gdsimms Posted August 21, 2012 ID:588139 Share Posted August 21, 2012 (edited) You guys have helped me a few times in the last week with this laptop and it has helped greatly. But I have noticed that there are still a few problems. The computer now will not restart or shutdown and also I did a windows update and needed 68 updates only 40 or so updated and the rest failed. As for the restart, I can't do it from the alt+ctrl+del screen either. It won't even log off. Thanks in advance for the help..DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_33Run by A93B at 10:13:41 on 2012-08-21Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2002.779 [GMT -4:00].AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}FW: PC Tools Firewall Plus *Enabled*.============== Running Processes ===============.C:\WINDOWS\system32\svchost.exe -k DcomLaunchC:\WINDOWS\system32\CmgShieldSvc.exeC:\WINDOWS\system32\EMSService.exesvchost.exec:\Program Files\Microsoft Security Client\MsMpEng.exeC:\WINDOWS\system32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\SUPERAntiSpyware\SASCORE.EXEC:\WINDOWS\system32\agrsmsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exeC:\Program Files\Juniper Networks\Common Files\dsNcService.exeC:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\WINDOWS\system32\svchost.exe -k HPServiceC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\System32\svchost.exe -k HPZ12C:\WINDOWS\system32\o2flash.exeC:\Program Files\PC Tools Firewall Plus\FWService.exeC:\WINDOWS\System32\svchost.exe -k HPZ12C:\Documents and Settings\All Users\Application Data\Rpcnet\Bin\rpcld.exeC:\WINDOWS\System32\snmp.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\mqsvc.exeC:\WINDOWS\SYSTEM32\WISPTIS.EXEC:\WINDOWS\system32\mqtgsvc.exeC:\WINDOWS\System32\tabbtnu.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exeC:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\VM331_STI.EXEC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exeC:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\Fujitsu\SSUtility\FJSSDMN.exeC:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exeC:\WINDOWS\System32\CMGShieldUI.exeC:\WINDOWS\system32\EmsServiceHelper.exeC:\Program Files\Fujitsu\Utils\FjDspMon.exeC:\Program Files\Fujitsu\Utils\fjevents.exeC:\Program Files\Fujitsu\Utils\FjMenu.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\WINDOWS\system32\igfxext.exeC:\Program Files\Fujitsu\Utils\FjLidMon.exeC:\WINDOWS\system32\igfxsrvc.exeC:\Program Files\Citrix\ICA Client\concentr.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\PC Tools Firewall Plus\FirewallGUI.exeC:\Program Files\Citrix\ICA Client\wfcrun32.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\BOINC\boincmgr.exeC:\Program Files\BOINC\boinctray.exeC:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files\BOINC\boinc.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\HP\Digital Imaging\bin\hpqbam08.exeC:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\iTunes\iTunes.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exeC:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exeC:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\WINDOWS\system32\SearchProtocolHost.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://search.bearshare.comuInternet Settings,ProxyOverride = *.localBHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllBHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dllEB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dlluRun: [EasyLinkAdvisor] "c:\program files\linksys easylink advisor\LinksysAgent.exe" /startupuRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exeuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [<NO NAME>]mRun: [TabletWizard] c:\windows\help\SplshWrp.exemRun: [TabletTip] "c:\program files\common files\microsoft shared\ink\tabtip.exe" /resumemRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exemRun: [331BigDog] c:\windows\VM331_STI.EXEmRun: [RTHDCPL] RTHDCPL.EXEmRun: [soundMan] SOUNDMAN.EXEmRun: [AlcWzrd] ALCWZRD.EXEmRun: [LoadFUJ02E3] c:\program files\fujitsu\fuj02e3\FUJ02E3.exemRun: [FjStrtAp] c:\program files\fujitsu\utils\FjStrtAp.exemRun: [indicatorUtility] c:\program files\fujitsu\fujitsu hotkey utility\IndicatorUty.exemRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"mRun: [sSUtility] c:\program files\fujitsu\ssutility\FJSSDMN.exemRun: [FJUPDNV_Chitose] c:\program files\fujitsu\fjdvrupd\fjdvrupd.exemRun: [CmgShieldUI] c:\windows\system32\CMGShieldUI.exemRun: [EmsService] EmsServiceHelper.exemRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startupmRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [MsmqIntCert] regsvr32 /s mqrt.dllmRun: [00PCTFW] "c:\program files\pc tools firewall plus\FirewallGUI.exe" -smRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkeymRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [boincmgr] "c:\program files\boinc\boincmgr.exe" /a /smRun: [boinctray] "c:\program files\boinc\boinctray.exe"StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exeIE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLLIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dllDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxps://lowes.2020.net/planner/Core/Player/2020PlayerAX_Win32.cabDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1345551028786DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345551009208DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cabTCP: DhcpNameServer = 75.75.75.75 75.75.76.76TCP: Interfaces\{2EFF1657-DC8B-499A-8837-A448F1BA3633} : DhcpNameServer = 75.75.75.75 75.75.76.76Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllNotify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLLNotify: igfxcui - igfxdev.dllNotify: loginkey - c:\program files\common files\microsoft shared\ink\loginkey.dllNotify: TabBtnWL - TabBtnWL.dllNotify: tpgwlnotify - tpgwlnot.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dllSEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\a93b\application data\mozilla\firefox\profiles\pv8enezb.default\FF - prefs.js: browser.search.selectedEngine - Search ResultsFF - prefs.js: browser.startup.homepage - www.google.comFF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=20&systemid=2&sr=0&q=FF - prefs.js: network.proxy.type - 0FF - plugin: c:\documents and settings\a93b\application data\mozilla\firefox\profiles\pv8enezb.default\extensions\2020player_web@2020technologies.com\plugins\NP_2020Player_WEB.dllFF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dllFF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dllFF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_271.dllFF - plugin: c:\windows\system32\npdeployJava1.dllFF - plugin: c:\windows\system32\npptools.dll.============= SERVICES / DRIVERS ===============.R0 CmgShieldCEF;CmgShieldCEF;c:\windows\system32\drivers\CMGShCEF.sys [2008-4-29 195128]R0 CMGShieldReg;CMGShieldReg;c:\windows\system32\drivers\CmgShREG.sys [2008-4-29 89656]R0 FBIOSDRV;FBIOSDRV;c:\windows\system32\drivers\FBIOSDRV.SYS [2008-7-24 8960]R0 FJGSDisk;G-Sensor Application Filter Driver;c:\windows\system32\drivers\FJGSDisk.sys [2008-7-24 7168]R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2008-7-24 36640]R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2008-7-24 35456]R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2011-4-25 65584]R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2012-8-8 251560]R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]R2 CMGShield;CMGShield;c:\windows\system32\CmgShieldSvc.exe [2008-4-29 1103152]R2 EMS;EMS;c:\windows\system32\EmsService.exe [2008-4-29 644400]R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2012-8-8 160576]R2 PCToolsFirewallPlus;PC Tools Firewall Plus;c:\program files\pc tools firewall plus\FWService.exe [2012-8-8 286000]R2 rpcld;Remote Procedure Call (RPC) LD;c:\documents and settings\all users\application data\rpcnet\bin\rpcld.exe --> c:\documents and settings\all users\application data\rpcnet\bin\rpcld.exe [?]R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2008-7-24 475136]R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2008-7-24 244368]R3 Fjbtndrv;Fujitsu Button Driver;c:\windows\system32\drivers\FjBtnDrv.sys [2008-7-24 18944]R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [2008-7-24 4864]R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2008-7-24 41216]R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-7-24 116224]R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [2012-8-8 89472]R3 pctNdisMP;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [2012-8-8 57536]R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2012-8-8 125248]R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [2008-7-24 14208]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-8-20 116648]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-12 250056]S3 ADVNTDRV;ADVNTDRV;c:\windows\system32\drivers\ADVNTDRV.SYS [1999-11-18 3872]S3 CmgShieldNP;CmgShieldNP;c:\windows\system32\CmgShieldNP.dll [2008-4-29 156976]S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-8-20 116648]S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-3 113120]S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\drivers\pctNdis.sys [2012-8-8 57536]S3 vm331avs;VC0331 USB2.0 Digital Camera;c:\windows\system32\drivers\vm331avs.sys [2008-7-24 972544]S3 vsdatant;vsdatant;\??\c:\windows\system32\vsdatant.sys --> c:\windows\system32\vsdatant.sys [?]S3 vvftav323;vvftav323;c:\windows\system32\drivers\vvftav323.sys [2007-3-19 475136].=============== Created Last 30 ================.2012-08-21 13:46:12 -------- d-----w- C:\ce13e9c11a4c40dd02fff26e4882262012-08-21 13:23:30 -------- d-----w- C:\65567c9e3f3bf903b69b81fab48a2012-08-21 13:16:39 -------- d-----w- c:\documents and settings\a93b\local settings\application data\PCHealth2012-08-21 12:46:54 -------- d-----w- C:\c6b9be09872981f47029ac577fa9572012-08-21 12:10:55 15384 ----a-w- c:\windows\system32\wuapi.dll.mui2012-08-20 11:55:10 6891424 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{cf793c21-0607-4bc2-9df0-6971b14f91ac}\mpengine.dll2012-08-19 06:11:15 6891424 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll2012-08-15 12:11:48 334008 ----a-r- c:\documents and settings\a93b\application data\microsoft\installer\{3885be54-851b-4662-89f9-eb9f0dccb14e}\BOINCMGRLink_B65C4A4D2B2A46CCA2D918164C6297B8.exe2012-08-15 12:11:48 334008 ----a-r- c:\documents and settings\a93b\application data\microsoft\installer\{3885be54-851b-4662-89f9-eb9f0dccb14e}\ARPPRODUCTICON.exe2012-08-15 11:53:43 129536 ----a-w- c:\windows\system32\igfxtray.exe2012-08-15 11:53:42 121344 ----a-w- c:\windows\system32\gfxSrvc.dll2012-08-15 11:53:41 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll2012-08-15 11:53:41 3140608 ----a-w- c:\windows\system32\GfxUI.exe2012-08-15 11:53:40 86528 ----a-w- c:\windows\system32\igfxresn.lrc2012-08-15 11:53:40 81920 ----a-w- c:\windows\system32\igfxCoIn_v5402.dll2012-08-15 11:52:47 -------- d-----w- C:\Intel2012-08-15 11:48:25 -------- d-----w- c:\program files\SystemRequirementsLab2012-08-14 21:33:16 -------- d-----w- c:\program files\common files\Blizzard Entertainment2012-08-14 21:33:16 -------- d-----w- c:\documents and settings\all users\application data\Blizzard Entertainment2012-08-14 21:11:10 -------- d-----w- c:\documents and settings\all users\application data\Battle.net2012-08-08 17:33:20 -------- d-----w- c:\program files\CCleaner2012-08-08 17:29:42 237072 ------w- c:\windows\system32\MpSigStub.exe2012-08-08 17:26:48 -------- d-----w- c:\program files\Microsoft Security Client2012-08-08 17:17:43 -------- d-----w- c:\documents and settings\a93b\application data\PCToolsFirewallPlus2012-08-08 17:17:29 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys2012-08-08 17:17:29 160576 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys2012-08-08 17:17:27 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys2012-08-08 17:16:44 89472 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys2012-08-08 17:16:44 57536 ----a-w- c:\windows\system32\drivers\pctNdis.sys2012-08-08 17:16:44 32808 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys2012-08-08 17:16:44 -------- d-----w- c:\program files\common files\PC Tools2012-08-08 17:16:38 125248 ----a-w- c:\windows\system32\drivers\pctplfw.sys2012-08-08 17:16:35 -------- d-----w- c:\program files\PC Tools Firewall Plus2012-08-08 14:58:00 -------- d-sha-r- C:\cmdcons2012-08-08 12:42:34 -------- d-----w- c:\windows\Performance2012-08-08 12:41:50 -------- d-----w- c:\documents and settings\a93b\local settings\application data\Microsoft Corporation2012-08-08 12:38:53 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor2012-08-08 12:06:18 -------- d-----w- c:\windows\IIS Temporary Compressed Files2012-08-08 12:02:34 9216 ----a-w- c:\windows\system32\dllcache\wamps51.dll2012-08-08 12:01:25 -------- d-----w- c:\windows\system32\msmq2012-08-08 12:01:24 -------- d-----w- C:\Inetpub2012-08-08 11:42:08 -------- d-----w- c:\program files\Spybot - Search & Destroy2012-08-08 11:42:08 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy2012-08-08 11:39:28 -------- d-----w- c:\documents and settings\a93b\application data\SUPERAntiSpyware.com2012-08-08 11:38:53 -------- d-----w- c:\program files\SUPERAntiSpyware2012-08-08 11:38:53 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com2012-08-04 17:34:48 -------- d-----w- c:\documents and settings\a93b\.explorer.local2012-08-04 17:34:48 -------- d-----w- c:\documents and settings\a93b\.explorer.cache2012-08-03 11:40:25 73728 ----a-w- c:\windows\system32\javacpl.cpl2012-08-03 11:40:25 476976 ----a-w- c:\windows\system32\npdeployJava1.dll2012-07-31 00:52:46 -------- d-----w- c:\program files\AVAST Software2012-07-31 00:52:46 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software2012-07-27 20:51:30 184248 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll2012-07-27 20:51:30 184248 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll.==================== Find3M ====================.2012-08-15 01:50:21 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-08-15 01:50:21 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-08-03 11:40:02 472880 ----a-w- c:\windows\system32\deployJava1.dll2012-07-03 17:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-06-04 21:35:26 222448 ----a-w- c:\windows\system32\muweb.dll2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui.============= FINISH: 10:21:14.84 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume2Install Date: 11/19/2009 12:42:26 PMSystem Uptime: 8/21/2012 10:02:55 AM (0 hours ago).Motherboard: FUJITSU | | FJNB1F7Processor: Intel Pentium III Xeon processor | Onboard | 2238/266mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 60 GiB total, 3.394 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}Description: VC0331 USB2.0 Digital CameraDevice ID: USB\VID_0AC8&PID_1101&MI_00\6&1D0E1D0E&0&0000Manufacturer: VimicroName: USB Video Device #2PNP Device ID: USB\VID_0AC8&PID_1101&MI_00\6&1D0E1D0E&0&0000Service: vm331avs.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: Officejet Pro 8500 A909gDevice ID: ROOT\MULTIFUNCTION\0000Manufacturer: HPName: Officejet Pro 8500 A909gPNP Device ID: ROOT\MULTIFUNCTION\0000Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: HP LaserJet 4000 SeriesDevice ID: ROOT\MULTIFUNCTION\0001Manufacturer: Hewlett-PackardName: HP LaserJet 4000 SeriesPNP Device ID: ROOT\MULTIFUNCTION\0001Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: HP LaserJet 4100 SeriesDevice ID: ROOT\MULTIFUNCTION\0002Manufacturer: Hewlett-PackardName: HP LaserJet 4100 SeriesPNP Device ID: ROOT\MULTIFUNCTION\0002Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: HP LaserJet Professional P1606dnDevice ID: ROOT\MULTIFUNCTION\0003Manufacturer: Hewlett-PackardName: HP LaserJet Professional P1606dnPNP Device ID: ROOT\MULTIFUNCTION\0003Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: HP LaserJet P3010 SeriesDevice ID: ROOT\MULTIFUNCTION\0004Manufacturer: Hewlett-PackardName: HP LaserJet P3010 SeriesPNP Device ID: ROOT\MULTIFUNCTION\0004Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: hp LaserJet 2420Device ID: ROOT\MULTIFUNCTION\0005Manufacturer: Hewlett-PackardName: hp LaserJet 2420PNP Device ID: ROOT\MULTIFUNCTION\0005Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: hp LaserJet 2420Device ID: ROOT\MULTIFUNCTION\0006Manufacturer: Hewlett-PackardName: hp LaserJet 2420PNP Device ID: ROOT\MULTIFUNCTION\0006Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: HP Color LaserJet CP2025dnDevice ID: ROOT\MULTIFUNCTION\0007Manufacturer: Hewlett-PackardName: HP Color LaserJet CP2025dnPNP Device ID: ROOT\MULTIFUNCTION\0007Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: hp LaserJet 4200Device ID: ROOT\MULTIFUNCTION\0008Manufacturer: Hewlett-PackardName: hp LaserJet 4200PNP Device ID: ROOT\MULTIFUNCTION\0008Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: HP Color LaserJet 2600nDevice ID: ROOT\MULTIFUNCTION\0009Manufacturer: Hewlett-PackardName: HP Color LaserJet 2600nPNP Device ID: ROOT\MULTIFUNCTION\0009Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: HP LaserJet M1536dnf MFPDevice ID: ROOT\MULTIFUNCTION\0010Manufacturer: Hewlett-PackardName: HP LaserJet M1536dnf MFPPNP Device ID: ROOT\MULTIFUNCTION\0010Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: HP Color LaserJet CP1518niDevice ID: ROOT\MULTIFUNCTION\0011Manufacturer: Hewlett-PackardName: HP Color LaserJet CP1518niPNP Device ID: ROOT\MULTIFUNCTION\0011Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: HP LaserJet P3010 SeriesDevice ID: ROOT\MULTIFUNCTION\0012Manufacturer: Hewlett-PackardName: HP LaserJet P3010 SeriesPNP Device ID: ROOT\MULTIFUNCTION\0012Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: HP LaserJet P3005Device ID: ROOT\MULTIFUNCTION\0013Manufacturer: Hewlett-PackardName: HP LaserJet P3005PNP Device ID: ROOT\MULTIFUNCTION\0013Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: hp LaserJet 2430Device ID: ROOT\MULTIFUNCTION\0014Manufacturer: Hewlett-PackardName: hp LaserJet 2430PNP Device ID: ROOT\MULTIFUNCTION\0014Service:.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: hp LaserJet 4250Device ID: ROOT\MULTIFUNCTION\0015Manufacturer: Hewlett-PackardName: hp LaserJet 4250PNP Device ID: ROOT\MULTIFUNCTION\0015Service:.==== System Restore Points ===================.RP1: 8/8/2012 12:31:10 PM - System CheckpointRP2: 8/8/2012 12:50:40 PM - Should be virus freeRP3: 8/8/2012 1:10:34 PM - avast! Free Antivirus SetupRP4: 8/8/2012 1:12:27 PM - Removed Symantec Endpoint Protection.RP5: 8/8/2012 1:29:41 PM - Software Distribution Service 3.0RP6: 8/9/2012 1:50:23 PM - Software Distribution Service 3.0RP7: 8/10/2012 1:50:50 PM - Software Distribution Service 3.0RP8: 8/11/2012 1:50:39 PM - Software Distribution Service 3.0RP9: 8/12/2012 1:32:28 AM - Software Distribution Service 3.0RP10: 8/13/2012 1:44:01 AM - System CheckpointRP11: 8/13/2012 1:50:49 PM - Software Distribution Service 3.0RP12: 8/14/2012 1:50:59 PM - Software Distribution Service 3.0RP13: 8/15/2012 8:10:35 AM - Removed BOINC.RP14: 8/15/2012 8:11:43 AM - Installed BOINC.RP15: 8/16/2012 8:11:51 AM - System CheckpointRP16: 8/17/2012 8:17:51 AM - Software Distribution Service 3.0RP17: 8/18/2012 9:19:13 AM - System CheckpointRP18: 8/19/2012 2:11:09 AM - Software Distribution Service 3.0RP19: 8/20/2012 3:16:43 AM - System CheckpointRP20: 8/20/2012 7:55:05 AM - Software Distribution Service 3.0RP21: 8/21/2012 8:21:09 AM - Software Distribution Service 3.0RP22: 8/21/2012 9:22:24 AM - Software Distribution Service 3.0RP23: 8/21/2012 9:46:23 AM - Installed %1 %2.RP24: 8/21/2012 10:15:09 AM - Software Distribution Service 3.0.==== Installed Programs ======================.µTorrent32 Bit HP CIO Components Installer6500_E709_eDocs6500_E709_Help6500_E709nAcrobat.comAdobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.4)Adobe Shockwave Player 11.5Agere Systems HDA ModemApple Application SupportApple Mobile Device SupportApple Software UpdateBOINCBonjourbpd_scanBPDSoftwareBPDSoftware_IniBufferChmCanon iP90CCleanerCitrix online plug-in - webCitrix online plug-in (DV)Citrix online plug-in (HDX)Citrix online plug-in (USB)Citrix online plug-in (Web)CMG Windows ShieldCrystalReportVS2003SetupCutePDF Writer 2.8DestinationsDeviceDiscoveryDiablo IIIDNE UpdateDocMgrDocProcDrivers Install For Linksys Easylink AdvisorEncryptionByCredantFaxFile Type AssistantFree File Viewer 2011FrostWire 5.2.11Fujitsu Button UtilitiesFujitsu Driver UpdateFujitsu Hotkey UtilityFujitsu System Extension UtilityGoogle EarthGoogle Update HelperGPBaseService2Hewlett-Packard ACLM.NET v1.1.0.0High Definition Audio Driver Package - KB888111Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB2158563)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB2570791)Hotfix for Windows XP (KB2633952)Hotfix for Windows XP (KB915800-v4)Hotfix for Windows XP (KB951126)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB979306)HP Customer Participation Program 14.0HP Document Manager 2.0HP Imaging Device Functions 14.0HP Officejet 6500 E709 SeriesHP Product DetectionHP Smart Web Printing 4.60HP Solution Center 14.0HP UpdateHPDiagnosticAlertHPProductAssistantIntel® Graphics Media Accelerator DriverIntel® Network Connections DriversiTunesJava Auto UpdaterJava 6 Update 33Juniper Networks Network Connect 6.0.0Juniper Networks Network Connect 6.5.0Juniper Networks Setup ClientJuniper Networks Setup Client Activex ControlLinksys EasyLink Advisor 1.6 (0044)LiveUpdate 3.3 (Symantec Corporation)LiveUSB Creator (remove only)Malwarebytes Anti-Malware version 1.62.0.1300MarketResearchMicrosoft .NET Framework 1.0 Hotfix (KB2572066)Microsoft .NET Framework 1.0 Hotfix (KB2604042)Microsoft .NET Framework 1.0 Hotfix (KB2656378)Microsoft .NET Framework 1.0 Hotfix (KB953295)Microsoft .NET Framework 1.0 Hotfix (KB979904)Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB2572067)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Application Error ReportingMicrosoft Base Smart Card Cryptographic Service Provider PackageMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Kernel-Mode Driver Framework Feature Pack 1.5Microsoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office InfoPath MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Professional Plus 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft Report Viewer Redistributable 2005Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft Software Update for Web Folders (English) 12Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft XML ParserMobileMe Control PanelMozilla Firefox 14.0.1 (x86 en-US)Mozilla Maintenance ServiceMSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 6.0 Parser (KB933579)NetworkO2Micro Flash Memory Card Windows DriverOCR Software by I.R.I.S. 14.0PC Tools Firewall Plus 7.0Pocket Tanks v1.3PowerDVDPremium QuoteProductContextQuickTimeRealtek High Definition Audio DriverRoxio Central AudioRoxio Central CopyRoxio Central CoreRoxio Central DataRoxio Central ToolsRoxio Creator LJScanSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596880) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597162) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2596917) 32-Bit EditionSecurity Update for Microsoft Windows (KB2564958)Security Update for Windows Internet Explorer 8 (KB2360131)Security Update for Windows Internet Explorer 8 (KB2416400)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2586448)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 10 (KB936782)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows Search 4 - KB963093Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2124261)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2279986)Security Update for Windows XP (KB2286198)Security Update for Windows XP (KB2290570)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2296199)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2436673)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479943)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2491683)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2562937)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2567053)Security Update for Windows XP (KB2567680)Security Update for Windows XP (KB2570222)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2619339)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2624667)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2646524)Security Update for Windows XP (KB2653956)Security Update for Windows XP (KB2659262)Security Update for Windows XP (KB2660649)Security Update for Windows XP (KB2676562)Security Update for Windows XP (KB2686509)Security Update for Windows XP (KB2695962)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB923789)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953155)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958215)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960714)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371-v2)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB970483)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974455)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165-v2)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981349)Security Update for Windows XP (KB981852)Security Update for Windows XP (KB981957)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982665)Shock Sensor UtilitySmartQuoteSmartWebPrintingSNG PrerequisitesSolutionCenterStatusSUPERAntiSpywareSynaptics Pointing Device DriverSystem Requirements Lab for IntelTablet PC Tutorials for Microsoft Windows XP SP2ToolboxTopaz e-Signatures SigPlus 3.95TrayAppUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft Windows (KB971513)Update for Outlook 2007 Junk Email Filter (KB2596560)Update for Windows Internet Explorer 8 (KB976662)Update for Windows Internet Explorer 8 (KB980182)Update for Windows Internet Explorer 8 (KB980302)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2467659)Update for Windows XP (KB2541763)Update for Windows XP (KB2641690)Update for Windows XP (KB898461)Update for Windows XP (KB942763)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)Update for Windows XP (KB976749)Update for Windows XP (KB980182)USB2.0 Digital CameraWebFldrs XPWebRegWindows 7 Upgrade AdvisorWindows Genuine Advantage Validation Tool (KB892130)Windows Internet Explorer 8Windows Live ID Sign-in AssistantWindows Media Format 11 runtimeWindows Media Player 10 Hotfix [see KB887626 for more information]Windows Media Player 11Windows PowerShell 1.0Windows Search 4.0Windows XP Service Pack 3WinZipWorkSiteProUpdateYahoo! Detect.==== Event Viewer Messages From Past Week ========.8/21/2012 9:39:18 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x800706be: Security Update for Microsoft .NET Framework 3.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2656407).8/21/2012 9:22:47 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2371.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.8/21/2012 9:22:47 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2371.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.8/21/2012 9:22:47 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2371.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.8/21/2012 8:36:48 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370).8/21/2012 8:25:28 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353).8/17/2012 9:45:13 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}8/17/2012 7:10:31 AM, error: Service Control Manager [7034] - The Remote Procedure Call (RPC) LD service terminated unexpectedly. It has done this 1 time(s).8/16/2012 8:16:58 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2038.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.8/16/2012 8:16:56 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2038.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support..==== End Of File =========================== Edited August 21, 2012 by Maurice Naggar Logs In-line Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 21, 2012 ID:588151 Share Posted August 21, 2012 Hello gdsimms.Is "this system" the same one or different from the one in your other thread http://forums.malwarebytes.org/index.php?showtopic=113997 ???? Link to post Share on other sites More sharing options...
gdsimms Posted August 21, 2012 Author ID:588152 Share Posted August 21, 2012 different. that one is my wives laptop. this is mine Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 21, 2012 ID:588153 Share Posted August 21, 2012 OR, is "this" the same system as this ---> http://forums.malwarebytes.org/index.php?showtopic=114263 Link to post Share on other sites More sharing options...
gdsimms Posted August 21, 2012 Author ID:588155 Share Posted August 21, 2012 yup. that one Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 21, 2012 ID:588157 Share Posted August 21, 2012 Download >> Farbar's Service Scanner utility << and Save to your Desktop.If using Windows 7 or Vista, Right-Click on fss.exe and select Run As Admisnitrator.If using XP, double-click to start.Answer Yes to ok when prompted.If your firewall then puts out a prompt, again, allow it to run.Once FSS is on-screen, be sure the following items are checkmarked:Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderClick on "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Copy & Paste contents of FSS.txt into your reply. Link to post Share on other sites More sharing options...
gdsimms Posted August 21, 2012 Author ID:588158 Share Posted August 21, 2012 Its also the same one from this http://forums.malwarebytes.org/index.php?showtopic=113848&st=0&p=582231entry582231 Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 21, 2012 ID:588159 Share Posted August 21, 2012 Please do NOT attach logs, going forward. Always Copy & Paste into main body of reply box.Get & do the FSS utility. and have patience 'till I get back to you. Link to post Share on other sites More sharing options...
gdsimms Posted August 21, 2012 Author ID:588163 Share Posted August 21, 2012 Great. Thanks so much and here is the resultsFarbar Service Scanner Version: 06-08-2012Ran by A93B (administrator) on 21-08-2012 at 11:06:35Running from "C:\Documents and Settings\A93B\My Documents\Downloads"Microsoft Windows XP Professional Service Pack 3 (X86)Boot Mode: Normal****************************************************************Internet Services:============Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Google.com is accessible.Yahoo IP is accessible.Yahoo.com is accessible.Windows Firewall:=============Firewall Disabled Policy:==================[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall"=DWORD:0System Restore:============System Restore Disabled Policy:========================Security Center:============Windows Update:============Windows Autoupdate Disabled Policy:============================[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]"NoAutoUpdate"=DWORD:1File Check:========C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legitC:\WINDOWS\system32\Drivers\afd.sys => MD5 is legitC:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legitC:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legitC:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legitC:\WINDOWS\system32\dnsrslvr.dll => MD5 is legitC:\WINDOWS\system32\ipnathlp.dll => MD5 is legitC:\WINDOWS\system32\netman.dll => MD5 is legitC:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legitC:\WINDOWS\system32\srsvc.dll => MD5 is legitC:\WINDOWS\system32\Drivers\sr.sys => MD5 is legitC:\WINDOWS\system32\wscsvc.dll => MD5 is legitC:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legitC:\WINDOWS\system32\wuauserv.dll => MD5 is legitC:\WINDOWS\system32\qmgr.dll => MD5 is legitC:\WINDOWS\system32\es.dll => MD5 is legitC:\WINDOWS\system32\cryptsvc.dll => MD5 is legitC:\WINDOWS\system32\svchost.exe => MD5 is legitC:\WINDOWS\system32\rpcss.dll => MD5 is legitC:\WINDOWS\system32\services.exe => MD5 is legitExtra List:=======DNE(10) Gpc(6) IPSec(4) NetBT(5) pctgntdi(13) pctNdisMP(12) PSched(7) Tcpip(3)0x0B000000040000000100000002000000030000000D000000050000000600000007000000090000000A0000000C000000IpSec Tag value is correct.**** End of log **** Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 21, 2012 ID:588193 Share Posted August 21, 2012 (edited) Step 11. Go >> Here << and download ERUNT(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)2. Install ERUNT by following the prompts(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)3. Start ERUNT(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)4. Choose a location for the backup(the default location is C:\WINDOWS\ERDNT which is acceptable).5. Make sure that at least the first two check boxes are ticked6. Press OK7. Press YES to create the folder.Step 2Set Windows to show all files and all folders.On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed."CHECK" (turn on) Display the contents of system folders.Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.Next, un-check Hide extensions for known file types.Next un-check Hide protected operating system files.Step 3Close all open browsers at this point. Disable your antivirus program for the time beingStart Internet Explorer (fresh) by pressing Start (Vista Orb) >> Internet Explorer >> Right-Click and select Run As Administrator.and go here and run an online scan with BitDefenderClick the Start Scanner now. Next a popup window will appear {make sure your browser is not blocking popups}.Click the box to agree to the Terms and conditions, and click Start here.You should see a message to load BitDefenders ActiveX control. Right-click the yellow bar and select Install.Press the INSTALL button when prompted again.When the ActiveX Control has loaded, click on "Start scan" and grab a coffee or favorite drink and take a long break.When BitDefender completes the scan, select the "Detected Problems" tab. Click on "Click here to export scan". Save the file as an HTML to your Desktop.Then click on the saved file and allow it to open with your browser. Go to Edit > Select All then copy the log and paste it back here.Now, re-enable your antivirus program.Step 4Let's have you use NOTEPAD & do some research in the Windows Update log (using Notepad)usually at C:\Windows\Windowsupdate.log or C:\WINNT\Windowsupdate.logCopy and Paste here the last 70 lines out of that log, for review.Go to near end of the log for latest entries and look for error notations.You can use CTRL+END keyboard keys to get to the end of the file. Then get the last 70 lines & copy & paste here, in replySee Microsoft KnowledgeBase articleKB 902093 How to read the Windowsupdate.log filehttp://support.microsoft.com/kb/902093 Edited August 21, 2012 by Maurice Naggar Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 21, 2012 ID:588194 Share Posted August 21, 2012 Hold on a minute Your logs showed some peer-to-peer filesharing apps: µTorrent The use of P-2-P programs since such filesharing/downloading from unknown sources is one of the leading causes of transmission of malware. Risks of File-Sharing Technology.P2P file sharing: Know the risksYou must uninstall µTorrent & any other such peer-to-peer app before we continue AND confirm having removed them. Link to post Share on other sites More sharing options...
gdsimms Posted August 21, 2012 Author ID:588206 Share Posted August 21, 2012 uTorrent isn't on my programs list anymore. How can I remove it? Also I don't have internet explorer on my computer for the step 3 above Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 21, 2012 ID:588233 Share Posted August 21, 2012 Odd, because DDS shows uTorrent as an installed program !To get to Internet Explorer, you should have a link from the Start menu.(sorry I'd forgotten this is XP )You can also start Internet Explrer by using Start >> RUN >> and typing in IEXPLORE.EXEWhile I have your attention: You seem to have changed antivirus programs twice since you first posted with the older threads.You used to have Symantec Endpoint Protectionthen AVASTand now MS Security Essentials1) Do not make changes / adds/ tweaks to this system whilst I am helping you. Ask me first before changing or adding anything.2) Changing antivirus apps is not advised during malware diagnosis.3) Lots of antiirus apps do not do a full removal, but leave bits and pieces behind.4) Did you buy PC Tools FW Plus ? yes/noDoes it have an antivirus component ?Complete the Steps I outlined before, post the logs, and reply to my questions.There is much much more to follow. Link to post Share on other sites More sharing options...
gdsimms Posted August 21, 2012 Author ID:588334 Share Posted August 21, 2012 here is another dds that I just ran. If utorrent is still on there then I will need help removing it..DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_33Run by A93B at 17:27:48 on 2012-08-21Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2002.839 [GMT -4:00].AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}FW: PC Tools Firewall Plus *Enabled*.============== Running Processes ===============.C:\WINDOWS\system32\svchost.exe -k DcomLaunchC:\WINDOWS\system32\CmgShieldSvc.exeC:\WINDOWS\system32\EMSService.exesvchost.exec:\Program Files\Microsoft Security Client\MsMpEng.exeC:\WINDOWS\system32\svchost.exe -k netsvcssvchost.exeC:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\SUPERAntiSpyware\SASCORE.EXEC:\WINDOWS\system32\agrsmsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Juniper Networks\Common Files\dsNcService.exeC:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\WINDOWS\system32\svchost.exe -k HPServiceC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\System32\svchost.exe -k HPZ12C:\WINDOWS\system32\o2flash.exeC:\Program Files\PC Tools Firewall Plus\FWService.exeC:\WINDOWS\System32\svchost.exe -k HPZ12C:\Documents and Settings\All Users\Application Data\Rpcnet\Bin\rpcld.exeC:\WINDOWS\System32\snmp.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\SYSTEM32\WISPTIS.EXEC:\WINDOWS\system32\mqsvc.exeC:\WINDOWS\System32\tabbtnu.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\mqtgsvc.exeC:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\VM331_STI.EXEC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exeC:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\Fujitsu\SSUtility\FJSSDMN.exeC:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exeC:\WINDOWS\System32\CMGShieldUI.exeC:\Program Files\Fujitsu\Utils\FjDspMon.exeC:\WINDOWS\system32\EmsServiceHelper.exeC:\Program Files\Fujitsu\Utils\fjevents.exeC:\Program Files\Fujitsu\Utils\FjMenu.exeC:\WINDOWS\system32\igfxext.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\Fujitsu\Utils\FjLidMon.exeC:\WINDOWS\system32\igfxsrvc.exeC:\Program Files\Citrix\ICA Client\concentr.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\PC Tools Firewall Plus\FirewallGUI.exeC:\Program Files\Citrix\ICA Client\wfcrun32.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\BOINC\boincmgr.exeC:\Program Files\BOINC\boinctray.exeC:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\BOINC\boinc.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files\iTunes\iTunes.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\HP\Digital Imaging\bin\hpqbam08.exeC:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exeC:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exeC:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exeC:\WINDOWS\system32\SearchProtocolHost.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://search.bearshare.comuInternet Settings,ProxyOverride = *.localBHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllBHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dllEB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dlluRun: [EasyLinkAdvisor] "c:\program files\linksys easylink advisor\LinksysAgent.exe" /startupuRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exeuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [<NO NAME>]mRun: [TabletWizard] c:\windows\help\SplshWrp.exemRun: [TabletTip] "c:\program files\common files\microsoft shared\ink\tabtip.exe" /resumemRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exemRun: [331BigDog] c:\windows\VM331_STI.EXEmRun: [RTHDCPL] RTHDCPL.EXEmRun: [soundMan] SOUNDMAN.EXEmRun: [AlcWzrd] ALCWZRD.EXEmRun: [LoadFUJ02E3] c:\program files\fujitsu\fuj02e3\FUJ02E3.exemRun: [FjStrtAp] c:\program files\fujitsu\utils\FjStrtAp.exemRun: [indicatorUtility] c:\program files\fujitsu\fujitsu hotkey utility\IndicatorUty.exemRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"mRun: [sSUtility] c:\program files\fujitsu\ssutility\FJSSDMN.exemRun: [FJUPDNV_Chitose] c:\program files\fujitsu\fjdvrupd\fjdvrupd.exemRun: [CmgShieldUI] c:\windows\system32\CMGShieldUI.exemRun: [EmsService] EmsServiceHelper.exemRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startupmRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [MsmqIntCert] regsvr32 /s mqrt.dllmRun: [00PCTFW] "c:\program files\pc tools firewall plus\FirewallGUI.exe" -smRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkeymRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [boincmgr] "c:\program files\boinc\boincmgr.exe" /a /smRun: [boinctray] "c:\program files\boinc\boinctray.exe"StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exeIE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLLIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dllDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxps://lowes.2020.net/planner/Core/Player/2020PlayerAX_Win32.cabDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1345551028786DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345551009208DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cabTCP: DhcpNameServer = 75.75.75.75 75.75.76.76TCP: Interfaces\{2EFF1657-DC8B-499A-8837-A448F1BA3633} : DhcpNameServer = 75.75.75.75 75.75.76.76Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllFilter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dllNotify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLLNotify: igfxcui - igfxdev.dllNotify: loginkey - c:\program files\common files\microsoft shared\ink\loginkey.dllNotify: TabBtnWL - TabBtnWL.dllNotify: tpgwlnotify - tpgwlnot.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dllSEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\a93b\application data\mozilla\firefox\profiles\pv8enezb.default\FF - prefs.js: browser.search.selectedEngine - Search ResultsFF - prefs.js: browser.startup.homepage - www.google.comFF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=20&systemid=2&sr=0&q=FF - prefs.js: network.proxy.type - 0FF - plugin: c:\documents and settings\a93b\application data\mozilla\firefox\profiles\pv8enezb.default\extensions\2020player_web@2020technologies.com\plugins\NP_2020Player_WEB.dllFF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dllFF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dllFF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_271.dllFF - plugin: c:\windows\system32\npdeployJava1.dllFF - plugin: c:\windows\system32\npptools.dll.============= SERVICES / DRIVERS ===============.R0 CmgShieldCEF;CmgShieldCEF;c:\windows\system32\drivers\CMGShCEF.sys [2008-4-29 195128]R0 CMGShieldReg;CMGShieldReg;c:\windows\system32\drivers\CmgShREG.sys [2008-4-29 89656]R0 FBIOSDRV;FBIOSDRV;c:\windows\system32\drivers\FBIOSDRV.SYS [2008-7-24 8960]R0 FJGSDisk;G-Sensor Application Filter Driver;c:\windows\system32\drivers\FJGSDisk.sys [2008-7-24 7168]R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2008-7-24 36640]R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2008-7-24 35456]R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2011-4-25 65584]R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2012-8-8 251560]R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]R2 CMGShield;CMGShield;c:\windows\system32\CmgShieldSvc.exe [2008-4-29 1103152]R2 EMS;EMS;c:\windows\system32\EmsService.exe [2008-4-29 644400]R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2012-8-8 160576]R2 PCToolsFirewallPlus;PC Tools Firewall Plus;c:\program files\pc tools firewall plus\FWService.exe [2012-8-8 286000]R2 rpcld;Remote Procedure Call (RPC) LD;c:\documents and settings\all users\application data\rpcnet\bin\rpcld.exe --> c:\documents and settings\all users\application data\rpcnet\bin\rpcld.exe [?]R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2008-7-24 475136]R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2008-7-24 244368]R3 Fjbtndrv;Fujitsu Button Driver;c:\windows\system32\drivers\FjBtnDrv.sys [2008-7-24 18944]R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [2008-7-24 4864]R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2008-7-24 41216]R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-7-24 116224]R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [2012-8-8 89472]R3 pctNdisMP;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [2012-8-8 57536]R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2012-8-8 125248]R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [2008-7-24 14208]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-8-20 116648]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-12 250056]S3 ADVNTDRV;ADVNTDRV;c:\windows\system32\drivers\ADVNTDRV.SYS [1999-11-18 3872]S3 CmgShieldNP;CmgShieldNP;c:\windows\system32\CmgShieldNP.dll [2008-4-29 156976]S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-8-20 116648]S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-3 113120]S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\drivers\pctNdis.sys [2012-8-8 57536]S3 vm331avs;VC0331 USB2.0 Digital Camera;c:\windows\system32\drivers\vm331avs.sys [2008-7-24 972544]S3 vsdatant;vsdatant;\??\c:\windows\system32\vsdatant.sys --> c:\windows\system32\vsdatant.sys [?]S3 vvftav323;vvftav323;c:\windows\system32\drivers\vvftav323.sys [2007-3-19 475136].=============== Created Last 30 ================.2012-08-21 14:15:56 7023536 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ab9a19d1-258f-44fe-9ac0-800824497fb9}\mpengine.dll2012-08-21 13:46:12 -------- d-----w- C:\ce13e9c11a4c40dd02fff26e4882262012-08-21 13:23:30 -------- d-----w- C:\65567c9e3f3bf903b69b81fab48a2012-08-21 13:21:26 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll2012-08-21 13:16:39 -------- d-----w- c:\documents and settings\a93b\local settings\application data\PCHealth2012-08-21 12:46:54 -------- d-----w- C:\c6b9be09872981f47029ac577fa9572012-08-21 12:10:55 15384 ----a-w- c:\windows\system32\wuapi.dll.mui2012-08-20 11:55:10 6891424 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll2012-08-15 12:11:48 334008 ----a-r- c:\documents and settings\a93b\application data\microsoft\installer\{3885be54-851b-4662-89f9-eb9f0dccb14e}\BOINCMGRLink_B65C4A4D2B2A46CCA2D918164C6297B8.exe2012-08-15 12:11:48 334008 ----a-r- c:\documents and settings\a93b\application data\microsoft\installer\{3885be54-851b-4662-89f9-eb9f0dccb14e}\ARPPRODUCTICON.exe2012-08-15 11:53:43 129536 ----a-w- c:\windows\system32\igfxtray.exe2012-08-15 11:53:42 121344 ----a-w- c:\windows\system32\gfxSrvc.dll2012-08-15 11:53:41 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll2012-08-15 11:53:41 3140608 ----a-w- c:\windows\system32\GfxUI.exe2012-08-15 11:53:40 86528 ----a-w- c:\windows\system32\igfxresn.lrc2012-08-15 11:53:40 81920 ----a-w- c:\windows\system32\igfxCoIn_v5402.dll2012-08-15 11:52:47 -------- d-----w- C:\Intel2012-08-15 11:48:25 -------- d-----w- c:\program files\SystemRequirementsLab2012-08-14 21:33:16 -------- d-----w- c:\program files\common files\Blizzard Entertainment2012-08-14 21:33:16 -------- d-----w- c:\documents and settings\all users\application data\Blizzard Entertainment2012-08-14 21:11:10 -------- d-----w- c:\documents and settings\all users\application data\Battle.net2012-08-08 17:33:20 -------- d-----w- c:\program files\CCleaner2012-08-08 17:29:42 237072 ------w- c:\windows\system32\MpSigStub.exe2012-08-08 17:26:48 -------- d-----w- c:\program files\Microsoft Security Client2012-08-08 17:17:43 -------- d-----w- c:\documents and settings\a93b\application data\PCToolsFirewallPlus2012-08-08 17:17:29 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys2012-08-08 17:17:29 160576 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys2012-08-08 17:17:27 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys2012-08-08 17:16:44 89472 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys2012-08-08 17:16:44 57536 ----a-w- c:\windows\system32\drivers\pctNdis.sys2012-08-08 17:16:44 32808 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys2012-08-08 17:16:44 -------- d-----w- c:\program files\common files\PC Tools2012-08-08 17:16:38 125248 ----a-w- c:\windows\system32\drivers\pctplfw.sys2012-08-08 17:16:35 -------- d-----w- c:\program files\PC Tools Firewall Plus2012-08-08 14:58:00 -------- d-sha-r- C:\cmdcons2012-08-08 12:42:34 -------- d-----w- c:\windows\Performance2012-08-08 12:41:50 -------- d-----w- c:\documents and settings\a93b\local settings\application data\Microsoft Corporation2012-08-08 12:38:53 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor2012-08-08 12:06:18 -------- d-----w- c:\windows\IIS Temporary Compressed Files2012-08-08 12:02:34 9216 ----a-w- c:\windows\system32\dllcache\wamps51.dll2012-08-08 12:01:25 -------- d-----w- c:\windows\system32\msmq2012-08-08 12:01:24 -------- d-----w- C:\Inetpub2012-08-08 11:42:08 -------- d-----w- c:\program files\Spybot - Search & Destroy2012-08-08 11:42:08 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy2012-08-08 11:39:28 -------- d-----w- c:\documents and settings\a93b\application data\SUPERAntiSpyware.com2012-08-08 11:38:53 -------- d-----w- c:\program files\SUPERAntiSpyware2012-08-08 11:38:53 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com2012-08-04 17:34:48 -------- d-----w- c:\documents and settings\a93b\.explorer.local2012-08-04 17:34:48 -------- d-----w- c:\documents and settings\a93b\.explorer.cache2012-08-03 11:40:25 73728 ----a-w- c:\windows\system32\javacpl.cpl2012-08-03 11:40:25 476976 ----a-w- c:\windows\system32\npdeployJava1.dll2012-07-31 00:52:46 -------- d-----w- c:\program files\AVAST Software2012-07-31 00:52:46 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software2012-07-27 20:51:30 184248 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll2012-07-27 20:51:30 184248 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll.==================== Find3M ====================.2012-08-15 01:50:21 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-08-15 01:50:21 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-08-03 11:40:02 472880 ----a-w- c:\windows\system32\deployJava1.dll2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-07-03 17:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll2012-07-02 17:49:32 43520 ----a-w- c:\windows\system32\licmgr10.dll2012-07-02 17:49:32 1469440 ----a-w- c:\windows\system32\inetcpl.cpl2012-07-02 12:05:43 385024 ----a-w- c:\windows\system32\html.iec2012-06-07 00:59:42 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll2012-06-04 21:35:26 222448 ----a-w- c:\windows\system32\muweb.dll2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll.============= FINISH: 17:29:52.79 =============== Link to post Share on other sites More sharing options...
gdsimms Posted August 21, 2012 Author ID:588335 Share Posted August 21, 2012 once I went to start and run, I got internet explorer to run now. and it is now open. Link to post Share on other sites More sharing options...
gdsimms Posted August 21, 2012 Author ID:588336 Share Posted August 21, 2012 systemtec endpoint came with the system and I also had downloaded the free avast. after Mr.Charlie helped me with the first fix, I went to his maintenance page and saw that I should only have 1 and he recommended security essentials. so I deleted those and got the essentials. If it isn't obvious, I have no idea what I am doing and need very specific directions. I am a chemist and only need to know how to use excel and word. that is the extent of my computer experience. Link to post Share on other sites More sharing options...
gdsimms Posted August 21, 2012 Author ID:588338 Share Posted August 21, 2012 As to question 4. I downloaded a free pctools firewall. the sameone that is linked on Mr. Charile's maintenance page. I don't know if it have antivirus on it or not. and also it is consistently popping up and saying that things are doing stuff. I don't know what any of them mean so I just click yes. Link to post Share on other sites More sharing options...
gdsimms Posted August 21, 2012 Author ID:588348 Share Posted August 21, 2012 I did the bitfinder thing and it said it didn't find any infected files. I didn't get the option to save any sort of logs Link to post Share on other sites More sharing options...
gdsimms Posted August 21, 2012 Author ID:588351 Share Posted August 21, 2012 this might be more than 70 lines. sorry, but I figure more info is better than not enough.2012-08-21 10:44:23:626 3160 e80 Handler : Updates to install = 12012-08-21 10:44:23:626 3160 e80 Handler : Installing update {DB0F5966-7ACC-47E0-B8DC-0CB1B7F2CD22}.1052012-08-21 10:44:23:626 3160 1190 Handler Installing with parameters=-q -z -er, sandbox=C:\WINDOWS\SoftwareDistribution\Download\2b1811e24bead4a9f2af4d8ed16bdab7.2012-08-21 10:44:28:611 1344 8e4 Report REPORT EVENT: {544093E6-445D-44CD-9797-0941D390E7C2} 2012-08-21 10:44:23:610-0400 1 183 101 {E9D5A1C7-ADEC-4652-AB92-A86B955A8DFA} 100 0 MicrosoftUpdate Success Content Install Installation Successful: Windows successfully installed the following update: Update for Microsoft Office Outlook 2007 (KB2596598)2012-08-21 10:44:40:409 3160 1190 Handler Install completed with 0x80070bc2.2012-08-21 10:44:40:425 3160 e80 Handler : Install completed: result type = 0x1, installer error = False, error = 0x80070bc2, disabled until reboot = No, reboot required = Yes2012-08-21 10:44:40:425 3160 e80 Handler :::::::::2012-08-21 10:44:40:425 3160 e80 Handler :: END :: Handler: Windows Patch Install2012-08-21 10:44:40:425 3160 e80 Handler :::::::::::::2012-08-21 10:44:40:425 1344 10e0 DnldMgr Preparing update for install, updateId = {B45536F8-3205-4486-8762-CEA29E8BFEFD}.106.2012-08-21 10:44:40:425 3160 844 Handler :::::::::::::2012-08-21 10:44:40:425 3160 844 Handler :: START :: Handler: Windows Patch Install2012-08-21 10:44:40:425 3160 844 Handler :::::::::2012-08-21 10:44:40:425 3160 844 Handler : Updates to install = 12012-08-21 10:44:40:425 3160 844 Handler : Installing update {B45536F8-3205-4486-8762-CEA29E8BFEFD}.1062012-08-21 10:44:40:425 3160 17b8 Handler Installing with parameters=-q -z -er, sandbox=C:\WINDOWS\SoftwareDistribution\Download\f361b4bac7097c011eed3107adbf0411.2012-08-21 10:44:45:425 1344 8e4 Report REPORT EVENT: {36503948-B178-41BC-B0B6-4DAFD4BF1851} 2012-08-21 10:44:40:425-0400 1 184 101 {1EE91BD4-17DD-4E6E-9F1B-5ACBF49C269B} 109 0 MicrosoftUpdate Success Content Install Installation successful and restart required for the following update: Security Update for Windows XP (KB2691442)2012-08-21 10:44:48:550 3160 17b8 Handler Install completed with 0x80070bc2.2012-08-21 10:44:48:550 3160 844 Handler : Install completed: result type = 0x1, installer error = False, error = 0x80070bc2, disabled until reboot = No, reboot required = Yes2012-08-21 10:44:48:550 3160 844 Handler :::::::::2012-08-21 10:44:48:550 3160 844 Handler :: END :: Handler: Windows Patch Install2012-08-21 10:44:48:550 3160 844 Handler :::::::::::::2012-08-21 10:44:48:566 1344 10e0 DnldMgr Preparing update for install, updateId = {FD5E818B-125C-415D-998C-3C5E2AA6A405}.101.2012-08-21 10:44:48:582 3160 e10 Handler :::::::::::::2012-08-21 10:44:48:582 3160 e10 Handler :: START :: Handler: MSI Install2012-08-21 10:44:48:582 3160 e10 Handler :::::::::2012-08-21 10:44:48:582 3160 e10 Handler : Updates to install = 12012-08-21 10:44:48:582 3160 e10 Handler Extracting MSP file stored in CAB ipeditor-x-none.cab2012-08-21 10:44:48:769 3160 e10 Handler MSP update {00000000-0000-0000-0000-000000000000}.0 using full-file patch2012-08-21 10:44:48:769 3160 e10 Handler : Batch installing 1 updates2012-08-21 10:44:49:769 3160 e10 Handler List of MSPs in transaction:2012-08-21 10:44:49:769 3160 e10 Handler C:\WINDOWS\SoftwareDistribution\Download\a269c8457a777d45ff464a2366d6b1ff\img\ipeditor-x-none.MSP2012-08-21 10:44:49:769 3160 e10 Handler MSP final command line: DISABLESRCPROMPT=1 LOCALCACHESRCRES=0 NOLOCALCACHEROLLBACK=1 REBOOT=REALLYSUPPRESS2012-08-21 10:44:53:551 1344 8e4 Report REPORT EVENT: {BFB9CDA7-832F-46E4-80AB-F79F84F88D26} 2012-08-21 10:44:48:550-0400 1 184 101 {D6CC42C5-0D6D-405D-AEFF-EB9A84630D94} 107 0 MicrosoftUpdate Success Content Install Installation successful and restart required for the following update: Security Update for Windows XP (KB2655992)2012-08-21 10:45:21:914 3160 e10 Handler : MSI transaction completed. MSI: 0x00000000, Handler: 0x00000000, Source: No, Reboot: 02012-08-21 10:45:21:929 3160 e10 Handler :::::::::2012-08-21 10:45:21:929 3160 e10 Handler :: END :: Handler: MSI Install2012-08-21 10:45:21:929 3160 e10 Handler :::::::::::::2012-08-21 10:45:21:961 1344 10e0 DnldMgr Preparing update for install, updateId = {CDA801C7-5729-43BD-A579-61BEAE003864}.101.2012-08-21 10:45:21:976 3160 844 Handler :::::::::::::2012-08-21 10:45:21:976 3160 844 Handler :: START :: Handler: MSI Install2012-08-21 10:45:21:976 3160 844 Handler :::::::::2012-08-21 10:45:21:976 3160 844 Handler : Updates to install = 12012-08-21 10:45:21:992 3160 844 Handler Extracting MSP file stored in CAB vbe6-x-none.cab2012-08-21 10:45:22:570 3160 844 Handler MSP update {00000000-0000-0000-0000-000000000000}.0 using full-file patch2012-08-21 10:45:22:570 3160 844 Handler : Batch installing 1 updates2012-08-21 10:45:24:086 3160 844 Handler List of MSPs in transaction:2012-08-21 10:45:24:086 3160 844 Handler C:\WINDOWS\SoftwareDistribution\Download\ebcda541e5f7dfc21d4e7a995210be02\img\vbe6-x-none.MSP2012-08-21 10:45:24:086 3160 844 Handler MSP final command line: DISABLESRCPROMPT=1 LOCALCACHESRCRES=0 NOLOCALCACHEROLLBACK=1 REBOOT=REALLYSUPPRESS2012-08-21 10:45:26:945 1344 8e4 Report REPORT EVENT: {91865063-6378-47CF-8B09-7D4FD2ADF952} 2012-08-21 10:45:21:945-0400 1 183 101 {0AA68237-CDAF-49D9-BB6E-121B8DFBFD9B} 101 0 MicrosoftUpdate Success Content Install Installation Successful: Windows successfully installed the following update: Security Update for Microsoft Office InfoPath 2007 (KB2596786)2012-08-21 10:45:53:011 3160 844 Handler : MSI transaction completed. MSI: 0x00000000, Handler: 0x00000000, Source: No, Reboot: 02012-08-21 10:45:53:027 3160 844 Handler :::::::::2012-08-21 10:45:53:027 3160 844 Handler :: END :: Handler: MSI Install2012-08-21 10:45:53:027 3160 844 Handler :::::::::::::2012-08-21 10:45:53:042 1344 10e0 DnldMgr Preparing update for install, updateId = {E9D01357-BE1C-4233-B985-94A7F70D1A53}.101.2012-08-21 10:45:53:058 3160 e10 Handler :::::::::::::2012-08-21 10:45:53:058 3160 e10 Handler :: START :: Handler: MSI Install2012-08-21 10:45:53:058 3160 e10 Handler :::::::::2012-08-21 10:45:53:058 3160 e10 Handler : Updates to install = 12012-08-21 10:45:53:074 3160 e10 Handler Extracting MSP file stored in CAB infopath-x-none.cab2012-08-21 10:45:53:824 3160 e10 Handler MSP update {00000000-0000-0000-0000-000000000000}.0 using full-file patch2012-08-21 10:45:53:824 3160 e10 Handler : Batch installing 1 updates2012-08-21 10:45:55:605 3160 e10 Handler List of MSPs in transaction:2012-08-21 10:45:55:621 3160 e10 Handler C:\WINDOWS\SoftwareDistribution\Download\beeb97a79928f4d21010c54f835d349b\img\infopath-x-none.MSP2012-08-21 10:45:55:621 3160 e10 Handler MSP final command line: DISABLESRCPROMPT=1 LOCALCACHESRCRES=0 NOLOCALCACHEROLLBACK=1 REBOOT=REALLYSUPPRESS2012-08-21 10:45:58:012 1344 8e4 Report REPORT EVENT: {85504CA2-8EB5-48D4-9D97-5F429A440EB4} 2012-08-21 10:45:53:027-0400 1 183 101 {862C13B8-72CA-477D-9D14-82C00831E5CD} 101 0 MicrosoftUpdate Success Content Install Installation Successful: Windows successfully installed the following update: Security Update for Microsoft Office 2007 suites (KB2596744)2012-08-21 10:46:24:702 3160 e10 Handler : MSI transaction completed. MSI: 0x00000000, Handler: 0x00000000, Source: No, Reboot: 02012-08-21 10:46:24:702 3160 e10 Handler :::::::::2012-08-21 10:46:24:702 3160 e10 Handler :: END :: Handler: MSI Install2012-08-21 10:46:24:702 3160 e10 Handler :::::::::::::2012-08-21 10:46:24:718 1344 10e0 DnldMgr Preparing update for install, updateId = {D41A74FE-1C6F-42D5-9DF6-334F2E79ACB7}.103.2012-08-21 10:46:24:718 3160 844 Handler :::::::::::::2012-08-21 10:46:24:718 3160 844 Handler :: START :: Handler: Windows Patch Install2012-08-21 10:46:24:718 3160 844 Handler :::::::::2012-08-21 10:46:24:718 3160 844 Handler : Updates to install = 12012-08-21 10:46:24:718 3160 844 Handler : Installing update {D41A74FE-1C6F-42D5-9DF6-334F2E79ACB7}.1032012-08-21 10:46:24:718 3160 105c Handler Installing with parameters=-q -z -er, sandbox=C:\WINDOWS\SoftwareDistribution\Download\5166918af850719d0de1e5e59bad86c4.2012-08-21 10:46:29:718 1344 8e4 Report REPORT EVENT: {24C81846-B30B-47C5-92AA-060DB5DC3267} 2012-08-21 10:46:24:718-0400 1 183 101 {DD9DE506-ED98-4598-A6BD-80D9DA6D3789} 101 0 MicrosoftUpdate Success Content Install Installation Successful: Windows successfully installed the following update: Security Update for Microsoft Office 2007 suites (KB2596666)2012-08-21 10:46:39:423 3160 105c Handler Install completed with 0x80070bc2.2012-08-21 10:46:39:423 3160 844 Handler : Install completed: result type = 0x1, installer error = False, error = 0x80070bc2, disabled until reboot = No, reboot required = Yes2012-08-21 10:46:39:423 3160 844 Handler :::::::::2012-08-21 10:46:39:423 3160 844 Handler :: END :: Handler: Windows Patch Install2012-08-21 10:46:39:423 3160 844 Handler :::::::::::::2012-08-21 10:46:39:423 1344 10e0 DnldMgr Preparing update for install, updateId = {B3B70D55-8B06-4CD7-A878-5FC1642080CD}.108.2012-08-21 10:46:39:423 3160 1014 Handler :::::::::::::2012-08-21 10:46:39:438 3160 1014 Handler :: START :: Handler: Windows Patch Install2012-08-21 10:46:39:438 3160 1014 Handler :::::::::2012-08-21 10:46:39:438 3160 1014 Handler : Updates to install = 12012-08-21 10:46:39:438 3160 1014 Handler : Installing update {B3B70D55-8B06-4CD7-A878-5FC1642080CD}.1082012-08-21 10:46:39:438 3160 116c Handler Installing with parameters=-q -z -er, sandbox=C:\WINDOWS\SoftwareDistribution\Download\25ef6a614d1bfe5142de31da435bb975.2012-08-21 10:46:44:439 1344 8e4 Report REPORT EVENT: {00B8196F-F2DD-415E-BF63-562E141F13B2} 2012-08-21 10:46:39:423-0400 1 184 101 {7EE75883-5E4A-4778-BC14-E86F2203D8B7} 103 0 MicrosoftUpdate Success Content Install Installation successful and restart required for the following update: Security Update for Windows XP (KB2719985)2012-08-21 10:46:50:752 3160 116c Handler Install completed with 0x80070bc2.2012-08-21 10:46:50:768 3160 1014 Handler : Install completed: result type = 0x1, installer error = False, error = 0x80070bc2, disabled until reboot = No, reboot required = Yes2012-08-21 10:46:50:768 3160 1014 Handler :::::::::2012-08-21 10:46:50:768 3160 1014 Handler :: END :: Handler: Windows Patch Install2012-08-21 10:46:50:768 3160 1014 Handler :::::::::::::2012-08-21 10:46:50:815 1344 10e0 DnldMgr Preparing update for install, updateId = {E17C9E68-8D6D-4B8B-A1CF-27743AAFEFED}.101.2012-08-21 10:46:51:174 3160 12c0 Handler :::::::::::::2012-08-21 10:46:51:174 3160 12c0 Handler :: START :: Handler: Command Line Install2012-08-21 10:46:51:174 3160 12c0 Handler :::::::::2012-08-21 10:46:51:174 3160 12c0 Handler : Updates to install = 12012-08-21 10:46:52:455 3160 12c0 Handler : Command line install completed. Return code = 0x00000000, Result = Succeeded, Reboot required = false2012-08-21 10:46:52:455 3160 12c0 Handler :::::::::2012-08-21 10:46:52:455 3160 12c0 Handler :: END :: Handler: Command Line Install2012-08-21 10:46:52:455 3160 12c0 Handler :::::::::::::2012-08-21 10:46:52:455 1344 10e0 DnldMgr Preparing update for install, updateId = {55CBC9E2-3086-4F42-8BF6-147BAF771F33}.100.2012-08-21 10:46:52:455 3160 844 Handler :::::::::::::2012-08-21 10:46:52:455 3160 844 Handler :: START :: Handler: MSI Install2012-08-21 10:46:52:455 3160 844 Handler :::::::::2012-08-21 10:46:52:455 3160 844 Handler : Updates to install = 12012-08-21 10:46:52:471 3160 844 Handler Extracting MSP file stored in CAB outlfltr-x-none.cab2012-08-21 10:46:52:815 3160 844 Handler MSP update {00000000-0000-0000-0000-000000000000}.0 using full-file patch2012-08-21 10:46:52:815 3160 844 Handler : Batch installing 1 updates2012-08-21 10:46:54:034 3160 844 Handler List of MSPs in transaction:2012-08-21 10:46:54:034 3160 844 Handler C:\WINDOWS\SoftwareDistribution\Download\4c13cede434a425ebe7523e22f457da4\img\outlfltr-x-none.MSP2012-08-21 10:46:54:034 3160 844 Handler MSP final command line: DISABLESRCPROMPT=1 LOCALCACHESRCRES=0 NOLOCALCACHEROLLBACK=1 REBOOT=REALLYSUPPRESS2012-08-21 10:46:55:768 1344 8e4 Report REPORT EVENT: {F7B808C3-8C08-4BA1-A9E2-5DC9C286901B} 2012-08-21 10:46:50:768-0400 1 184 101 {E6498A38-1DD0-424A-90C6-0D56CC3FB733} 108 0 MicrosoftUpdate Success Content Install Installation successful and restart required for the following update: Security Update for Windows XP (KB2698365)2012-08-21 10:46:55:768 1344 8e4 Report REPORT EVENT: {47FBD38A-264B-446A-913F-F1959BD3A295} 2012-08-21 10:46:52:455-0400 1 183 101 {424B1B09-6916-4288-87FB-9AD738B622D7} 101 0 MicrosoftUpdate Success Content Install Installation Successful: Windows successfully installed the following update: Update for Windows XP and Windows Server 2003 (KB2728973)2012-08-21 10:47:32:851 3160 844 Handler : MSI transaction completed. MSI: 0x00000000, Handler: 0x00000000, Source: No, Reboot: 02012-08-21 10:47:32:866 3160 844 Handler :::::::::2012-08-21 10:47:32:866 3160 844 Handler :: END :: Handler: MSI Install2012-08-21 10:47:32:866 3160 844 Handler :::::::::::::2012-08-21 10:47:32:882 1344 10e0 DnldMgr Preparing update for install, updateId = {CB005795-F237-4E12-8E89-2F25AC7DDAC5}.101.2012-08-21 10:47:32:882 3160 1014 Handler :::::::::::::2012-08-21 10:47:32:882 3160 1014 Handler :: START :: Handler: MSI Install2012-08-21 10:47:32:882 3160 1014 Handler :::::::::2012-08-21 10:47:32:882 3160 1014 Handler : Updates to install = 12012-08-21 10:47:32:913 3160 1014 Handler Extracting MSP file stored in CAB msxml5-x-none.cab2012-08-21 10:47:33:585 3160 1014 Handler MSP update {00000000-0000-0000-0000-000000000000}.0 using full-file patch2012-08-21 10:47:33:585 3160 1014 Handler : Batch installing 1 updates2012-08-21 10:47:35:445 3160 1014 Handler List of MSPs in transaction:2012-08-21 10:47:35:445 3160 1014 Handler C:\WINDOWS\SoftwareDistribution\Download\91c1ecadb715476f642cefceb2e1b4a6\img\msxml5-x-none.MSP2012-08-21 10:47:35:445 3160 1014 Handler MSP final command line: DISABLESRCPROMPT=1 LOCALCACHESRCRES=0 NOLOCALCACHEROLLBACK=1 REBOOT=REALLYSUPPRESS2012-08-21 10:47:37:867 1344 8e4 Report REPORT EVENT: {E1CA2C86-341B-452A-A929-701CFBE338BB} 2012-08-21 10:47:32:866-0400 1 183 101 {AB8A8415-50F3-4CE8-8D73-4FD41B4E8B71} 100 0 MicrosoftUpdate Success Content Install Installation Successful: Windows successfully installed the following update: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400)2012-08-21 10:48:13:402 3160 1014 Handler : MSI transaction completed. MSI: 0x00000000, Handler: 0x00000000, Source: No, Reboot: 02012-08-21 10:48:13:418 3160 1014 Handler :::::::::2012-08-21 10:48:13:418 3160 1014 Handler :: END :: Handler: MSI Install2012-08-21 10:48:13:418 3160 1014 Handler :::::::::::::2012-08-21 10:48:13:418 1344 10e0 DnldMgr Preparing update for install, updateId = {27C61AEA-228C-4291-8149-71B042696642}.101.2012-08-21 10:48:13:418 3160 99c Handler :::::::::::::2012-08-21 10:48:13:418 3160 99c Handler :: START :: Handler: MSI Install2012-08-21 10:48:13:418 3160 99c Handler :::::::::2012-08-21 10:48:13:418 3160 99c Handler : Updates to install = 12012-08-21 10:48:13:449 3160 99c Handler Extracting MSP file stored in CAB mscomctlocx-x-none.cab2012-08-21 10:48:15:027 3160 99c Handler MSP update {00000000-0000-0000-0000-000000000000}.0 using full-file patch2012-08-21 10:48:15:027 3160 99c Handler : Batch installing 1 updates2012-08-21 10:48:16:481 3160 99c Handler List of MSPs in transaction:2012-08-21 10:48:16:481 3160 99c Handler C:\WINDOWS\SoftwareDistribution\Download\6987ef9a816eb557eb9094c11a61f3b8\img\mscomctlocx-x-none.MSP2012-08-21 10:48:16:481 3160 99c Handler MSP final command line: DISABLESRCPROMPT=1 LOCALCACHESRCRES=0 NOLOCALCACHEROLLBACK=1 REBOOT=REALLYSUPPRESS2012-08-21 10:48:18:418 1344 8e4 Report REPORT EVENT: {CFB6EE0E-7F25-4501-8777-97C390F10C26} 2012-08-21 10:48:13:418-0400 1 183 101 {D6F5EEF2-B0B3-4939-8E72-52DF78032FA4} 101 0 MicrosoftUpdate Success Content Install Installation Successful: Windows successfully installed the following update: Security Update for Microsoft Office 2007 suites (KB2596856)2012-08-21 10:48:54:876 3160 99c Handler : MSI transaction completed. MSI: 0x00000000, Handler: 0x00000000, Source: No, Reboot: 02012-08-21 10:48:54:891 3160 99c Handler :::::::::2012-08-21 10:48:54:891 3160 99c Handler :: END :: Handler: MSI Install2012-08-21 10:48:54:891 3160 99c Handler :::::::::::::2012-08-21 10:48:54:891 1344 10e0 DnldMgr Preparing update for install, updateId = {6028908D-5EFE-4096-B12B-0343B7BF0AC1}.101.2012-08-21 10:48:54:938 3160 1014 Handler :::::::::::::2012-08-21 10:48:54:938 3160 1014 Handler :: START :: Handler: MSI Install2012-08-21 10:48:54:938 3160 1014 Handler :::::::::2012-08-21 10:48:54:938 3160 1014 Handler : Updates to install = 12012-08-21 10:48:54:938 3160 1014 Handler Extracting MSP file stored in CAB msconv97-x-none.cab2012-08-21 10:48:55:329 3160 1014 Handler MSP update {00000000-0000-0000-0000-000000000000}.0 using full-file patch2012-08-21 10:48:55:329 3160 1014 Handler : Batch installing 1 updates2012-08-21 10:48:56:970 3160 1014 Handler List of MSPs in transaction:2012-08-21 10:48:56:970 3160 1014 Handler C:\WINDOWS\SoftwareDistribution\Download\73f365df5e5c7c34e67d2d1b03aa52af\img\msconv97-x-none.MSP2012-08-21 10:48:56:970 3160 1014 Handler MSP final command line: DISABLESRCPROMPT=1 LOCALCACHESRCRES=0 NOLOCALCACHEROLLBACK=1 REBOOT=REALLYSUPPRESS2012-08-21 10:49:01:236 1344 8e4 Report REPORT EVENT: {99714C2A-2DCA-4F4D-A553-63E29F7C0C4F} 2012-08-21 10:48:54:891-0400 1 183 101 {00E27F76-D7F0-4F7A-8886-72B12870CACC} 101 0 MicrosoftUpdate Success Content Install Installation Successful: Windows successfully installed the following update: Security Update for Microsoft Office 2007 suites (KB2687441)2012-08-21 10:49:21:379 3160 1014 Handler : MSI transaction completed. MSI: 0x00000000, Handler: 0x00000000, Source: No, Reboot: 02012-08-21 10:49:21:394 3160 1014 Handler :::::::::2012-08-21 10:49:21:394 3160 1014 Handler :: END :: Handler: MSI Install2012-08-21 10:49:21:394 3160 1014 Handler :::::::::::::2012-08-21 10:49:21:394 1344 10e0 DnldMgr Preparing update for install, updateId = {B37927ED-A1B4-4269-B132-A3D2CC63FB9A}.101.2012-08-21 10:49:21:394 3160 12c0 Handler :::::::::::::2012-08-21 10:49:21:410 3160 12c0 Handler :: START :: Handler: MSI Install2012-08-21 10:49:21:410 3160 12c0 Handler :::::::::2012-08-21 10:49:21:410 3160 12c0 Handler : Updates to install = 12012-08-21 10:49:21:410 3160 12c0 Handler Extracting MSP file stored in CAB mso-x-none.cab2012-08-21 10:49:22:988 3160 12c0 Handler MSP update {00000000-0000-0000-0000-000000000000}.0 using full-file patch2012-08-21 10:49:22:988 3160 12c0 Handler : Batch installing 1 updates2012-08-21 10:49:24:973 3160 12c0 Handler List of MSPs in transaction:2012-08-21 10:49:24:973 3160 12c0 Handler C:\WINDOWS\SoftwareDistribution\Download\0a76305d82ab445abb49fcf87611bef5\img\mso-x-none.MSP2012-08-21 10:49:24:973 3160 12c0 Handler MSP final command line: DISABLESRCPROMPT=1 LOCALCACHESRCRES=0 NOLOCALCACHEROLLBACK=1 REBOOT=REALLYSUPPRESS2012-08-21 10:49:26:395 1344 8e4 Report REPORT EVENT: {E33991EE-02D6-49FC-B544-253ECF4506E1} 2012-08-21 10:49:21:394-0400 1 183 101 {B1836264-25BE-47B7-9AA6-512565051A91} 101 0 MicrosoftUpdate Success Content Install Installation Successful: Windows successfully installed the following update: Security Update for Microsoft Office 2007 suites (KB2596754)2012-08-21 10:50:02:415 3160 12c0 Handler : MSI transaction completed. MSI: 0x00000000, Handler: 0x00000000, Source: No, Reboot: 02012-08-21 10:50:02:430 3160 12c0 Handler :::::::::2012-08-21 10:50:02:430 3160 12c0 Handler :: END :: Handler: MSI Install2012-08-21 10:50:02:430 3160 12c0 Handler :::::::::::::2012-08-21 10:50:02:430 1344 10e0 DnldMgr Preparing update for install, updateId = {75FE679D-F827-449F-BEE1-1150EDB3E40A}.102.2012-08-21 10:50:02:430 3160 1014 Handler :::::::::::::2012-08-21 10:50:02:430 3160 1014 Handler :: START :: Handler: Windows Patch Install2012-08-21 10:50:02:430 3160 1014 Handler :::::::::2012-08-21 10:50:02:430 3160 1014 Handler : Updates to install = 12012-08-21 10:50:02:430 3160 1014 Handler : Installing update {75FE679D-F827-449F-BEE1-1150EDB3E40A}.1022012-08-21 10:50:02:430 3160 1004 Handler Installing with parameters=-q -z -er, sandbox=C:\WINDOWS\SoftwareDistribution\Download\06af2d630217aa32a4f6f6b9c5c1a3ba.2012-08-21 10:50:07:431 1344 8e4 Report REPORT EVENT: {67CC85CF-4CFE-4157-B5B0-1FBA5C070968} 2012-08-21 10:50:02:430-0400 1 183 101 {3A434D1C-BC51-4762-A37F-50ECACD9CEF4} 101 0 MicrosoftUpdate Success Content Install Installation Successful: Windows successfully installed the following update: Security Update for Microsoft Office 2007 suites (KB2596615)2012-08-21 10:50:49:748 3160 1004 Handler Install completed with 0x80070bc2.2012-08-21 10:50:49:748 3160 1014 Handler : Install completed: result type = 0x1, installer error = False, error = 0x80070bc2, disabled until reboot = No, reboot required = Yes2012-08-21 10:50:49:748 3160 1014 Handler :::::::::2012-08-21 10:50:49:748 3160 1014 Handler :: END :: Handler: Windows Patch Install2012-08-21 10:50:49:748 3160 1014 Handler :::::::::::::2012-08-21 10:50:49:764 1344 10e0 DnldMgr Preparing update for install, updateId = {501C1E3B-121E-4DED-8A74-2E887D3C3D80}.101.2012-08-21 10:50:49:764 3160 1770 Handler :::::::::::::2012-08-21 10:50:49:764 3160 1770 Handler :: START :: Handler: Windows Patch Install2012-08-21 10:50:49:764 3160 1770 Handler :::::::::2012-08-21 10:50:49:764 3160 1770 Handler : Updates to install = 12012-08-21 10:50:49:764 3160 1770 Handler : Installing update {501C1E3B-121E-4DED-8A74-2E887D3C3D80}.1012012-08-21 10:50:49:764 3160 1350 Handler Installing with parameters=-q -z -er, sandbox=C:\WINDOWS\SoftwareDistribution\Download\98ba44a9c208ed8f29b83af1026daea1.2012-08-21 10:50:54:765 1344 8e4 Report REPORT EVENT: {31716768-4283-4F9A-970D-BA8396D1BD8C} 2012-08-21 10:50:49:764-0400 1 184 101 {75ABBF14-F783-4DE1-A212-8535EDA9B0FD} 102 0 MicrosoftUpdate Success Content Install Installation successful and restart required for the following update: Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2722913)2012-08-21 10:50:57:952 3160 1350 Handler Install completed with 0x80070bc2.2012-08-21 10:50:57:952 3160 1770 Handler : Install completed: result type = 0x1, installer error = False, error = 0x80070bc2, disabled until reboot = No, reboot required = Yes2012-08-21 10:50:57:952 3160 1770 Handler :::::::::2012-08-21 10:50:57:952 3160 1770 Handler :: END :: Handler: Windows Patch Install2012-08-21 10:50:57:952 3160 1770 Handler :::::::::::::2012-08-21 10:50:57:952 1344 10e0 DnldMgr Preparing update for install, updateId = {44A12E44-C20A-42A3-9F5B-4FACD9982C30}.101.2012-08-21 10:50:57:952 3160 99c Handler :::::::::::::2012-08-21 10:50:57:952 3160 99c Handler :: START :: Handler: Windows Patch Install2012-08-21 10:50:57:968 3160 99c Handler :::::::::2012-08-21 10:50:57:968 3160 99c Handler : Updates to install = 12012-08-21 10:50:57:968 3160 99c Handler : Installing update {44A12E44-C20A-42A3-9F5B-4FACD9982C30}.1012012-08-21 10:50:57:968 3160 3d8 Handler Installing with parameters=-q -z -er, sandbox=C:\WINDOWS\SoftwareDistribution\Download\4a0e4531b96faf560594eec84d879de6.2012-08-21 10:51:02:953 1344 8e4 Report REPORT EVENT: {B9526549-9E21-49D4-8D1F-00FEAC19C65B} 2012-08-21 10:50:57:952-0400 1 184 101 {A506F3F3-D548-4093-8870-E2CB364D02F6} 101 0 MicrosoftUpdate Success Content Install Installation successful and restart required for the following update: Security Update for Windows XP (KB2712808)2012-08-21 10:51:07:344 3160 3d8 Handler Install completed with 0x80070bc2.2012-08-21 10:51:07:344 3160 99c Handler : Install completed: result type = 0x1, installer error = False, error = 0x80070bc2, disabled until reboot = No, reboot required = Yes2012-08-21 10:51:07:344 3160 99c Handler :::::::::2012-08-21 10:51:07:344 3160 99c Handler :: END :: Handler: Windows Patch Install2012-08-21 10:51:07:344 3160 99c Handler :::::::::::::2012-08-21 10:51:07:360 1344 10e0 DnldMgr Preparing update for install, updateId = {77CE5DC0-4078-4FC3-9FE4-DFF338BCF60F}.100.2012-08-21 10:51:07:360 3160 1014 Handler :::::::::::::2012-08-21 10:51:07:360 3160 1014 Handler :: START :: Handler: Windows Patch Install2012-08-21 10:51:07:360 3160 1014 Handler :::::::::2012-08-21 10:51:07:360 3160 1014 Handler : Updates to install = 12012-08-21 10:51:07:360 3160 1014 Handler : Installing update {77CE5DC0-4078-4FC3-9FE4-DFF338BCF60F}.1002012-08-21 10:51:07:360 3160 be4 Handler Installing with parameters=-q -z -er, sandbox=C:\WINDOWS\SoftwareDistribution\Download\8641c9fe753eba878be93fac6e87badc.2012-08-21 10:51:12:360 1344 8e4 Report REPORT EVENT: {12984107-3FFB-4DA5-8CCB-31A97BFB5A5F} 2012-08-21 10:51:07:360-0400 1 184 101 {AD53FA8A-C27B-486A-8748-4684AE8B4443} 101 0 MicrosoftUpdate Success Content Install Installation successful and restart required for the following update: Security Update for Windows XP (KB2705219)2012-08-21 10:51:16:392 3160 be4 Handler Install completed with 0x80070bc2.2012-08-21 10:51:16:392 3160 1014 Handler : Install completed: result type = 0x1, installer error = False, error = 0x80070bc2, disabled until reboot = No, reboot required = Yes2012-08-21 10:51:16:392 3160 1014 Handler :::::::::2012-08-21 10:51:16:392 3160 1014 Handler :: END :: Handler: Windows Patch Install2012-08-21 10:51:16:392 3160 1014 Handler :::::::::::::2012-08-21 10:51:16:392 1344 10e0 DnldMgr Preparing update for install, updateId = {CC4C9732-03F8-4B4E-BF89-AD26E62557FC}.100.2012-08-21 10:51:17:283 3160 1770 Handler :::::::::::::2012-08-21 10:51:17:283 3160 1770 Handler :: START :: Handler: Command Line Install2012-08-21 10:51:17:283 3160 1770 Handler :::::::::2012-08-21 10:51:17:283 3160 1770 Handler : Updates to install = 12012-08-21 10:51:21:393 1344 8e4 Report REPORT EVENT: {B26B341C-4F08-4DB3-8F5B-E7740ADFD401} 2012-08-21 10:51:16:392-0400 1 184 101 {194AE7EB-76A5-4685-9B4E-9E10A8DCFF42} 101 0 MicrosoftUpdate Success Content Install Installation successful and restart required for the following update: Security Update for Windows XP (KB2731847)2012-08-21 10:54:11:006 3160 1770 Handler : Command line install completed. Return code = 0x00000000, Result = Succeeded, Reboot required = false2012-08-21 10:54:11:006 3160 1770 Handler :::::::::2012-08-21 10:54:11:006 3160 1770 Handler :: END :: Handler: Command Line Install2012-08-21 10:54:11:006 3160 1770 Handler :::::::::::::2012-08-21 10:54:11:068 1344 10e0 DnldMgr Preparing update for install, updateId = {5CBDF09E-CC12-4156-9C55-BF9B952738A6}.102.2012-08-21 10:54:11:068 3160 1014 Handler :::::::::::::2012-08-21 10:54:11:068 3160 1014 Handler :: START :: Handler: Windows Patch Install2012-08-21 10:54:11:068 3160 1014 Handler :::::::::2012-08-21 10:54:11:068 3160 1014 Handler : Updates to install = 12012-08-21 10:54:11:068 3160 1014 Handler : Installing update {5CBDF09E-CC12-4156-9C55-BF9B952738A6}.1022012-08-21 10:54:11:084 3160 5d4 Handler Installing with parameters=-q -z -er, sandbox=C:\WINDOWS\SoftwareDistribution\Download\af1dca7ba584ed594c74473813ba498b.2012-08-21 10:54:16:006 1344 8e4 Report REPORT EVENT: {354804AF-D2E5-4D01-864F-40B10FE402E6} 2012-08-21 10:54:11:006-0400 1 183 101 {768119E9-6732-4DFA-B241-BE26DB65AD08} 100 0 MicrosoftUpdate Success Content Install Installation Successful: Windows successfully installed the following update: Windows Malicious Software Removal Tool - August 2012 (KB890830)2012-08-21 10:54:20:069 3160 5d4 Handler Install completed with 0x80070bc2.2012-08-21 10:54:20:069 3160 1014 Handler : Install completed: result type = 0x1, installer error = False, error = 0x80070bc2, disabled until reboot = No, reboot required = Yes2012-08-21 10:54:20:069 3160 1014 Handler :::::::::2012-08-21 10:54:20:069 3160 1014 Handler :: END :: Handler: Windows Patch Install2012-08-21 10:54:20:069 3160 1014 Handler :::::::::::::2012-08-21 10:54:20:132 1344 10e0 Agent *********2012-08-21 10:54:20:132 1344 10e0 Agent ** END ** Agent: Installing updates [CallerId = MicrosoftUpdate]2012-08-21 10:54:20:132 1344 10e0 Agent *************2012-08-21 10:54:20:179 3116 11ec COMAPI >>-- RESUMED -- COMAPI: Install [ClientId = MicrosoftUpdate]2012-08-21 10:54:20:179 1344 f64 AU Can not perform non-interactive scan if AU is interactive-only2012-08-21 10:54:20:179 3116 11ec COMAPI - Install call complete (succeeded = 25, succeeded with errors = 0, failed = 2, unaccounted = 0)2012-08-21 10:54:20:179 3116 11ec COMAPI - Reboot required = Yes2012-08-21 10:54:20:179 3116 11ec COMAPI ---------2012-08-21 10:54:20:179 3116 11ec COMAPI -- END -- COMAPI: Install [ClientId = MicrosoftUpdate]2012-08-21 10:54:20:179 3116 11ec COMAPI -------------2012-08-21 10:54:25:070 1344 8e4 Report REPORT EVENT: {30221ED3-8C24-416B-BA3E-23DEB96FDFAF} 2012-08-21 10:54:20:069-0400 1 184 101 {5726E26C-8D9F-40AD-8578-EB57021066D1} 102 0 MicrosoftUpdate Success Content Install Installation successful and restart required for the following update: Security Update for Windows XP (KB2723135)2012-08-21 10:59:23:303 3116 1090 COMAPI Installation wizard (API) invoking RebootSystem2012-08-21 10:59:23:335 3116 1090 Misc WARNING: SUS Client is rebooting system.2012-08-21 11:00:04:104 320 122c Misc =========== Logging initialized (build: 7.6.7600.256, tz: -0400) ===========2012-08-21 11:00:04:104 320 122c Misc = Process: \??\C:\WINDOWS\system32\winlogon.exe2012-08-21 11:00:04:104 320 122c Misc = Module: C:\WINDOWS\system32\wuaueng.dll2012-08-21 11:00:04:104 320 122c Shutdwn FATAL: WUAutoUpdateAtShutdown failed, hr=8024A0002012-08-21 11:00:07:214 1344 f64 AU ########### AU: Uninitializing Automatic Updates ###########2012-08-21 11:00:07:448 1344 f64 Agent Sending shutdown notification to client2012-08-21 11:00:07:448 1344 f64 Agent Sending shutdown notification to client2012-08-21 11:00:07:448 1344 f64 Agent Sending shutdown notification to client2012-08-21 11:00:07:448 1344 f64 Agent Sending shutdown notification to client2012-08-21 11:00:08:573 1344 f64 Service *********2012-08-21 11:00:08:573 1344 f64 Service ** END ** Service: Service exit [Exit code = 0x240001]2012-08-21 11:00:08:589 1344 f64 Service *************2012-08-21 11:02:28:843 1420 d88 Misc =========== Logging initialized (build: 7.6.7600.256, tz: -0400) ===========2012-08-21 11:02:29:062 1420 d88 Misc = Process: C:\WINDOWS\system32\svchost.exe2012-08-21 11:02:29:093 1420 d88 Misc = Module: C:\WINDOWS\system32\wuaueng.dll2012-08-21 11:02:28:843 1420 d88 Service *************2012-08-21 11:02:29:093 1420 d88 Service ** START ** Service: Service startup2012-08-21 11:02:29:093 1420 d88 Service *********2012-08-21 11:02:30:312 1420 d88 Agent * WU client version 7.6.7600.2562012-08-21 11:02:30:312 1420 d88 Agent * Base directory: C:\WINDOWS\SoftwareDistribution2012-08-21 11:02:33:140 1420 d88 Agent * Access type: No proxy2012-08-21 11:02:33:156 1420 d88 Agent * Network state: Connected2012-08-21 11:03:30:921 1420 d88 Agent *********** Agent: Initializing Windows Update Agent ***********2012-08-21 11:03:30:921 1420 d88 Agent *********** Agent: Initializing global settings cache ***********2012-08-21 11:03:30:921 1420 d88 Agent * WSUS server: <NULL>2012-08-21 11:03:30:921 1420 d88 Agent * WSUS status server: <NULL>2012-08-21 11:03:30:921 1420 d88 Agent * Target group: (Unassigned Computers)2012-08-21 11:03:30:921 1420 d88 Agent * Windows Update access disabled: No2012-08-21 11:03:30:968 1420 d88 DnldMgr Download manager restoring 0 downloads2012-08-21 11:03:31:531 1420 d88 AU ########### AU: Initializing Automatic Updates ###########2012-08-21 11:03:31:609 1420 d88 AU AU setting next sqm report timeout to 2012-08-21 15:03:312012-08-21 11:03:31:640 1420 d88 AU # AU disabled through Policy2012-08-21 11:03:31:640 1420 d88 AU Initializing featured updates2012-08-21 11:03:31:734 1420 d88 AU Found 0 cached featured updates2012-08-21 11:03:31:734 1420 d88 AU AU finished delayed initialization2012-08-21 11:03:34:406 1420 d88 Report *********** Report: Initializing static reporting data ***********2012-08-21 11:03:34:406 1420 d88 Report * OS Version = 5.1.2600.3.0.657922012-08-21 11:03:34:937 1420 d88 Report * Computer Brand = FUJITSU2012-08-21 11:03:34:937 1420 d88 Report * Computer Model = LifeBook T50102012-08-21 11:03:34:984 1420 d88 Report * Bios Revision = Version 1.112012-08-21 11:03:34:984 1420 d88 Report * Bios Name = Version 1.112012-08-21 11:03:34:984 1420 d88 Report * Bios Release Date = 2009-09-09T00:00:002012-08-21 11:03:34:984 1420 d88 Report * Locale ID = 1033 Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 22, 2012 ID:588580 Share Posted August 22, 2012 Close and exit any open work documents or program windows you opened.1a. Open Internet Explorer (only!) to http://support.microsoft.com/kb/910336 [ignore the title & Symptoms].1b. Dismiss/close the "automated troubleshooter" pop-up! - then...1c. Ignoring any "Not recommended" or similar warnings, run Fix It 50202 in DEFAULT and then AGGRESSIVE modes. [1]2. Reboot & then run a manual check for updates at Windows Update, etc., etc...When you reach Windows Update, do a Custom scan for updates. Take (accept) the ones marked Critical or Important.Decline any that are marked as "optional".Have infinite patience while it scans and does it's work.When it prompts you to Restart Windows, please do that. Allow it to restart.IF and only if you get an "error" or "exception/failure" message, I will need the complete so called "failure code" and description (if you see it).Please have good patience, this is not very complicated. Ask me if you have questions.~~~~~~~~~~~~~~~[1] Running the Fixit in aggressive mode will result in your history of installed MS updates to be "empty" when viewed online at Windows Updates.What is actually installed on your system will not be affected. Link to post Share on other sites More sharing options...
gdsimms Posted August 24, 2012 Author ID:589709 Share Posted August 24, 2012 Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353)Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370)Security Update for Microsoft .NET Framework 3.0 SP2 on Windows Server 2003 and Windows XP x86 (KB2656407) Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 25, 2012 ID:589793 Share Posted August 25, 2012 What about those? Did they update ok? Tell me.IF and only IF they failed, you must provide the "fail-exception codes" for reach. Link to post Share on other sites More sharing options...
gdsimms Posted August 25, 2012 Author ID:589799 Share Posted August 25, 2012 yes they failed. Not sure how to get codes. The only pop-up was saying that these failed. I just copy and pasted what was in the pop up box Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 25, 2012 ID:589800 Share Posted August 25, 2012 sighhh. Keep this as a part of your toolkit. Print out and save this section.Start Windows Update. When you get there, click on View Update history. On each of the above, drill down on each Failed line by clicking once, then do a right click on Failed, then select View details.Get & write down the code at the line marked Error details. Link to post Share on other sites More sharing options...
gdsimms Posted August 25, 2012 Author ID:589802 Share Posted August 25, 2012 ok. here is what I am doing.1. go to start> windows update2. Internet explorer pops up a window with windows update.3. click on "review your update history"4. the only thing there is Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.133.309.0), which succeeded.There is no info on the 3 that failed Link to post Share on other sites More sharing options...
Recommended Posts