[Super sluggish, can't access router]

I'm not sure about some of these files. I just looked back over what you said to do and I forgot to reboot into safe mode. It seemed to run just fine this time. Should I redo it in safe mode? Also, I don't remember deleting that file from MB but it's not showing up now? Unless that's one of the ones that showed up in the AdwCleaner log. 

 

 

 

# AdwCleaner v3.022 - Report created 18/03/2014 at 12:14:06

# Updated 13/03/2014 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : THE Administrator - DESKTOP

# Running from : C:\Documents and Settings\THE Administrator\Desktop\adwcleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

File Found : C:\Documents and Settings\THE Administrator\Application Data\Mozilla\Firefox\Profiles\3g0cs3i8.default\searchplugins\conduit-search.xml

File Found : C:\END

File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\adawaretb.xml

Folder Found C:\Documents and Settings\All Users.WINDOWS\Application Data\Free Ride Games

Folder Found C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Optimizer Pro

Folder Found C:\Documents and Settings\All Users.WINDOWS\Application Data\WeCareReminder

Folder Found C:\Documents and Settings\THE Administrator\Local Settings\Application Data\SearchProtect

Folder Found C:\Program Files\Freeze.com

Folder Found C:\Program Files\StumbleUpon

Folder Found C:\Program Files\Watch Football TV

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}

Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\Freeze.com

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C792A75A-2A1F-4991-9B85-291745478A79}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner

Key Found : HKLM\Software\SearchProtect

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

 

-\\ Mozilla Firefox v26.0 (en-US)

 

[ File : C:\Documents and Settings\THE Administrator\Application Data\Mozilla\Firefox\Profiles\3g0cs3i8.default\prefs.js ]

 

 

-\\ Google Chrome v33.0.1750.154

 

[ File : C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Documents and Settings\THE Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [3325 octets] - [18/03/2014 12:14:06]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3385 octets] ##########

 

 

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.03.18.07

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

THE Administrator :: DESKTOP [administrator]

 

3/18/2014 12:29:09 PM

mbam-log-2014-03-18 (12-29-09).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 404264

Time elapsed: 5 minute(s), 2 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

[Super sluggish, can't access router]

I deleted AdwCleaner and went to download it again but is something up with the Terms of Service? It says it's the English version but the I Accept and I Refuse buttons are in French. ?? They weren't like that when I downloaded it the first time. 

[Super sluggish, can't access router]

Thanks for the info about Chrome.

 

I downloaded and ran AdAware. It came up with no infected files or whatever and didn't create a log. I searched for AdwCleaner[R0].txt and the other one but nothing. Should I run it again? I probably clicked on the wrong thing. I've been at this all day and I'm tired. 

 

You guys are freakin life savers. I'm gonna get off here for awhile and maybe even feed my family then I'll be back  

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.03.15.04

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

THE Administrator :: DESKTOP [administrator]

 

3/15/2014 4:10:47 PM

MBAM-log-2014-03-15 (16-18-07)post.txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 403619

Time elapsed: 5 minute(s), 50 second(s)

 

Memory Processes Detected: 1

C:\Documents and Settings\All Users.WINDOWS\Application Data\Search Protection\SearchProtection.exe (PUP.Optional.SearchProtection.A) -> 3880 -> No action taken.

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Search Protection (PUP.Optional.SearchProtection.A) -> Data: C:\Documents and Settings\All Users.WINDOWS\Application Data\Search Protection\SearchProtection.exe -> No action taken.

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 1

C:\Documents and Settings\All Users.WINDOWS\Application Data\Search Protection\SearchProtection.exe (PUP.Optional.SearchProtection.A) -> No action taken.

 

(end)

[Super sluggish, can't access router]

Ok, will do.

 

Here's Combofix's log. I discovered with this one that saving to and running from the desktop is different than sending a shortcut to the desktop. I use Chrome and I don't know how to do it so I used IE for this one. I hope I didn't mess the other scans up. If this even makes sense. 

 

 

 

ComboFix 14-03-13.01 - THE Administrator 03/15/2014  13:33:31.1.2 - x86

Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3037.2395 [GMT -5:00]

Running from: c:\documents and settings\THE Administrator\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Admin\Application Data\Toolbar4

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\cache\7ada0fe3c0c81a1cea0a3ab5fa188623

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Football News.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Football Rumors.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Football Scores.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Football Tickets.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Football Videos.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Joobers_20pxH.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Live Football TV.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Apparel.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Jersey.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Picks.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Players.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Predictions.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Schedule.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Search.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Settings.png

c:\documents and settings\Admin\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Watch Live Football.png

c:\documents and settings\Administrator.KREIZENB-46F189\Application Data\Roaming

c:\documents and settings\Administrator.KREIZENB-46F189\Application Data\Toolbar4

c:\documents and settings\All Users.WINDOWS\Application Data\AMMYY

c:\documents and settings\All Users.WINDOWS\Application Data\AMMYY\hr

c:\documents and settings\All Users.WINDOWS\Application Data\AMMYY\settings.bin

c:\documents and settings\All Users.WINDOWS\Application Data\l_0_00_re.pad

c:\documents and settings\All Users\SPLDF.tmp

c:\documents and settings\THE Administrator\Application Data\Toolbar4

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\cache\7ada0fe3c0c81a1cea0a3ab5fa188623

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Football News.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Football Rumors.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Football Scores.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Football Tickets.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Football Videos.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Joobers_20pxH.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Live Football TV.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Apparel.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Jersey.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Picks.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Players.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Predictions.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\NFL Schedule.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Search.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Settings.png

c:\documents and settings\THE Administrator\Application Data\Toolbar4\{8E114B8E-C041-4063-A432-EBBF454E9057}\Watch Live Football.png

c:\program files\Internet Explorer\SETAD.tmp

c:\program files\Internet Explorer\SETAE.tmp

c:\windows\system32\SETB5.tmp

c:\windows\system32\SETB6.tmp

c:\windows\system32\SETB7.tmp

c:\windows\system32\SETB8.tmp

c:\windows\system32\SETB9.tmp

c:\windows\system32\SETBA.tmp

c:\windows\system32\SETBB.tmp

c:\windows\system32\SETBC.tmp

c:\windows\system32\SETBD.tmp

c:\windows\system32\SETBE.tmp

c:\windows\system32\SETBF.tmp

c:\windows\system32\SETC0.tmp

c:\windows\system32\SETC1.tmp

c:\windows\system32\SETC2.tmp

c:\windows\system32\SETC4.tmp

c:\windows\system32\SETC5.tmp

c:\windows\system32\SETC6.tmp

c:\windows\system32\SETC7.tmp

c:\windows\system32\SETC8.tmp

c:\windows\system32\SETC9.tmp

c:\windows\system32\SETCA.tmp

c:\windows\system32\SETCB.tmp

c:\windows\system32\SETCC.tmp

c:\windows\system32\SETCD.tmp

c:\windows\system32\SETCE.tmp

c:\windows\system32\SETCF.tmp

c:\windows\system32\SETD0.tmp

c:\windows\system32\SETD1.tmp

c:\windows\system32\SETD2.tmp

c:\windows\system32\SETD3.tmp

c:\windows\system32\SETD4.tmp

c:\windows\system32\SETD5.tmp

c:\windows\system32\SETD6.tmp

c:\windows\system32\SETD7.tmp

c:\windows\system32\SETD8.tmp

c:\windows\system32\SETD9.tmp

.

.

(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_PCCMSERVICE

-------\Service_pcCMService

.

.

(((((((((((((((((((((((((   Files Created from 2014-02-15 to 2014-03-15  )))))))))))))))))))))))))))))))

.

.

2014-03-15 16:29 . 2014-03-15 16:29 -------- d-----w- c:\program files\CCleaner

2014-03-14 08:19 . 2014-02-26 01:59 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe

2014-03-14 08:19 . 2014-02-26 01:59 13312 ------w- c:\windows\system32\xp_eos.exe

2014-03-12 17:44 . 2014-03-12 17:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2014-03-12 17:44 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-03-12 15:38 . 2014-03-12 15:38 -------- d-----w- c:\documents and settings\Admin

2014-03-04 01:30 . 2014-03-04 01:30 -------- d--h--w- c:\documents and settings\All Users.WINDOWS\Application Data\CanonIJEGV

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-02-24 11:46 . 2008-04-13 23:00 920064 ----a-w- c:\windows\system32\wininet.dll

2014-02-24 11:45 . 2008-04-13 23:00 43520 ------w- c:\windows\system32\licmgr10.dll

2014-02-24 11:45 . 2008-04-13 23:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2014-02-24 11:45 . 2008-04-13 23:00 18944 ------w- c:\windows\system32\corpol.dll

2014-02-24 10:54 . 2008-04-13 23:00 385024 ------w- c:\windows\system32\html.iec

2014-02-07 02:01 . 2008-04-13 23:00 1879040 ----a-w- c:\windows\system32\win32k.sys

2014-02-05 17:04 . 2013-03-28 03:32 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys

2014-02-05 08:55 . 2008-04-13 23:00 562688 ----a-w- c:\windows\system32\qedit.dll

2014-02-02 17:03 . 2013-03-28 03:32 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2014-02-02 17:03 . 2011-06-27 00:46 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2014-02-02 17:03 . 2010-12-08 23:52 410784 ----a-w- c:\windows\system32\drivers\aswSP.sys

2014-02-02 17:03 . 2010-12-08 23:52 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2014-02-02 17:03 . 2013-03-28 03:32 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2014-02-02 17:03 . 2011-01-19 02:25 43152 ----a-w- c:\windows\avastSS.scr

2014-02-02 17:03 . 2010-12-08 23:52 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2014-02-02 17:03 . 2010-12-08 23:51 270240 ----a-w- c:\windows\system32\aswBoot.exe

2014-01-04 03:13 . 2008-04-13 23:00 420864 ------w- c:\windows\system32\vbscript.dll

2013-12-18 17:31 . 2012-06-30 18:51 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-12-18 17:31 . 2012-06-30 18:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2003-03-19 02:20 . 2014-01-10 04:41 1060864 ----a-w- c:\program files\mozilla firefox\plugins\mfc71.dll

2003-02-21 09:42 . 2014-01-10 04:41 348160 ----a-w- c:\program files\mozilla firefox\plugins\msvcr71.dll

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2014-02-02 17:03 259464 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]

"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2014-02-20 4505368]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-18 150040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-18 178712]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-18 150040]

"RTHDCPL"="RTHDCPL.EXE" [2009-01-13 18084864]

"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"DLCXCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll" [2006-10-16 106496]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]

"MemoryCardManager"="c:\program files\Dell Photo AIO Printer 926\memcard.exe" [2006-06-27 299008]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]

"FaxCenterServer"="c:\program files\Dell PC Fax\fm3032.exe" [2006-06-15 307200]

"dlcxmon.exe"="c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe" [2006-06-14 286720]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296]

"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]

"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-02-02 3767096]

.

c:\documents and settings\Kreizenbeck\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]

.

c:\documents and settings\THE Administrator\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]

.

c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-15 277920]

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\WINDOWS\\system32\\dlcxcoms.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"135:TCP"= 135:TCP:TCP Port 135

"5000:TCP"= 5000:TCP:TCP Port 5000

"5001:TCP"= 5001:TCP:TCP Port 5001

"5002:TCP"= 5002:TCP:TCP Port 5002

"5003:TCP"= 5003:TCP:TCP Port 5003

"5004:TCP"= 5004:TCP:TCP Port 5004

"5005:TCP"= 5005:TCP:TCP Port 5005

"5006:TCP"= 5006:TCP:TCP Port 5006

"5007:TCP"= 5007:TCP:TCP Port 5007

"5008:TCP"= 5008:TCP:TCP Port 5008

"5009:TCP"= 5009:TCP:TCP Port 5009

"5010:TCP"= 5010:TCP:TCP Port 5010

"5011:TCP"= 5011:TCP:TCP Port 5011

"5012:TCP"= 5012:TCP:TCP Port 5012

"5013:TCP"= 5013:TCP:TCP Port 5013

"5014:TCP"= 5014:TCP:TCP Port 5014

"5015:TCP"= 5015:TCP:TCP Port 5015

"5016:TCP"= 5016:TCP:TCP Port 5016

"5017:TCP"= 5017:TCP:TCP Port 5017

"5018:TCP"= 5018:TCP:TCP Port 5018

"5019:TCP"= 5019:TCP:TCP Port 5019

"5020:TCP"= 5020:TCP:TCP Port 5020

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

.

R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [3/27/2013 10:32 PM 21576]

R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [3/27/2013 10:32 PM 49944]

R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [3/27/2013 10:32 PM 180248]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [6/26/2011 7:46 PM 775952]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12/8/2010 6:52 PM 410784]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [3/27/2013 10:32 PM 67824]

R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [8/22/2011 10:16 PM 104880]

S0 cerc6;cerc6; [x]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [1/15/2014 7:39 PM 235696]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-03-15 16:47 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-03-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-30 17:31]

.

2014-03-12 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]

.

2014-03-15 c:\windows\Tasks\avast! Emergency Update.job

- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-03-28 17:03]

.

2014-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf2cc85af9d4fc.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-08 23:52]

.

2014-03-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf2cc85bc21a84.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-08 23:52]

.

2014-03-15 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job

- c:\windows\system32\xp_eos.exe [2014-03-14 01:59]

.

2014-03-15 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job

- c:\windows\system32\xp_eos.exe [2014-03-14 01:59]

.

.

------- Supplementary Scan -------

.

uStart Page = www.bing.com

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

Trusted Zone: $talisma_url$

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\documents and settings\THE Administrator\Application Data\Mozilla\Firefox\Profiles\3g0cs3i8.default\

FF - prefs.js: browser.search.selectedEngine - SecureSearch

FF - prefs.js: browser.startup.homepage - www.google.com

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

WebBrowser-{618413C5-0C8D-4D0F-9600-7CED876FA3DF} - (no file)

HKCU-Run-ATT-SST - c:\program files\ATT-SST\pcBrowser.exe

c:\documents and settings\Default User\Start Menu\Programs\Startup\Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun

SafeBoot-75627731.sys

AddRemove-EpicPlay - c:\program files\EpicPlay\epicRemoval.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2014-03-15 13:44

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...  

.

scanning hidden autostart entries ... 

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

  DLCXCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? 

.

scanning hidden files ...  

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,69,7b,f3,c8,86,91,9a,4c,8a,71,fd,\

"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,69,7b,f3,c8,86,91,9a,4c,8a,71,fd,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(928)

c:\windows\system32\WININET.dll

c:\progra~1\mcafee\SITEAD~1\saHook.dll

c:\windows\system32\msi.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\dlcxcoms.exe

c:\program files\Canon\IJPLM\IJPLMSVC.EXE

c:\program files\Java\jre7\bin\jqs.exe

c:\windows\system32\wdfmgr.exe

c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\igfxsrvc.exe

c:\windows\RTHDCPL.EXE

c:\program files\iPod\bin\iPodService.exe

c:\windows\system32\wbem\unsecapp.exe

c:\program files\Microsoft Office\Office12\ONENOTEM.EXE

.

**************************************************************************

.

Completion time: 2014-03-15  13:47:42 - machine was rebooted

ComboFix-quarantined-files.txt  2014-03-15 18:47

.

Pre-Run: 279,332,569,088 bytes free

Post-Run: 279,864,668,160 bytes free

.

- - End Of File - - B8249419385BDC54D753F25DB73EBA2F

8F558EB6672622401DA993E1E865C861

[Super sluggish, can't access router]

Ugh, I hope I'm not repeating this. I didn't get this window to attach and had to go out and come back in. Ok here are the logs.... 

 

 

11:43:52.0953 0x0ce0  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02

11:44:24.0968 0x0ce0  ============================================================

11:44:24.0968 0x0ce0  Current date / time: 2014/03/15 11:44:24.0968

11:44:24.0968 0x0ce0  SystemInfo:

11:44:24.0968 0x0ce0  

11:44:24.0968 0x0ce0  OS Version: 5.1.2600 ServicePack: 3.0

11:44:24.0968 0x0ce0  Product type: Workstation

11:44:24.0968 0x0ce0  ComputerName: DESKTOP

11:44:24.0968 0x0ce0  UserName: THE Administrator

11:44:24.0968 0x0ce0  Windows directory: C:\WINDOWS

11:44:24.0968 0x0ce0  System windows directory: C:\WINDOWS

11:44:24.0968 0x0ce0  Processor architecture: Intel x86

11:44:24.0968 0x0ce0  Number of processors: 2

11:44:24.0968 0x0ce0  Page size: 0x1000

11:44:24.0968 0x0ce0  Boot type: Normal boot

11:44:24.0968 0x0ce0  ============================================================

11:44:27.0656 0x0ce0  KLMD registered as C:\WINDOWS\system32\drivers\51986175.sys

11:44:27.0953 0x0ce0  System UUID: {54B00AF1-4765-2A95-C834-42642E288F07}

11:44:28.0453 0x0ce0  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

11:44:28.0453 0x0ce0  ============================================================

11:44:28.0453 0x0ce0  \Device\Harddisk0\DR0:

11:44:28.0453 0x0ce0  MBR partitions:

11:44:28.0453 0x0ce0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x240922A8

11:44:28.0453 0x0ce0  ============================================================

11:44:28.0500 0x0ce0  C: <-> \Device\Harddisk0\DR0\Partition1

11:44:28.0500 0x0ce0  ============================================================

11:44:28.0500 0x0ce0  Initialize success

11:44:28.0500 0x0ce0  ============================================================

11:46:11.0187 0x0c8c  Deinitialize success

 

 

 

 

11:46:27.0578 0x0ce0  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02

11:46:31.0781 0x0ce0  ============================================================

11:46:31.0781 0x0ce0  Current date / time: 2014/03/15 11:46:31.0781

11:46:31.0781 0x0ce0  SystemInfo:

11:46:31.0781 0x0ce0  

11:46:31.0781 0x0ce0  OS Version: 5.1.2600 ServicePack: 3.0

11:46:31.0781 0x0ce0  Product type: Workstation

11:46:31.0781 0x0ce0  ComputerName: DESKTOP

11:46:31.0781 0x0ce0  UserName: THE Administrator

11:46:31.0781 0x0ce0  Windows directory: C:\WINDOWS

11:46:31.0781 0x0ce0  System windows directory: C:\WINDOWS

11:46:31.0781 0x0ce0  Processor architecture: Intel x86

11:46:31.0781 0x0ce0  Number of processors: 2

11:46:31.0781 0x0ce0  Page size: 0x1000

11:46:31.0781 0x0ce0  Boot type: Normal boot

11:46:31.0781 0x0ce0  ============================================================

11:46:35.0140 0x0ce0  KLMD registered as C:\WINDOWS\system32\drivers\16497572.sys

11:46:35.0375 0x0ce0  System UUID: {54B00AF1-4765-2A95-C834-42642E288F07}

11:46:35.0921 0x0ce0  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

11:46:35.0921 0x0ce0  ============================================================

11:46:35.0921 0x0ce0  \Device\Harddisk0\DR0:

11:46:35.0921 0x0ce0  MBR partitions:

11:46:35.0921 0x0ce0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x240922A8

11:46:35.0921 0x0ce0  ============================================================

11:46:35.0953 0x0ce0  C: <-> \Device\Harddisk0\DR0\Partition1

11:46:35.0953 0x0ce0  ============================================================

11:46:35.0953 0x0ce0  Initialize success

11:46:35.0953 0x0ce0  ============================================================

12:02:12.0703 0x0d04  KLMD registered as C:\WINDOWS\system32\drivers\31147184.sys

12:02:14.0265 0x0d04  Deinitialize success

 

 

 

 

TDSSKiller.3.0.0.25_15.03.2014_12.04.42_log.txt

[Super sluggish, can't access router]

Hi, I guess you posted this last night but I didn't get an email. i did the first time. Did I accidentally unclick something in here?? 

[Super sluggish, can't access router]

Hopefully I did all that right. Also, I don't know if it matters but that one file I found, pccmservice.exe, I had stopped it in Services. Anyway thanks again  

[Super sluggish, can't access router]

RogueKiller V8.8.11 [Mar 14 2014] by Adlice Software

mail : http://www.adlice.com/contact/

Feedback : http://forum.adlice.com

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

 

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User : THE Administrator [Admin rights]

Mode : Scan -- Date : 03/14/2014 19:00:40

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 2 ¤¤¤

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Browser Addons : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [LOADED] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

127.0.0.1       localhost

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3320613AS +++++

--- User ---

[MBR] 05edda639f6e72a3e039701199aff3f5

[bSP] d70be290b98a79d156a2df3543938e3d : Windows XP MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 295204 Mo

2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 604670535 | Size: 9993 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_S_03142014_190040.txt >>

[Super sluggish, can't access router]

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 12/7/2010 5:20:26 PM

System Uptime: 3/14/2014 3:16:40 AM (15 hours ago)

.

Motherboard: Dell Inc. |  | 0U880P

Processor: Intel Pentium III Xeon processor | CPU 1 | 2493/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 288 GiB total, 257.95 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP653: 12/15/2013 5:35:48 AM - System Checkpoint

RP654: 12/16/2013 6:35:48 AM - System Checkpoint

RP655: 12/17/2013 7:35:48 AM - System Checkpoint

RP656: 12/18/2013 8:35:49 AM - System Checkpoint

RP657: 12/19/2013 3:00:14 AM - Software Distribution Service 3.0

RP658: 12/20/2013 3:35:48 AM - System Checkpoint

RP659: 12/21/2013 4:35:40 AM - System Checkpoint

RP660: 12/22/2013 5:35:40 AM - System Checkpoint

RP661: 12/23/2013 6:35:40 AM - System Checkpoint

RP662: 12/24/2013 7:35:40 AM - System Checkpoint

RP663: 12/25/2013 8:35:40 AM - System Checkpoint

RP664: 12/26/2013 9:35:40 AM - System Checkpoint

RP665: 12/27/2013 10:35:40 AM - System Checkpoint

RP666: 12/28/2013 11:35:40 AM - System Checkpoint

RP667: 12/29/2013 12:35:06 PM - System Checkpoint

RP668: 12/30/2013 12:35:40 PM - System Checkpoint

RP669: 12/31/2013 1:42:30 PM - System Checkpoint

RP670: 1/1/2014 2:35:30 PM - System Checkpoint

RP671: 1/2/2014 3:35:30 PM - System Checkpoint

RP672: 1/3/2014 4:35:30 PM - System Checkpoint

RP673: 1/4/2014 5:35:30 PM - System Checkpoint

RP674: 1/5/2014 6:35:30 PM - System Checkpoint

RP675: 1/6/2014 7:35:30 PM - System Checkpoint

RP676: 1/7/2014 8:35:24 PM - System Checkpoint

RP677: 1/8/2014 9:35:24 PM - System Checkpoint

RP678: 1/9/2014 10:35:27 PM - System Checkpoint

RP679: 1/10/2014 11:35:30 PM - System Checkpoint

RP680: 1/12/2014 12:35:26 AM - System Checkpoint

RP681: 1/13/2014 1:35:26 AM - System Checkpoint

RP682: 1/14/2014 2:35:26 AM - System Checkpoint

RP683: 1/15/2014 3:35:26 AM - System Checkpoint

RP684: 1/16/2014 3:00:19 AM - Software Distribution Service 3.0

RP685: 1/17/2014 3:19:31 AM - System Checkpoint

RP686: 1/18/2014 4:18:19 AM - System Checkpoint

RP687: 1/19/2014 5:18:19 AM - System Checkpoint

RP688: 1/20/2014 6:18:19 AM - System Checkpoint

RP689: 1/21/2014 7:18:19 AM - System Checkpoint

RP690: 1/22/2014 8:18:19 AM - System Checkpoint

RP691: 1/23/2014 9:17:24 AM - System Checkpoint

RP692: 1/24/2014 10:17:24 AM - System Checkpoint

RP693: 1/25/2014 11:17:24 AM - System Checkpoint

RP694: 1/26/2014 12:17:24 PM - System Checkpoint

RP695: 1/27/2014 1:30:15 PM - System Checkpoint

RP696: 1/28/2014 6:38:44 PM - System Checkpoint

RP697: 1/29/2014 7:17:18 PM - System Checkpoint

RP698: 1/30/2014 7:43:42 PM - System Checkpoint

RP699: 1/31/2014 2:03:21 PM - Installed Windows XP KB942288-v3.

RP700: 1/31/2014 2:03:49 PM - AA11

RP701: 2/1/2014 2:29:18 PM - System Checkpoint

RP702: 2/2/2014 10:59:14 AM - avast! antivirus system restore point

RP703: 2/2/2014 12:30:40 PM - Removed ABBYY FineReader 6.0 Sprint

RP704: 2/2/2014 12:31:12 PM - AA11

RP705: 2/3/2014 12:46:59 PM - System Checkpoint

RP706: 2/4/2014 1:11:25 PM - System Checkpoint

RP707: 2/5/2014 2:43:32 PM - System Checkpoint

RP708: 2/6/2014 3:24:49 PM - System Checkpoint

RP709: 2/7/2014 4:11:22 PM - System Checkpoint

RP710: 2/8/2014 7:39:09 PM - System Checkpoint

RP711: 2/9/2014 8:11:20 PM - System Checkpoint

RP712: 2/10/2014 8:30:29 PM - System Checkpoint

RP713: 2/11/2014 9:11:22 PM - System Checkpoint

RP714: 2/12/2014 10:11:13 PM - System Checkpoint

RP715: 2/13/2014 3:00:23 AM - Software Distribution Service 3.0

RP716: 2/14/2014 3:41:57 AM - System Checkpoint

RP717: 2/15/2014 4:34:26 AM - System Checkpoint

RP718: 2/16/2014 5:46:26 AM - System Checkpoint

RP719: 2/17/2014 6:34:27 AM - System Checkpoint

RP720: 2/18/2014 6:46:27 AM - System Checkpoint

RP721: 2/19/2014 7:46:27 AM - System Checkpoint

RP722: 2/20/2014 8:33:58 AM - System Checkpoint

RP723: 2/21/2014 9:45:58 AM - System Checkpoint

RP724: 2/22/2014 10:33:58 AM - System Checkpoint

RP725: 2/23/2014 11:33:58 AM - System Checkpoint

RP726: 2/24/2014 1:51:43 PM - System Checkpoint

RP727: 2/25/2014 3:31:35 PM - System Checkpoint

RP728: 2/26/2014 3:57:50 PM - System Checkpoint

RP729: 2/27/2014 4:33:53 PM - System Checkpoint

RP730: 2/28/2014 4:45:53 PM - System Checkpoint

RP731: 3/1/2014 5:45:53 PM - System Checkpoint

RP732: 3/2/2014 6:33:53 PM - System Checkpoint

RP733: 3/3/2014 6:45:53 PM - System Checkpoint

RP734: 3/4/2014 7:45:53 PM - System Checkpoint

RP735: 3/5/2014 7:59:11 PM - System Checkpoint

RP736: 3/6/2014 8:45:47 PM - System Checkpoint

RP737: 3/7/2014 9:57:13 PM - System Checkpoint

RP738: 3/8/2014 11:45:47 PM - System Checkpoint

RP739: 3/10/2014 12:45:46 AM - System Checkpoint

RP740: 3/11/2014 1:33:49 AM - System Checkpoint

RP741: 3/12/2014 2:33:46 AM - System Checkpoint

RP742: 3/13/2014 3:00:19 AM - System Checkpoint

RP743: 3/14/2014 3:00:15 AM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.9)

Apple Application Support

Apple Mobile Device Support

Apple Software Update

avast! Free Antivirus

Bonjour

Canon Easy-PhotoPrint EX

Canon Easy-WebPrint EX

Canon Inkjet Printer/Scanner/Fax Extended Survey Program

Canon MP Navigator EX 4.0

Canon MP495 series MP Drivers

Canon MP495 series User Registration

Canon My Printer

Canon Solution Menu EX

Dell PC Fax

Dell Photo AIO Printer 926

Dell Resource CD

EpicPlay

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

IBM Forms Viewer 4.0.0

Intel® Graphics Media Accelerator Driver

iTunes

Java 7 Update 25

Java Auto Updater

Java 6 Update 26

Malwarebytes Anti-Malware version 1.75.0.1300

McAfee Security Scan Plus

McAfee SiteAdvisor

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Software Update for Web Folders  (English) 12

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 26.0 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NetAssistant

QuickTime

REALTEK GbE & FE Ethernet PCI-E NIC Driver

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition 

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB2817183)

Security Update for Windows Internet Explorer 8 (KB2829530)

Security Update for Windows Internet Explorer 8 (KB2838727)

Security Update for Windows Internet Explorer 8 (KB2846071)

Security Update for Windows Internet Explorer 8 (KB2847204)

Security Update for Windows Internet Explorer 8 (KB2862772)

Security Update for Windows Internet Explorer 8 (KB2870699)

Security Update for Windows Internet Explorer 8 (KB2879017)

Security Update for Windows Internet Explorer 8 (KB2888505)

Security Update for Windows Internet Explorer 8 (KB2898785)

Security Update for Windows Internet Explorer 8 (KB2909210)

Security Update for Windows Internet Explorer 8 (KB2909921)

Security Update for Windows Internet Explorer 8 (KB2925418)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB2834902-v2)

Security Update for Windows Media Player (KB2834902)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360131)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2416400)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820197)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB2829361)

Security Update for Windows XP (KB2834886)

Security Update for Windows XP (KB2839229)

Security Update for Windows XP (KB2845187)

Security Update for Windows XP (KB2847311)

Security Update for Windows XP (KB2849470)

Security Update for Windows XP (KB2850851)

Security Update for Windows XP (KB2850869)

Security Update for Windows XP (KB2859537)

Security Update for Windows XP (KB2862152)

Security Update for Windows XP (KB2862330)

Security Update for Windows XP (KB2862335)

Security Update for Windows XP (KB2864063)

Security Update for Windows XP (KB2868626)

Security Update for Windows XP (KB2876217)

Security Update for Windows XP (KB2876315)

Security Update for Windows XP (KB2876331)

Security Update for Windows XP (KB2883150)

Security Update for Windows XP (KB2892075)

Security Update for Windows XP (KB2893294)

Security Update for Windows XP (KB2893984)

Security Update for Windows XP (KB2898715)

Security Update for Windows XP (KB2900986)

Security Update for Windows XP (KB2914368)

Security Update for Windows XP (KB2916036)

Security Update for Windows XP (KB2929961)

Security Update for Windows XP (KB2930275)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

SUPERAntiSpyware

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Windows Internet Explorer 8 (KB2447568)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB2863058)

Update for Windows XP (KB2904266)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VLC media player 0.9.2

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 8

Windows Media Format Runtime

Yahoo! Install Manager

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

3/14/2014 3:18:22 AM, error: Service Control Manager [7024]  - The Background Intelligent Transfer Service service terminated with service-specific error 2147500037 (0x80004005).

3/13/2014 10:56:56 AM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'.  It has stopped monitoring the volume.

3/12/2014 12:15:54 PM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 9 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/12/2014 11:56:35 AM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 8 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/12/2014 11:10:18 AM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 7 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/12/2014 10:52:45 AM, error: Service Control Manager [7034]  - The iPod Service service terminated unexpectedly.  It has done this 3 time(s).

3/12/2014 10:52:30 AM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 6 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/12/2014 10:45:21 AM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 5 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/12/2014 10:42:12 AM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 4 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/12/2014 10:39:52 AM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/12/2014 10:39:30 AM, error: Service Control Manager [7034]  - The iPod Service service terminated unexpectedly.  It has done this 2 time(s).

3/11/2014 2:24:52 PM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/10/2014 2:40:27 PM, error: Service Control Manager [7034]  - The pcCMService service terminated unexpectedly.  It has done this 1 time(s).

3/10/2014 1:27:10 PM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/10/2014 1:04:14 PM, error: Service Control Manager [7034]  - The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

.

==== End Of File ===========================

[Super sluggish, can't access router]

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.25.2

Run by THE Administrator at 18:37:31 on 2014-03-14

Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3037.2070 [GMT -5:00]

.

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: avast! Antivirus *Disabled* 

.

============== Running Processes ================

.

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\dlcxcoms.exe

C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

C:\Program Files\Java\jre7\bin\jqs.exe

c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Canon\MyPrinter\BJMyPrt.exe

C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\McAfee\SiteAdvisor\McChHost.exe

c:\PROGRA~1\mcafee\SITEAD~1\saui.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = www.bing.com

uWindow Title = Windows Internet Explorer provided by MSN & Bing

uSearch Bar = www.bing.com

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: PE_IE_Helper Class: {0941C58F-E461-4E03-BD7D-44C27392ADE1} - c:\program files\ibm\lotus forms\viewer\4.0\PEhelper.dll

BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.8.141\McAfeeMSS_IE.dll

BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll

BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - c:\program files\alwil software\avast5\aswWebRepIE.dll

EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [DLCXCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCXtime.dll,_RunDLLEntry@16

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [MemoryCardManager] c:\program files\dell photo aio printer 926\memcard.exe

mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [FaxCenterServer] "c:\program files\dell pc fax\fm3032.exe" /s

mRun: [dlcxmon.exe] "c:\program files\dell photo aio printer 926\dlcxmon.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon

mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon

mRun: [AvastUI.exe] "c:\program files\alwil software\avast5\AvastUI.exe" /nogui

StartupFolder: c:\docume~1\theadm~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.8.141\SSScheduler.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

Trusted Zone: $talisma_url$

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - 

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Notify: igfxcui - igfxdev.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.146\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\the administrator\application data\mozilla\firefox\profiles\3g0cs3i8.default\

FF - prefs.js: browser.search.selectedEngine - SecureSearch

FF - prefs.js: browser.startup.homepage - www.google.com

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL

FF - plugin: c:\program files\common files\motive\npMotive.dll

FF - plugin: c:\program files\epicplay\npEpicHost.dll

FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\mcafee security scan\3.8.130\npMcAfeeMSS.dll

FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

.

============= SERVICES / DRIVERS ===============

.

R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-3-27 21576]

R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-27 49944]

R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-27 180248]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-26 775952]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-12-8 410784]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [2013-3-27 67824]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-8-31 50344]

R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2011-8-22 104880]

S0 cerc6;cerc6; [x]

S2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2013-4-27 369152]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.8.141\McCHSvc.exe [2014-1-15 235696]

.

=============== Created Last 30 ================

.

2014-03-12 17:44:41 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-03-12 17:44:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2014-03-04 01:30:31 -------- d--h--w- c:\documents and settings\all users.windows\application data\CanonIJEGV

.

==================== Find3M  ====================

.

2014-02-24 11:46:36 920064 ----a-w- c:\windows\system32\wininet.dll

2014-02-24 11:45:58 43520 ------w- c:\windows\system32\licmgr10.dll

2014-02-24 11:45:57 1469440 ------w- c:\windows\system32\inetcpl.cpl

2014-02-24 11:45:42 18944 ------w- c:\windows\system32\corpol.dll

2014-02-24 10:54:21 385024 ------w- c:\windows\system32\html.iec

2014-02-07 02:01:37 1879040 ----a-w- c:\windows\system32\win32k.sys

2014-02-05 17:04:00 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys

2014-02-05 08:55:04 562688 ----a-w- c:\windows\system32\qedit.dll

2014-02-02 17:03:41 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2014-02-02 17:03:41 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2014-02-02 17:03:40 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2014-02-02 17:03:40 43152 ----a-w- c:\windows\avastSS.scr

2014-01-04 03:13:05 420864 ------w- c:\windows\system32\vbscript.dll

2013-12-18 17:31:35 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-12-18 17:31:34 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

============= FINISH: 18:38:06.39 ===============

[Super sluggish, can't access router]

Hi, thanks so much for the response! Hopefully this is what you meant... 

 

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.03.14.07

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

THE Administrator :: DESKTOP [administrator]

 

3/14/2014 3:36:57 PM

mbam-log-2014-03-14 (15-36-57).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 407071

Time elapsed: 9 minute(s), 14 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

[Super sluggish, can't access router]

I could barely access this forum for a few minutes and now I'm fine again. I had an issue with paypal and they said my account had been accessed all over the world and to change my password using my iphone. I'm on my desktop and it's the only pc I used to access my paypal. 

 

I've run Malwarebytes a few times now, it removed around 20 pups. I guess that's what you call them. Anyway now it says I'm clean but I'm still intermittently super sluggish... like it slows down so much it's unusable. 

 

I looked thru my task manager and the only thing I could come up with is pccmservice.exe. I guess it's a bug and hitched a ride on motive?? 

 

Our internet sucks and I was half joking that maybe somebody was jacking it so I tried to change the password but I can't. I type in the address and get nothing. Chrome and IE. 

 

We went to buy new AV software yesterday but which of them even works well?? We've got avast on here but I'm not sure it's doing much. 

 

I downloaded and ran the dds.scr but wasn't sure if I was supposed to post it here. I tried clicking on other threads to see if others are but they wouldn't load. They might now... *this* page finally loaded. 

 

Anyway I've got work I need to get done online and this has taken out two days so far. I'm so thankful that I found you guys. I have no idea what's safe to download online anymore and AV software feels like a crapshoot.