 HS_IXUS 115 HS Camera User Guide Canon RAW Image Task for ZoomBrowser EX Canon RemoteCapture Task for ZoomBrowser EX Canon Utilities CameraWindow DC Canon Utilities CameraWindow DC 8 Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities CameraWindow Launcher Canon Utilities Easy-PhotoPrint Canon Utilities EOS Utility Canon Utilities Movie Uploader for YouTube Canon Utilities MyCamera Canon Utilities MyCamera DC Canon Utilities PhotoStitch Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CanoScan LiDE 90 Carmen Sandiego Math Detective Combined Community Codec Pack 2008-01-24 Cosmopolitan Fashion Makeover Deluxe Critical Update for Windows Media Player 11 (KB959772) CutePDF Writer 2.8 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Digital Photo Navigator 1.5 Discovering French, Nouveau! Take-Home Tutor Blanc Discovering French, Nouveau! Take-Home Tutor Bleu DivX Web Player Documentation of lcc-win32 DVD Flick 1.3.0.7 eMedia Piano and Keyboard Method Finale NotePad 2002 Firehand Ember Firehand Lightning Firehand Lightning Photo Album Viewer Firehand Lightning Screen Saver Firehand Lightning Slideshow Player Garfield's Typing Pal GIMPshop 2.2.8 Google Chrome Google Drive Google Earth Google Talk (remove only) Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper Guitar Guru Version 2.2.5.0 High Definition Audio Driver Package - KB888111 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) iDump (Backing up your iPod) Image Resizer Powertoy for Windows XP InstallIQ Updater Intel RSX 3D Intel® Graphics Media Accelerator Driver InterActual Player iPod for Windows 2006-06-28 IrfanView (remove only) iTunes J2SE Runtime Environment 5.0 Update 6 J2SE Runtime Environment 5.0 Update 9 Java 2 Runtime Environment Standard Edition v1.3.1_02 Java Auto Updater Java™ 6 Update 30 Java™ 6 Update 7 Java™ 7 Update 5 JavaFX 2.1.1 Junk Mail filter update Korean Fonts Support For Adobe Reader 9 lcc-win32 version 3.2 (base system) LEGO MINDSTORMS NXT Dynamic Block Update LEGO® MINDSTORMS® NXT - English Language Pack LEGO® MINDSTORMS® NXT Driver LEGO® MINDSTORMS® NXT Software v1.0 Malwarebytes Anti-Malware version 1.65.0.1400 Math Advantage Geometry Math Contests Grades 4-8 32-bit McAfee Security Scan MicroMachines V4 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Lync 2010 Microsoft National Language Support Downlevel APIs Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft Software Update for Web Folders (English) 14 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Move Networks Media Player for Internet Explorer Mozilla Firefox 15.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Musicnotes Player V1.23.1 and Viewer Musition 3 Demo Musition 3 Student Edition MyHeritage Family Tree Builder MyPublisher BookMaker Napster Napster Burn Engine Nero Suite Online help of lcc-win32 OpenOffice.org 3.2 Oregon Trail® 5 OTOY Panda Antivirus Pro 2010 Pando PayPal Plug-In Piano Suite Lite Picasa 2 PowerCinema NE for Everio PowerDirector Express PowerProducer Production Explorer v3.0 Python 3.1.3 QuickTime Rainbow Reefs dx 1280x1024 Screen Saver RealPlayer Realtek High Definition Audio Driver RemoteCapture Task 1.0.3 Seagate Replica v3.0.1801.8554 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Segoe UI Shockwave SmartMusic 2012 Snapshot Viewer Spellbound! Spelling Dictionaries Support For Adobe Reader 9 SUPERAntiSpyware Synthesia (remove only) The Print Shop TurboTax 2008 TurboTax 2008 wcaiper TurboTax 2008 WinPerFedFormset TurboTax 2008 WinPerProgramHelp TurboTax 2008 WinPerReleaseEngine TurboTax 2008 WinPerTaxSupport TurboTax 2008 WinPerUserEducation TurboTax 2008 wrapper TurboTax 2009 TurboTax 2009 wcaiper TurboTax 2009 WinPerFedFormset TurboTax 2009 WinPerReleaseEngine TurboTax 2009 WinPerTaxSupport TurboTax 2009 wrapper TurboTax 2010 TurboTax 2010 wcaiper TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 wrapper TurboTax 2011 TurboTax 2011 wcaiper TurboTax 2011 WinPerFedFormset TurboTax 2011 WinPerReleaseEngine TurboTax 2011 WinPerTaxSupport TurboTax 2011 wrapper TurboTax Deluxe 2007 Ubuntu Unity Web Player Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Windows Internet Explorer 8 (KB2447568) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB976662) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VC80CRTRedist - 8.0.50727.4053 ViceVersa Pro 2 (Build 2010) WebFldrs XP win32 online help Winamp Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live OneCare safety scanner Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Media Format 11 runtime Windows Media Player 11 Windows Search 4.0 Windows XP Service Pack 3 Writing and Grammar Bronze Yahoo! Anti-Spy Yahoo! Browser Services Yahoo! Install Manager Yahoo! Internet Mail Yahoo! Mail Advisor Yahoo! Messenger Yahoo! Search Protection Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 9/15/2012 10:07:53 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'NetAdapt.cfg' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 9/12/2012 7:25:55 AM, error: Service Control Manager [7000] - The Pdrprsp service failed to start due to the following error: The system cannot find the file specified. 9/12/2012 7:25:55 AM, error: Service Control Manager [7000] - The Ftdippk2sacs service failed to start due to the following error: The system cannot find the path specified. 9/11/2012 6:12:48 AM, error: Service Control Manager [7034] - The Panda TPSrv service terminated unexpectedly. It has done this 1 time(s). 9/10/2012 12:49:37 AM, error: Service Control Manager [7034] - The MS Software Shadow Copy Provider service terminated unexpectedly. It has done this 1 time(s). 9/10/2012 12:49:27 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the COM+ System Application service to connect. 9/10/2012 12:49:27 AM, error: Service Control Manager [7000] - The COM+ System Application service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 9/10/2012 12:49:27 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A} . ==== End Of File =========================== . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1 Run by sharon at 23:02:01 on 2012-09-15 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.594 [GMT -7:00] . AV: Panda Antivirus Pro 2010 *Enabled/Updated* {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A} FW: Panda Personal Firewall 2010 *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe C:\PROGRAM FILES\PANDA SECURITY\PANDA ANTIVIRUS PRO 2010\WebProxy.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe svchost.exe C:\WINDOWS\system32\svchost -k Panda C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsCtrls.exe C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\Program Files\Panda Security\Panda Antivirus Pro 2010\Firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PsImSvc.exe C:\Program Files\Panda Security\Panda Antivirus Pro 2010\PskSvc.exe C:\Program Files\Seagate Replica\bin\ReplicaSysMon.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Seagate Replica\bin\Seagate-Replica-Svc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Panda Security\Panda Antivirus Pro 2010\pavsrv51.exe C:\Program Files\Panda Security\Panda Antivirus Pro 2010\AVENGINE.EXE C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Seagate Replica\bin\Seagate-Replica-Autoplay.exe C:\Program Files\Panda Security\Panda Antivirus Pro 2010\ApVxdWin.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Seagate Replica\bin\Seagate-Replica-Tray.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\CyberLink\PCM4Everio\EverioService.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Yahoo!\Common\YMailAdvisor.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sharon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\SearchProtocolHost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/?ilc=1 uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8 uWindow Title = Windows Internet Explorer provided by Yahoo! mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com mSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn9\yt.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn9\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Lync Browser Helper: {31d09ba0-12f5-4cce-be8a-2923e76605da} - c:\program files\microsoft lync\OCHelper.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi9130~1\datamngr\toolbar\searchqudtx.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll BHO: OToolbarHelper Class: {ead3a971-6a23-4246-8691-c9244e858967} - c:\program files\paypal\paypal plug-in\PayPalHelper.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn7\YTSingleInstance.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn9\yt.dll TB: PayPal Plug-In: {dc0f2f93-27fa-4f84-acaa-9416f90b9511} - c:\program files\paypal\paypal plug-in\OToolbar.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi9130~1\datamngr\toolbar\searchqudtx.dll TB: !{b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - No File TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\sharon\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet uRun: [VoipStunt] "c:\program files\voipstunt.com\voipstunt\VoipStunt.exe" -nosplash -minimized uRun: [search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe uRun: [YSearchProtection] c:\program files\yahoo!\search protection\SearchProtection.exe uRun: [installIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 uRun: [RepairSolutions] "c:\program files\repairsolutions\RepairSolutions.exe" uRun: [Pando] "c:\program files\pando networks\pando\Pando.exe" /Minimized uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE" uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe" mRun: [APVXDWIN] "c:\program files\panda security\panda antivirus pro 2010\APVXDWIN.EXE" /s mRun: [sCANINICIO] "c:\program files\panda security\panda antivirus pro 2010\Inicio.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [skyTel] SkyTel.EXE mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [nwiz] nwiz.exe /install mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [EverioService] "c:\program files\cyberlink\pcm4everio\EverioService.exe" mRun: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent mRun: [Alcmtr] ALCMTR.EXE mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [YMailAdvisor] "c:\program files\yahoo!\common\YMailAdvisor.exe" mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Communicator] "c:\program files\microsoft lync\communicator.exe" /fromrunkey mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe mExplorerRun: [hhkkxbkmi] c:\windows\system32\ersvc0.exe StartupFolder: c:\docume~1\sharon\startm~1\programs\startup\seagat~1.lnk - c:\documents and settings\sharon\application data\leadertech\powerregister\Seagate NA0JGNRB Product Registration.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\1.0.150\SSScheduler.exe IE: &Google Search IE: &Translate English Word IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm IE: Backward Links IE: Cached Snapshot of Page IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105 IE: Similar Pages IE: Translate Page into English IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - c:\program files\yahoo!\messenger\YahooMessenger.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft lync\OCHelper.dll IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll Trusted Zone: intuit.com\ttlc Trusted Zone: turbotax.com DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - hxxp://www.musicnotes.com/download/mnviewer.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {26B2A5DA-BFD6-422F-A89A-28A54C74B12B} - hxxp://www.costcophotocenter.com/upload/activex/v3_0_0_4/PhotoCenter_ActiveX_Control.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.costcophotocenter.com/CostcoActivia.cab DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148495998140 DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - hxxp://74.62.238.180//activex/AMC.cab DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.3.1/jinstall-131_02-win.cab DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {DEA6994F-3ED5-40BC-B5E3-0FD02411B1B4} - hxxp://www.costcophotocenter.com/upload/activex/v3_0_0_1/PhotoCenter_ActiveX_Control.cab? DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} - hxxp://www.costcophotocenter.com/upload/activex/v3_0_0_2/PhotoCenter_ActiveX_Control.cab? TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{5A8F6FFB-E926-41E2-BB5F-4AFD048FFAB1} : DhcpNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Notify: avldr - avldr.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\sharon\application data\mozilla\firefox\profiles\nuy0i18j.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3059010&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?fr=fp-tyc8 FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc8&p= FF - plugin: c:\documents and settings\sharon\application data\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\sharon\application data\mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: c:\documents and settings\sharon\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin10171.dll FF - plugin: c:\program files\canon\mycamera download plugin\NPCIG.dll FF - plugin: c:\program files\common files\motive\npMotive.dll FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\NPAdbESD.dll FF - plugin: c:\program files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_271.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true ============= SERVICES / DRIVERS =============== . R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2010-4-5 28552] R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2012-1-6 75016] R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [2006-5-8 4064] R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2012-1-6 53128] R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2012-1-6 22072] R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2012-1-6 193800] R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2012-1-6 159112] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2010-4-5 41144] R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2012-1-6 46728] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-11 116608] R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2011-12-21 54760] R2 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k panda --> c:\windows\system32\svchost -k Panda [?] R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-14 399432] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-14 676936] R2 Panda Software Controller;Panda Software Controller;c:\program files\panda security\panda antivirus pro 2010\PsCtrlS.exe [2010-4-5 173312] R2 PAVDRV;pavdrv;c:\windows\system32\drivers\pavdrv51.sys [2010-4-5 84024] R2 PAVFNSVR;Panda Function Service;c:\program files\panda security\panda antivirus pro 2010\PavFnSvr.exe [2010-4-5 169216] R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2010-4-5 163336] R2 PavPrSrv;Panda Process Protection Service;c:\program files\common files\panda security\pavshld\PavPrSrv.exe [2010-4-5 62768] R2 PAVSRV;Panda On-Access Anti-Malware Service;c:\program files\panda security\panda antivirus pro 2010\PAVSRV51.EXE [2010-4-5 291584] R2 PskSvcRetail;Panda PSK service;c:\program files\panda security\panda antivirus pro 2010\psksvc.exe [2010-4-5 28928] R2 ReplicaSysMon;Seagate Replica System Monitor;c:\program files\seagate replica\bin\ReplicaSysMon.exe [2011-3-31 416208] R2 Seagate-Replica-Svc;Seagate Replica Service;c:\program files\seagate replica\bin\Seagate-Replica-Svc.exe [2011-3-31 1947600] R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys [2012-9-14 105088] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-14 22856] R3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39;c:\windows\system32\drivers\neti1639.sys [2010-4-5 199432] S0 jrvtbk;jrvtbk;c:\windows\system32\drivers\tguv.sys --> c:\windows\system32\drivers\tguv.sys [?] S0 pkixkats;pkixkats;c:\windows\system32\drivers\uijs.sys --> c:\windows\system32\drivers\uijs.sys [?] S2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-24 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-5 250056] S3 Aintsplit_3;Aintsplit_3; [x] S3 FANTOM;LEGO MINDSTORMS NXT Driver;c:\windows\system32\drivers\fantom.sys [2006-3-10 39424] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] S3 Ftdippk2sacs;Ftdippk2sacs; [x] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-24 136176] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 114144] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\pavsrk.sys --> c:\windows\system32\PavSRK.sys [?] S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\pavtpk.sys --> c:\windows\system32\PavTPK.sys [?] S3 Pdrprsp;Pdrprsp; [x] S3 RDID1059;Cakewalk Music Connector 1;c:\windows\system32\drivers\Rdwm1059.sys [2006-10-21 66674] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== File Associations =============== . JSEFile=c:\progra~1\pandas~2\pandaa~1\PAVSCRIP.EXE "%1" %* VBEFile=c:\progra~1\pandas~2\pandaa~1\PAVSCRIP.EXE "%1" %* VBSFile=c:\progra~1\pandas~2\pandaa~1\PAVSCRIP.EXE "%1" %* . =============== Created Last 30 ================ . 2012-09-14 17:01:41 -------- d-----w- c:\documents and settings\sharon\application data\Malwarebytes 2012-09-14 17:01:26 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-09-14 17:01:25 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-14 17:01:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-14 16:47:59 105088 ----a-w- c:\windows\system32\drivers\av5flt.sys 2012-09-09 15:54:59 73696 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll 2012-09-09 15:54:59 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2012-09-09 15:54:59 18912 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll . ==================== Find3M ==================== . 2012-09-14 17:22:42 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-14 17:22:41 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-06 05:07:08 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-07-06 05:06:30 772544 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-07-06 05:06:20 687544 ----a-w- c:\windows\system32\deployJava1.dll 2012-07-04 14:05:18 139784 ------w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll 2012-07-02 17:49:32 43520 ------w- c:\windows\system32\licmgr10.dll 2012-07-02 17:49:32 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-07-02 12:05:43 385024 ------w- c:\windows\system32\html.iec . ============= FINISH: 23:04:09.23 ===============