Canadian security intelligence service

[Creen]

Just attaching the files and moving to this forum from a thread started here:

http://forums.malwarebytes.org/index.php?showtopic=107589

These are the logs from DDS:

dds.txt

.

DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK

Internet Explorer: 8.0.6001.18702

Run by Administrator at 18:11:11 on 2012-03-22

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.308 [GMT -5:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\ctfmon.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.ca/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [MoneyAgent] "c:\program files\microsoft money\system\mnyexpr.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [share-to-Web Namespace Daemon] c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\arg195~1.lnk - c:\windows\system32\rundll32.exe

StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\iope07~1.lnk - c:\windows\system32\rundll32.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc2~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpobnz08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\office~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hposol08.exe

uPolicies-explorer: HideSCAHealth = 1 (0x1)

uPolicies-system: DisableTaskMgr = 1 (0x1)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1292357349062

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1292358104234

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{546DAECE-6433-4ED4-86FD-9B4166187445} : DhcpNameServer = 192.168.0.1

Notify: igfxcui - igfxdev.dll

Hosts: 94.63.240.166 www.bing.com

.

============= SERVICES / DRIVERS ===============

.

S0 cerc6;cerc6; [x]

S1 dzuycikp;dzuycikp;\??\c:\windows\system32\drivers\dzuycikp.sys --> c:\windows\system32\drivers\dzuycikp.sys [?]

S1 gxjtbnaj;gxjtbnaj;\??\c:\windows\system32\drivers\gxjtbnaj.sys --> c:\windows\system32\drivers\gxjtbnaj.sys [?]

S1 lhrpmpwl;lhrpmpwl;\??\c:\windows\system32\drivers\lhrpmpwl.sys --> c:\windows\system32\drivers\lhrpmpwl.sys [?]

S1 mcphaajf;mcphaajf;\??\c:\windows\system32\drivers\mcphaajf.sys --> c:\windows\system32\drivers\mcphaajf.sys [?]

S1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]

S1 rxraujqs;rxraujqs;\??\c:\windows\system32\drivers\rxraujqs.sys --> c:\windows\system32\drivers\rxraujqs.sys [?]

S1 shwpnmym;shwpnmym;\??\c:\windows\system32\drivers\shwpnmym.sys --> c:\windows\system32\drivers\shwpnmym.sys [?]

S1 sjrdgooh;sjrdgooh;\??\c:\windows\system32\drivers\sjrdgooh.sys --> c:\windows\system32\drivers\sjrdgooh.sys [?]

S1 sxyfofbn;sxyfofbn;\??\c:\windows\system32\drivers\sxyfofbn.sys --> c:\windows\system32\drivers\sxyfofbn.sys [?]

S1 zaojebpn;zaojebpn;\??\c:\windows\system32\drivers\zaojebpn.sys --> c:\windows\system32\drivers\zaojebpn.sys [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe --> c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [?]

.

=============== Created Last 30 ================

.

2012-03-15 02:33:11 -------- d-----w- C:\TDSSKiller_Quarantine

2012-03-09 07:17:21 881568 ----a-w- C:\FixExec.com

2012-03-09 03:51:37 -------- d-----w- c:\documents and settings\all users\application data\F4D561D2212C2CDD000BA684D151FC4E

2012-03-08 04:23:30 6552120 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9373fefe-a2dd-4ba6-a165-b82ae330820c}\mpengine.dll

2012-03-03 06:28:47 -------- d-----w- c:\program files\iPod

2012-03-03 06:28:28 -------- d-----w- c:\program files\iTunes

2012-03-03 06:24:20 -------- d-----w- c:\program files\Bonjour

2012-03-03 06:22:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll

2012-03-03 06:22:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll

2012-03-03 06:22:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll

2012-03-03 06:22:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll

2012-03-03 06:22:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll

2012-03-03 06:22:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll

2012-03-03 06:22:56 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll

.

==================== Find3M ====================

.

2012-03-15 02:34:30 138496 ----a-w- c:\windows\system32\drivers\afd.sys

2012-03-09 00:13:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-01-12 16:53:24 1859968 ----a-w- c:\windows\system32\win32k.sys

2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll

.

============= FINISH: 18:11:45.90 ===============

and attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 12/14/2010 12:59:55 PM

System Uptime: 3/21/2012 5:47:46 PM (25 hours ago)

.

Motherboard: Dell Inc. | | 0JC474

Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 71 GiB total, 55.125 GiB free.

D: is CDROM (CDFS)

E: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}

Description: HID Non-User Input Data Filter (KB 911895)

Device ID: HID\VID_045E&PID_00F9&MI_01&COL01\7&2BCC67B7&0&0000

Manufacturer: Microsoft

Name: HID Non-User Input Data Filter (KB 911895)

PNP Device ID: HID\VID_045E&PID_00F9&MI_01&COL01\7&2BCC67B7&0&0000

Service: NuidFltr

.

Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}

Description: HID Non-User Input Data Filter (KB 911895)

Device ID: HID\VID_045E&PID_00F9&MI_01&COL03\7&2BCC67B7&0&0002

Manufacturer: Microsoft

Name: HID Non-User Input Data Filter (KB 911895)

PNP Device ID: HID\VID_045E&PID_00F9&MI_01&COL03\7&2BCC67B7&0&0002

Service: NuidFltr

.

==== System Restore Points ===================

.

RP353: 1/7/2012 4:45:00 PM - System Checkpoint

RP354: 1/7/2012 7:44:00 PM - Software Distribution Service 3.0

RP355: 1/8/2012 2:00:12 AM - Software Distribution Service 3.0

RP356: 1/8/2012 7:45:07 PM - Software Distribution Service 3.0

RP357: 1/9/2012 7:41:52 PM - Software Distribution Service 3.0

RP358: 1/10/2012 7:51:08 PM - Software Distribution Service 3.0

RP359: 1/11/2012 3:00:39 AM - Software Distribution Service 3.0

RP360: 1/12/2012 3:18:06 AM - System Checkpoint

RP361: 1/12/2012 3:34:48 AM - Software Distribution Service 3.0

RP362: 1/13/2012 3:34:45 AM - Software Distribution Service 3.0

RP363: 1/14/2012 3:34:44 AM - Software Distribution Service 3.0

RP364: 1/15/2012 2:15:07 AM - Software Distribution Service 3.0

RP365: 1/16/2012 2:30:04 AM - System Checkpoint

RP366: 1/16/2012 3:35:09 AM - Software Distribution Service 3.0

RP367: 1/17/2012 3:31:57 AM - Software Distribution Service 3.0

RP368: 1/18/2012 3:34:14 AM - Software Distribution Service 3.0

RP369: 1/19/2012 3:33:54 AM - Software Distribution Service 3.0

RP370: 1/20/2012 3:34:12 AM - Software Distribution Service 3.0

RP371: 1/21/2012 3:34:32 AM - Software Distribution Service 3.0

RP372: 1/22/2012 2:15:21 AM - Software Distribution Service 3.0

RP373: 1/23/2012 2:29:49 AM - System Checkpoint

RP374: 1/23/2012 3:30:51 AM - Software Distribution Service 3.0

RP375: 1/24/2012 3:34:56 AM - Software Distribution Service 3.0

RP376: 1/25/2012 3:34:17 AM - Software Distribution Service 3.0

RP377: 1/26/2012 3:33:28 AM - Software Distribution Service 3.0

RP378: 1/27/2012 3:00:16 AM - Software Distribution Service 3.0

RP379: 1/28/2012 3:21:42 AM - System Checkpoint

RP380: 1/28/2012 3:26:16 AM - Software Distribution Service 3.0

RP381: 1/29/2012 1:43:40 AM - Software Distribution Service 3.0

RP382: 1/30/2012 2:09:26 AM - System Checkpoint

RP383: 1/30/2012 9:13:28 PM - Software Distribution Service 3.0

RP384: 1/31/2012 9:13:22 PM - Software Distribution Service 3.0

RP385: 2/1/2012 9:13:02 PM - Software Distribution Service 3.0

RP386: 2/2/2012 9:13:07 PM - Software Distribution Service 3.0

RP387: 2/3/2012 9:11:24 PM - Software Distribution Service 3.0

RP388: 2/4/2012 9:13:44 PM - Software Distribution Service 3.0

RP389: 2/5/2012 2:05:49 AM - Software Distribution Service 3.0

RP390: 2/5/2012 9:17:41 PM - Software Distribution Service 3.0

RP391: 2/6/2012 9:32:30 PM - Software Distribution Service 3.0

RP392: 2/7/2012 10:19:58 PM - System Checkpoint

RP393: 2/8/2012 8:37:55 PM - Software Distribution Service 3.0

RP394: 2/9/2012 8:24:04 PM - Software Distribution Service 3.0

RP395: 2/10/2012 9:13:55 PM - System Checkpoint

RP396: 2/11/2012 12:09:30 AM - Software Distribution Service 3.0

RP397: 2/12/2012 12:08:16 AM - Software Distribution Service 3.0

RP398: 2/13/2012 12:07:59 AM - Software Distribution Service 3.0

RP399: 2/14/2012 12:08:54 AM - Software Distribution Service 3.0

RP400: 2/15/2012 12:08:39 AM - Software Distribution Service 3.0

RP401: 2/15/2012 3:00:24 AM - Software Distribution Service 3.0

RP402: 2/16/2012 3:23:53 AM - System Checkpoint

RP403: 2/16/2012 3:29:28 AM - Software Distribution Service 3.0

RP404: 2/17/2012 3:28:36 AM - Software Distribution Service 3.0

RP405: 2/18/2012 3:28:42 AM - Software Distribution Service 3.0

RP406: 2/19/2012 1:45:45 AM - Software Distribution Service 3.0

RP407: 2/20/2012 2:22:52 AM - System Checkpoint

RP408: 2/20/2012 3:25:10 AM - Software Distribution Service 3.0

RP409: 2/21/2012 3:30:10 AM - Software Distribution Service 3.0

RP410: 2/22/2012 3:28:42 AM - Software Distribution Service 3.0

RP411: 2/23/2012 4:00:45 AM - System Checkpoint

RP412: 2/23/2012 7:56:58 PM - Software Distribution Service 3.0

RP413: 2/24/2012 8:05:31 PM - System Checkpoint

RP414: 2/24/2012 10:23:00 PM - Software Distribution Service 3.0

RP415: 2/25/2012 10:23:24 PM - Software Distribution Service 3.0

RP416: 2/26/2012 2:00:13 AM - Software Distribution Service 3.0

RP417: 2/26/2012 10:26:20 PM - Software Distribution Service 3.0

RP418: 2/27/2012 10:27:17 PM - Software Distribution Service 3.0

RP419: 2/28/2012 10:35:07 PM - Software Distribution Service 3.0

RP420: 2/29/2012 10:21:47 PM - Software Distribution Service 3.0

RP421: 3/1/2012 10:26:54 PM - Software Distribution Service 3.0

RP422: 3/2/2012 10:26:54 PM - Software Distribution Service 3.0

RP423: 3/3/2012 10:27:47 PM - Software Distribution Service 3.0

RP424: 3/4/2012 1:57:36 AM - Software Distribution Service 3.0

RP425: 3/4/2012 10:25:14 PM - Software Distribution Service 3.0

RP426: 3/5/2012 10:19:01 PM - Software Distribution Service 3.0

RP427: 3/6/2012 10:23:08 PM - Software Distribution Service 3.0

RP428: 3/7/2012 10:23:07 PM - Software Distribution Service 3.0

RP429: 3/8/2012 3:00:27 AM - Software Distribution Service 3.0

RP430: 3/9/2012 3:02:18 AM - System Checkpoint

RP431: 3/10/2012 3:58:26 AM - System Checkpoint

RP432: 3/11/2012 5:17:58 AM - System Checkpoint

RP433: 3/12/2012 5:45:33 AM - System Checkpoint

RP434: 3/13/2012 6:44:34 AM - System Checkpoint

RP435: 3/14/2012 7:44:33 AM - System Checkpoint

RP436: 3/15/2012 8:38:31 AM - System Checkpoint

RP437: 3/16/2012 8:39:36 AM - System Checkpoint

RP438: 3/17/2012 9:38:32 AM - System Checkpoint

RP439: 3/18/2012 10:37:27 AM - System Checkpoint

RP440: 3/19/2012 11:37:27 AM - System Checkpoint

RP441: 3/20/2012 12:36:45 PM - System Checkpoint

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.2)

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Bonjour

Compatibility Pack for the 2007 Office system

Conexant D850 56K V.9x DFVc Modem

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

HP Photo and Imaging 1.0 - PSC 2000 Series

HP Photo and Imaging 1.0 - PSC 2000 Series Drivers

hp psc 2100 series

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections Drivers

iTunes

Java Auto Updater

Java 6 Update 24

Malwarebytes Anti-Malware version 1.60.1.1000

MCAT CD Companion

Microsoft Antimalware

Microsoft Application Error Reporting

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft Office Basic Edition 2003

Microsoft Office File Validation Add-In

Microsoft Security Client

Microsoft Security Essentials

Microsoft Word 2002

Microsoft Works 2003 Setup Launcher

Microsoft Works 7.0

Microsoft Works Suite Add-in for Microsoft Word

MP3 Player Utilities

MSN

QuickTime

Readiris 7.5

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

SigmaTel Audio

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Works Suite OS Pack

.

==== Event Viewer Messages From Past Week ========

.

3/20/2012 8:46:33 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

3/20/2012 8:46:33 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

3/20/2012 8:46:33 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

3/20/2012 8:46:33 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

3/20/2012 8:46:33 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

3/20/2012 8:46:33 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

3/20/2012 8:46:33 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

3/20/2012 8:45:35 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

3/20/2012 7:17:22 PM, error: Dhcp [1002] - The IP address lease 192.168.0.101 for the Network Card with network address 001320E05210 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

3/20/2012 6:49:24 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde

3/20/2012 6:47:57 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

3/20/2012 10:34:27 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm MpFilter

3/20/2012 10:33:44 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

.

==== End Of File ===========================

Apologies if I did this wrong, wasn't sure if I should copy everything or not.

[screen317]

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!