Jump to content

Search the Community

Showing results for tags 'Windows XP'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. So my dad has an old computer. It still runs Windows XP and the support for Windows XP is ending April 8th by Microsoft. I am wondering if Malwarebytes Pro will protect me from threats that come along. I ask this because since they will be ending support there will be new malware for Windows XP and Microsoft won't be making new updates for it. Or should he just buy a new computer? Thanks for the help!
  2. Hi folks, I am using an old P4 (3 GHz /512 Ram) dedicated for downloads (specially torrents) I had installed AVIRA free edition - but now the rig is really terribly slow so much so that browsing is a pain. I was thinking of getting rid of AVIRA. I have Malwarebytes already installed on it. Would a combination of Malwarebytes and the KAspersky free virus scanner tool that scans only on demand - no real time protection (http://www.kaspersky.com/security-scan) be enough as long as i have a pop up blocker and browse safely? My basic requirement is to ensure that the old p4 is virus free since I transfer files from it to my Laptop (which does have Kaspersky AV installed on it)
  3. Running XPsp3 system is obviously infected and we are having browser redirects that upload even more malware. Been fighting this off for over a week now. AVG, Spyhunter and Malwarebytes have been effective to an extent. But seem to be losing the battle. I've removed 11 virues and close to 80 suspicious malware related entries and programs, but they keep popping back up. AVG isn't functioning like it should anymore, and Spyhunter has officially been locked out via admin rights. Malwarebytes via Chameleon is the only thing detecting infections currently. Browser redirects and odd pop-ups continue to occur. I do not use my normal browser anymore as a result. Any help would be appreciated. We're getting desperate and a reformat isn't an option at the moment. DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 10.45.2 Run by Administrator at 14:36:41 on 2013-11-06 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2491 [GMT -5:00] . AV: AVG Internet Security 2014 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: AVG Internet Security 2014 *Enabled* . ============== Running Processes ================ . c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\notepad.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Enigma Software Group\RegHunter\RegHunter.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - <orphaned> BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned> uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe" mRun: [Nvtmru] "c:\program files\nvidia corporation\nvidia update core\nvtmru.exe" mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [iMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [systemProtect] c:\program files\system protect\SysProtect_Tray.exe mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [Wondershare Helper Compact.exe] c:\program files\common files\wondershare\wondershare helper compact\WSHelper.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe TCP: NameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{803AD560-0395-45F7-AD2F-2CF40228C2CB} : DHCPNameServer = 75.75.75.75 75.75.76.76 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\17.0.12\ViProtocol.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\rpohmzt6.default\ FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\17.0.12\npsitesafety.dll FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll FF - ExtSQL: 2013-10-12 21:09; avg@toolbar; c:\documents and settings\all users\application data\avg safeguard toolbar\firefoxext\17.0.1.12 FF - ExtSQL: 2013-10-16 09:45; {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 145720] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 223032] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 102200] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 27448] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 193848] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-7-18 37664] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944] R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2013-10-10 1034240] S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560] S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-9-25 120632] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-3-29 209208] S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22840] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 176952] S1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2013-3-1 91248] S1 MpKslf0d662a7;MpKslf0d662a7;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{60db4b8e-bcad-48d6-9ab5-4ee6e51a10b8}\MpKslf0d662a7.sys [2013-11-6 40392] S2 avgfws;AVG Firewall;c:\program files\avg\avg2014\avgfws.exe [2013-9-25 1358944] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2013-10-3 3538480] S2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-25 301152] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-8-14 39056] S2 SP_Service;System Protect Deletion Prevention Service;c:\program files\system protect\SysProtect_srv.exe [2013-7-24 598528] S2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12;c:\program files\common files\avg secure search\vtoolbarupdater\17.0.12\ToolbarUpdater.exe [2013-10-12 1734680] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944] S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?] S3 RTL8192cu;%RTL8192cu.DeviceDesc%;c:\windows\system32\drivers\rtl8192cu.sys [2013-7-18 987904] S3 sp_prot;System Protect Filter Driver;c:\windows\system32\drivers\sp_prot.sys [2013-7-24 12288] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856] S4 EsgScanner;EsgScanner;c:\windows\system32\drivers\esgscanner.sys --> c:\windows\system32\drivers\EsgScanner.sys [?] S4 mbamchameleon;mbamchameleon;\??\c:\windows\system32\drivers\mbamchameleon.sys --> c:\windows\system32\drivers\mbamchameleon.sys [?] . =============== File Associations =============== . ShellExec: FRONTPG.EXE: edit=c:\progra~1\micros~3\office10\FRONTPG.EXE . =============== Created Last 30 ================ . 2013-11-06 19:06:47 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Help 2013-11-06 18:58:02 -------- d-----w- c:\windows\220FB0354744483A9A0B41DF77061583.TMP 2013-11-06 15:58:47 40392 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{60db4b8e-bcad-48d6-9ab5-4ee6e51a10b8}\MpKslf0d662a7.sys 2013-11-06 00:06:36 -------- d-----w- c:\program files\common files\Wondershare 2013-11-06 00:06:00 -------- d-----w- c:\program files\Wondershare 2013-11-05 05:53:23 272128 -c----w- c:\windows\system32\dllcache\bthport.sys 2013-11-05 05:52:56 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2013-11-05 05:51:56 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2013-11-05 05:51:35 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2013-11-05 05:51:12 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2013-11-05 05:50:03 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2013-11-05 05:49:14 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2013-11-05 05:49:07 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys 2013-11-05 05:49:07 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys 2013-11-05 05:48:15 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll 2013-11-05 05:48:15 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll 2013-11-05 05:47:40 284160 -c----w- c:\windows\system32\dllcache\pdh.dll 2013-11-05 05:47:39 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll 2013-11-05 05:47:39 110592 -c----w- c:\windows\system32\dllcache\services.exe 2013-11-05 05:47:38 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll 2013-11-05 05:47:38 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll 2013-11-05 05:47:38 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe 2013-11-05 05:47:33 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll 2013-11-05 05:47:09 153088 -c----w- c:\windows\system32\dllcache\triedit.dll 2013-11-05 05:45:33 105472 -c----w- c:\windows\system32\dllcache\mup.sys 2013-11-05 05:45:09 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2013-11-05 05:44:50 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys 2013-11-05 05:44:50 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys 2013-11-05 05:44:42 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2013-11-05 05:44:38 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys 2013-11-05 05:44:38 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys 2013-11-05 05:42:18 536576 -c----w- c:\windows\system32\dllcache\msado15.dll 2013-11-05 05:41:13 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2013-11-05 05:41:07 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys 2013-11-05 05:40:29 5376 -c----w- c:\windows\system32\dllcache\usbd.sys 2013-11-05 05:40:29 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys 2013-11-05 05:40:29 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys 2013-11-05 05:40:29 144128 -c----w- c:\windows\system32\dllcache\usbport.sys 2013-11-05 05:39:13 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll 2013-11-05 05:39:11 2149888 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2013-11-05 05:39:10 2193536 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2013-11-05 05:39:09 2070144 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2013-11-05 05:39:09 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2013-11-05 05:39:03 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe 2013-11-05 05:38:38 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys 2013-11-05 05:37:41 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2013-11-05 02:13:56 -------- d-----w- c:\documents and settings\all users\application data\PCHealthBoost 2013-11-05 00:50:12 7796464 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{60db4b8e-bcad-48d6-9ab5-4ee6e51a10b8}\mpengine.dll 2013-11-05 00:31:10 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2013-11-05 00:31:10 1371648 -c----w- c:\windows\system32\dllcache\msxml6.dll 2013-11-05 00:27:41 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe 2013-11-04 07:28:31 -------- d-----w- c:\documents and settings\administrator\application data\AVG2014 2013-11-04 07:28:03 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Avg2014 2013-11-04 03:25:14 -------- d-----w- c:\documents and settings\all users\application data\AVG2014 2013-11-04 03:03:17 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll 2013-11-04 03:03:17 31232 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys 2013-11-04 03:03:15 48256 -c--a-w- c:\windows\system32\dllcache\w32.dll 2013-11-04 03:03:07 14336 -c--a-w- c:\windows\system32\dllcache\tsprof.exe 2013-11-04 03:03:05 455168 -c--a-w- c:\windows\system32\dllcache\tintsetp.exe 2013-11-04 03:03:05 44032 -c--a-w- c:\windows\system32\dllcache\tintlphr.exe 2013-11-04 03:03:05 10240 -c--a-w- c:\windows\system32\dllcache\tmigrate.dll 2013-11-04 03:03:04 21896 -c--a-w- c:\windows\system32\dllcache\tdipx.sys 2013-11-04 03:03:04 19464 -c--a-w- c:\windows\system32\dllcache\tdspx.sys 2013-11-04 03:03:04 13192 -c--a-w- c:\windows\system32\dllcache\tdasync.sys 2013-11-04 03:01:59 18432 -c--a-w- c:\windows\system32\dllcache\jupiw.dll 2013-11-04 03:00:57 45056 -c--a-w- c:\windows\system32\dllcache\EXCH_aqadmin.dll 2013-11-04 03:00:50 5632 -c--a-w- c:\windows\system32\dllcache\EXCH_adsiisex.dll 2013-11-04 02:57:49 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe 2013-11-04 02:57:49 16384 ----a-w- c:\program files\internet explorer\connection wizard\isignup.exe 2013-11-04 02:56:47 32768 ----a-w- c:\program files\internet explorer\connection wizard\icwdl.dll 2013-11-04 02:56:45 86016 ----a-w- c:\program files\internet explorer\connection wizard\icwconn2.exe 2013-11-04 02:56:45 214528 ----a-w- c:\program files\internet explorer\connection wizard\icwconn1.exe 2013-11-04 02:56:45 20480 ----a-w- c:\program files\internet explorer\connection wizard\inetwiz.exe 2013-11-04 02:15:44 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll 2013-11-04 02:15:44 24661 ----a-w- c:\windows\system32\spxcoins.dll 2013-11-04 02:15:44 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll 2013-11-04 02:15:44 13312 ----a-w- c:\windows\system32\irclass.dll 2013-11-03 18:36:29 -------- d-----w- C:\Fraps 2013-11-03 18:35:32 -------- d-----w- c:\program files\EVGA Precision 2013-11-03 17:37:25 1994752 ----a-w- c:\windows\UNNMP.exe 2013-11-03 17:34:19 155648 ----a-w- c:\windows\system32\NeroCheck.exe 2013-11-03 17:32:54 24064 ----a-w- c:\windows\system32\msxml3a.dll 2013-11-03 17:32:54 2277376 ----a-w- c:\windows\UNNeroVision.exe 2013-11-03 17:32:24 476320 ----a-w- c:\windows\system32\ImagXpr7.dll 2013-11-03 17:32:24 471040 ----a-w- c:\windows\system32\ImagXRA7.dll 2013-11-03 17:32:24 364544 ----a-w- c:\windows\system32\TwnLib4.dll 2013-11-03 17:32:24 262144 ----a-w- c:\windows\system32\ImagXR7.dll 2013-11-03 17:32:24 1568768 ----a-w- c:\windows\system32\ImagX7.dll 2013-11-03 17:32:23 38912 ----a-w- c:\windows\system32\picn20.dll 2013-11-03 17:32:23 106496 ----a-w- c:\windows\system32\TwnLib20.dll 2013-11-03 16:26:01 -------- d-----w- C:\Temp 2013-11-02 23:53:30 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Identities 2013-11-02 23:53:29 -------- d-----w- c:\documents and settings\administrator\application data\Windows Desktop Search 2013-11-02 23:23:51 427864 ----a-w- c:\windows\system32\XceedZip.dll 2013-11-02 22:44:41 7796464 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-11-02 21:18:18 -------- d-----w- c:\documents and settings\all users\application data\DriverGenius 2013-11-02 13:23:50 569397 ----a-w- c:\program files\internet explorer\plugins\richfx\player\nprfxins.dll 2013-11-02 13:23:44 -------- d-----w- c:\program files\Rhapsody 2013-11-02 13:04:59 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-11-02 13:04:59 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-10-28 21:22:33 -------- d-----w- c:\windows\system32\wbem\framework\root\CPUThermometer 2013-10-28 21:22:33 -------- d-----w- c:\windows\system32\wbem\framework\root 2013-10-28 21:22:33 -------- d-----w- c:\windows\system32\wbem\Framework 2013-10-28 07:15:05 -------- d-----w- c:\documents and settings\administrator\application data\Windows Search 2013-10-27 01:25:41 4379984 ----a-w- c:\windows\system32\d3dx9_40.dll 2013-10-27 01:25:19 -------- d-----w- c:\documents and settings\all users\application data\Logs 2013-10-27 01:25:10 -------- d-----w- c:\program files\Dll-Files.com Fixer 2013-10-27 00:25:03 -------- d-----w- c:\windows\system32\winrm 2013-10-27 00:24:58 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$ 2013-10-27 00:23:35 -------- d-----w- c:\windows\system32\GroupPolicy 2013-10-27 00:23:35 -------- d-----w- c:\program files\Windows Desktop Search 2013-10-27 00:21:12 -------- d-----w- c:\windows\system32\URTTEMP 2013-10-26 18:01:40 -------- d-----w- c:\windows\RegisteredPackages 2013-10-26 18:00:40 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys 2013-10-26 18:00:39 91136 ----a-w- c:\windows\system32\kswdmcap.ax 2013-10-26 18:00:39 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys 2013-10-26 18:00:39 61952 ----a-w- c:\windows\system32\kstvtune.ax 2013-10-26 18:00:39 51200 ----a-w- c:\windows\system32\drivers\msdv.sys 2013-10-26 18:00:39 43008 ----a-w- c:\windows\system32\ksxbar.ax 2013-10-26 18:00:39 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys 2013-10-26 18:00:37 5504 ----a-w- c:\windows\system32\drivers\mstee.sys 2013-10-26 17:59:51 -------- d--h--w- c:\windows\msdownld.tmp 2013-10-26 07:01:20 -------- d-----w- C:\New Folder 2013-10-24 04:49:10 1409 ----a-w- c:\windows\QTFont.for 2013-10-24 04:41:59 -------- d-----w- c:\program files\DVD Shrink 2013-10-23 02:29:10 -------- d--h--w- C:\RL 2 2013-10-22 15:11:48 203576 ----a-w- c:\windows\system32\RICHTX32.OCX 2013-10-22 15:11:48 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2013-10-19 17:16:42 -------- d-----w- c:\program files\MSXML 4.0 2013-10-19 00:35:07 -------- d-----w- c:\windows\system32\BWKDLogs 2013-10-19 00:34:11 5632 ----a-w- c:\windows\system32\ptpusb.dll 2013-10-19 00:34:11 159232 ----a-w- c:\windows\system32\ptpusd.dll 2013-10-19 00:34:01 -------- d-----w- c:\program files\common files\Kodak 2013-10-19 00:32:00 -------- d-----w- c:\program files\Kodak 2013-10-19 00:29:59 -------- d-----w- c:\documents and settings\all users\application data\Kodak 2013-10-18 03:37:46 221184 ----a-w- c:\windows\system32\wmpns.dll 2013-10-18 03:37:38 -------- d-----w- c:\program files\Windows Media Connect 2 2013-10-18 03:36:06 -------- d-----w- C:\656e718fed0ffcfdcb23ea6d0dac 2013-10-18 03:36:02 -------- d-----w- c:\windows\system32\LogFiles 2013-10-17 21:15:23 -------- d-----w- c:\program files\Metaseq31 2013-10-17 20:39:34 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll 2013-10-17 20:39:32 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll 2013-10-17 20:39:31 248672 ----a-w- c:\windows\system32\d3dx11_43.dll 2013-10-17 20:39:29 470880 ----a-w- c:\windows\system32\d3dx10_43.dll 2013-10-17 20:39:26 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll 2013-10-17 20:38:02 -------- d-----w- c:\program files\tetraface 2013-10-17 20:14:42 -------- d-----w- c:\program files\NCH Software 2013-10-17 05:57:26 -------- d-----w- c:\program files\Advanced Batch Converter 2013-10-16 19:50:25 -------- d-----w- c:\program files\Microsoft ActiveSync 2013-10-16 19:48:18 -------- d--h--w- c:\windows\ShellNew 2013-10-16 19:48:14 -------- d-----w- c:\program files\common files\L&H 2013-10-16 13:54:02 145408 ----a-w- c:\windows\system32\javacpl.cpl 2013-10-16 13:53:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-10-16 13:45:35 -------- d-----w- c:\program files\RealNetworks 2013-10-16 13:45:34 -------- d-----w- c:\documents and settings\all users\application data\RealNetworks 2013-10-16 13:43:51 -------- d-----w- c:\program files\common files\xing shared 2013-10-15 05:14:47 -------- d-----w- c:\program files\FileASSASSIN 2013-10-15 04:40:53 -------- d-----w- c:\windows\865537E164904193A4B6669C62711852.TMP 2013-10-15 03:51:47 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Mozilla 2013-10-15 02:06:44 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2013-10-13 03:17:04 238872 ----a-w- c:\windows\system32\MpSigStub.exe 2013-10-13 03:13:40 -------- d-----w- c:\program files\Microsoft Security Client 2013-10-12 13:44:04 -------- d-----w- c:\program files\Uninstaller 2013-10-11 21:27:53 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes 2013-10-11 01:48:22 -------- d-----w- c:\windows\system32\MRT 2013-10-11 01:47:24 21504 ----a-w- c:\windows\system32\drivers\hidserv.dll 2013-10-11 01:33:44 -------- d-----w- C:\DriversBackup 2013-10-11 01:32:05 14976 ----a-w- c:\windows\system32\drivers\usbscan.sys 2013-10-11 01:07:28 1034240 ----a-w- c:\windows\system32\drivers\bcmwlhigh5.sys 2013-10-11 01:07:27 89088 ----a-w- c:\windows\system32\ATL71.DLL 2013-10-11 01:07:27 53299 ----a-w- c:\windows\system32\pthreadVC.dll 2013-10-11 01:07:27 50704 ----a-w- c:\windows\system32\drivers\npf.sys 2013-10-11 01:07:27 281104 ----a-w- c:\windows\system32\wpcap.dll 2013-10-11 01:07:27 1060864 ----a-w- c:\windows\system32\MFC71.DLL 2013-10-11 01:07:27 100880 ----a-w- c:\windows\system32\Packet.dll . ==================== Find3M ==================== . 2013-11-04 02:29:43 1098236 ----a-w- c:\windows\system32\nvdrsdb0.bin 2013-11-04 02:29:43 1 ----a-w- c:\windows\system32\nvdrssel.bin 2013-11-04 02:29:37 1098236 ----a-w- c:\windows\system32\nvdrsdb1.bin 2013-10-16 13:42:20 499712 ----a-w- c:\windows\system32\msvcp71.dll 2013-10-16 13:42:20 348160 ----a-w- c:\windows\system32\msvcr71.dll 2013-10-13 01:08:43 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-09-26 01:57:14 120632 ----a-w- c:\windows\system32\drivers\avgdiskx.sys 2013-09-23 07:40:04 668672 ----a-w- c:\windows\system32\wininet.dll 2013-09-23 07:40:03 81920 ----a-w- c:\windows\system32\ieencode.dll 2013-09-23 07:40:03 61952 ----a-w- c:\windows\system32\tdc.ocx 2013-09-23 01:22:30 369664 ----a-w- c:\windows\system32\html.iec 2013-09-11 03:11:44 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys 2013-09-09 03:12:16 27448 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2013-09-02 15:39:32 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2013-09-02 15:28:06 145720 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2013-09-02 15:28:04 209208 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2013-09-02 15:28:00 223032 ----a-w- c:\windows\system32\drivers\avglogx.sys 2013-08-29 01:31:44 1878656 ----a-w- c:\windows\system32\win32k.sys 2013-08-09 01:56:45 386560 ----a-w- c:\windows\system32\themeui.dll 2013-08-09 00:55:08 144128 ----a-w- c:\windows\system32\drivers\usbport.sys 2013-08-09 00:55:07 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2013-08-09 00:55:06 5376 ----a-w- c:\windows\system32\drivers\usbd.sys . ============= FINISH: 14:37:12.28 ===============
  4. My computer is seriously infected. After logging in a white screen appears which requests an internet connection. Task Manager is not accessible, the button is greyed out. From a previous topic in this forum I downloaded Farbar Recovery Scan Tool and ran the scan on my computer. I have the FRST.txt file (attached). I noticed a couple lines are flagged with "attention" markers. What do I do from here? FRST has a FIX button which requires another .txt file. How do I create that .txt file? Any advice is greatly appreciated. Best regards, Jim FRST.txt
  5. i had a bout a while back with some adware that i successfully removed (thanks malwarebytes!) however i think the damage was already done... i noticed some unusual glitches with my system like various programs not booting up at startup and odd visual/audio freezes/gaps in random sets of 3... anyway i had to move and figured i'd try to resolve it later, and i figured i'd just run a windows repair and see if that didn't help resolve the issue... it didn't and also added more problems lol... anyway um.. i was directed to here after reading a similar post and i was told to post my dds and attach logs here. i hope i'm doing this right. so bare with me :-S any help would be appreciated as i'm on limited funds atm due to moving and i'd hate to have to haul the rig in to get fixed. *i included a screen cap of the mbam run-time error i was getting. dds.txt attach.txt
  6. AVG scans indicate I have zero access.TH rootkit in the following file c:\windows\system32\drivers\netbt.sys I need help removing it. The computer cannot access the internet. Attached are the two dds logs. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.40.2Run by Barbara at 23:13:09 on 2013-09-20Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1390 [GMT -4:00].AV: AVG update module *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}.============== Running Processes ================.C:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\AVG\AVG2013\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre7\bin\jqs.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Dell DataSafe Online\DataSafeOnline.exeC:\WINDOWS\system32\igfxsrvc.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\AVG Secure Search\vprot.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exeC:\Program Files\AVG\AVG2013\avgui.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exeC:\Program Files\Canon\MyPrinter\BJMyPrt.exeC:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXEC:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Dell Support Center\gs_agent\dsc.exeC:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k imgsvcC:\WINDOWS\system32\svchost.exe -k LocalService.============== Pseudo HJT Report ===============.uWindow Title = Internet Explorer, optimized for Bing and MSNuInternet Connection Wizard,ShellNext = iexploreBHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.5.0.2\AVG Secure Search_toolbar.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dllBHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dllTB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dllTB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.5.0.2\AVG Secure Search_toolbar.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dlluRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /backgrounduRun: [Google Update] "c:\documents and settings\barbara\local settings\application data\google\update\GoogleUpdate.exe" /cmRun: [RTHDCPL] RTHDCPL.EXEmRun: [Alcmtr] ALCMTR.EXEmRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /mmRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcentermRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [vProt] "c:\program files\avg secure search\vprot.exe"mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -kmRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLYmRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logonmRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logonmRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeLSP: mswsock.dllTCP: NameServer = 192.168.1.1TCP: Interfaces\{36193578-B3BB-4AE5-8CE5-BE932DF3AD81} : DHCPNameServer = 192.168.1.1Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.5.0\ViProtocol.dllNotify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dllNotify: igfxcui - igfxdev.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\barbara\application data\mozilla\firefox\profiles\jo5flxg6.default\FF - prefs.js: browser.search.selectedEngine - AVG Secure SearchFF - prefs.js: network.proxy.type - 0FF - plugin: c:\documents and settings\barbara\application data\mozilla\plugins\npgoogletalk.dllFF - plugin: c:\documents and settings\barbara\application data\mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: c:\documents and settings\barbara\application data\mozilla\plugins\npo1d.dllFF - plugin: c:\documents and settings\barbara\local settings\application data\google\update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dllFF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLLFF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\15.5.0\npsitesafety.dllFF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dllFF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\2.0.31005.0\npctrlui.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dllFF - plugin: c:\windows\system32\npDeployJava1.dllFF - plugin: c:\windows\system32\npptools.dll.============= SERVICES / DRIVERS ===============.R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-8-9 246072]R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 96568]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 39224]R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 171320]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 182072]R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-3 37664]R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesService32.exe [2013-9-9 1740088]R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.5.0\ToolbarUpdater.exe [2013-8-14 1643184]R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesDriver32.sys [2013-8-21 12320]S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]S2 gupdate1c9e3ab5e358b90;Google Update Service (gupdate1c9e3ab5e358b90);c:\program files\google\update\GoogleUpdate.exe [2009-6-2 133104]S3 ICDUSB3;ICDUSB3;c:\windows\system32\drivers\ICDUSB3.sys [2011-10-23 11264]S3 MFE_RR;MFE_RR;\??\c:\docume~1\barbara\locals~1\temp\mfe_rr.sys --> c:\docume~1\barbara\locals~1\temp\mfe_rr.sys [?].=============== Created Last 30 ================.2013-09-20 23:41:23 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2013-09-20 23:41:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-09-20 19:34:11 -------- d---a-w- C:\temp2013-09-12 00:22:26 -------- d-----w- c:\program files\iPod2013-09-12 00:22:24 -------- d-----w- c:\program files\iTunes2013-09-12 00:22:24 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E12013-09-12 00:18:44 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll2013-09-12 00:18:44 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll2013-09-12 00:18:44 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll2013-09-12 00:18:44 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll2013-09-12 00:18:44 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll2013-09-12 00:18:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll2013-09-12 00:18:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll2013-09-12 00:18:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll2013-09-12 00:18:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll2013-09-12 00:18:44 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll2013-09-11 15:12:13 -------- d-----w- c:\documents and settings\all users\application data\Nero2013-09-11 14:34:44 -------- d-----w- c:\documents and settings\barbara\application data\licenses2013-09-11 14:34:43 -------- d-----w- c:\documents and settings\barbara\application data\PCMM20092013-09-11 14:34:39 -------- d-----w- c:\documents and settings\barbara\application data\PCMM20132013-09-11 14:34:33 -------- d-----w- c:\documents and settings\barbara\local settings\application data\PC MightyMax 20132013-09-11 12:50:22 35640 ----a-w- c:\windows\system32\uxtuneup.dll2013-09-11 12:49:26 36152 ----a-w- c:\windows\system32\TURegOpt.exe2013-09-11 12:46:44 -------- d-sh--w- c:\documents and settings\all users\application data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}2013-09-11 12:36:34 144896 ----a-w- c:\windows\system32\javacpl.cpl2013-09-11 12:36:24 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll.==================== Find3M ====================.2013-09-13 14:43:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-09-13 14:43:20 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-09-11 12:36:12 868264 ----a-w- c:\windows\system32\npDeployJava1.dll2013-09-11 12:36:12 790440 ----a-w- c:\windows\system32\deployJava1.dll2013-09-10 05:34:48 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys2013-09-05 05:43:42 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys2013-08-14 21:13:59 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys2013-08-09 01:56:45 386560 ----a-w- c:\windows\system32\themeui.dll2013-08-08 06:05:59 920064 ----a-w- c:\windows\system32\wininet.dll2013-08-08 06:05:59 43520 ------w- c:\windows\system32\licmgr10.dll2013-08-08 06:05:59 1469440 ------w- c:\windows\system32\inetcpl.cpl2013-08-08 06:05:58 18944 ----a-w- c:\windows\system32\corpol.dll2013-08-08 01:27:48 1877760 ----a-w- c:\windows\system32\win32k.sys2013-08-08 00:02:34 385024 ------w- c:\windows\system32\html.iec2013-08-05 13:30:32 1289728 ----a-w- c:\windows\system32\ole32.dll2013-08-03 18:18:38 1543680 ------w- c:\windows\system32\wmvdecod.dll2013-07-20 05:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys2013-07-20 05:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys2013-07-20 05:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys2013-07-20 05:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll2013-07-04 03:03:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe2013-07-04 02:08:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe.============= FINISH: 23:13:52.39 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume2Install Date: 2/28/2009 5:08:26 PMSystem Uptime: 9/20/2013 11:10:26 PM (0 hours ago).Motherboard: Dell Inc. | | 0RY007Processor: Intel® Core2 Duo CPU E7400 @ 2.80GHz | Socket 775 | 2792/266mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 298 GiB total, 269.528 GiB free.D: is CDROM (CDFS).==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP1292: 6/23/2013 12:32:56 PM - System CheckpointRP1293: 6/25/2013 9:51:40 AM - System CheckpointRP1294: 6/26/2013 11:12:56 AM - System CheckpointRP1295: 6/27/2013 2:21:23 PM - System CheckpointRP1296: 7/2/2013 6:41:30 AM - System CheckpointRP1297: 7/3/2013 6:19:51 PM - System CheckpointRP1298: 7/4/2013 7:46:02 PM - System CheckpointRP1299: 7/6/2013 12:31:53 PM - System CheckpointRP1300: 7/7/2013 5:34:56 PM - System CheckpointRP1301: 7/8/2013 8:26:04 PM - System CheckpointRP1302: 7/10/2013 6:37:07 AM - System CheckpointRP1303: 7/11/2013 7:24:34 AM - Software Distribution Service 3.0RP1304: 7/12/2013 5:43:11 PM - System CheckpointRP1305: 7/13/2013 10:39:27 PM - System CheckpointRP1306: 7/14/2013 7:20:14 AM - Software Distribution Service 3.0RP1307: 7/15/2013 9:43:11 AM - System CheckpointRP1308: 7/16/2013 11:09:35 PM - System CheckpointRP1309: 7/18/2013 12:02:07 PM - System CheckpointRP1310: 7/19/2013 1:49:51 PM - System CheckpointRP1311: 7/20/2013 6:22:42 PM - System CheckpointRP1312: 7/21/2013 7:46:46 PM - System CheckpointRP1313: 7/22/2013 7:59:19 PM - System CheckpointRP1314: 7/24/2013 12:16:22 AM - System CheckpointRP1315: 7/25/2013 1:15:36 PM - System CheckpointRP1316: 7/26/2013 3:07:19 PM - System CheckpointRP1317: 7/28/2013 12:21:41 AM - System CheckpointRP1318: 7/29/2013 7:30:09 AM - System CheckpointRP1319: 7/31/2013 10:07:16 AM - System CheckpointRP1320: 8/2/2013 6:45:50 AM - System CheckpointRP1321: 8/5/2013 11:43:45 AM - System CheckpointRP1322: 8/7/2013 7:52:46 PM - System CheckpointRP1323: 8/9/2013 10:06:38 PM - System CheckpointRP1324: 8/11/2013 10:06:21 AM - System CheckpointRP1325: 8/12/2013 2:32:47 PM - System CheckpointRP1326: 8/13/2013 3:34:13 PM - System CheckpointRP1327: 8/14/2013 5:20:58 PM - System CheckpointRP1328: 8/15/2013 7:05:30 AM - Software Distribution Service 3.0RP1329: 8/16/2013 12:41:25 PM - System CheckpointRP1330: 8/19/2013 10:33:47 PM - System CheckpointRP1331: 8/22/2013 9:36:57 AM - System CheckpointRP1332: 8/23/2013 12:03:58 PM - System CheckpointRP1333: 8/24/2013 4:38:11 PM - System CheckpointRP1334: 8/26/2013 12:28:10 PM - System CheckpointRP1335: 8/27/2013 4:06:39 PM - System CheckpointRP1336: 8/28/2013 11:42:51 PM - System CheckpointRP1337: 8/29/2013 6:43:12 AM - Software Distribution Service 3.0RP1338: 8/30/2013 2:14:59 PM - System CheckpointRP1339: 9/2/2013 1:50:57 PM - System CheckpointRP1340: 9/3/2013 9:57:17 PM - System CheckpointRP1341: 9/5/2013 12:52:00 AM - System CheckpointRP1342: 9/6/2013 2:19:12 PM - System CheckpointRP1343: 9/8/2013 11:46:34 AM - System CheckpointRP1344: 9/9/2013 4:43:41 PM - System CheckpointRP1345: 9/10/2013 7:00:38 PM - System CheckpointRP1346: 9/11/2013 8:35:48 AM - Removed Java 7 Update 4RP1347: 9/11/2013 8:36:09 AM - Installed Java 7 Update 40RP1348: 9/11/2013 8:47:26 AM - Installed AVG PC TuneUp 2014RP1349: 9/11/2013 11:02:07 AM - Removed WinZip 17.5RP1350: 9/11/2013 11:08:33 AM - Installed Windows XP KB942288-v3.RP1351: 9/11/2013 11:12:12 AM - Installed Nero BurningROM 12.RP1352: 9/11/2013 11:22:42 AM - Removed Nero BurningROM 12.RP1353: 9/11/2013 7:19:20 PM - Software Distribution Service 3.0RP1354: 9/13/2013 11:17:27 AM - System CheckpointRP1355: 9/15/2013 12:49:11 PM - System CheckpointRP1356: 9/16/2013 2:09:42 PM - System CheckpointRP1357: 9/18/2013 6:40:35 AM - System CheckpointRP1358: 9/19/2013 11:40:18 AM - System CheckpointRP1359: 9/20/2013 12:24:27 PM - System CheckpointRP1360: 9/20/2013 5:48:13 PM - Restore OperationRP1361: 9/20/2013 5:50:00 PM - Restore OperationRP1362: 9/20/2013 5:51:50 PM - Restore OperationRP1363: 9/20/2013 5:53:55 PM - Restore Operation.==== Installed Programs ======================.7-Zip 9.20Acrobat.comAdobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader XI (11.0.03)Apple Application SupportApple Mobile Device SupportApple Software UpdateAVG 2013AVG PC TuneUp 2014AVG PC TuneUp 2014 (en-US)AVG PC TuneUp Language Pack (en-US)AVG Security ToolbarBonjourCanon Easy-PhotoPrint EXCanon MP Navigator EX 5.1Canon MX430 series MP DriversCanon MX430 series On-screen ManualCanon MX430 series User RegistrationCanon My PrinterCanon Solution Menu EXChoice GuardDell DataSafe OnlineDell Driver Reset ToolDell Support Center (Support Software)Digital Voice Editor 3FamilySearch IndexingFamilySearch Indexing 3.13.1Google EarthGoogle Talk PluginGoogle Toolbar for Internet ExplorerGoogle Update HelperGoogle UpdaterGoToAssist 8.0.0.514Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB2756822)Hotfix for Windows XP (KB2779562)Hotfix for Windows XP (KB942288-v3)Intel® Graphics Media Accelerator DriverIntel® PRO Network Connections DriversiTunesJava 7 Update 40Java Auto UpdaterJavaFX 2.1.0Junk Mail filter updateMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB2698023)Microsoft .NET Framework 1.1 Security Update (KB2833941)Microsoft .NET Framework 1.1 Security Update (KB979906)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Application Error ReportingMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Internationalized Domain Names Mitigation APIsMicrosoft Kernel-Mode Driver Framework Feature Pack 1.7Microsoft National Language Support Downlevel APIsMicrosoft Office Excel MUI (English) 2007Microsoft Office Home and Student 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft Software Update for Web Folders (English) 12Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft Sync Framework Runtime Native v1.0 (x86)Microsoft Sync Framework Services Native v1.0 (x86)Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Mozilla Firefox 17.0.8 (x86 en-US)MSNMSVCRTMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 6.0 Parser (KB927977)PokerStarsQuickTimeRealtek High Definition Audio DriverRootsMagic 5.0.4.1Roxio Creator AudioRoxio Creator CopyRoxio Creator DataRoxio Creator DERoxio Creator ToolsRoxio Express Labeler 3Roxio Update ManagerSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Windows Internet Explorer 7 (KB938127-v2)Security Update for Windows Internet Explorer 7 (KB956390)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2618444)Security Update for Windows Internet Explorer 8 (KB2699988)Security Update for Windows Internet Explorer 8 (KB2722913)Security Update for Windows Internet Explorer 8 (KB2744842)Security Update for Windows Internet Explorer 8 (KB2761465)Security Update for Windows Internet Explorer 8 (KB2792100)Security Update for Windows Internet Explorer 8 (KB2797052)Security Update for Windows Internet Explorer 8 (KB2799329)Security Update for Windows Internet Explorer 8 (KB2809289)Security Update for Windows Internet Explorer 8 (KB2817183)Security Update for Windows Internet Explorer 8 (KB2829530)Security Update for Windows Internet Explorer 8 (KB2838727)Security Update for Windows Internet Explorer 8 (KB2846071)Security Update for Windows Internet Explorer 8 (KB2847204)Security Update for Windows Internet Explorer 8 (KB2862772)Security Update for Windows Internet Explorer 8 (KB2870699)Security Update for Windows Internet Explorer 8 (KB982381)Security Update for Windows Media Player (KB2834904-v2)Security Update for Windows Media Player (KB2834904)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows XP (KB2621440)Security Update for Windows XP (KB2641653)Security Update for Windows XP (KB2647518)Security Update for Windows XP (KB2653956)Security Update for Windows XP (KB2655992)Security Update for Windows XP (KB2659262)Security Update for Windows XP (KB2661637)Security Update for Windows XP (KB2676562)Security Update for Windows XP (KB2685939)Security Update for Windows XP (KB2686509)Security Update for Windows XP (KB2691442)Security Update for Windows XP (KB2695962)Security Update for Windows XP (KB2698365)Security Update for Windows XP (KB2705219)Security Update for Windows XP (KB2707511)Security Update for Windows XP (KB2709162)Security Update for Windows XP (KB2712808)Security Update for Windows XP (KB2718523)Security Update for Windows XP (KB2719985)Security Update for Windows XP (KB2723135)Security Update for Windows XP (KB2724197)Security Update for Windows XP (KB2727528)Security Update for Windows XP (KB2731847)Security Update for Windows XP (KB2753842-v2)Security Update for Windows XP (KB2753842)Security Update for Windows XP (KB2757638)Security Update for Windows XP (KB2758857)Security Update for Windows XP (KB2761226)Security Update for Windows XP (KB2770660)Security Update for Windows XP (KB2778344)Security Update for Windows XP (KB2779030)Security Update for Windows XP (KB2780091)Security Update for Windows XP (KB2799494)Security Update for Windows XP (KB2802968)Security Update for Windows XP (KB2807986)Security Update for Windows XP (KB2808735)Security Update for Windows XP (KB2813170)Security Update for Windows XP (KB2813345)Security Update for Windows XP (KB2820197)Security Update for Windows XP (KB2820917)Security Update for Windows XP (KB2829361)Security Update for Windows XP (KB2834886)Security Update for Windows XP (KB2839229)Security Update for Windows XP (KB2845187)Security Update for Windows XP (KB2849470)Security Update for Windows XP (KB2850851)Security Update for Windows XP (KB2850869)Security Update for Windows XP (KB2859537)Security Update for Windows XP (KB2864063)Security Update for Windows XP (KB2876217)Security Update for Windows XP (KB2876315)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB958215)Security Update for Windows XP (KB960714)Segoe UIUninstall FamilySearch IndexingUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 8 (KB2598845)Update for Windows XP (KB2661254-v2)Update for Windows XP (KB2718704)Update for Windows XP (KB2736233)Update for Windows XP (KB2749655)Update for Windows XP (KB2863058)Update for Windows XP (KB951978)WebFldrs XPWindows Internet Explorer 7Windows Internet Explorer 8Windows Live CallWindows Live Communications PlatformWindows Live EssentialsWindows Live MailWindows Live MessengerWindows Live Photo GalleryWindows Live Sign-in AssistantWindows Live SyncWindows Live Upload ToolWindows Live WriterWindows Media Format 11 runtimeWindows Media Player 11Windows Presentation FoundationXML Paper Specification Shared Components Pack 1.0.==== Event Viewer Messages From Past Week ========.9/20/2013 7:40:25 PM, error: Service Control Manager [7034] - The AVG PC TuneUp Service service terminated unexpectedly. It has done this 1 time(s).9/20/2013 4:35:52 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: MRxSmb9/20/2013 4:35:52 PM, error: Service Control Manager [7024] - The Workstation service terminated with service-specific error 2250 (0x8CA).9/20/2013 4:35:52 PM, error: Service Control Manager [7003] - The TCP/IP NetBIOS Helper service depends on the following nonexistent service: NetBT9/20/2013 4:35:52 PM, error: Service Control Manager [7003] - The DHCP Client service depends on the following nonexistent service: NetBT9/20/2013 4:35:52 PM, error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: The service has returned a service-specific error code.9/20/2013 4:34:14 PM, error: Workstation [5727] - Could not load RDR device driver.9/20/2013 4:34:14 PM, error: Workstation [5727] - Could not load MRxSmb device driver..==== End Of File ===========================
  7. I have MoneyPak FBI virus on machine running Wndows XP SP3 Cannot boot into SAFE MODE or SAFE MODE WITH NETWORKING (both result in blue screen of death) Cannot access any menus or System Manager on startup - the scumbags are in total control Have a memory stick available with yesterday's downloads of: FRST.exe tdsskiller.exe mbar-1.06.0.1004.zip SecurityCheck.exe ComboFix.exe I would surely appreciate any available help regaining control
  8. It started out very random but has gotten incresingly more frequent. SYMPTOMS: BSoD after running any extensive multimedia programs (Music, Games, Youtube Videos, etc.) BSoD: DRIVER_IRQ_NOT_LESS_OR_EQUAL MS Knowledge Base says the cause is a USB driver and offers a Fix, but the Fix does nothing Reboot computer and it hangs just after the POST (just before WinXP LogIn Screen shows up) My work-around has been to turn off all external USB devices and see what is causing the hang-up. To my suprise I noticed that if I turn off my Focusrite Firewire Audio Interface before booting up the computer it starts up fine. I'm under the impression that this error has something to do with my firewire card and my audio interface. Also noticed while watching Youtube videos, scrolling the screen while the video is playing causes the audio to become garbled and out of sync with the video. This also happens if audio is playing (WMP) while browsing the web. My interface has a light on the front that indicates when the firewire is connected. It periodicly blinks when audio is out of sync. I haven't changed my setup for a long time so everything is as it has always been and it all worked fine. Please, any assistance in this matter would be great Thank you in advance.
  9. I have a Dell Inspiron running windows XP. My computer was infected with the FBi moneypac virus and I tried rebooting in safe mode to repair. The virus blocks safe mode from initiating and instead displays a white screen. I am unable to access the Internet or see my desktop. I have an iPhone which allows me Internet access. Please help.
  10. I recently installed Malwarebytes Pro on my Windows XP Home desktop. I noticed that when performing an update or starting the Website Blocking (IP Protection) causes the CPU to ramp up to 100%. Upon reviewing the protection log files, it looks like it is regularly taking about 4 minutes from the the start of IP Protection until the time IP Protection is loaded. After service is up and running, everything else seems relatively normal. I don't experience any further performance issues. I'm running Avast Free v8. Any help would be much appreciated.
  11. Hello, I have a desktop computer that I recently wiped clean and reinstalled 32 bit XP and all the software on the PC. At some point I picked up spigot and am having problems removing it. Here are the DDS and Attach reports: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Acres at 14:51:11 on 2013-02-14 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1010 [GMT -6:00] . AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes ================ . C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Creative\Shared Files\CTAudSvc.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Common Files\Nuance\dgnsvc.exe C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Epson Software\Event Manager\EEventManager.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE C:\Documents and Settings\Acres\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchFilterHost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\System32\svchost.exe -k NetworkService C:\WINDOWS\System32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uURLSearchHooks: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned> BHO: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned> BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\adobe contribute cs5.1\plugins\ieplugin\contributeieplugin.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\adobe contribute cs5.1\plugins\ieplugin\contributeieplugin.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned> uRun: [Advanced SystemCare 6] "c:\program files\iobit\advanced systemcare 6\ASCTray.exe" /AutoStart uRun: [iSUSPM] c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe -scheduler uRun: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_fatihba.exe /ept "epltarget\P0000000000000000" /M "Epson Stylus NX430" mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY mRun: [CTHelper] CTHELPER.EXE mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [DNS7reminder] "c:\program files\nuance\naturallyspeaking11\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\nuance\naturallyspeaking11\Ereg.ini mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe" StartupFolder: c:\docume~1\acres\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\acres\application data\dropbox\bin\Dropbox.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000 IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1359070224421 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1359990073343 DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{F2370A9E-FCB3-451A-BA81-676E0D1F8D7E} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\acres\application data\mozilla\firefox\profiles\72ght449.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=198484&ilc=12&p= FF - plugin: c:\program files\google\update\1.3.21.124\npGoogleUpdate3.dll FF - ExtSQL: 2013-01-26 17:18; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - ExtSQL: 2013-02-09 17:49; {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}; c:\program files\adobe\adobe contribute cs5.1\plugins\firefoxplugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} FF - ExtSQL: 2013-02-09 17:51; web2pdfextension@web2pdf.adobedotcom; c:\program files\adobe\acrobat 10.0\acrobat\browser\WCFirefoxExtn . ---- FIREFOX POLICIES ---- FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: browser.turbo.enabled - true FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.chrome.favicons - false FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: content.notify.ontimer - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.switch.threshold - 750000 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-11-15 94048] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552] R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2009-5-5 22168] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832] R1 BSMEM;BSMEM;c:\windows\system32\drivers\BSMEM.sys [2013-1-30 17024] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\iobit\advanced systemcare 6\ASCService.exe [2013-1-24 465216] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-15 5814904] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664] R2 DragonSvc;Dragon Service;c:\program files\common files\nuance\dgnsvc.exe [2010-7-23 296808] R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50RP7.EXE [2013-2-12 142432] R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600] R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\ralink\common\RalinkRegistryWriter.exe [2013-2-3 75040] R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2010-3-18 99416] R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2010-3-18 555096] R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2010-3-18 566360] R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2013-2-3 966912] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2013-1-24 103040] S3 BS_Flash;BS_Flash;c:\program files\tseries bios update\award\BS_Flash.sys [2013-1-30 3604] S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2010-3-18 99416] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2013-1-24 79360] S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2010-3-18 555096] S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2010-3-18 100952] S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2010-3-18 100952] S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2010-3-18 566360] S3 RAPIProtocol;Ralink RAPI Protocol Driver;c:\windows\system32\drivers\RAPIProtocol.sys [2013-2-3 16512] S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2003-3-31 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== File Associations =============== . ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5.5\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2013-02-13 00:43:17 44032 ------w- c:\windows\system32\CTSVCCDA.EXE 2013-02-13 00:43:17 25088 ------w- c:\windows\system32\CTSVCCTL.EXE 2013-02-13 00:42:51 -------- d-----w- c:\program files\common files\Creative 2013-02-13 00:42:50 -------- d--h--w- c:\program files\Creative Installation Information 2013-02-12 20:31:45 -------- d-----w- c:\program files\common files\EPSON 2013-02-12 20:31:21 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2013-02-12 20:31:21 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2013-02-12 20:31:12 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys 2013-02-12 20:31:12 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2013-02-11 19:29:15 -------- d-----w- c:\documents and settings\acres\application data\Malwarebytes 2013-02-11 19:29:06 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2013-02-11 19:29:05 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-02-11 19:29:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-02-11 19:19:02 -------- d-----w- c:\program files\Epson America Inc 2013-02-11 19:18:15 95232 ----a-w- c:\windows\system32\E_FLBHBA.DLL 2013-02-11 19:18:15 81408 ----a-w- c:\windows\system32\E_FD4BHBA.DLL 2013-02-11 19:18:03 -------- d-----w- c:\documents and settings\all users\application data\EPSON 2013-02-11 19:17:43 -------- d-----w- c:\program files\Epson Software 2013-02-11 19:15:44 132560 ----a-w- c:\windows\system32\esdevapp.exe 2013-02-11 19:15:43 12800 ----a-w- c:\windows\system32\escdev.dll 2013-02-11 19:15:42 342016 ----a-w- c:\windows\system32\eswiaud.dll 2013-02-11 19:15:17 -------- d-----w- c:\program files\epson 2013-02-10 00:03:28 -------- d-----w- c:\documents and settings\all users\application data\ALM 2013-02-09 23:56:33 -------- d-----w- c:\documents and settings\acres\Adobe Flash Builder 4.5 2013-02-09 23:44:58 -------- d-----w- c:\program files\My Company Name 2013-02-07 06:50:23 -------- d-----w- c:\documents and settings\all users\application data\regid.1986-12.com.adobe 2013-02-07 06:07:54 -------- d-----w- c:\documents and settings\acres\local settings\application data\Adobe 2013-02-07 05:22:32 346624 ----a-w- c:\windows\system32\Mss32.dll 2013-02-07 05:22:32 1478656 ----a-w- c:\windows\system32\SushiDX.exe 2013-02-07 05:22:03 1445888 ----a-w- c:\windows\system32\Ati Gargoyle.scr 2013-02-06 23:06:10 -------- d-----w- c:\program files\MSXML 4.0 2013-02-06 23:05:35 23360 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2013-02-06 22:59:30 -------- d-----w- c:\documents and settings\acres\AppData 2013-02-06 20:48:50 -------- d-----w- c:\documents and settings\acres\application data\FLEXnet 2013-02-06 20:48:49 -------- d-----w- c:\documents and settings\acres\application data\Nuance 2013-02-06 20:32:54 -------- d-----w- c:\program files\common files\IVA 2013-02-06 20:32:36 -------- d-----w- c:\program files\common files\Nuance 2013-02-06 20:29:21 -------- d-----w- c:\program files\Nuance 2013-02-06 20:29:21 -------- d-----w- c:\documents and settings\all users\application data\Nuance 2013-02-06 20:29:06 -------- d-----w- c:\windows\speech 2013-02-06 20:27:31 -------- d-----w- c:\documents and settings\acres\local settings\application data\WinZip 2013-02-06 15:23:31 -------- d-----w- c:\windows\Profiles 2013-02-06 15:23:30 225280 ------w- c:\program files\internet explorer\plugins\NPDocBox.dll 2013-02-06 15:23:30 103312 ------w- c:\program files\internet explorer\plugins\nppdf32.dll 2013-02-06 15:23:28 -------- d-----w- c:\windows\system32\Adobe 2013-02-06 15:23:23 306688 ----a-w- c:\windows\IsUninst.exe 2013-02-06 05:08:35 -------- d-----r- c:\program files\Skype 2013-02-06 05:07:28 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys 2013-02-06 05:07:28 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys 2013-02-06 05:07:14 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys 2013-02-06 05:07:14 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys 2013-02-06 05:07:13 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys 2013-02-06 05:07:13 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys 2013-02-06 05:07:12 16384 ----a-w- c:\windows\system32\ipsink.ax 2013-02-06 05:07:10 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys 2013-02-06 05:07:10 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys 2013-02-06 05:07:04 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys 2013-02-06 05:07:04 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS 2013-02-05 14:22:13 275696 ----a-w- c:\windows\system32\mucltui.dll 2013-02-05 14:22:13 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2013-02-05 14:21:15 -------- d-----w- c:\documents and settings\acres\local settings\application data\ApplicationHistory 2013-02-05 14:06:49 -------- d-----w- c:\program files\Microsoft 2013-02-05 14:06:28 -------- d-----w- c:\program files\Windows Live SkyDrive 2013-02-05 14:05:45 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2013-02-05 14:05:28 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2013-02-05 14:05:11 4927864 ----a-w- c:\program files\common files\windows live\.cache\d0185edc1ce03a9\Silverlight.2.0.exe 2013-02-05 14:03:03 74520 ----a-w- c:\program files\common files\windows live\.cache\83a6f93c1ce03a9\DSETUP.dll 2013-02-05 14:03:03 484632 ----a-w- c:\program files\common files\windows live\.cache\83a6f93c1ce03a9\DXSETUP.exe 2013-02-05 14:03:03 1670936 ----a-w- c:\program files\common files\windows live\.cache\83a6f93c1ce03a9\dsetup32.dll 2013-02-05 14:02:42 1013800 ----a-w- c:\program files\common files\windows live\.cache\7776130a1ce03a9\WindowsXP-KB954708-x86-ENU.exe 2013-02-04 15:55:18 -------- d-----w- c:\program files\common files\Windows Live 2013-02-04 15:37:02 -------- d-----w- c:\windows\system32\winrm 2013-02-04 15:36:57 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$ 2013-02-04 15:36:35 -------- d-----w- c:\documents and settings\acres\local settings\application data\Identities 2013-02-04 15:36:33 -------- d-----w- c:\documents and settings\acres\application data\Windows Desktop Search 2013-02-04 15:36:04 -------- d-----w- c:\windows\system32\GroupPolicy 2013-02-04 15:36:04 -------- d-----w- c:\program files\Windows Desktop Search 2013-02-04 15:35:19 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll 2013-02-04 15:35:19 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll 2013-02-04 15:35:19 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll 2013-02-04 15:34:04 -------- d-----w- c:\windows\system32\URTTEMP 2013-02-04 14:51:05 -------- d-----w- c:\program files\Dropbox 2013-02-04 14:48:21 -------- d-----w- c:\documents and settings\acres\application data\Dropbox 2013-02-04 14:47:48 19240752 ----a-w- C:\Dropbox 1.6.16.exe 2013-02-04 14:45:25 -------- d-----w- c:\program files\Microsoft ActiveSync 2013-02-04 14:44:49 -------- d-----w- c:\windows\ShellNew 2013-02-04 14:44:49 -------- d-----w- c:\program files\common files\ODBC 2013-02-03 17:14:04 -------- d-----w- c:\program files\Windows Media Connect 2 2013-02-03 17:12:23 -------- d-----w- c:\windows\system32\LogFiles 2013-02-03 17:06:03 315510 ----a-w- c:\windows\system32\RAPI.dll 2013-02-03 17:06:03 200704 ----a-w- c:\windows\system32\ssleay32.dll 2013-02-03 17:06:03 16512 ----a-w- c:\windows\system32\drivers\RAPIProtocol.sys 2013-02-03 17:06:03 1093632 ----a-w- c:\windows\system32\libeay32.dll 2013-02-03 17:05:44 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys 2013-02-03 17:05:23 966912 ----a-w- c:\windows\system32\drivers\rt2860.sys 2013-02-03 17:05:23 221184 ----a-w- c:\windows\system32\RaCoInst.dll 2013-02-03 17:05:22 -------- d-----w- c:\documents and settings\all users\application data\Ralink Driver 2013-02-03 17:05:21 -------- d-----w- c:\program files\Ralink 2013-01-31 00:07:49 -------- d-----w- c:\documents and settings\acres\local settings\application data\ATI 2013-01-31 00:01:51 -------- d-----w- c:\program files\common files\ATI Technologies 2013-01-30 19:04:57 69632 ----a-w- c:\windows\system32\vuins32.dll 2013-01-30 19:04:57 46592 ----a-w- c:\windows\system32\drivers\fetnd5bv.sys 2013-01-30 18:55:54 3604 ----a-w- c:\windows\system32\drivers\BS_Flash.sys 2013-01-30 18:55:50 17024 ----a-w- c:\windows\system32\drivers\BSMEM.sys 2013-01-30 18:53:25 -------- d-----w- c:\program files\Tseries BIOS Update 2013-01-30 18:53:22 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll 2013-01-30 18:53:22 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll 2013-01-30 18:53:22 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll 2013-01-30 18:53:22 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll 2013-01-30 18:53:22 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll 2013-01-30 18:50:13 319456 ------w- c:\windows\system32\difxapi.dll 2013-01-30 18:50:12 -------- d-----w- c:\program files\VIA 2013-01-26 09:03:54 -------- d-----w- c:\windows\SxsCaPendDel 2013-01-26 04:01:35 45056 ----a-w- c:\windows\system32\aticalrt.dll 2013-01-26 04:01:32 3981312 ----a-w- c:\windows\system32\aticaldd.dll 2013-01-26 04:01:31 159744 ----a-w- c:\windows\system32\SET8A.tmp 2013-01-26 04:01:22 45056 ----a-w- c:\windows\system32\aticalcl.dll 2013-01-26 04:01:19 208896 ----a-w- c:\windows\system32\SET8D.tmp 2013-01-26 04:01:19 184320 ----a-w- c:\windows\system32\SET72.tmp 2013-01-25 03:35:01 0 ----a-w- c:\windows\ativpsrm.bin 2013-01-25 03:29:31 -------- d-sh--w- c:\documents and settings\acres\PrivacIE 2013-01-25 03:29:19 -------- d-----w- c:\documents and settings\acres\application data\IObit Apps 2013-01-25 03:24:57 103040 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys 2013-01-25 03:24:51 -------- d-----w- c:\program files\ATI 2013-01-25 03:24:39 -------- d-----w- c:\program files\ATI Technologies 2013-01-25 03:17:08 -------- d-----w- c:\program files\IObit Apps Toolbar 2013-01-25 03:16:51 -------- d-----w- c:\documents and settings\all users\application data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 2013-01-25 03:16:43 -------- d-----w- c:\documents and settings\all users\application data\IObit 2013-01-25 03:16:41 -------- d-----w- c:\documents and settings\acres\application data\IObit 2013-01-25 03:16:34 -------- d-----w- c:\program files\IObit 2013-01-25 02:24:15 -------- d-----w- C:\AMD 2013-01-25 00:17:19 272128 -c----w- c:\windows\system32\dllcache\bthport.sys 2013-01-25 00:13:57 -------- d-sh--w- c:\documents and settings\acres\IETldCache 2013-01-25 00:03:28 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2013-01-25 00:02:30 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2013-01-25 00:02:06 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2013-01-25 00:01:44 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2013-01-24 23:59:07 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2013-01-24 23:58:05 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2013-01-24 23:57:57 -------- d-----w- c:\windows\ie8updates 2013-01-24 23:56:45 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll 2013-01-24 23:56:45 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll 2013-01-24 23:55:52 153088 -c----w- c:\windows\system32\dllcache\triedit.dll 2013-01-24 23:55:38 284160 -c----w- c:\windows\system32\dllcache\pdh.dll 2013-01-24 23:55:37 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll 2013-01-24 23:55:36 110592 -c----w- c:\windows\system32\dllcache\services.exe 2013-01-24 23:55:35 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll 2013-01-24 23:55:35 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe 2013-01-24 23:55:34 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll 2013-01-24 23:55:31 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll 2013-01-24 23:55:05 -------- dc-h--w- c:\windows\ie8 2013-01-24 23:52:29 290560 -c----w- c:\windows\system32\dllcache\atmfd.dll 2013-01-24 23:52:24 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2013-01-24 23:52:06 331776 -c----w- c:\windows\system32\dllcache\msadce.dll 2013-01-24 23:51:19 -------- d-----w- c:\windows\system32\Defaults 2013-01-24 23:50:39 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys 2013-01-24 23:50:39 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys 2013-01-24 23:50:19 7062 ----a-w- c:\windows\system32\audiopid.vxd 2013-01-24 23:49:58 -------- d-----w- c:\program files\common files\Creative Labs Shared 2013-01-24 23:49:55 105472 -c----w- c:\windows\system32\dllcache\mup.sys 2013-01-24 23:48:58 445016 ----a-w- c:\windows\system32\wrap_oal.dll 2013-01-24 23:48:58 109144 ----a-w- c:\windows\system32\OpenAL32.dll 2013-01-24 23:48:14 -------- d-----w- c:\windows\system32\Data 2013-01-24 23:48:10 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2013-01-24 23:48:10 -------- d-----w- c:\program files\Creative 2013-01-24 23:47:38 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll 2013-01-24 23:47:38 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll 2013-01-24 23:47:38 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll 2013-01-24 23:47:38 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll 2013-01-24 23:47:37 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll 2013-01-24 23:47:37 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe 2013-01-24 23:47:32 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll 2013-01-24 23:47:32 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll 2013-01-24 23:44:57 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll 2013-01-24 23:44:38 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2013-01-24 23:44:38 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2013-01-24 23:44:37 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2013-01-24 23:44:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2013-01-24 23:44:35 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2013-01-24 23:44:34 2004992 -c----w- c:\windows\system32\dllcache\iertutil.dll 2013-01-24 23:44:31 11111424 -c----w- c:\windows\system32\dllcache\ieframe.dll 2013-01-24 23:41:51 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys 2013-01-24 23:40:44 536576 -c----w- c:\windows\system32\dllcache\msado15.dll 2013-01-24 23:40:11 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2013-01-24 23:37:22 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll 2013-01-24 23:37:21 2193024 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2013-01-24 23:37:21 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2013-01-24 23:37:20 2069760 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2013-01-24 23:37:20 2027520 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2013-01-24 23:36:53 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe 2013-01-24 23:34:03 -------- d-----w- c:\program files\Spybot - Search & Destroy 2013-01-24 23:34:03 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy 2013-01-24 23:32:42 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys 2013-01-24 23:32:22 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll 2013-01-24 23:32:22 3072 ------w- c:\windows\system32\iacenc.dll 2013-01-24 23:31:41 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL 2013-01-24 23:31:41 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2013-01-24 23:31:41 -------- d-----w- c:\program files\SpywareBlaster 2013-01-24 23:30:17 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2013-01-24 23:30:12 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll 2013-01-24 23:30:11 5120 ----a-w- c:\windows\system32\xpsp4res.dll 2013-01-24 17:52:09 -------- d-----w- c:\windows\system32\PreInstall 2013-01-24 17:52:07 -------- d--h--w- c:\windows\$hf_mig$ 2013-01-24 17:51:44 -------- d-----w- c:\documents and settings\acres\application data\AVG2013 2013-01-24 17:47:23 -------- d-----w- c:\documents and settings\acres\application data\TuneUp Software 2013-01-24 17:47:08 -------- d--h--w- C:\$AVG 2013-01-24 17:47:08 -------- d-----w- c:\documents and settings\all users\application data\AVG2013 2013-01-24 17:46:48 -------- d-----w- c:\program files\AVG 2013-01-24 17:43:59 5376 -c--a-w- c:\windows\system32\dllcache\mspclock.sys 2013-01-24 17:43:59 5376 ----a-w- c:\windows\system32\drivers\MSPCLOCK.sys 2013-01-24 17:43:38 60160 -c--a-w- c:\windows\system32\dllcache\drmk.sys 2013-01-24 17:43:38 60160 ----a-w- c:\windows\system32\drivers\drmk.sys 2013-01-24 17:43:38 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll 2013-01-24 17:43:38 4096 ----a-w- c:\windows\system32\ksuser.dll 2013-01-24 17:43:38 146048 -c--a-w- c:\windows\system32\dllcache\portcls.sys 2013-01-24 17:43:38 146048 ----a-w- c:\windows\system32\drivers\portcls.sys 2013-01-24 17:43:38 129536 ----a-w- c:\windows\system32\ksproxy.ax 2013-01-24 17:42:07 -------- d--h--w- c:\documents and settings\all users\application data\Common Files 2013-01-24 17:42:07 -------- d-----w- c:\documents and settings\all users\application data\MFAData 2013-01-24 17:42:07 -------- d-----w- c:\documents and settings\acres\local settings\application data\MFAData 2013-01-24 17:42:07 -------- d-----w- c:\documents and settings\acres\local settings\application data\Avg2013 2013-01-24 17:41:28 -------- d-----w- c:\windows\system32\SoftwareDistribution 2013-01-24 17:40:54 -------- d-----w- c:\windows\system32\wbem\AutoRecover 2013-01-24 17:35:59 86016 ------w- c:\windows\system32\mdmxsdk.dll 2013-01-24 17:34:33 7874560 -c--a-w- c:\windows\system32\dllcache\ati2mtag.sys 2013-01-24 17:33:55 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2013-01-24 17:33:10 -------- d-----w- c:\windows\EHome 2013-01-24 17:18:25 -------- d-----w- c:\windows\system32\NtmsData 2013-01-24 15:42:14 -------- d-----w- c:\windows\pss 2013-01-24 15:09:06 -------- d-s---w- c:\windows\system32\Microsoft 2013-01-24 15:09:05 -------- d-----w- c:\documents and settings\acres\local settings\application data\Google 2013-01-24 15:02:48 -------- d-----w- C:\Temp . ==================== Find3M ==================== . 2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll 2013-01-07 01:16:02 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-07 00:36:58 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys 2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax 2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll 2012-12-26 20:16:29 916480 ----a-w- c:\windows\system32\wininet.dll 2012-12-26 20:16:28 43520 ------w- c:\windows\system32\licmgr10.dll 2012-12-26 20:16:28 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-12-24 06:40:59 385024 ------w- c:\windows\system32\html.iec 2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll . ============= FINISH: 14:52:17.82 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 1/24/2013 8:56:06 AM System Uptime: 2/14/2013 2:47:48 PM (0 hours ago) . Motherboard: | | K8M800-8237 Processor: AMD Sempron Processor 3400+ | Socket M2 | 1799/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 432.279 GiB free. D: is FIXED (NTFS) - 186 GiB total, 177.803 GiB free. E: is Removable G: is CDROM (UDF) . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: VIA Rhine II Fast Ethernet Adapter Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_22001565&REV_78\3&267A616A&0&90 Manufacturer: VIA Technologies, Inc. Name: VIA Rhine II Fast Ethernet Adapter PNP Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_22001565&REV_78\3&267A616A&0&90 Service: FET5X86V . Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318} Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard Device ID: ACPI\PNP0303\3&267A616A&0 Manufacturer: (Standard keyboards) Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard PNP Device ID: ACPI\PNP0303\3&267A616A&0 Service: i8042prt . ==== System Restore Points =================== . RP1: 1/24/2013 8:58:52 AM - System Checkpoint RP2: 1/24/2013 11:34:12 AM - Installed Windows XP Service Pack 3. RP3: 1/24/2013 11:46:47 AM - Installed AVG 2013 RP4: 1/24/2013 11:47:00 AM - Installed AVG 2013 RP5: 1/24/2013 11:52:05 AM - Software Distribution Service 3.0 RP6: 1/24/2013 5:41:18 PM - Software Distribution Service 3.0 RP7: 1/24/2013 5:49:25 PM - Installed Creative Audio Console RP8: 1/24/2013 5:50:11 PM - Installed Creative Software AutoUpdate RP9: 1/24/2013 5:50:31 PM - Software Distribution Service 3.0 RP10: 1/24/2013 5:56:43 PM - Installed Windows Internet Explorer 8. RP11: 1/24/2013 5:57:46 PM - Software Distribution Service 3.0 RP12: 1/24/2013 6:32:09 PM - Installed DriverBoost. RP13: 1/24/2013 8:00:54 PM - Removed DriverBoost. RP14: 1/24/2013 8:24:57 PM - Software Distribution Service 3.0 RP15: 1/24/2013 9:11:09 PM - Installed Windows XP WgaNotify. RP16: 1/24/2013 9:15:44 PM - Removed AMD Catalyst Install Manager RP17: 1/24/2013 9:32:42 PM - Installed ccc-utility RP18: 1/25/2013 10:07:31 PM - Software Distribution Service 3.0 RP19: 1/26/2013 3:00:14 AM - Software Distribution Service 3.0 RP20: 1/26/2013 5:01:52 PM - Software Distribution Service 3.0 RP21: 1/26/2013 5:14:54 PM - Software Distribution Service 3.0 RP22: 1/30/2013 12:50:12 PM - Installed Platform RP23: 1/30/2013 12:51:45 PM - Configured Platform RP24: 1/30/2013 12:56:57 PM - Configured Platform RP25: 1/30/2013 12:57:51 PM - Software Distribution Service 3.0 RP26: 1/30/2013 1:03:45 PM - Update to an unsigned driver RP27: 1/30/2013 1:31:13 PM - Configured Platform RP28: 2/3/2013 11:05:21 AM - Installed Ralink Wireless LAN RP29: 2/3/2013 11:11:25 AM - Software Distribution Service 3.0 RP30: 2/3/2013 11:18:42 AM - Software Distribution Service 3.0 RP31: 2/3/2013 11:23:08 AM - Software Distribution Service 3.0 RP32: 2/3/2013 11:33:16 AM - Software Distribution Service 3.0 RP33: 2/3/2013 11:49:04 AM - Software Distribution Service 3.0 RP34: 2/4/2013 8:37:52 AM - Software Distribution Service 3.0 RP35: 2/4/2013 8:44:15 AM - Installed Microsoft Office XP Professional with FrontPage RP36: 2/4/2013 9:33:15 AM - Software Distribution Service 3.0 RP37: 2/5/2013 8:19:25 AM - Software Distribution Service 3.0 RP38: 2/5/2013 7:42:31 PM - Software Distribution Service 3.0 RP39: 2/6/2013 9:21:58 AM - Installed Visual C++ 9.0 Runtime for Dragon NaturallySpeaking. RP40: 2/6/2013 9:28:10 AM - Installed WinZip 17.0 RP41: 2/6/2013 2:28:59 PM - Installed Dragon NaturallySpeaking 11. RP42: 2/6/2013 4:55:19 PM - Installed Dragon NaturallySpeaking 11.5 Upgrade. RP43: 2/6/2013 10:40:28 PM - IObit Uninstaller restore point RP44: 2/6/2013 10:40:52 PM - IObit Uninstaller restore point RP45: 2/7/2013 8:52:37 AM - IObit Uninstaller restore point RP46: 2/8/2013 8:53:03 AM - System Checkpoint RP47: 2/9/2013 9:27:29 AM - System Checkpoint RP48: 2/9/2013 7:44:41 PM - Software Distribution Service 3.0 RP49: 2/11/2013 10:15:08 AM - System Checkpoint RP50: 2/11/2013 1:16:05 PM - Installed Epson Event Manager RP51: 2/11/2013 1:19:02 PM - Installed Epson Connect RP52: 2/11/2013 1:53:10 PM - Software Distribution Service 3.0 RP53: 2/12/2013 3:12:17 PM - System Checkpoint RP54: 2/12/2013 5:01:08 PM - Installed WaveStudio 7 RP55: 2/12/2013 6:42:49 PM - Installed Creative MediaSource 5 RP56: 2/12/2013 6:44:02 PM - Software Distribution Service 3.0 RP57: 2/14/2013 12:46:49 PM - System Checkpoint . ==== Installed Programs ====================== . Adobe Acrobat 5.0 Adobe Acrobat X Pro - English, Français, Deutsch Adobe AIR Adobe Content Viewer Adobe Creative Suite 5.5 Master Collection Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Help Manager Adobe Widget Browser Advanced SystemCare 6 AMD Catalyst Install Manager ATI AVIVO Codecs AVG 2013 Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center HydraVision Full Catalyst Control Center Localization All ccc-core-preinstall ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help English CCC Help French CCC Help German CCC Help Spanish Creative Audio Console Creative MediaSource 5 Creative Software AutoUpdate Creative WaveStudio 7 Download Navigator Dragon NaturallySpeaking 11 Dropbox Epson Connect Epson Customer Participation Epson Event Manager EPSON NX430 Series Printer Uninstall EPSON Scan Google Chrome Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2779562) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB961118) IObit Apps Toolbar v6.7 Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Live Add-in 1.5 Microsoft Office XP Professional with FrontPage Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 Mozilla Firefox 18.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) PDF Settings CS5 Platform PxMergeModule Ralink RT2860 Wireless LAN Card Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB2761465) Security Update for Windows Internet Explorer 8 (KB2792100) Security Update for Windows Internet Explorer 8 (KB2797052) Security Update for Windows Internet Explorer 8 (KB2799329) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219-v2) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135-v2) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2753842-v2) Security Update for Windows XP (KB2757638) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2778344) Security Update for Windows XP (KB2779030) Security Update for Windows XP (KB2780091) Security Update for Windows XP (KB2799494) Security Update for Windows XP (KB2802968) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) Segoe UI Skins Skype™ 6.1 Spybot - Search & Destroy SpywareBlaster 4.6 Tseries BIOS Update Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB2632503) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2492386) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB973815) VIA Platform Device Manager VIA Rhine-Family Fast-Ethernet Adapter Visual C++ 9.0 Runtime for Dragon NaturallySpeaking WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Live Communications Platform Windows Live Essentials Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Management Framework Core Windows Media Format 11 runtime Windows Media Player 11 Windows Search 4.0 Windows XP Service Pack 3 WinZip 17.0 . ==== Event Viewer Messages From Past Week ======== . 2/7/2013 12:23:31 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect. 2/7/2013 12:23:31 AM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/7/2013 12:23:31 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 2/7/2013 10:49:21 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied. 2/13/2013 3:57:12 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 681CA204212B has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). 2/13/2013 12:47:38 PM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 681CA204212B has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). 2/12/2013 2:47:41 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 2/11/2013 1:50:07 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde ViaIde . ==== End Of File =========================== Please let me know what I should do next.
  12. My computer seems to be running a little slower than usual lately (it's an old PC, it was never really "fast"). I have noticed occasionally hearing ads in the background. I can't figure out where they're coming from though. They're also kinda quiet and so I'm not sure what the ads are for. I think it's connected to facebook (yes, I've gone into fb settings and disallowed ad access as much as I can). I also noticed once on facebook that there appeared to be some kind of frame in the top left corner that I could only reveal a few parts of at a time when I hovered my mouse over that area of the page. Also, usually when I am hearing these ads, if I have another page loading, I've noticed that I get a warning that Shockwave is having troubles and then finally a notice that Shockwave has crashed. I generally use Chrome as a browser.
  13. Just installed a fresh copy of Windows Xp Pro SP-3 and all updates. Acitvated Shared files for a Document folder. Everything working, able to access shared folder from other computers on home network. Installed Malwarebytes 1.60.1.1000 Trial version rebooted computer Computer nolonger accepts access to the shared folders from other network computers. Unchecked and Rechecked Folder Properties. ( Share this folder on the network) ( Allow network users to change my files) Rebooted Computer and Restored System to Pervious day. Still unable to access Shared File Folders. I'm about to reinstall Windows again. Art
  14. Hi, I was wondering if anyone can tell me how harmful these detected threats are. (malware bytes log below) I have now cleaned/deleted the detected threats on this PC, and am in the process of doing a full clean up on this Windows XP SP3 machine and re install of antivirus (trend) This PC is used in a small organisation and does have sensitive information on it frequently. It is on a windows 2008 domain. No other PCs (knowingly seemed affected) Ive been asked by my Directors if any of these threats could be a key logger or anything more serious? Our company's anti virus is "Trend Micro Worry-Free Business Security Advanced" and was disabled (i didn't notice this for a week or so!) I ran malware bytes trial this morning as the PC was coming up with some weird errors, and after looking closer at the start up entries i noticed 2 weird values, which instantly sounded alarm bells 1. C:\Documents and Settings\<maskedusername>\Application Data\Utb\nyruaq.exe 2. C:\Documents and Settings\<maskedusername>\Application Data\Mem\ywceavr.exe Can anyone offer any advice on what these threats are or may have done. I have looked up Trojan.agent, and it seems to be a malware threat that causes errors on your PC, then pushes you to buy rouge 'fix software'. I cant fine much explanation on what the other 2 will do... Many thanks in Advance ps, we are considering buying corporate Malwarebytes to scan and keep tabs on our entire network. (we would be after 25 licenses probably), is this just the pro version we install 25 times? or is there a web console interface to manage the whole lot from a single point? (like more business anti virus management consoles?) Malwarebytes Anti-Malware (Trial) 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.04.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 <maskedusername> :: <maskedcomputername> [administrator] Protection: Enabled 04/07/2012 10:48:05 mbam-log-2012-07-04 (10-48-05).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 242588 Time elapsed: 4 minute(s), 23 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 3 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{5C039C6D-265D-0CCE-F087-FDA623520695} (Trojan.Agent.TBM) -> Data: "C:\Documents and Settings\<maskedusername>\Application Data\Mem\ywceavr.exe" -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{806D7BCF-83A9-8650-A913-6178B27FB63A} (Trojan.Agent) -> Data: "C:\Documents and Settings\<maskedusername>\Application Data\Utb\nyruaq.exe" -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Hilgraeve Inc (Packer.ModifiedUPX) -> Data: C:\Documents and Settings\<maskedusername>\Application Data\D35189.exe -> Quarantined and deleted successfully. Registry Data Items Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully. Folders Detected: 0 (No malicious items detected) Files Detected: 3 C:\Documents and Settings\<maskedusername>\Application Data\Mem\ywceavr.exe (Trojan.Agent.TBM) -> Quarantined and deleted successfully. C:\Documents and Settings\<maskedusername>\Application Data\Utb\nyruaq.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\<maskedusername>\Application Data\D35189.exe (Packer.ModifiedUPX) -> Delete on reboot. (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.