Jump to content

ie script errors, popups and running in background while using firefox and other browsers


Recommended Posts

hi, about a week or two ago my computer was auto updated. i think that as a result, my internet settings were changed ( i was unable to download from firefox-downloads were being canceled immediately). i searched the internet and found that i had to change some settings in ie to fix the problem. so, i opened ie (something i rarely if ever do because i HATE ie), changed the settings and that is when the problem started. from that point on, i now get internet explorer script error popups and advertisment popups intermittently while using firefox. i followed some directions that had me change some settings in my internet options, use atf cleaner followed by combofix once and that worked for a few days but then it started happening again. i have subsequently run superantispyware and mbam (purchased) several times but neither of them finds anything. i am running xp (don't laugh, lol!) 32 bit and i have firefox 15. also, i found rkill and have run it. it does stop the problem but of course, it starts again when the computer is rebooted. this morning, videos were playing in the background with no browser window open at all-once i ran rkill the background video play and the scripts stopped immediately...i will include the rkill log as well. i have no idea what version of ie is on my computer because i don't open it. can someone please help me out? do i need to wipe my whole computer?

RKILL LOG

Rkill 2.4.3 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2012 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingc...opic308364.html

Program started at: 10/10/2012 07:57:48 AM in x86 mode.

Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\dla\tfswctrl.exe (PID: 3352) [WD-HEUR]

* C:\WINDOWS\stsystra.exe (PID: 3488) [WD-HEUR]

* C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (PID: 3528) [FI]

* C:\WINDOWS\vsnp2uvc.exe (PID: 3644) [WD-HEUR]

* C:\WINDOWS\tsnp2uvc.exe (PID: 3672) [WD-HEUR]

* C:\DOCUME~1\Nzinga\LOCALS~1\TempCkt\chk.exe (PID: 4020) [sUP-HEUR]

* C:\DOCUME~1\Nzinga\LOCALS~1\TempCkt\chk.exe (PID: 4020) [T-HEUR]

7 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/10/2012 07:58:38 AM

Execution time: 0 hours(s), 0 minute(s), and 49 seconds(s)

DDS TXT LOG

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 10.7.2

Run by Nzinga at 8:01:37 on 2012-10-10

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3318.2202 [GMT -4:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\Tablet\Pen\Pen_TouchService.exe

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

C:\Program Files\Microsoft IntelliType Pro\type32.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\vsnpstd.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Epson Software\Event Manager\EEventManager.exe

C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe

C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHVA.EXE

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\PKWARE\PKZIPM\11.20.0008\PKTray.exe

C:\Documents and Settings\Nzinga\Application Data\Dropbox\bin\Dropbox.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\System32\Notepad.exe

.

============== Pseudo HJT Report ===============

.

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uStart Page = about:blank

uInternet Settings,ProxyServer = 0.0.0.0:80

uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com

uURLSearchHooks: H - No File

BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup

uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [chk] c:\docume~1\nzinga\locals~1\tempckt\chk.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_tatihva.exe /ept "epltarget\P0000000000000000" /M "WorkForce 645"

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

uRunOnce: [spybotDeletingB6501] command.com /c del "c:\program files\common files\spigot\search settings\baidu_ie.xml"

uRunOnce: [spybotDeletingD608] cmd.exe /c del "c:\program files\common files\spigot\search settings\baidu_ie.xml"

uRunOnce: [spybotDeletingB6869] command.com /c del "c:\program files\common files\spigot\search settings\config.ini"

uRunOnce: [spybotDeletingD7959] cmd.exe /c del "c:\program files\common files\spigot\search settings\config.ini"

uRunOnce: [spybotDeletingB9242] command.com /c del "c:\program files\common files\spigot\search settings\yandex_ff.xml"

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [ssAAD.exe] c:\progra~1\sony\sonics~1\SsAAD.exe

mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe"

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"

mRun: [snpstd] c:\windows\vsnpstd.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [snp2uvc] c:\windows\vsnp2uvc.exe

mRun: [tsnp2uvc] c:\windows\tsnp2uvc.exe

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

mRun: [searchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"

mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"

mRun: [FUFAXRCV] "c:\program files\epson software\fax utility\FUFAXRCV.exe"

mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup

mRunOnce: [spybotDeletingA9489] command.com /c del "c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll_old"

StartupFolder: c:\docume~1\nzinga\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\nzinga\application data\dropbox\bin\Dropbox.exe

StartupFolder: c:\docume~1\nzinga\startm~1\programs\startup\epsona~1.lnk - c:\documents and settings\nzinga\application data\leadertech\powerregister\Epson all-in-one Registration.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-ba7e-000000000002}\SC_Acrobat.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secure~1.lnk - c:\program files\pkware\pkzipm\11.20.0008\PKTray.exe

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

TCP: DhcpNameServer = 192.168.11.1

TCP: Interfaces\{B5501C3F-86D7-408B-88F3-C3B4DA3FE157} : DhcpNameServer = 192.168.11.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Notify: igfxcui - igfxdev.dll

Notify: LMIinit - LMIinit.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\nzinga\application data\mozilla\firefox\profiles\msnjx4x8.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\palm\packag~1\NPInstal.dll

FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\tabletplugins\npwacom.dll

FF - plugin: c:\program files\tabletplugins\npWacomTabletPlugin.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

.

============= SERVICES / DRIVERS ===============

.

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-29 116608]

R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]

R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-9-9 45848]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-6 399432]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-28 676936]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

R2 TabletServicePen;TabletServicePen;c:\program files\tablet\pen\Pen_Tablet.exe [2012-9-15 5553016]

R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\tablet\pen\Pen_TouchService.exe [2012-9-15 451960]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-28 22856]

S1 SABKUTIL;SABKUTIL;\??\c:\program files\superantispyware\sabkutil.sys --> c:\program files\superantispyware\SABKUTIL.sys [?]

S2 HPFECP15;HPFECP15;c:\windows\system32\drivers\HPFecp15.sys [1998-9-4 52800]

S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]

S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys --> c:\windows\system32\drivers\motfilt.sys [?]

S3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [2012-7-23 27424]

S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys --> c:\windows\system32\drivers\motccgp.sys [?]

S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys --> c:\windows\system32\drivers\motccgpfl.sys [?]

S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\motousbnet.sys --> c:\windows\system32\drivers\Motousbnet.sys [?]

S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys --> c:\windows\system32\drivers\motusbdevice.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-27 114144]

S4 LMIRfsClientNP;LMIRfsClientNP; [x]

.

=============== Created Last 30 ================

.

2012-10-10 11:47:46 -------- d-----w- c:\windows\system32\wbem\repository\FS

2012-10-10 11:47:46 -------- d-----w- c:\windows\system32\wbem\Repository

2012-10-10 11:46:38 -------- d-----w- c:\program files\EarthLink Setup

2012-10-10 11:46:34 -------- d-----w- c:\program files\MyVideoDaily2

2012-10-10 11:46:33 -------- d-----w- c:\program files\YTD Toolbar

2012-10-10 11:46:32 -------- d-----w- c:\documents and settings\nzinga\application data\YTD

2012-10-10 11:46:14 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-10-10 11:45:56 -------- d-----w- c:\program files\common files\Spigot

2012-10-09 21:27:08 -------- d-----w- c:\program files\common files\Comodo

2012-10-09 21:23:22 -------- d-----w- c:\documents and settings\all users\application data\CPA_VA

2012-10-09 21:16:38 -------- d-----w- c:\documents and settings\all users\application data\Comodo

2012-10-09 20:57:02 -------- d-----w- c:\documents and settings\nzinga\local settings\application data\COMODO

2012-10-09 20:56:43 -------- d-----w- c:\program files\Comodo

2012-10-09 11:06:09 -------- d-----w- c:\windows\system32\NtmsData

2012-10-09 09:53:17 -------- d-----w- c:\documents and settings\nzinga\application data\QuickScan

2012-10-09 09:44:11 -------- d-----w- c:\program files\SpywareBlaster

2012-10-09 00:45:50 -------- d-----w- c:\program files\Spybot - Search & Destroy

2012-10-09 00:45:50 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy

2012-10-09 00:41:26 -------- d-----w- c:\documents and settings\nzinga\application data\Leader Technologies

2012-10-08 23:59:44 -------- d-----w- c:\program files\LTCM Client

2012-10-08 23:51:06 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint

2012-10-08 23:51:05 -------- d-----w- c:\program files\common files\ABBYY

2012-10-08 23:51:05 -------- d-----w- c:\documents and settings\all users\application data\ABBYY

2012-10-08 23:39:30 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-10-08 23:39:29 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-10-08 23:39:13 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-10-08 23:32:50 -------- d-----w- c:\program files\common files\EPSON

2012-10-08 23:28:23 -------- d-----w- c:\program files\Epson America Inc

2012-10-08 23:27:08 -------- d-----w- c:\program files\Epson Software

2012-10-08 23:26:16 93696 ----a-w- c:\windows\system32\E_TLBHVA.DLL

2012-10-08 23:26:16 81408 ----a-w- c:\windows\system32\E_TD4BHVA.DLL

2012-10-08 23:25:49 -------- d-----w- c:\documents and settings\all users\application data\EPSON

2012-10-08 23:25:39 342016 ----a-w- c:\windows\system32\eswiaud.dll

2012-10-08 23:25:39 132560 ----a-w- c:\windows\system32\esdevapp.exe

2012-10-08 23:25:39 12800 ----a-w- c:\windows\system32\escdev.dll

2012-09-21 22:44:50 -------- d-----w- c:\documents and settings\all users\application data\YTD Video Downloader

2012-09-19 12:27:09 16384 ----a-w- c:\windows\system32\FileOps.exe

2012-09-15 23:08:26 -------- d-----w- c:\documents and settings\nzinga\application data\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1

2012-09-15 23:07:53 -------- d-----w- c:\documents and settings\nzinga\application data\Wacom

2012-09-15 23:07:47 -------- d-----w- c:\documents and settings\all users\application data\Wacom

2012-09-15 23:07:08 -------- d-----w- c:\program files\Bamboo Dock

2012-09-15 23:05:18 -------- d-----w- c:\documents and settings\nzinga\application data\WTablet

2012-09-15 23:05:17 1107832 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll

2012-09-15 23:05:10 -------- d-----w- c:\program files\TabletPlugins

2012-09-15 23:04:55 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys

2012-09-15 23:04:48 14120 ----a-w- c:\windows\system32\drivers\wacomvhid.sys

2012-09-15 23:04:45 1369464 ----a-w- c:\windows\system32\Pen_Tablet.dll

2012-09-15 23:04:45 1156472 ----a-w- c:\windows\system32\Wintab32.dll

2012-09-15 23:04:45 1152888 ----a-w- c:\windows\system32\WacomMT.dll

2012-09-15 23:04:42 -------- d-----w- c:\program files\Tablet

.

==================== Find3M ====================

.

2012-10-08 23:38:46 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-07 21:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-27 19:12:39 832512 ----a-w- c:\windows\system32\wininet.dll

2012-08-27 19:12:36 268288 ----a-w- c:\windows\system32\iertutil(2).dll

2012-08-27 19:12:36 1830912 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-27 19:12:35 78336 ----a-w- c:\windows\system32\ieencode.dll

2012-08-27 19:12:34 17408 ----a-w- c:\windows\system32\corpol.dll

2012-08-02 14:09:42 1409 ----a-w- c:\windows\QTFont.for

2012-07-24 02:04:47 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys

2012-04-11 15:28:36 799441 ----a-w- c:\program files\RegpairSetup.exe

2012-02-19 16:37:57 692480 ----a-w- c:\program files\RealPlayer.exe

2011-09-22 13:14:48 5335216 ----a-w- c:\program files\minuswindows.exe

2011-09-04 13:41:05 20278864 ----a-w- c:\program files\companionlink.exe

2011-05-31 17:28:01 56712856 ----a-w- c:\program files\Avery Wizard 4.0.0.exe

2010-11-16 00:53:56 13525424 ----a-w- c:\program files\Dropbox 0.7.110.exe

2010-11-05 16:28:15 8567280 ----a-w- c:\program files\Firefox Setup 3.6.12.exe

2010-07-02 14:53:01 9070816 ----a-w- c:\program files\SUPERAntiSpyware.exe

2010-01-19 11:48:23 10600847 ----a-w- c:\program files\SeaMonkey Setup 2.0.2.exe

2010-01-04 15:52:04 10601579 ----a-w- c:\program files\SeaMonkey Setup 2.0.1.exe

2009-09-22 11:12:12 13266944 ----a-w- c:\program files\seamonkey-1.1.18.en-US.win32.installer.exe

2009-03-11 21:11:17 1606063 ----a-w- c:\program files\treodekstop213setup.exe

2009-01-31 15:43:45 7518240 ----a-w- c:\program files\Firefox Setup 3.0.5.exe

2009-01-17 17:41:07 13029376 ----a-w- c:\program files\seamonkey-1.1.14.en-US.win32.installer.exe

2008-11-09 17:41:52 11464704 ----a-w- c:\program files\sharecalendar_setup.exe

2008-10-01 00:27:11 13025280 ----a-w- c:\program files\seamonkey-1.1.12.exe

2008-06-26 03:00:29 4898144 ----a-w- c:\program files\LimeWireWin18.exe

2008-04-09 15:12:43 13012992 ----a-w- c:\program files\seamonkey-1.1.9.en-US.win32.installer.exe

2008-03-24 23:50:25 13000704 ----a-w- c:\program files\seamonkey-1.1.8.exe

2007-12-21 09:06:18 13025280 ----a-w- c:\program files\seamonkey-1.1.7.en-US.win32.installer.exe

2007-12-17 12:35:03 51622242 ----a-w- c:\program files\ACEMCP603PRO.exe

2007-12-17 11:55:01 7045601 ----a-w- c:\program files\XP_Codec_Pack_2.3.4.exe

2007-12-17 10:48:36 25755448 ----a-w- c:\program files\wmp11-windowsxp-x86-enu.exe

2007-11-01 16:07:08 11160320 ----a-w- c:\program files\pk zip.exe

2007-08-26 15:32:29 13012992 ----a-w- c:\program files\seamonkey-1.1.4.en-US.win32.installer.exe

2007-07-21 08:25:01 3126056 ----a-w- c:\program files\LimeWireWin.exe

2007-06-16 14:25:27 315318 ----a-w- c:\program files\soltvradio_setup.exe

2007-04-11 17:24:09 10976768 ----a-w- c:\program files\Sprint_PCS_CM_v034.msi

2007-04-11 17:23:50 10740224 ----a-w- c:\program files\SprintPCSConnectionMgr_V3.01.040.msi

2007-04-11 17:10:36 10420865 ----a-w- c:\program files\bitpim-0.9.14-setup.exe

2007-04-09 18:30:47 19994184 ----a-w- c:\program files\QuickTimeInstaller.exe

2007-04-04 12:01:44 12992512 ----a-w- c:\program files\seamonkey-1.1.1.en-US.win32.installer.exe

2007-04-03 21:37:26 10059790 ----a-w- c:\program files\bitpim-0.9.13-setup.exe

2007-02-24 00:34:32 8643136 ----a-w- c:\program files\ymsgr7_437_us.exe

2007-01-18 15:00:19 6342512 ----a-w- c:\program files\Thunderbird Setup 1.5.0.9.exe

2007-01-18 14:31:12 5971432 ----a-w- c:\program files\Firefox Setup 2.0.0.1.exe

2006-10-10 17:41:44 16504464 ----a-w- c:\program files\jre-1_5_0_08-windows-i586-p.exe

2006-10-10 17:37:33 21290704 ----a-w- c:\program files\AdbeRdr708 mozilla plugin.exe

2006-10-10 14:18:33 3054417 ----a-w- c:\program files\FSViewerSetup26.exe

2006-10-01 18:05:57 6335024 ----a-w- c:\program files\Thunderbird Setup 1.5.0.7.exe

2006-09-30 16:32:31 1805498 ----a-w- c:\program files\ultimate zip.exe

2006-09-30 16:25:04 2146871 ----a-w- c:\program files\zipitfast.exe

2006-09-26 17:59:46 47652464 ----a-w- c:\program files\PlusDME_Full.exe

2006-09-26 17:59:00 47652464 ----a-w- c:\program files\Super Pack.exe

2006-07-27 14:20:15 8701008 ----a-w- c:\program files\jewelquest_at.exe

2006-07-13 01:33:19 12038352 ----a-w- c:\program files\mozilla-win32-1.7.13-installer.exe

2006-07-05 13:43:08 4864452 ----a-w- c:\program files\palm401upgrade2.exe

2006-06-30 02:26:50 24070456 ----a-w- c:\program files\windows media player11-windowsxp-x86-enu.exe

2006-06-07 13:54:49 937001 ----a-w- c:\program files\soulseek156c.exe

2006-06-05 19:19:37 705536 ----a-w- c:\program files\MoozikoPlayerSetup.msi

2006-04-22 15:20:38 5432500 ----a-w- c:\program files\ImageMixerV151.exe

2006-03-13 15:32:46 9739116 ----a-w- c:\program files\SimpleOcr.exe

2006-03-01 19:18:58 12754672 ----a-w- c:\program files\MP10Setup.exe

2006-03-01 16:20:40 1419556 ----a-w- c:\program files\klitecodec270b.exe

2006-02-24 21:10:28 2002069 ----a-w- c:\program files\yahoo_texttwist_tm1-1.exe

2006-01-30 19:48:54 27160459 ----a-w- c:\program files\Norton Antivirus download.EXE

2006-01-18 01:00:20 12026576 ----a-w- c:\program files\mozilla-win32-1.7.8-installer.exe

2006-01-17 22:11:32 948936 ----a-w- c:\program files\install_flash_player.exe

2005-12-18 17:58:27 12899744 ----a-w- c:\program files\RealPlayer10-5GOLD_bb.exe

2005-12-17 03:01:46 54725800 ----a-w- c:\program files\iPodSetup.exe

2005-12-16 15:26:23 34412848 ----a-w- c:\program files\iTunesSetup.exe

2005-12-14 19:09:01 1619132 ----a-w- c:\program files\freeripmp3.exe

2005-12-10 05:25:12 2855080 ----a-w- c:\program files\adawaresepersonal.exe

.

============= FINISH: 8:02:47.22 ===============

ATTACH TXT LOG

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 11/21/2005 8:25:00 PM

System Uptime: 10/10/2012 7:48:27 AM (1 hours ago)

.

Motherboard: Dell Inc. | | 0RD203

Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 70 GiB total, 7.932 GiB free.

D: is CDROM ()

E: is CDROM ()

G: is FIXED (NTFS) - 1863 GiB total, 1613.626 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1514: 10/8/2012 2:31:46 PM - Software Distribution Service 3.0

RP1515: 10/8/2012 7:19:05 PM - Removed Applet_Web

RP1516: 10/8/2012 7:19:26 PM - Removed Applet_App

RP1517: 10/8/2012 7:19:46 PM - Removed Applet_Ocr

RP1518: 10/8/2012 7:20:07 PM - Removed Applet_Email

RP1519: 10/8/2012 7:20:19 PM - Removed Applet_File

RP1520: 10/8/2012 7:20:32 PM - Removed Applet_CopyToFax

RP1521: 10/8/2012 7:20:44 PM - Removed Applet_VC

RP1522: 10/8/2012 7:20:58 PM - Removed Applet_Copy

RP1523: 10/8/2012 7:21:09 PM - Removed Smart Panel

RP1524: 10/8/2012 7:21:57 PM - Removed EPSON PhotoStarter3.2

RP1525: 10/8/2012 7:23:00 PM - Removed EPSON CardMonitor

RP1526: 10/8/2012 7:26:59 PM - Installed Epson Event Manager

RP1527: 10/8/2012 7:28:22 PM - Installed Epson Connect

RP1528: 10/8/2012 7:29:33 PM - Installed FAX Utility

RP1529: 10/8/2012 7:36:27 PM - Removed Java™ 6 Update 11

RP1530: 10/8/2012 7:38:38 PM - Installed Java 7 Update 7

RP1531: 10/8/2012 7:50:41 PM - Installed ABBYY FineReader 9.0 Sprint

RP1532: 10/9/2012 12:07:37 AM - Restore Operation

RP1533: 10/9/2012 12:34:09 AM - Relatively Stable 10.9.2012 1233am

RP1534: 10/9/2012 6:57:56 AM - YTD Gone-No Popups

RP1535: 10/9/2012 6:59:40 AM - Removed Ad-Aware

RP1536: 10/9/2012 7:00:22 AM - Removed EarthLink setup files

RP1537: 10/9/2012 7:01:47 AM - Removed RAW FILE CONVERTER LE

RP1538: 10/9/2012 7:02:58 AM - Removed YTD Toolbar v6.2.

RP1539: 10/10/2012 7:36:19 AM - Removed COMODO Internet Security

RP1540: 10/10/2012 7:44:28 AM - Restore Operation

.

==== Installed Programs ======================

.

7-Zip 4.65

ABBYY FineReader 9.0 Sprint

Ad-Aware

Adobe Acrobat 7.0 Standard

Adobe Acrobat 7.1.0 Standard

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Flash Player ActiveX

Adobe Illustrator 10

Adobe Photoshop 6.0

Adobe Photoshop 7.0

Adobe SVG Viewer 3.0

AOLIcon

Apple Software Update

ArcSoft Software Suite

Audacity 1.2.6

Avery Wizard 4.0

Bamboo

Bamboo Dock

BitPim 0.9.14

CCleaner

CompanionLink

Compatibility Pack for the 2007 Office system

Critical Update for Windows Media Player 11 (KB959772)

Dell Driver Reset Tool

Dell Picture Studio v3.0

Dell Support 3.1

Dell System Restore

DellConnect

Digital Content Portal

Documents To Go

Dropbox

EarthLink setup files

EducateU

EndNote 8.0.1

Epson Connect

Epson Customer Participation

Epson Download Navigator

Epson Event Manager

Epson FAX Utility

Epson PC-FAX Driver

EPSON Scan

EPSON WorkForce 645 Series Printer Uninstall

FaxTalk Communicator 4.5

FileMaker Pro 5.0

FreeRIP v2.945

FreeRIP v3.2

GemMaster Mystic

Get High Speed Internet!

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP DeskJet 895C Series (Remove only)

Image Transfer

ImageMixer for Sony

ImageMixer VCD2 for FinePix

Intel® 537EP V9x DF PCI Modem

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections Drivers

Intel® PROSet for Wired Connections

Internet Explorer Default Page

iPod for Windows 2005-10-12

ISI ResearchSoft - Export Helper

iTunes

Java 7 Update 7

Java Auto Updater

K-Lite Codec Pack 2.70 Basic

Learn2 Player (Uninstall Only)

LTCM Client

Macromedia Flash Player

Malwarebytes Anti-Malware version 1.65.0.1400

MD Simple Burner 2.0.04

Microsoft .NET Framework 1.0 Hotfix (KB2572066)

Microsoft .NET Framework 1.0 Hotfix (KB2604042)

Microsoft .NET Framework 1.0 Hotfix (KB2656378)

Microsoft .NET Framework 1.0 Hotfix (KB953295)

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft IntelliType Pro 5.3

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft National Language Support Downlevel APIs

Microsoft Office Professional Edition 2003

Microsoft Plus! Digital Media Edition

Microsoft Plus! Digital Media Edition Installer

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

MicroStaff WINASPI

Modem Event Monitor

Modem Helper

Modem On Hold

MotoHelper MergeModules

Mozilla (1.7.8)

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

Mozilla Thunderbird (1.5)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyVideoDaily 2

MyWay Search Assistant

OpenMG Limited Patch 4.4-06-13-19-01

OpenMG Secure Module 4.4.00

OpenOffice.org Installer 1.0

Otto

Palm Desktop by ACCESS

Palm HotSync® Mail 4.0

Picasa 3

Player

QuickTime

RAW FILE CONVERTER LE

RealPlayer

ScanToWeb

SeaMonkey (1.1.17)

SecureZIP for Windows 11.20.0008

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2530548)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2559049)

Security Update for Windows Internet Explorer 7 (KB2586448)

Security Update for Windows Internet Explorer 7 (KB2618444)

Security Update for Windows Internet Explorer 7 (KB2647516)

Security Update for Windows Internet Explorer 7 (KB2675157)

Security Update for Windows Internet Explorer 7 (KB2699988)

Security Update for Windows Internet Explorer 7 (KB2722913)

Security Update for Windows Internet Explorer 7 (KB2744842)

Security Update for Windows Internet Explorer 7 (KB928090)

Security Update for Windows Internet Explorer 7 (KB929969)

Security Update for Windows Internet Explorer 7 (KB931768)

Security Update for Windows Internet Explorer 7 (KB933566)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB974455)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB978207)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Serials 2000 v6.0

SigmaTel Audio

Skype Click to Call

Skype™ 5.5

Sonic DLA

Sonic Encoders

Sonic MyDVD LE

Sonic RecordNow Audio

Sonic RecordNow Copy

Sonic RecordNow Data

Sonic Update Manager

SonicStage 3.4

Sony USB Driver

Sound Forge 4.5c Build-281

Spybot - Search & Destroy

SUPERAntiSpyware

Treodesktop 2.13

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 7 (KB976749)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2616676-v2)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

USB PC Camera (SN9C102)

USB Video Device

Viewpoint Media Player

VLC media player 2.0.2

WebFldrs XP

WebTablet FB Plugin

WebTablet IE Plugin

WebTablet Netscape Plugin

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Media Format 11 runtime

Windows Media Player 10

Windows Media Player 11

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB2619340

Windows XP Media Center Edition 2005 KB2628259

Windows XP Media Center Edition 2005 KB895198

Windows XP Media Center Edition 2005 KB925766

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

WinZip

Wise Registry Cleaner 7.15

WordPerfect Office 12

Yahoo! Messenger

YTD Toolbar v6.2

YTD Video Downloader 3.9.2

.

==== Event Viewer Messages From Past Week ========

.

10/9/2012 11:46:55 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.

10/9/2012 11:46:45 AM, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom1.

10/8/2012 9:24:38 PM, error: Service Control Manager [7034] - The Application Updater service terminated unexpectedly. It has done this 1 time(s).

10/8/2012 8:38:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

10/8/2012 8:38:15 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip WS2IFSL

10/8/2012 8:38:15 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

10/8/2012 8:38:15 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

10/8/2012 8:38:15 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

10/8/2012 8:38:15 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

10/8/2012 8:37:34 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

10/8/2012 8:37:29 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

10/8/2012 2:31:32 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000034' while processing the file '~efe2.tmp' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

10/8/2012 11:46:46 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/8/2012 11:46:15 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.

10/5/2012 12:33:55 PM, error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.

10/3/2012 3:40:00 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.

10/3/2012 3:40:00 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.

10/3/2012 3:40:00 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .

10/3/2012 3:40:00 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .

10/3/2012 3:40:00 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2.

10/3/2012 3:40:00 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

hi, and thanks so much for the welcome and the much needed help! i did as you requested and ran the quick scan. however, i have not restarted my computer since i last ran rkill which, as i explained above, stopped/stops the popups. should i restart my computer and fun the mbam quick scan again? i have posted the mbam quick scan results below but as you can see, it found nothing. also, should i restart before i follow the combofix instructions?

Malwarebytes Anti-Malware (PRO) 1.65.0.1400

www.malwarebytes.org

Database version: v2012.10.12.06

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 7.0.5730.11

Nzinga :: NZINGA1 [administrator]

Protection: Enabled

10/12/2012 3:38:52 PM

mbam-log-2012-10-12 (15-38-52).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 238315

Time elapsed: 6 minute(s), 4 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Hi, I went ahead and restarted the computer before running combofix since i thought rkill may have suspended the malware before running combofix therefor giving combofix nothing (running) to find. i disabled my mbam and superantispyware before running combofix. i also re-ran the dds tool as you instructed. the logs for all three the log are below.

COMBOFIX LOG 10.14.2012

((((((((((((((((((((((((( Files Created from 2012-09-14 to 2012-10-14 )))))))))))))))))))))))))))))))

.

.

2012-10-10 11:47 . 2012-10-10 11:47 -------- d-----w- c:\windows\system32\wbem\Repository

2012-10-10 11:47 . 2012-10-10 11:47 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\BVRP Software

2012-10-09 11:06 . 2012-10-09 11:07 -------- d-----w- c:\windows\system32\NtmsData

2012-10-09 09:53 . 2012-10-09 09:55 -------- d-----w- c:\documents and settings\Nzinga\Application Data\QuickScan

2012-10-09 09:44 . 2012-10-10 11:46 -------- d-----w- c:\program files\SpywareBlaster

2012-10-09 00:45 . 2012-10-10 11:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2012-10-09 00:45 . 2012-10-10 11:47 -------- d-----w- c:\program files\Spybot - Search & Destroy

2012-10-09 00:41 . 2012-10-09 00:41 -------- d-----w- c:\documents and settings\Nzinga\Application Data\Leader Technologies

2012-10-08 23:59 . 2012-10-10 11:47 -------- d-----w- c:\program files\LTCM Client

2012-10-08 23:51 . 2012-10-10 11:47 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint

2012-10-08 23:51 . 2012-10-09 04:08 -------- d-----w- c:\documents and settings\All Users\Application Data\ABBYY

2012-10-08 23:51 . 2012-10-08 23:51 -------- d-----w- c:\program files\Common Files\ABBYY

2012-10-08 23:39 . 2012-10-08 23:38 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-10-08 23:39 . 2012-10-08 23:38 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-10-08 23:39 . 2012-10-08 23:38 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-10-08 23:38 . 2012-10-08 23:38 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

2012-10-08 23:34 . 2012-10-08 23:34 -------- d-----w- c:\documents and settings\LocalService\Application Data\Epson

2012-10-08 23:32 . 2012-10-08 23:32 -------- d-----w- c:\program files\Common Files\EPSON

2012-10-08 23:28 . 2012-10-08 23:28 -------- d-----w- c:\program files\Epson America Inc

2012-10-08 23:27 . 2012-10-08 23:29 -------- d-----w- c:\program files\Epson Software

2012-10-08 23:26 . 2010-09-28 14:01 93696 ----a-w- c:\windows\system32\E_TLBHVA.DLL

2012-10-08 23:26 . 2010-08-09 14:02 81408 ----a-w- c:\windows\system32\E_TD4BHVA.DLL

2012-10-08 23:25 . 2012-10-08 23:26 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON

2012-10-08 23:25 . 2009-10-16 04:00 132560 ----a-w- c:\windows\system32\esdevapp.exe

2012-10-08 23:25 . 2009-10-16 04:00 12800 ----a-w- c:\windows\system32\escdev.dll

2012-10-08 23:25 . 2009-09-17 04:00 342016 ----a-w- c:\windows\system32\eswiaud.dll

2012-09-21 22:44 . 2012-10-09 11:04 -------- d-----w- c:\documents and settings\All Users\Application Data\YTD Video Downloader

2012-09-19 12:27 . 2001-10-26 21:16 16384 ----a-w- c:\windows\system32\FileOps.exe

2012-09-15 23:08 . 2012-09-15 23:08 -------- d-----w- c:\documents and settings\Nzinga\Application Data\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1

2012-09-15 23:07 . 2012-09-15 23:07 -------- d-----w- c:\documents and settings\Nzinga\Application Data\Wacom

2012-09-15 23:07 . 2012-09-15 23:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Wacom

2012-09-15 23:07 . 2012-09-15 23:07 -------- d-----w- c:\program files\Common Files\Adobe AIR

2012-09-15 23:07 . 2012-09-15 23:07 -------- d-----w- c:\program files\Bamboo Dock

2012-09-15 23:05 . 2012-09-15 23:05 -------- d-----w- c:\documents and settings\Nzinga\Application Data\WTablet

2012-09-15 23:05 . 2011-07-05 22:01 1107832 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll

2012-09-15 23:04 . 2011-05-16 21:15 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys

2012-09-15 23:04 . 2011-05-16 21:15 14120 ----a-w- c:\windows\system32\drivers\wacomvhid.sys

2012-09-15 23:04 . 2011-07-05 22:01 1156472 ----a-w- c:\windows\system32\Wintab32.dll

2012-09-15 23:04 . 2011-07-05 22:01 1152888 ----a-w- c:\windows\system32\WacomMT.dll

2012-09-15 23:04 . 2011-07-05 22:01 1369464 ----a-w- c:\windows\system32\Pen_Tablet.dll

2012-09-15 23:04 . 2012-09-15 23:05 -------- d-----w- c:\program files\Tablet

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-08 23:38 . 2010-11-25 06:05 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-07 21:04 . 2011-08-28 15:37 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-27 19:12 . 2004-08-19 20:49 832512 ----a-w- c:\windows\system32\wininet.dll

2012-08-27 19:12 . 2006-10-17 16:57 268288 ----a-w- c:\windows\system32\iertutil(2).dll

2012-08-27 19:12 . 2004-08-19 20:49 1830912 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-27 19:12 . 2004-08-19 20:49 78336 ----a-w- c:\windows\system32\ieencode.dll

2012-08-27 19:12 . 2004-08-19 20:49 17408 ----a-w- c:\windows\system32\corpol.dll

2012-08-02 14:09 . 2012-08-02 14:09 1409 ----a-w- c:\windows\QTFont.for

2012-07-24 02:04 . 2012-07-24 02:04 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys

2012-04-11 15:28 . 2012-04-11 15:28 799441 ----a-w- c:\program files\RegpairSetup.exe

2012-02-19 16:37 . 2012-02-19 16:37 692480 ----a-w- c:\program files\RealPlayer.exe

2011-09-22 13:14 . 2011-09-22 13:14 5335216 ----a-w- c:\program files\minuswindows.exe

2011-09-04 13:41 . 2011-09-04 13:41 20278864 ----a-w- c:\program files\companionlink.exe

2011-05-31 17:28 . 2011-05-31 17:27 56712856 ----a-w- c:\program files\Avery Wizard 4.0.0.exe

2010-11-16 00:53 . 2010-11-15 22:34 13525424 ----a-w- c:\program files\Dropbox 0.7.110.exe

2010-11-05 16:28 . 2010-11-05 16:27 8567280 ----a-w- c:\program files\Firefox Setup 3.6.12.exe

2010-07-02 14:53 . 2010-07-02 14:53 9070816 ----a-w- c:\program files\SUPERAntiSpyware.exe

2010-01-19 11:48 . 2010-01-19 11:48 10600847 ----a-w- c:\program files\SeaMonkey Setup 2.0.2.exe

2010-01-04 15:52 . 2010-01-04 15:50 10601579 ----a-w- c:\program files\SeaMonkey Setup 2.0.1.exe

2009-09-22 11:12 . 2009-09-22 11:11 13266944 ----a-w- c:\program files\seamonkey-1.1.18.en-US.win32.installer.exe

2009-03-11 21:11 . 2009-03-11 21:10 1606063 ----a-w- c:\program files\treodekstop213setup.exe

2009-01-31 15:43 . 2009-01-31 15:43 7518240 ----a-w- c:\program files\Firefox Setup 3.0.5.exe

2009-01-17 17:41 . 2009-01-17 17:40 13029376 ----a-w- c:\program files\seamonkey-1.1.14.en-US.win32.installer.exe

2008-11-09 17:41 . 2008-11-09 17:40 11464704 ----a-w- c:\program files\sharecalendar_setup.exe

2008-10-01 00:27 . 2008-10-01 00:25 13025280 ----a-w- c:\program files\seamonkey-1.1.12.exe

2008-06-26 03:00 . 2008-06-26 03:00 4898144 ----a-w- c:\program files\LimeWireWin18.exe

2008-04-09 15:12 . 2008-04-09 15:11 13012992 ----a-w- c:\program files\seamonkey-1.1.9.en-US.win32.installer.exe

2008-03-24 23:50 . 2008-03-24 23:50 13000704 ----a-w- c:\program files\seamonkey-1.1.8.exe

2007-12-21 09:06 . 2007-12-21 09:06 13025280 ----a-w- c:\program files\seamonkey-1.1.7.en-US.win32.installer.exe

2007-12-17 12:35 . 2007-12-17 12:30 51622242 ----a-w- c:\program files\ACEMCP603PRO.exe

2007-12-17 11:55 . 2007-12-17 11:54 7045601 ----a-w- c:\program files\XP_Codec_Pack_2.3.4.exe

2007-12-17 10:48 . 2006-09-26 17:36 25755448 ----a-w- c:\program files\wmp11-windowsxp-x86-enu.exe

2007-11-01 16:07 . 2007-11-01 16:06 11160320 ----a-w- c:\program files\pk zip.exe

2007-08-26 15:32 . 2007-08-26 15:31 13012992 ----a-w- c:\program files\seamonkey-1.1.4.en-US.win32.installer.exe

2007-07-21 08:25 . 2007-07-21 08:25 3126056 ----a-w- c:\program files\LimeWireWin.exe

2007-06-16 14:25 . 2007-06-16 14:25 315318 ----a-w- c:\program files\soltvradio_setup.exe

2007-04-11 17:24 . 2007-04-11 17:21 10976768 ----a-w- c:\program files\Sprint_PCS_CM_v034.msi

2007-04-11 17:23 . 2007-04-11 17:21 10740224 ----a-w- c:\program files\SprintPCSConnectionMgr_V3.01.040.msi

2007-04-11 17:10 . 2007-04-11 17:09 10420865 ----a-w- c:\program files\bitpim-0.9.14-setup.exe

2007-04-09 18:30 . 2007-04-09 18:29 19994184 ----a-w- c:\program files\QuickTimeInstaller.exe

2007-04-04 12:01 . 2007-04-04 12:00 12992512 ----a-w- c:\program files\seamonkey-1.1.1.en-US.win32.installer.exe

2007-04-03 21:37 . 2007-04-03 21:37 10059790 ----a-w- c:\program files\bitpim-0.9.13-setup.exe

2007-02-24 00:34 . 2007-02-24 00:34 8643136 ----a-w- c:\program files\ymsgr7_437_us.exe

2007-01-18 15:00 . 2007-01-18 14:59 6342512 ----a-w- c:\program files\Thunderbird Setup 1.5.0.9.exe

2007-01-18 14:31 . 2007-01-18 14:31 5971432 ----a-w- c:\program files\Firefox Setup 2.0.0.1.exe

2006-10-10 17:41 . 2006-10-10 17:41 16504464 ----a-w- c:\program files\jre-1_5_0_08-windows-i586-p.exe

2006-10-10 17:37 . 2006-10-10 17:37 21290704 ----a-w- c:\program files\AdbeRdr708 mozilla plugin.exe

2006-10-10 14:18 . 2006-10-10 14:18 3054417 ----a-w- c:\program files\FSViewerSetup26.exe

2006-10-01 18:05 . 2006-10-01 18:05 6335024 ----a-w- c:\program files\Thunderbird Setup 1.5.0.7.exe

2006-09-30 16:32 . 2006-09-30 16:32 1805498 ----a-w- c:\program files\ultimate zip.exe

2006-09-30 16:25 . 2006-09-30 16:25 2146871 ----a-w- c:\program files\zipitfast.exe

2006-09-26 17:59 . 2006-09-26 17:58 47652464 ----a-w- c:\program files\PlusDME_Full.exe

2006-09-26 17:59 . 2006-09-26 17:57 47652464 ----a-w- c:\program files\Super Pack.exe

2006-07-27 14:20 . 2006-07-27 14:18 8701008 ----a-w- c:\program files\jewelquest_at.exe

2006-07-13 01:33 . 2006-07-13 01:28 12038352 ----a-w- c:\program files\mozilla-win32-1.7.13-installer.exe

2006-07-05 13:43 . 2006-07-05 13:41 4864452 ----a-w- c:\program files\palm401upgrade2.exe

2006-06-30 02:26 . 2006-06-30 02:22 24070456 ----a-w- c:\program files\windows media player11-windowsxp-x86-enu.exe

2006-06-07 13:54 . 2006-06-07 13:55 937001 ----a-w- c:\program files\soulseek156c.exe

2006-06-05 19:19 . 2006-06-05 19:19 705536 ----a-w- c:\program files\MoozikoPlayerSetup.msi

2006-04-22 15:20 . 2006-04-22 15:19 5432500 ----a-w- c:\program files\ImageMixerV151.exe

2006-03-13 15:32 . 2006-03-13 15:31 9739116 ----a-w- c:\program files\SimpleOcr.exe

2006-03-01 19:18 . 2006-03-01 19:16 12754672 ----a-w- c:\program files\MP10Setup.exe

2006-03-01 16:20 . 2006-03-01 16:20 1419556 ----a-w- c:\program files\klitecodec270b.exe

2006-02-24 21:10 . 2006-02-24 21:10 2002069 ----a-w- c:\program files\yahoo_texttwist_tm1-1.exe

2006-01-30 19:48 . 2006-03-16 16:23 27160459 ----a-w- c:\program files\Norton Antivirus download.EXE

2006-01-18 01:00 . 2006-01-18 00:54 12026576 ----a-w- c:\program files\mozilla-win32-1.7.8-installer.exe

2006-01-17 22:11 . 2006-01-18 22:49 948936 ----a-w- c:\program files\install_flash_player.exe

2005-12-18 17:58 . 2005-12-18 17:56 12899744 ----a-w- c:\program files\RealPlayer10-5GOLD_bb.exe

2005-12-17 03:01 . 2005-12-17 02:51 54725800 ----a-w- c:\program files\iPodSetup.exe

2005-12-16 15:26 . 2005-12-16 15:13 34412848 ----a-w- c:\program files\iTunesSetup.exe

2005-12-14 19:09 . 2005-12-14 19:09 1619132 ----a-w- c:\program files\freeripmp3.exe

2005-12-10 05:25 . 2005-12-10 05:25 2855080 ----a-w- c:\program files\adawaresepersonal.exe

2012-09-13 15:18 . 2012-09-13 15:18 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2005-05-15 332800]

"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-09-28 4780928]

"chk"="c:\docume~1\Nzinga\LOCALS~1\TempCkt\chk.exe" [2010-07-22 339968]

"EPLTarget\P0000000000000000"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_TATIHVA.EXE" [2011-04-24 219008]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-06 94208]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]

"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]

"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]

"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]

"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]

"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 196608]

"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 339968]

"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]

"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-02-16 282624]

"snp2uvc"="c:\windows\vsnp2uvc.exe" [2007-07-11 569344]

"tsnp2uvc"="c:\windows\tsnp2uvc.exe" [2007-07-11 237568]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2012-03-15 198160]

"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]

"FUFAXRCV"="c:\program files\Epson Software\FAX Utility\FUFAXRCV.exe" [2011-03-09 495616]

"FUFAXSTM"="c:\program files\Epson Software\FAX Utility\FUFAXSTM.exe" [2011-03-09 856064]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"LTCM Client"="c:\program files\LTCM Client\ltcmClient.exe" [2009-08-05 1596096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"SpybotDeletingA9489"="command.com" [2004-08-10 50620]

.

c:\documents and settings\Nzinga\Start Menu\Programs\Startup\

Dropbox.lnk - c:\documents and settings\Nzinga\Application Data\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

Epson all-in-one Registration.lnk - c:\documents and settings\Nzinga\Application Data\Leadertech\PowerRegister\Epson all-in-one Registration.exe [2012-10-8 2561024]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-BA7E-000000000002}\SC_Acrobat.exe [2007-1-23 25214]

Adobe Gamma Loader.LNK - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-11-21 110592]

SecureZIP Attachments Status.lnk - c:\program files\PKWARE\PKZIPM\11.20.0008\PKTray.exe [2007-11-1 197984]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-04 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

2008-05-28 16:32 87352 ----a-w- c:\windows\system32\LMIinit.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk

backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk

backup=c:\windows\pss\HotSync Manager.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Image Transfer.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Image Transfer.lnk

backup=c:\windows\pss\Image Transfer.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microtek Scanner Finder.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microtek Scanner Finder.lnk

backup=c:\windows\pss\Microtek Scanner Finder.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PennConnect.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\PennConnect.lnk

backup=c:\windows\pss\PennConnect.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk

backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk

backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore]

2011-09-27 03:45 646232 ----a-w- c:\program files\Bamboo Dock\BambooCore.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2005-10-06 22:03 278528 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyVideoDaily2]

2005-11-30 15:09 401408 ----a-w- c:\program files\MyVideoDaily2\MyVideoDaily2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2007-02-16 14:54 282624 ----a-w- c:\program files\QuickTime\qttask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2011-10-13 16:45 19550344 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2012-03-15 03:56 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\mozilla.org\\Mozilla\\mozilla.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Documents and Settings\\Nzinga\\Application Data\\Dropbox\\bin\\Dropbox.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/17/2010 2:25 PM 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 2:41 PM 67664]

R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [6/29/2010 1:48 PM 116608]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [5/14/2009 5:07 PM 759048]

R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\EpsonCustomerParticipation\EPCP.exe [6/9/2011 1:01 PM 521600]

R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [10/6/2012 11:07 AM 399432]

R2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [9/15/2012 7:04 PM 5553016]

R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [9/15/2012 7:05 PM 451960]

S1 SABKUTIL;SABKUTIL;\??\c:\program files\SUPERAntiSpyware\SABKUTIL.sys --> c:\program files\SUPERAntiSpyware\SABKUTIL.sys [?]

S2 HPFECP15;HPFECP15;c:\windows\system32\drivers\HPFecp15.sys [9/4/1998 3:32 AM 52800]

S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8/28/2011 11:38 AM 676936]

S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys --> c:\windows\system32\DRIVERS\motfilt.sys [?]

S3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [7/23/2012 10:04 PM 27424]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8/28/2011 11:37 AM 22856]

S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys --> c:\windows\system32\DRIVERS\motccgp.sys [?]

S3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys --> c:\windows\system32\DRIVERS\motccgpfl.sys [?]

S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys --> c:\windows\system32\DRIVERS\Motousbnet.sys [?]

S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys --> c:\windows\system32\DRIVERS\motusbdevice.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/27/2012 2:14 PM 114144]

.

Contents of the 'Scheduled Tasks' folder

.

2012-10-10 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 19:42]

.

2012-10-14 c:\windows\Tasks\ReclaimerUpdateFiles_Nzinga.job

- c:\documents and settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 23:23]

.

2012-10-14 c:\windows\Tasks\ReclaimerUpdateXML_Nzinga.job

- c:\documents and settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 23:23]

.

2012-10-14 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Nzinga.job

- c:\documents and settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 23:23]

.

2012-10-14 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task a5d2a694-12bb-4850-87cb-f080803d1d2b.job

- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-09-04 13:39]

.

2012-10-14 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task c260bc1d-0917-496a-a6b6-069a411912a8.job

- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-09-04 13:39]

.

.

------- Supplementary Scan -------

.

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uStart Page = about:blank

uInternet Settings,ProxyServer = 0.0.0.0:80

uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com

TCP: DhcpNameServer = 192.168.11.1

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

FF - ProfilePath - c:\documents and settings\Nzinga\Application Data\Mozilla\Firefox\Profiles\msnjx4x8.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF - prefs.js: network.proxy.type - 0

FF - ExtSQL: 2012-10-09 05:53; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\documents and settings\Nzinga\Application Data\Mozilla\Firefox\Profiles\msnjx4x8.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}

FF - user.js: yahoo.homepage.dontask - true

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-10-14 10:03

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(688)

c:\windows\system32\LMIinit.dll

c:\windows\system32\LMIRfsClientNP.dll

.

- - - - - - - > 'explorer.exe'(3116)

c:\windows\system32\WININET.dll

c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.14.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Completion time: 2012-10-14 10:04:42

ComboFix-quarantined-files.txt 2012-10-14 14:04

ComboFix2.txt 2012-10-10 03:12

ComboFix3.txt 2012-10-09 09:29

ComboFix4.txt 2012-10-08 20:21

ComboFix5.txt 2012-10-14 13:54

.

Pre-Run: 8,577,556,480 bytes free

Post-Run: 8,588,455,936 bytes free

.

- - End Of File - - E8A463786272B0A7BCCDDC006002A560

DDS.TXT LOG 10.14.2012

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\Tablet\Pen\Pen_TouchService.exe

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Microsoft IntelliType Pro\type32.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

C:\Program Files\QuickTime\qttask.exe

C:\WINDOWS\tsnp2uvc.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Epson Software\Event Manager\EEventManager.exe

C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe

C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHVA.EXE

C:\Program Files\PKWARE\PKZIPM\11.20.0008\PKTray.exe

svchost.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Mozilla Firefox\firefox.exe

.

============== Pseudo HJT Report ===============

.

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uStart Page = about:blank

uInternet Settings,ProxyServer = 0.0.0.0:80

uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com

BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup

uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [chk] c:\docume~1\nzinga\locals~1\tempckt\chk.exe

uRun: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_tatihva.exe /ept "epltarget\P0000000000000000" /M "WorkForce 645"

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [ssAAD.exe] c:\progra~1\sony\sonics~1\SsAAD.exe

mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe"

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"

mRun: [snpstd] c:\windows\vsnpstd.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [snp2uvc] c:\windows\vsnp2uvc.exe

mRun: [tsnp2uvc] c:\windows\tsnp2uvc.exe

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"

mRun: [FUFAXRCV] "c:\program files\epson software\fax utility\FUFAXRCV.exe"

mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup

mRunOnce: [spybotDeletingA9489] command.com /c del "c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll_old"

StartupFolder: c:\docume~1\nzinga\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\nzinga\application data\dropbox\bin\Dropbox.exe

StartupFolder: c:\docume~1\nzinga\startm~1\programs\startup\epsona~1.lnk - c:\documents and settings\nzinga\application data\leadertech\powerregister\Epson all-in-one Registration.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-ba7e-000000000002}\SC_Acrobat.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secure~1.lnk - c:\program files\pkware\pkzipm\11.20.0008\PKTray.exe

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

TCP: DhcpNameServer = 192.168.11.1

TCP: Interfaces\{B5501C3F-86D7-408B-88F3-C3B4DA3FE157} : DhcpNameServer = 192.168.11.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Notify: igfxcui - igfxdev.dll

Notify: LMIinit - LMIinit.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\nzinga\application data\mozilla\firefox\profiles\msnjx4x8.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\palm\packag~1\NPInstal.dll

FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\tabletplugins\npwacom.dll

FF - plugin: c:\program files\tabletplugins\npWacomTabletPlugin.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

.

============= SERVICES / DRIVERS ===============

.

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-29 116608]

R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]

R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-9-9 45848]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-6 399432]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-28 676936]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

R2 TabletServicePen;TabletServicePen;c:\program files\tablet\pen\Pen_Tablet.exe [2012-9-15 5553016]

R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\tablet\pen\Pen_TouchService.exe [2012-9-15 451960]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-28 22856]

S1 SABKUTIL;SABKUTIL;\??\c:\program files\superantispyware\sabkutil.sys --> c:\program files\superantispyware\SABKUTIL.sys [?]

S2 HPFECP15;HPFECP15;c:\windows\system32\drivers\HPFecp15.sys [1998-9-4 52800]

S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]

S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys --> c:\windows\system32\drivers\motfilt.sys [?]

S3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [2012-7-23 27424]

S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys --> c:\windows\system32\drivers\motccgp.sys [?]

S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys --> c:\windows\system32\drivers\motccgpfl.sys [?]

S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\motousbnet.sys --> c:\windows\system32\drivers\Motousbnet.sys [?]

S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys --> c:\windows\system32\drivers\motusbdevice.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-27 115168]

S4 LMIRfsClientNP;LMIRfsClientNP; [x]

.

=============== Created Last 30 ================

.

2012-10-10 11:47:46 -------- d-----w- c:\windows\system32\wbem\repository\FS

2012-10-10 11:47:46 -------- d-----w- c:\windows\system32\wbem\Repository

2012-10-10 11:46:38 -------- d-----w- c:\program files\EarthLink Setup

2012-10-10 11:46:34 -------- d-----w- c:\program files\MyVideoDaily2

2012-10-10 11:46:33 -------- d-----w- c:\program files\YTD Toolbar

2012-10-10 11:46:32 -------- d-----w- c:\documents and settings\nzinga\application data\YTD

2012-10-10 11:46:14 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-10-10 11:45:56 -------- d-----w- c:\program files\common files\Spigot

2012-10-09 21:27:08 -------- d-----w- c:\program files\common files\Comodo

2012-10-09 21:23:22 -------- d-----w- c:\documents and settings\all users\application data\CPA_VA

2012-10-09 21:16:38 -------- d-----w- c:\documents and settings\all users\application data\Comodo

2012-10-09 20:57:02 -------- d-----w- c:\documents and settings\nzinga\local settings\application data\COMODO

2012-10-09 20:56:43 -------- d-----w- c:\program files\Comodo

2012-10-09 11:06:09 -------- d-----w- c:\windows\system32\NtmsData

2012-10-09 09:53:17 -------- d-----w- c:\documents and settings\nzinga\application data\QuickScan

2012-10-09 09:44:11 -------- d-----w- c:\program files\SpywareBlaster

2012-10-09 00:45:50 -------- d-----w- c:\program files\Spybot - Search & Destroy

2012-10-09 00:45:50 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy

2012-10-09 00:41:26 -------- d-----w- c:\documents and settings\nzinga\application data\Leader Technologies

2012-10-08 23:59:44 -------- d-----w- c:\program files\LTCM Client

2012-10-08 23:51:06 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint

2012-10-08 23:51:05 -------- d-----w- c:\program files\common files\ABBYY

2012-10-08 23:51:05 -------- d-----w- c:\documents and settings\all users\application data\ABBYY

2012-10-08 23:39:30 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-10-08 23:39:29 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-10-08 23:39:13 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-10-08 23:32:50 -------- d-----w- c:\program files\common files\EPSON

2012-10-08 23:28:23 -------- d-----w- c:\program files\Epson America Inc

2012-10-08 23:27:08 -------- d-----w- c:\program files\Epson Software

2012-10-08 23:26:16 93696 ----a-w- c:\windows\system32\E_TLBHVA.DLL

2012-10-08 23:26:16 81408 ----a-w- c:\windows\system32\E_TD4BHVA.DLL

2012-10-08 23:25:49 -------- d-----w- c:\documents and settings\all users\application data\EPSON

2012-10-08 23:25:39 342016 ----a-w- c:\windows\system32\eswiaud.dll

2012-10-08 23:25:39 132560 ----a-w- c:\windows\system32\esdevapp.exe

2012-10-08 23:25:39 12800 ----a-w- c:\windows\system32\escdev.dll

2012-09-21 22:44:50 -------- d-----w- c:\documents and settings\all users\application data\YTD Video Downloader

2012-09-19 12:27:09 16384 ----a-w- c:\windows\system32\FileOps.exe

2012-09-15 23:08:26 -------- d-----w- c:\documents and settings\nzinga\application data\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1

2012-09-15 23:07:53 -------- d-----w- c:\documents and settings\nzinga\application data\Wacom

2012-09-15 23:07:47 -------- d-----w- c:\documents and settings\all users\application data\Wacom

2012-09-15 23:07:08 -------- d-----w- c:\program files\Bamboo Dock

2012-09-15 23:05:18 -------- d-----w- c:\documents and settings\nzinga\application data\WTablet

2012-09-15 23:05:17 1107832 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll

2012-09-15 23:05:10 -------- d-----w- c:\program files\TabletPlugins

2012-09-15 23:04:55 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys

2012-09-15 23:04:48 14120 ----a-w- c:\windows\system32\drivers\wacomvhid.sys

2012-09-15 23:04:45 1369464 ----a-w- c:\windows\system32\Pen_Tablet.dll

2012-09-15 23:04:45 1156472 ----a-w- c:\windows\system32\Wintab32.dll

2012-09-15 23:04:45 1152888 ----a-w- c:\windows\system32\WacomMT.dll

2012-09-15 23:04:42 -------- d-----w- c:\program files\Tablet

.

==================== Find3M ====================

.

2012-10-08 23:38:46 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-07 21:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-27 19:12:39 832512 ----a-w- c:\windows\system32\wininet.dll

2012-08-27 19:12:36 268288 ----a-w- c:\windows\system32\iertutil(2).dll

2012-08-27 19:12:36 1830912 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-27 19:12:35 78336 ----a-w- c:\windows\system32\ieencode.dll

2012-08-27 19:12:34 17408 ----a-w- c:\windows\system32\corpol.dll

2012-08-02 14:09:42 1409 ----a-w- c:\windows\QTFont.for

2012-07-24 02:04:47 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys

2012-04-11 15:28:36 799441 ----a-w- c:\program files\RegpairSetup.exe

2012-02-19 16:37:57 692480 ----a-w- c:\program files\RealPlayer.exe

2011-09-22 13:14:48 5335216 ----a-w- c:\program files\minuswindows.exe

2011-09-04 13:41:05 20278864 ----a-w- c:\program files\companionlink.exe

2011-05-31 17:28:01 56712856 ----a-w- c:\program files\Avery Wizard 4.0.0.exe

2010-11-16 00:53:56 13525424 ----a-w- c:\program files\Dropbox 0.7.110.exe

2010-11-05 16:28:15 8567280 ----a-w- c:\program files\Firefox Setup 3.6.12.exe

2010-07-02 14:53:01 9070816 ----a-w- c:\program files\SUPERAntiSpyware.exe

2010-01-19 11:48:23 10600847 ----a-w- c:\program files\SeaMonkey Setup 2.0.2.exe

2010-01-04 15:52:04 10601579 ----a-w- c:\program files\SeaMonkey Setup 2.0.1.exe

2009-09-22 11:12:12 13266944 ----a-w- c:\program files\seamonkey-1.1.18.en-US.win32.installer.exe

2009-03-11 21:11:17 1606063 ----a-w- c:\program files\treodekstop213setup.exe

2009-01-31 15:43:45 7518240 ----a-w- c:\program files\Firefox Setup 3.0.5.exe

2009-01-17 17:41:07 13029376 ----a-w- c:\program files\seamonkey-1.1.14.en-US.win32.installer.exe

2008-11-09 17:41:52 11464704 ----a-w- c:\program files\sharecalendar_setup.exe

2008-10-01 00:27:11 13025280 ----a-w- c:\program files\seamonkey-1.1.12.exe

2008-06-26 03:00:29 4898144 ----a-w- c:\program files\LimeWireWin18.exe

2008-04-09 15:12:43 13012992 ----a-w- c:\program files\seamonkey-1.1.9.en-US.win32.installer.exe

2008-03-24 23:50:25 13000704 ----a-w- c:\program files\seamonkey-1.1.8.exe

2007-12-21 09:06:18 13025280 ----a-w- c:\program files\seamonkey-1.1.7.en-US.win32.installer.exe

2007-12-17 12:35:03 51622242 ----a-w- c:\program files\ACEMCP603PRO.exe

2007-12-17 11:55:01 7045601 ----a-w- c:\program files\XP_Codec_Pack_2.3.4.exe

2007-12-17 10:48:36 25755448 ----a-w- c:\program files\wmp11-windowsxp-x86-enu.exe

2007-11-01 16:07:08 11160320 ----a-w- c:\program files\pk zip.exe

2007-08-26 15:32:29 13012992 ----a-w- c:\program files\seamonkey-1.1.4.en-US.win32.installer.exe

2007-07-21 08:25:01 3126056 ----a-w- c:\program files\LimeWireWin.exe

2007-06-16 14:25:27 315318 ----a-w- c:\program files\soltvradio_setup.exe

2007-04-11 17:24:09 10976768 ----a-w- c:\program files\Sprint_PCS_CM_v034.msi

2007-04-11 17:23:50 10740224 ----a-w- c:\program files\SprintPCSConnectionMgr_V3.01.040.msi

2007-04-11 17:10:36 10420865 ----a-w- c:\program files\bitpim-0.9.14-setup.exe

2007-04-09 18:30:47 19994184 ----a-w- c:\program files\QuickTimeInstaller.exe

2007-04-04 12:01:44 12992512 ----a-w- c:\program files\seamonkey-1.1.1.en-US.win32.installer.exe

2007-04-03 21:37:26 10059790 ----a-w- c:\program files\bitpim-0.9.13-setup.exe

2007-02-24 00:34:32 8643136 ----a-w- c:\program files\ymsgr7_437_us.exe

2007-01-18 15:00:19 6342512 ----a-w- c:\program files\Thunderbird Setup 1.5.0.9.exe

2007-01-18 14:31:12 5971432 ----a-w- c:\program files\Firefox Setup 2.0.0.1.exe

2006-10-10 17:41:44 16504464 ----a-w- c:\program files\jre-1_5_0_08-windows-i586-p.exe

2006-10-10 17:37:33 21290704 ----a-w- c:\program files\AdbeRdr708 mozilla plugin.exe

2006-10-10 14:18:33 3054417 ----a-w- c:\program files\FSViewerSetup26.exe

2006-10-01 18:05:57 6335024 ----a-w- c:\program files\Thunderbird Setup 1.5.0.7.exe

2006-09-30 16:32:31 1805498 ----a-w- c:\program files\ultimate zip.exe

2006-09-30 16:25:04 2146871 ----a-w- c:\program files\zipitfast.exe

2006-09-26 17:59:46 47652464 ----a-w- c:\program files\PlusDME_Full.exe

2006-09-26 17:59:00 47652464 ----a-w- c:\program files\Super Pack.exe

2006-07-27 14:20:15 8701008 ----a-w- c:\program files\jewelquest_at.exe

2006-07-13 01:33:19 12038352 ----a-w- c:\program files\mozilla-win32-1.7.13-installer.exe

2006-07-05 13:43:08 4864452 ----a-w- c:\program files\palm401upgrade2.exe

2006-06-30 02:26:50 24070456 ----a-w- c:\program files\windows media player11-windowsxp-x86-enu.exe

2006-06-07 13:54:49 937001 ----a-w- c:\program files\soulseek156c.exe

2006-06-05 19:19:37 705536 ----a-w- c:\program files\MoozikoPlayerSetup.msi

2006-04-22 15:20:38 5432500 ----a-w- c:\program files\ImageMixerV151.exe

2006-03-13 15:32:46 9739116 ----a-w- c:\program files\SimpleOcr.exe

2006-03-01 19:18:58 12754672 ----a-w- c:\program files\MP10Setup.exe

2006-03-01 16:20:40 1419556 ----a-w- c:\program files\klitecodec270b.exe

2006-02-24 21:10:28 2002069 ----a-w- c:\program files\yahoo_texttwist_tm1-1.exe

2006-01-30 19:48:54 27160459 ----a-w- c:\program files\Norton Antivirus download.EXE

2006-01-18 01:00:20 12026576 ----a-w- c:\program files\mozilla-win32-1.7.8-installer.exe

2006-01-17 22:11:32 948936 ----a-w- c:\program files\install_flash_player.exe

2005-12-18 17:58:27 12899744 ----a-w- c:\program files\RealPlayer10-5GOLD_bb.exe

2005-12-17 03:01:46 54725800 ----a-w- c:\program files\iPodSetup.exe

2005-12-16 15:26:23 34412848 ----a-w- c:\program files\iTunesSetup.exe

2005-12-14 19:09:01 1619132 ----a-w- c:\program files\freeripmp3.exe

2005-12-10 05:25:12 2855080 ----a-w- c:\program files\adawaresepersonal.exe

.

============= FINISH: 10:23:59.50 ===============

ATTACH.TXT LOG 10.14.2012

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 11/21/2005 8:25:00 PM

System Uptime: 10/14/2012 9:49:24 AM (1 hours ago)

.

Motherboard: Dell Inc. | | 0RD203

Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 70 GiB total, 8.049 GiB free.

D: is CDROM ()

E: is CDROM ()

F: is Removable

G: is FIXED (NTFS) - 1863 GiB total, 1613.626 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1514: 10/8/2012 2:31:46 PM - Software Distribution Service 3.0

RP1515: 10/8/2012 7:19:05 PM - Removed Applet_Web

RP1516: 10/8/2012 7:19:26 PM - Removed Applet_App

RP1517: 10/8/2012 7:19:46 PM - Removed Applet_Ocr

RP1518: 10/8/2012 7:20:07 PM - Removed Applet_Email

RP1519: 10/8/2012 7:20:19 PM - Removed Applet_File

RP1520: 10/8/2012 7:20:32 PM - Removed Applet_CopyToFax

RP1521: 10/8/2012 7:20:44 PM - Removed Applet_VC

RP1522: 10/8/2012 7:20:58 PM - Removed Applet_Copy

RP1523: 10/8/2012 7:21:09 PM - Removed Smart Panel

RP1524: 10/8/2012 7:21:57 PM - Removed EPSON PhotoStarter3.2

RP1525: 10/8/2012 7:23:00 PM - Removed EPSON CardMonitor

RP1526: 10/8/2012 7:26:59 PM - Installed Epson Event Manager

RP1527: 10/8/2012 7:28:22 PM - Installed Epson Connect

RP1528: 10/8/2012 7:29:33 PM - Installed FAX Utility

RP1529: 10/8/2012 7:36:27 PM - Removed Java 6 Update 11

RP1530: 10/8/2012 7:38:38 PM - Installed Java 7 Update 7

RP1531: 10/8/2012 7:50:41 PM - Installed ABBYY FineReader 9.0 Sprint

RP1532: 10/9/2012 12:07:37 AM - Restore Operation

RP1533: 10/9/2012 12:34:09 AM - Relatively Stable 10.9.2012 1233am

RP1534: 10/9/2012 6:57:56 AM - YTD Gone-No Popups

RP1535: 10/9/2012 6:59:40 AM - Removed Ad-Aware

RP1536: 10/9/2012 7:00:22 AM - Removed EarthLink setup files

RP1537: 10/9/2012 7:01:47 AM - Removed RAW FILE CONVERTER LE

RP1538: 10/9/2012 7:02:58 AM - Removed YTD Toolbar v6.2.

RP1539: 10/10/2012 7:36:19 AM - Removed COMODO Internet Security

RP1540: 10/10/2012 7:44:28 AM - Restore Operation

RP1541: 10/12/2012 4:15:46 PM - System Checkpoint

RP1542: 10/14/2012 7:06:06 AM - System Checkpoint

.

==== Installed Programs ======================

.

7-Zip 4.65

ABBYY FineReader 9.0 Sprint

Ad-Aware

Adobe Acrobat 7.0 Standard

Adobe Acrobat 7.1.0 Standard

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Flash Player ActiveX

Adobe Illustrator 10

Adobe Photoshop 6.0

Adobe Photoshop 7.0

Adobe SVG Viewer 3.0

AOLIcon

Apple Software Update

ArcSoft Software Suite

Audacity 1.2.6

Avery Wizard 4.0

Bamboo

Bamboo Dock

BitPim 0.9.14

CCleaner

CompanionLink

Compatibility Pack for the 2007 Office system

Critical Update for Windows Media Player 11 (KB959772)

Dell Driver Reset Tool

Dell Picture Studio v3.0

Dell Support 3.1

Dell System Restore

DellConnect

Digital Content Portal

Documents To Go

Dropbox

EarthLink setup files

EducateU

EndNote 8.0.1

Epson Connect

Epson Customer Participation

Epson Download Navigator

Epson Event Manager

Epson FAX Utility

Epson PC-FAX Driver

EPSON Scan

EPSON WorkForce 645 Series Printer Uninstall

FaxTalk Communicator 4.5

FileMaker Pro 5.0

FreeRIP v2.945

FreeRIP v3.2

GemMaster Mystic

Get High Speed Internet!

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP DeskJet 895C Series (Remove only)

Image Transfer

ImageMixer for Sony

ImageMixer VCD2 for FinePix

Intel® 537EP V9x DF PCI Modem

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections Drivers

Intel® PROSet for Wired Connections

Internet Explorer Default Page

iPod for Windows 2005-10-12

ISI ResearchSoft - Export Helper

iTunes

Java 7 Update 7

Java Auto Updater

K-Lite Codec Pack 2.70 Basic

Learn2 Player (Uninstall Only)

LTCM Client

Macromedia Flash Player

Malwarebytes Anti-Malware version 1.65.0.1400

MD Simple Burner 2.0.04

Microsoft .NET Framework 1.0 Hotfix (KB2572066)

Microsoft .NET Framework 1.0 Hotfix (KB2604042)

Microsoft .NET Framework 1.0 Hotfix (KB2656378)

Microsoft .NET Framework 1.0 Hotfix (KB953295)

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft IntelliType Pro 5.3

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft National Language Support Downlevel APIs

Microsoft Office Professional Edition 2003

Microsoft Plus! Digital Media Edition

Microsoft Plus! Digital Media Edition Installer

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

MicroStaff WINASPI

Modem Event Monitor

Modem Helper

Modem On Hold

MotoHelper MergeModules

Mozilla (1.7.8)

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

Mozilla Thunderbird (1.5)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyVideoDaily 2

MyWay Search Assistant

OpenMG Limited Patch 4.4-06-13-19-01

OpenMG Secure Module 4.4.00

OpenOffice.org Installer 1.0

Otto

Palm Desktop by ACCESS

Palm HotSync® Mail 4.0

Picasa 3

Player

QuickTime

RAW FILE CONVERTER LE

RealPlayer

ScanToWeb

SeaMonkey (1.1.17)

SecureZIP for Windows 11.20.0008

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2530548)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2559049)

Security Update for Windows Internet Explorer 7 (KB2586448)

Security Update for Windows Internet Explorer 7 (KB2618444)

Security Update for Windows Internet Explorer 7 (KB2647516)

Security Update for Windows Internet Explorer 7 (KB2675157)

Security Update for Windows Internet Explorer 7 (KB2699988)

Security Update for Windows Internet Explorer 7 (KB2722913)

Security Update for Windows Internet Explorer 7 (KB2744842)

Security Update for Windows Internet Explorer 7 (KB928090)

Security Update for Windows Internet Explorer 7 (KB929969)

Security Update for Windows Internet Explorer 7 (KB931768)

Security Update for Windows Internet Explorer 7 (KB933566)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB974455)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB978207)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Serials 2000 v6.0

SigmaTel Audio

Skype Click to Call

Skype™ 5.5

Sonic DLA

Sonic Encoders

Sonic MyDVD LE

Sonic RecordNow Audio

Sonic RecordNow Copy

Sonic RecordNow Data

Sonic Update Manager

SonicStage 3.4

Sony USB Driver

Sound Forge 4.5c Build-281

Spybot - Search & Destroy

SUPERAntiSpyware

Treodesktop 2.13

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 7 (KB976749)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2616676-v2)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

USB PC Camera (SN9C102)

USB Video Device

Viewpoint Media Player

VLC media player 2.0.2

WebFldrs XP

WebTablet FB Plugin

WebTablet IE Plugin

WebTablet Netscape Plugin

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Media Format 11 runtime

Windows Media Player 10

Windows Media Player 11

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB2619340

Windows XP Media Center Edition 2005 KB2628259

Windows XP Media Center Edition 2005 KB895198

Windows XP Media Center Edition 2005 KB925766

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

WinZip

Wise Registry Cleaner 7.15

WordPerfect Office 12

Yahoo! Messenger

YTD Toolbar v6.2

YTD Video Downloader 3.9.2

.

==== Event Viewer Messages From Past Week ========

.

10/9/2012 12:11:20 AM, error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.

10/9/2012 12:00:21 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

10/9/2012 11:46:55 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.

10/9/2012 11:46:45 AM, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom1.

10/8/2012 9:24:38 PM, error: Service Control Manager [7034] - The Application Updater service terminated unexpectedly. It has done this 1 time(s).

10/8/2012 8:38:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

10/8/2012 2:31:32 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000034' while processing the file '~efe2.tmp' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

10/8/2012 11:59:27 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip WS2IFSL

10/8/2012 11:59:27 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

10/8/2012 11:59:27 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

10/8/2012 11:59:27 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

10/8/2012 11:59:27 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

10/8/2012 11:58:45 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

10/8/2012 11:46:46 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/8/2012 11:46:15 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.

10/10/2012 3:40:00 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.

10/10/2012 3:40:00 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.

10/10/2012 3:40:00 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .

10/10/2012 3:40:00 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .

10/10/2012 3:40:00 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2.

10/10/2012 3:40:00 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi,

It appears as though you have cut off part of the ComboFix log. Please post it in its entirety.

Run TFC by OldTimer to clear temporary files:

  • Please download TFC from here and save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Export the threats found (if any), and post them here.

Next, please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

Next, download my Security Check from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

  • 1 month later...
  • 3 weeks later...
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.