ajexpress Posted December 5, 2012 ID:620080 Share Posted December 5, 2012 Long story short, here is the original problem: http://forums.malwarebytes.org/index.php?showtopic=110032&hl=&fromsearch=1I thought this issue was resolved, but turned out the fix only worked for about a week, then experienced the same thing. I think, correct me if I'm wrong, the other thread is closed, so figure I needed to open a new one.The local area connections status says "Acquiring network address", but if never does. I've posted new dds.txt and attach.txt below. Thanks in advance for your help..UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume2Install Date: 1/3/2006 12:19:49 PMSystem Uptime: 12/4/2012 8:23:43 PM (0 hours ago).Motherboard: Dell Inc. | | 0YC523Processor: Intel® Pentium® D CPU 2.80GHz | Microprocessor | 2793/800mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 70 GiB total, 18.9 GiB free.D: is CDROM ()E: is CDROM ()F: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP697: 8/11/2012 12:13:52 PM - System CheckpointRP698: 8/19/2012 12:51:49 PM - System CheckpointRP699: 8/20/2012 3:09:32 PM - System CheckpointRP700: 8/25/2012 9:33:07 AM - System CheckpointRP701: 8/26/2012 5:59:03 PM - System CheckpointRP702: 9/13/2012 7:01:44 PM - System CheckpointRP703: 9/27/2012 7:38:00 AM - System CheckpointRP704: 10/20/2012 10:35:34 AM - System CheckpointRP705: 11/8/2012 7:18:48 PM - System CheckpointRP706: 12/4/2012 8:00:58 PM - ComboFix created restore point.==== Installed Programs ======================.ABBYY FineReader 6.0 SprintAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader 7.0.9Adobe Shockwave Player 11.5AGEIA PhysX v2.4.4Air Conflicts Single Player DemoAOL Instant MessengerAOLIconApple Application SupportApple Mobile Device SupportApple Software UpdateArcSoft Panorama Maker 4ATI Control PanelATI Display DriverAVG 2012Battlefield VietnamBlasterball 2BonjourCanon PhotoRecordCanon PowerShot A40 WIA DriverCanon Utilities PhotoStitch 3.1Canon Utilities RAW Image ConverterCanon Utilities RemoteCapture 2.2Canon Utilities ZoomBrowser EXCompany of HeroesCompatibility Pack for the 2007 Office systemCorel Photo Album 6Dell Digital Jukebox DriverDell Driver Reset ToolDell Game ConsoleDell Photo AIO Printer 924Dell System RestoreDellSupportDigital Content PortalEducateUFacebook Plug-InFastStone Image Viewer 3.9File UploaderGEAR driver installer for x86 and x64Google AFEGoogle ChromeGoogle EarthGoogle GearsGoogle Toolbar for Internet ExplorerGoogle Update HelperGoogle UpdaterHigh Definition Audio Driver Package - KB835221Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Internet Explorer 7 (KB947864)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 10 (KB903157)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB2158563)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB2570791)Hotfix for Windows XP (KB2633952)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)Hotfix for Windows XP (KB981793)Intel Matrix Storage ManagerIntel® 537EP V9x DF PCI ModemIntel® PRO Network Connections DriversIntel® PROSet for Wired ConnectionsiPod for Windows 2006-01-10iTunesJasc Paint Shop Photo Album 5Java Auto UpdaterJava 6 Update 24Learn2 Player (Uninstall Only)Macromedia Flash PlayerMalwarebytes' Anti-MalwareMCUMemeo Instant BackupMicrosoft .NET Framework 1.0 Hotfix (KB2572066)Microsoft .NET Framework 1.0 Hotfix (KB953295)Microsoft .NET Framework 1.0 Hotfix (KB979904)Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB2656353)Microsoft .NET Framework 1.1 Security Update (KB979906)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Compression Client Pack 1.0 for Windows XPMicrosoft Document Explorer 2005Microsoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office File Validation Add-InMicrosoft Office Standard Edition 2003Microsoft Plus! Digital Media Edition InstallerMicrosoft Plus! Photo Story 2 LEMicrosoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161MobileMe Control PanelModem Event MonitorModem HelperModem On HoldMozilla Firefox (3.6.3)MSXML 4.0 SP2 (KB925672)MSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 6.0 Parser (KB933579)Musicmatch for Windows Media PlayerMusicmatch® JukeboxNikon Message CenterNikon TransferOttoPicasa 3PowerDVD 5.5PunkBuster ServicesQuake Live Mozilla PluginQuickBooks Simple Start Special EditionQuickTimeSafariSeagate DashboardSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft Windows (KB2564958)Security Update for Windows Internet Explorer 7 (KB928090)Security Update for Windows Internet Explorer 7 (KB929969)Security Update for Windows Internet Explorer 7 (KB931768)Security Update for Windows Internet Explorer 7 (KB933566)Security Update for Windows Internet Explorer 7 (KB937143)Security Update for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB939653)Security Update for Windows Internet Explorer 7 (KB942615)Security Update for Windows Internet Explorer 7 (KB944533)Security Update for Windows Internet Explorer 7 (KB950759)Security Update for Windows Internet Explorer 7 (KB953838)Security Update for Windows Internet Explorer 7 (KB956390)Security Update for Windows Internet Explorer 7 (KB958215)Security Update for Windows Internet Explorer 7 (KB960714)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Internet Explorer 7 (KB972260)Security Update for Windows Internet Explorer 8 (KB2482017)Security Update for Windows Internet Explorer 8 (KB2497640)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2530548)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2559049)Security Update for Windows Internet Explorer 8 (KB2586448)Security Update for Windows Internet Explorer 8 (KB2618444)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Internet Explorer 8 (KB982381)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 10 (KB911565)Security Update for Windows Media Player 10 (KB917734)Security Update for Windows Media Player 10 (KB936782)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2160329)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2279986)Security Update for Windows XP (KB2286198)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2296199)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2436673)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2476687)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479628)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485376)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2491683)Security Update for Windows XP (KB2503658)Security Update for Windows XP (KB2503665)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2506223)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2511455)Security Update for Windows XP (KB2524375)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2536276)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2544893)Security Update for Windows XP (KB2555917)Security Update for Windows XP (KB2562937)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2567053)Security Update for Windows XP (KB2567680)Security Update for Windows XP (KB2570222)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2624667)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2633171)Security Update for Windows XP (KB2639417)Security Update for Windows XP (KB2646524)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB938464-v2)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951376)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953839)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981852)Security Update for Windows XP (KB981957)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982665)Security Update for Windows XP (KB982802)Sonic EncodersSpybot - Search & DestroySpywareBlaster 4.2Tweak UIUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 8 (KB2447568)Update for Windows Internet Explorer 8 (KB976662)Update for Windows Media Player 10 (KB910393)Update for Windows Media Player 10 (KB913800)Update for Windows Media Player 10 (KB926251)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2467659)Update for Windows XP (KB2541763)Update for Windows XP (KB2607712)Update for Windows XP (KB2616676)Update for Windows XP (KB2641690)Update for Windows XP (KB951072-v2)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)Update Rollup 2 for Windows XP Media Center Edition 2005V1 Home 2.0VandMViewpoint Media PlayerWD DiagnosticsWebFldrs XPWildTangent Web DriverWindows Feature Pack for Storage (32-bit) - IMAPI update for Blu-RayWindows Genuine Advantage Notifications (KB905474)Windows Genuine Advantage Validation ToolWindows Internet Explorer 7Windows Internet Explorer 8Windows Media Format 11 runtimeWindows Media Player 10Windows Media Player 10 Hotfix - KB895316Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]Windows Media Player 11Windows Media Player Firefox PluginWindows PowerShell 1.0Windows XP Media Center Edition 2005 KB2502898Windows XP Media Center Edition 2005 KB2619340Windows XP Media Center Edition 2005 KB2628259Windows XP Media Center Edition 2005 KB908246Windows XP Media Center Edition 2005 KB925766Windows XP Media Center Edition 2005 KB973768Windows XP Service Pack 3WordPerfect Office 12.==== Event Viewer Messages From Past Week ========.12/4/2012 8:26:56 PM, error: Service Control Manager [7003] - The TCP/IP NetBIOS Helper service depends on the following nonexistent service: NetBT12/4/2012 8:26:56 PM, error: Service Control Manager [7003] - The DHCP Client service depends on the following nonexistent service: NetBT.==== End Of File ===========================.DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24Run by Jada and Aaron at 20:47:15 on 2012-12-04Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.516 [GMT -6:00].AV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}.============== Running Processes ===============.C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exe -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\stsystra.exeC:\Program Files\Intel\Modem Event Monitor\IntelMEM.exeC:\Program Files\CyberLink\PowerDVD\DVDLauncher.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Dell Photo AIO Printer 924\dlccmon.exeC:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exeC:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exeC:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exeC:\Program Files\AVG\AVG2012\avgtray.exeC:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exeC:\Program Files\AVG Secure Search\vprot.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\DellSupport\DSAgnt.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Memeo\AutoBackup\InstantBackup.exesvchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\AVG\AVG2012\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\PnkBstrA.exesvchost.exeC:\Program Files\AVG\AVG2012\avgnsx.exesvchost.exeC:\Program Files\AVG\AVG2012\avgemcx.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exeC:\Program Files\AVG\AVG2012\avgrsx.exeC:\Program Files\AVG\AVG2012\avgcsrvx.exeC:\WINDOWS\system32\dlcccoms.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\wscntfy.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.comuSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uInternet Connection Wizard,ShellNext = iexploreuInternet Settings,ProxyOverride = *.localuSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%suURLSearchHooks: H - No FilemURLSearchHooks: H - No FileBHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No FileBHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dllBHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dllBHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No FileTB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dllTB: {70DE7956-479D-4EB7-8641-2B45774C350E} - No File{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startupuRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exemRun: [sigmatelSysTrayApp] stsystra.exemRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exemRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exemRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startupmRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -startmRun: [MimBoot] c:\progra~1\musicm~1\musicm~3\mimboot.exemRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,_RunDLLEntry@16mRun: [dlccmon.exe] "c:\program files\dell photo aio printer 924\dlccmon.exe"mRun: [hcsystray] c:\program files\kuma games\hcsystray\hc_tray.exemRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressbootmRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exemRun: [Corel Photo Downloader] c:\program files\corel\corel photo album 6\MediaDetect.exemRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [Memeo Instant Backup] c:\program files\memeo\autobackup\MemeoLauncher2.exe --silent --no_uimRun: [seagate Dashboard] c:\program files\seagate\seagate dashboard\MemeoLauncher.exe --silent --no_uimRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"mRun: [vProt] "c:\program files\avg secure search\vprot.exe"mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"dRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exeIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\progra~1\aim\aim.exeIE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {F4430FE8-2638-42e5-B849-800749B94EED}IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dllIE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dllIE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLLIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dllTrusted Zone: internetTrusted Zone: mcafee.comTrusted Zone: musicmatch.com\onlineDPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cabDPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cabDPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos.walmart.com/WalmartActivia.cabDPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cabDPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cabDPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143094851980DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cabTCP: DhcpNameServer = 24.217.0.5 24.217.201.67 24.247.15.53TCP: Interfaces\{C743B2E2-AF0C-452C-859C-A8CDE93C121B} : DhcpNameServer = 24.217.0.5 24.217.201.67 24.247.15.53Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dllHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.1.0\ViProtocol.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\jada and aaron\application data\mozilla\firefox\profiles\vgfg5fqn.default\FF - prefs.js: browser.search.selectedEngine - AVG Secure SearchFF - prefs.js: browser.startup.homepage - hxxp://www.google.com/FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bd12f8064-1572-42f5-9b99-96f4e2d9f4c8%7D&mid=b4bdff589a9647d08967d15b799aac10-a6111efd2678abad68a810209487b7ed6eba58aa&ds=AVG&v=11.1.0.7〈=en&pr=fr&d=2012-05-22%2022%3A57%3A21&sap=ku&q=FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff10.dllFF - component: c:\program files\avg\avg2012\firefox4\components\avgssff11.dllFF - component: c:\program files\avg\avg2012\firefox4\components\avgssff12.dllFF - component: c:\program files\avg\avg2012\firefox4\components\avgssff5.dllFF - component: c:\program files\avg\avg2012\firefox4\components\avgssff6.dllFF - component: c:\program files\avg\avg2012\firefox4\components\avgssff7.dllFF - component: c:\program files\avg\avg2012\firefox4\components\avgssff8.dllFF - component: c:\program files\avg\avg2012\firefox4\components\avgssff9.dllFF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dllFF - plugin: c:\documents and settings\all users\application data\id software\quakelive\npquakezero.dllFF - plugin: c:\documents and settings\jada and aaron\application data\facebook\npfbplugin_1_0_1.dllFF - plugin: c:\documents and settings\jada and aaron\application data\facebook\npfbplugin_1_0_3.dllFF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\11.1.0\npsitesafety.dllFF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dllFF - plugin: c:\program files\google\picasa3\npPicasa2.dllFF - plugin: c:\program files\google\picasa3\npPicasa3.dllFF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dllFF - plugin: c:\program files\mozilla firefox\plugins\NPcol500.dllFF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dllFF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtensionFF - Ext: XULRunner: {9538ED55-A687-4328-A5EA-E0DBED2FAAF1} - c:\documents and settings\administrator\local settings\application data\{9538ED55-A687-4328-A5EA-E0DBED2FAAF1}FF - Ext: Google Gears: {000a9d1c-beef-4f90-9363-039d445309b8} - c:\program files\google\google gears\FirefoxFF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ffFF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\avg\avg2012\Firefox4FF - Ext: AVG Do Not Track: {F53C93F1-07D5-430c-86D4-C9531B27DFAF} - c:\program files\avg\avg2012\firefox\DoNotTrackFF - Ext: AVG Security Toolbar: avg@toolbar - c:\documents and settings\all users\application data\avg secure search\11.1.0.7.============= SERVICES / DRIVERS ===============.R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files\common files\avg secure search\vtoolbarupdater\11.1.0\ToolbarUpdater.exe [2012-6-24 935480]R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-5 135664]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-22 250056]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-5 135664]S4 0268541270047218mcinstcleanup;McAfee Application Installer Cleanup (0268541270047218);c:\windows\temp\026854~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\026854~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]S4 MemeoBackgroundService;MemeoBackgroundService;c:\program files\memeo\autobackup\MemeoBackgroundService.exe [2011-5-4 25824]S4 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2011-6-1 14088].=============== Created Last 30 ================.2012-12-05 02:00:45 98816 ----a-w- c:\windows\sed.exe2012-12-05 02:00:45 518144 ----a-w- c:\windows\SWREG.exe2012-12-05 02:00:45 256000 ----a-w- c:\windows\PEV.exe2012-12-05 02:00:45 208896 ----a-w- c:\windows\MBR.exe2012-12-05 02:00:40 -------- d-s---w- C:\ComboFix.==================== Find3M ====================.2009-09-14 17:44:21 10038 ----a-w- c:\program files\common files\fedykyjasi.pif.============= FINISH: 20:48:33.45 =============== Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 16, 2012 Root Admin ID:623792 Share Posted December 16, 2012 Please visit this webpage for instructions on running ComboFix:how-to-use-combofixWhen the tool is finished, it will produce a report for you.Please attach the C:\ComboFix.txt log on your next reply so that we can continue checking and cleaning the system.NOTE:!!If you get a message similar to this: "Illegal operation attempted on a registry key that has been marked for deletion" please just restart your computer and everything should start working again.Thank you Link to post Share on other sites More sharing options...
ajexpress Posted December 16, 2012 Author ID:624011 Share Posted December 16, 2012 ComboFix 12-12-14.01 - Jada and Aaron 12/16/2012 16:40:53.8.2 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.411 [GMT -6:00]Running from: H:\ComboFix.exeAV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\system32\Cachec:\windows\system32\Cache\272512937d9e61a4.fbc:\windows\system32\Cache\287204568329e189.fbc:\windows\system32\Cache\28bc8f716fd76a47.fbc:\windows\system32\Cache\2c53092c95605355.fbc:\windows\system32\Cache\31a0997e9a5b5eb3.fbc:\windows\system32\Cache\32c84fe32bb74d60.fbc:\windows\system32\Cache\3917078cb68ec657.fbc:\windows\system32\Cache\590ba23ce359fd0c.fbc:\windows\system32\Cache\610289e025a3ee9a.fbc:\windows\system32\Cache\651c5d3cdbfb8bd1.fbc:\windows\system32\Cache\6c59ac5e7e7a3ad0.fbc:\windows\system32\Cache\6d03dad1035885d3.fbc:\windows\system32\Cache\a8556537add6dfc5.fbc:\windows\system32\Cache\ad10a52aff5e038d.fbc:\windows\system32\Cache\c1fa887b03019701.fbc:\windows\system32\Cache\c4d28dca2e7648be.fbc:\windows\system32\Cache\d201ef9910cd39de.fbc:\windows\system32\Cache\d2e94710a5708128.fbc:\windows\system32\Cache\d79b9dfe81484ec4.fbc:\windows\system32\Cache\e3e2f6c6327916fc.fbc:\windows\system32\Cache\f998975c9cc711ee.fbc:\windows\system32\URTTempc:\windows\system32\URTTemp\fusion.dllc:\windows\system32\URTTemp\mscoree.dllc:\windows\system32\URTTemp\mscoree.dll.localc:\windows\system32\URTTemp\mscorsn.dllc:\windows\system32\URTTemp\mscorwks.dllc:\windows\system32\URTTemp\msvcr71.dllc:\windows\system32\URTTemp\regtlib.exec:\windows\wtc:\windows\wt\data.wtsc:\windows\wt\updater\wcmdmgr.exec:\windows\wt\updater\wcmdmgrl.exec:\windows\wt\updater\wt.inic:\windows\wt\webdriver.dllc:\windows\wt\webdriver\4.1.1\actorobject.dllc:\windows\wt\webdriver\4.1.1\dx5drv.dllc:\windows\wt\webdriver\4.1.1\dx7drv.dllc:\windows\wt\webdriver\4.1.1\objectbundle.dllc:\windows\wt\webdriver\4.1.1\sound.dllc:\windows\wt\webdriver\4.1.1\wdcaps.dedc:\windows\wt\webdriver\4.1.1\wdengine.dllc:\windows\wt\webdriver\4.1.1\webdriver.dllc:\windows\wt\webdriver\4.1.1\wthost.exec:\windows\wt\webdriver\4.1.1\wthostctl.dllc:\windows\wt\webdriver\4.1.1\wtmulti.dllc:\windows\wt\webdriver\4.1.1\wtmulti.jarc:\windows\wt\webdriver\4.1.1\wtwmplug.axc:\windows\wt\webdriver\4.1.1\wtwmplug.inic:\windows\wt\webdriver\jdriver.dllc:\windows\wt\webdriver\rdriver.dllc:\windows\wt\webdriver\wildtangent.jarc:\windows\wt\webdriver\wtdmmp.dllc:\windows\wt\webdriver\wtdmmpi.jarc:\windows\wt\webdriver\wtdmmpv.dllc:\windows\wt\wt3d.dllc:\windows\wt\wt3d.inic:\windows\wt\wtupdates\dmmp\3.0.2.000\files\controlPanel\index.htmlc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\update_info\data.wtsc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmp.dllc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpi.jarc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpv.dllc:\windows\wt\wtupdates\dmmp\3.0.2.000\install\dmmp.cdanfoc:\windows\wt\wtupdates\dmmp\3.0.2.000\install\DMMP_Uninstall.cdasc:\windows\wt\wtupdates\DRM\3.2.0.19\files\controlpanel\index.htmlc:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dllc:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jarc:\windows\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dllc:\windows\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dllc:\windows\wt\wtupdates\DRM\3.2.0.19\files\wt.stoc:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfoc:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdasc:\windows\wt\wtupdates\webd\4.1.1\files\actorobject.dllc:\windows\wt\wtupdates\webd\4.1.1\files\controlpanel\index.htmlc:\windows\wt\wtupdates\webd\4.1.1\files\dx5drv.dllc:\windows\wt\wtupdates\webd\4.1.1\files\dx7drv.dllc:\windows\wt\wtupdates\webd\4.1.1\files\jdriver.dllc:\windows\wt\wtupdates\webd\4.1.1\files\legacy\data.wtsc:\windows\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dllc:\windows\wt\wtupdates\webd\4.1.1\files\legacy\wt3d.dllc:\windows\wt\wtupdates\webd\4.1.1\files\npWTHost.dllc:\windows\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xptc:\windows\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dllc:\windows\wt\wtupdates\webd\4.1.1\files\rdriver.dllc:\windows\wt\wtupdates\webd\4.1.1\files\Sound.dllc:\windows\wt\wtupdates\webd\4.1.1\files\update_info\data.wtsc:\windows\wt\wtupdates\webd\4.1.1\files\wdcaps.dedc:\windows\wt\wtupdates\webd\4.1.1\files\wdengine.dllc:\windows\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfoc:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdasc:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdasc:\windows\wt\wtupdates\webd\4.1.1\files\webdriver.dllc:\windows\wt\wtupdates\webd\4.1.1\files\wildtangent.jarc:\windows\wt\wtupdates\webd\4.1.1\files\wt3d.inic:\windows\wt\wtupdates\webd\4.1.1\files\WTHost.exec:\windows\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dllc:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.dllc:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.jarc:\windows\wt\wtupdates\webd\4.1.1\files\wtvh.dllc:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.axc:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.inic:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfoc:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdasc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\controlpanel\index.htmlc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl.cdanfoc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl_Uninstall.cdasc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\WireControl.dllc:\windows\wt\wtupdates\wtdmmp\update_info\data.wtsc:\windows\wt\wtupdates\wtupdater\appinfo.datc:\windows\wt\wtupdates\wtwebdriver\update_info\data.wtsc:\windows\wt\wtvh.dll..((((((((((((((((((((((((( Files Created from 2012-11-16 to 2012-12-16 ))))))))))))))))))))))))))))))).....(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-09-14 17:44 . 2009-09-14 17:44 10038 ----a-w- c:\program files\Common Files\fedykyjasi.pif..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]2012-06-24 16:32 2068536 ----a-w- c:\program files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-06-24 2068536].[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}][HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1][HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj].[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-01 68856].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968]"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe" [2006-01-18 8192]"DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-06-07 69632]"dlccmon.exe"="c:\program files\Dell Photo AIO Printer 924\dlccmon.exe" [2005-07-22 425984]"hcsystray"="c:\program files\Kuma Games\hcsystray\hc_tray.exe" [2006-11-02 30928]"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208]"Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2005-08-31 106496]"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]"Memeo Instant Backup"="c:\program files\Memeo\AutoBackup\MemeoLauncher2.exe" [2011-05-04 136416]"Seagate Dashboard"="c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-06-24 1104440]"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-01 68856].c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912].[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="c:\\Program Files\\Seagate\\Seagate Dashboard\\HipServAgent\\HipServAgent.exe"="c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"="c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\Program Files\\iTunes\\iTunes.exe"="c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"="c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"="c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]"AllowInboundEchoRequest"= 1 (0x1).R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [4/19/2012 3:50 AM 24896]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [1/31/2012 3:46 AM 31952]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2/22/2012 4:25 AM 235216]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [3/19/2012 4:17 AM 301248]R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/14/2012 3:53 AM 193288]R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [6/24/2012 10:32 AM 935480]R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [12/23/2011 12:32 PM 139856]R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [12/23/2011 12:32 PM 24144]R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [12/23/2011 12:32 PM 17232]S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [4/30/2012 8:44 AM 5106744]S4 0268541270047218mcinstcleanup;McAfee Application Installer Cleanup (0268541270047218);c:\windows\TEMP\026854~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\windows\TEMP\026854~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]S4 MemeoBackgroundService;MemeoBackgroundService;c:\program files\Memeo\AutoBackup\MemeoBackgroundService.exe [5/4/2011 3:04 PM 25824]S4 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [6/1/2011 10:42 AM 14088].Contents of the 'Scheduled Tasks' folder.2012-07-05 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57].2012-10-20 c:\windows\Tasks\Google Software Updater.job- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2006-12-19 16:08].2012-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 01:18].2012-12-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 01:18]..------- Supplementary Scan -------.uStart Page = hxxp://www.google.comuSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uInternet Connection Wizard,ShellNext = iexploreuInternet Settings,ProxyOverride = *.localuSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%sIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000Trusted Zone: internetTrusted Zone: mcafee.comTrusted Zone: musicmatch.com\onlineTCP: DhcpNameServer = 24.217.0.5 24.217.201.67 24.247.15.53Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dllFF - ProfilePath - c:\documents and settings\Jada and Aaron\Application Data\Mozilla\Firefox\Profiles\vgfg5fqn.default\FF - prefs.js: browser.search.selectedEngine - AVG Secure SearchFF - prefs.js: browser.startup.homepage - hxxp://www.google.com/FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bd12f8064-1572-42f5-9b99-96f4e2d9f4c8%7D&mid=b4bdff589a9647d08967d15b799aac10-a6111efd2678abad68a810209487b7ed6eba58aa&ds=AVG&v=11.1.0.7〈=en&pr=fr&d=2012-05-22%2022%3A57%3A21&sap=ku&q=.- - - - ORPHANS REMOVED - - - -.WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)HKLM-Run-WinPatrol - c:\program files\BillP Studios\WinPatrol\winpatrol.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-12-16 16:53Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'explorer.exe'(4080)c:\windows\system32\WININET.dllc:\windows\system32\ieframe.dllc:\windows\system32\webcheck.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.------------------------ Other Running Processes ------------------------.c:\windows\system32\Ati2evxx.exec:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exec:\program files\Bonjour\mDNSResponder.exec:\windows\eHome\ehRecvr.exec:\windows\eHome\ehSched.exec:\program files\Intel\Intel Matrix Storage Manager\iaantmon.exec:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEc:\windows\system32\PnkBstrA.exec:\windows\system32\locator.exec:\program files\AVG\AVG2012\avgnsx.exec:\program files\AVG\AVG2012\avgemcx.exec:\windows\ehome\mcrdsvc.exec:\program files\AVG\AVG2012\avgrsx.exec:\windows\system32\dllhost.exec:\program files\AVG\AVG2012\avgcsrvx.exec:\windows\system32\wscntfy.exec:\windows\stsystra.exec:\progra~1\MUSICM~1\MUSICM~3\MMDiag.exec:\windows\system32\dlcccoms.exec:\program files\MUSICMATCH\Musicmatch Jukebox\mim.exec:\program files\iPod\bin\iPodService.exec:\program files\Memeo\AutoBackup\InstantBackup.exe.**************************************************************************.Completion time: 2012-12-16 17:00:59 - machine was rebootedComboFix-quarantined-files.txt 2012-12-16 23:00ComboFix2.txt 2012-05-21 04:21.Pre-Run: 20,419,768,320 bytes freePost-Run: 20,629,630,976 bytes free.- - End Of File - - 7AE0C1132F416F978BACF4C146A57114 Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 20, 2012 Root Admin ID:625125 Share Posted December 20, 2012 Please run the following stepsSTEP 1Please uninstall the AVG Secure Search from your Control Panel, ProgramsSTEP 2Please download AdwCleaner by Xplode to your desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.If prompted by the User Account Control click Yes to allow it to run.Under Actions click on the Delete button.Click OK on all prompts.You will be prompted to restart your computer. A text file will open after the restart.Please post the entire contents of that logfile to your next reply.You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.STEP 3Please download Junkware Removal Tool to your desktop.Shutdown your antivirus to avoid any conflicts.Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.The tool will open and start scanning your system.Please be patient as this can take a while to complete.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next reply messageWhen completed make sure to re-enable your antivirusSTEP 4Please download MiniToolBox save it to your desktop and run it.Checkmark the following check-boxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList DevicesList Users, Partitions and Memory size.List Minidump FilesClick Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using Reset FF Proxy Settings option Firefox should be closed. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 20, 2012 Root Admin ID:625445 Share Posted December 20, 2012 Are you still with us? Link to post Share on other sites More sharing options...
ajexpress Posted December 20, 2012 Author ID:625479 Share Posted December 20, 2012 Yep, still here, had to do some xmas shopping yesterday after work. I'll have the results posted tonight Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 21, 2012 Root Admin ID:625522 Share Posted December 21, 2012 Great - thanks. Link to post Share on other sites More sharing options...
ajexpress Posted December 21, 2012 Author ID:625531 Share Posted December 21, 2012 # AdwCleaner v2.101 - Logfile created 12/20/2012 at 19:59:43# Updated 16/12/2012 by Xplode# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)# User : Jada and Aaron - JADA# Boot Mode : Normal# Running from : H:\Computer Fix\AdwCleaner.exe# Option [Delete]***** [services] ********** [Files / Folders] *****File Deleted : C:\DOCUME~1\JADAAN~1\LOCALS~1\Temp\Uninstall.exeFile Deleted : C:\Program Files\Mozilla Firefox\.autoregFile Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xmlFolder Deleted : C:\Documents and Settings\All Users\Application Data\ViewpointFolder Deleted : C:\Documents and Settings\Jada & Aaron Admin\Application Data\AVG Secure SearchFolder Deleted : C:\Documents and Settings\Jada and Aaron\Application Data\ViewpointFolder Deleted : C:\Program Files\Viewpoint***** [Registry] *****Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\SoftonicKey Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlKey Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondaryKey Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\Software\MetaStreamKey Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayerKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayerKey Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMPKey Deleted : HKLM\Software\Viewpoint***** [internet Browsers] *****-\\ Internet Explorer v8.0.6001.18702[OK] Registry is clean.-\\ Mozilla Firefox v3.6.3 (en-US)Profile name : defaultFile : C:\Documents and Settings\Jada and Aaron\Application Data\Mozilla\Firefox\Profiles\vgfg5fqn.default\prefs.jsDeleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bd12f8064-1572-42f5-9b99-96f4e2d9f4c8%[...]Profile name : defaultFile : C:\Documents and Settings\Jada & Aaron Admin\Application Data\Mozilla\Firefox\Profiles\1si0uzzj.default\prefs.jsDeleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");Profile name : defaultFile : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lizqlu2p.default\prefs.js[OK] File is clean.-\\ Google Chrome v20.0.1132.47File : C:\Documents and Settings\Jada and Aaron\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences[OK] File is clean.*************************AdwCleaner[s1].txt - [4192 octets] - [20/12/2012 19:59:43]########## EOF - C:\AdwCleaner[s1].txt - [4252 octets] ##########~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 4.2.1 (12.20.2012:1)OS: Microsoft Windows XP x86Ran by Administrator on Thu 12/20/2012 at 20:06:59.29Blog: http://thisisudax.blogspot.com~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry KeysSuccessfully deleted: [Registry Key] hkey_current_user\software\billp studios\detected\startup~~~ Files~~~ Folders~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Thu 12/20/2012 at 20:13:43.60End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~MiniToolBox by Farbar Version: 25-11-2012Ran by Administrator (administrator) on 20-12-2012 at 20:27:32Running from "H:\Computer Fix"Microsoft Windows XP Service Pack 3 (X86)Boot Mode: Normal***************************************************************************========================= Flush DNS: ===================================Windows IP Configuration========================= IE Proxy Settings: ==============================Proxy is not enabled.No Proxy Server is set."Reset IE Proxy Settings": IE Proxy Settings were reset.========================= FF Proxy Settings: =============================="Reset FF Proxy Settings": Firefox Proxy settings were reset.========================= Hosts content: =================================127.0.0.1 localhost========================= IP Configuration: ================================Intel® PRO/1000 PL Network Connection = Local Area Connection (Disconnected)# ----------------------------------# Interface IP Configuration # ----------------------------------pushd interface ippopd# End of interface IP configurationWindows IP ConfigurationServer: UnKnownAddress: 127.0.0.1Ping request could not find host google.com. Please check the name and try again.Server: UnKnownAddress: 127.0.0.1Ping request could not find host yahoo.com. Please check the name and try again.Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================Interface List0x1 ........................... MS TCP Loopback interface======================================================================================================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1===========================================================================Persistent Routes: None========================= Winsock entries =====================================Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 17 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)Catalog9 18 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)========================= Event log errors: ===============================Application errors:==================Error: (12/20/2012 07:35:33 PM) (Source: ESENT) (User: )Description: wuauclt (3388) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).Error: (12/04/2012 07:38:02 PM) (Source: ESENT) (User: )Description: svchost (1168) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).Error: (12/04/2012 07:38:01 PM) (Source: ESENT) (User: )Description: svchost (1168) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 35109Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 35109Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a secondError: (12/04/2012 07:38:00 PM) (Source: ESENT) (User: )Description: svchost (1168) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).Error: (12/04/2012 07:37:58 PM) (Source: ESENT) (User: )Description: svchost (1168) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).Error: (12/04/2012 07:37:57 PM) (Source: ESENT) (User: )Description: svchost (1168) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).Error: (12/04/2012 07:37:56 PM) (Source: ESENT) (User: )Description: svchost (1168) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).System errors:=============Error: (12/20/2012 08:02:00 PM) (Source: DCOM) (User: NT AUTHORITY)Description: The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.Error: (12/20/2012 07:55:51 PM) (Source: DCOM) (User: NT AUTHORITY)Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.Error: (12/20/2012 07:52:40 PM) (Source: DCOM) (User: JADA)Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.Error: (12/16/2012 04:53:56 PM) (Source: DCOM) (User: NT AUTHORITY)Description: The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.Error: (12/16/2012 04:52:09 PM) (Source: DCOM) (User: NT AUTHORITY)Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.Error: (12/04/2012 08:26:56 PM) (Source: Service Control Manager) (User: )Description: The TCP/IP NetBIOS Helper service depends on the following nonexistent service: NetBTError: (12/04/2012 08:26:56 PM) (Source: Service Control Manager) (User: )Description: The DHCP Client service depends on the following nonexistent service: NetBTError: (12/04/2012 08:20:59 PM) (Source: DCOM) (User: JADA)Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.Error: (12/04/2012 08:13:56 PM) (Source: DCOM) (User: JADA)Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.Error: (11/08/2012 06:44:23 PM) (Source: DCOM) (User: JADA)Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.Microsoft Office Sessions:=========================Error: (12/20/2012 07:35:33 PM) (Source: ESENT)(User: )Description: wuauclt3388C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.Error: (12/04/2012 07:38:02 PM) (Source: ESENT)(User: )Description: svchost1168C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.Error: (12/04/2012 07:38:01 PM) (Source: ESENT)(User: )Description: svchost1168C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 35109Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 35109Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a secondError: (12/04/2012 07:38:00 PM) (Source: ESENT)(User: )Description: svchost1168C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.Error: (12/04/2012 07:37:58 PM) (Source: ESENT)(User: )Description: svchost1168C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.Error: (12/04/2012 07:37:57 PM) (Source: ESENT)(User: )Description: svchost1168C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.Error: (12/04/2012 07:37:56 PM) (Source: ESENT)(User: )Description: svchost1168C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.=========================== Installed Programs ============================ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.41612)Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)Adobe Flash Player 11 Plugin (Version: 11.3.300.262)Adobe Reader 7.0.9 (Version: 7.0.9)Adobe Shockwave Player 11.5 (Version: 11.5.9.620)AGEIA PhysX v2.4.4Air Conflicts Single Player DemoAOL Instant MessengerAOLIcon (Version: 1.00.0000)Apple Application Support (Version: 2.1.7)Apple Mobile Device Support (Version: 5.1.1.4)Apple Software Update (Version: 2.1.3.127)ArcSoft Panorama Maker 4ATI Control Panel (Version: 6.14.10.5160)ATI Display Driver (Version: 8.162-050803a2-025672C-Dell)Battlefield VietnamBlasterball 2 (Version: 09/20/2005 11:55 AM)Bonjour (Version: 3.0.0.10)Canon PhotoRecordCanon PowerShot A40 WIA DriverCanon Utilities PhotoStitch 3.1Canon Utilities RAW Image ConverterCanon Utilities RemoteCapture 2.2Canon Utilities ZoomBrowser EXCompany of Heroes (Version: 1.0.0.78)Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)Corel Photo Album 6 (Version: 6.00)Dell Digital Jukebox DriverDell Driver Reset Tool (Version: 1.02.0000)Dell Game ConsoleDell Photo AIO Printer 924Dell System Restore (Version: 2.00.0000)DellSupport (Version: 6.0.3062)Digital Content Portal (Version: 1.00.0000)EducateU (Version: 1.00.0000)FastStone Image Viewer 3.9 (Version: 3.9)File Uploader (Version: 1.1.1)GEAR driver installer for x86 and x64 (Version: 4.015.1)Google AFEGoogle Chrome (Version: 20.0.1132.47)Google Earth (Version: 6.1.0.5001)Google Gears (Version: 0.5.3600)Google Toolbar for Internet Explorer (Version: 1.0.0)Google Toolbar for Internet Explorer (Version: 7.3.2710.138)Google Update Helper (Version: 1.3.21.111)Google Updater (Version: 2.4.2432.1652)High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)Intel Matrix Storage ManagerIntel® 537EP V9x DF PCI ModemIntel® PRO Network Connections DriversIntel® PROSet for Wired Connections (Version: 9.30.0000)iPod for Windows 2006-01-10 (Version: 4.7.0)iTunes (Version: 10.6.1.7)Jasc Paint Shop Photo Album 5 (Version: 5.21)Java Auto Updater (Version: 2.0.3.1)Java 6 Update 24 (Version: 6.0.240)Learn2 Player (Uninstall Only)Macromedia Flash Player (Version: 7.0.19.0)Malwarebytes' Anti-MalwareMCU (Version: 1.00.0000)Memeo Instant Backup (Version: 4.60.0.7923)Microsoft .NET Framework 1.0 Hotfix (KB2572066)Microsoft .NET Framework 1.0 Hotfix (KB953295)Microsoft .NET Framework 1.0 Hotfix (KB979904)Microsoft .NET Framework 1.1 (Version: 1.1.4322)Microsoft .NET Framework 1.1 Security Update (KB2656353)Microsoft .NET Framework 1.1 Security Update (KB979906)Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)Microsoft Document Explorer 2005Microsoft Document Explorer 2005 (Version: 8.0.50727.42)Microsoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office File Validation Add-In (Version: 14.0.5130.5003)Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)MobileMe Control Panel (Version: 3.1.6.0)Modem Event MonitorModem Helper (Version: 2.40)Modem On Hold (Version: 1.12)Mozilla Firefox (3.6.3) (Version: 3.6.3 (en-US))MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)Musicmatch for Windows Media Player (Version: 0.00.000)Musicmatch® Jukebox (Version: 10.10.1038)Nikon Message Center (Version: 0.92.000)Nikon Transfer (Version: 1.3.0)OttoPicasa 3 (Version: 3.8)PowerDVD 5.5PunkBuster Services (Version: 0.988)Quake Live Mozilla Plugin (Version: 1.0.319)QuickBooks Simple Start Special Edition (Version: )QuickTime (Version: 7.72.80.56)Safari (Version: 5.34.57.2)Seagate Dashboard (Version: 1.1.0.1421)Sonic Encoders (Version: 1.00)Spybot - Search & Destroy (Version: 1.6.2)SpywareBlaster 4.2 (Version: 4.2.0)Tweak UIUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)Update for Windows Internet Explorer 8 (KB976662) (Version: 1)Update for Windows Media Player 10 (KB910393)Update for Windows Media Player 10 (KB913800)Update for Windows Media Player 10 (KB926251)Update for Windows XP (KB2141007) (Version: 1)Update for Windows XP (KB2345886) (Version: 1)Update for Windows XP (KB2467659) (Version: 1)Update for Windows XP (KB2541763) (Version: 1)Update for Windows XP (KB2607712) (Version: 1)Update for Windows XP (KB2616676) (Version: 1)Update for Windows XP (KB2641690) (Version: 1)Update for Windows XP (KB951072-v2) (Version: 2)Update for Windows XP (KB951978) (Version: 1)Update for Windows XP (KB955759) (Version: 1)Update for Windows XP (KB955839) (Version: 1)Update for Windows XP (KB967715) (Version: 1)Update for Windows XP (KB968389) (Version: 1)Update for Windows XP (KB971029) (Version: 1)Update for Windows XP (KB971737) (Version: 1)Update for Windows XP (KB973687) (Version: 1)Update for Windows XP (KB973815) (Version: 1)Update Rollup 2 for Windows XP Media Center Edition 2005V1 Home 2.0 (Version: 2.02.13)VandMWD Diagnostics (Version: 1.09.0002)WebFldrs XP (Version: 9.50.7523)WildTangent Web DriverWindows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)Windows Genuine Advantage Notifications (KB905474) (Version: 1.5.0540.0)Windows Genuine Advantage Validation ToolWindows Internet Explorer 7 (Version: 20061027.150806)Windows Internet Explorer 8 (Version: 20090308.140743)Windows Media Format 11 runtimeWindows Media Player 10 (Version: 9.00.3636)Windows Media Player 10 Hotfix - KB895316Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]Windows Media Player 11Windows Media Player Firefox Plugin (Version: 1.0.0.8)Windows PowerShell 1.0 (Version: 2)Windows XP Media Center Edition 2005 KB2502898Windows XP Media Center Edition 2005 KB2619340Windows XP Media Center Edition 2005 KB2628259Windows XP Media Center Edition 2005 KB908246Windows XP Media Center Edition 2005 KB925766Windows XP Media Center Edition 2005 KB973768Windows XP Service Pack 3 (Version: 20080414.031525)WordPerfect Office 12 (Version: 12.01)========================= Devices: ================================Name: ACPI Multiprocessor PCDescription: ACPI Multiprocessor PCClass Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard computers)Service: \Driver\ACPI_HALName: Microsoft ACPI-Compliant SystemDescription: Microsoft ACPI-Compliant SystemClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: ACPIName: ACPI Power ButtonDescription: ACPI Power ButtonClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Intel® Pentium® D CPU 2.80GHzDescription: Intel ProcessorClass Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}Manufacturer: IntelService: intelppmName: Intel® Pentium® D CPU 2.80GHzDescription: Intel ProcessorClass Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}Manufacturer: IntelService: intelppmName: PCI busDescription: PCI busClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: pciName: Intel® 945G/P Processor to I/O Controller - 2770Description: Intel® 945G/P Processor to I/O Controller - 2770Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: IntelService:Name: Intel® 945G/P PCI Express Root Port - 2771Description: Intel® 945G/P PCI Express Root Port - 2771Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: IntelService: pciName: RADEON X300 SE 128MB HyperMemoryDescription: RADEON X300 SE 128MB HyperMemoryClass Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}Manufacturer: ATI Technologies Inc.Service: ati2mtagName: Plug and Play MonitorDescription: Plug and Play MonitorClass Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard monitor types)Service:Name: RADEON X300 SE 128MB HyperMemory SecondaryDescription: RADEON X300 SE 128MB HyperMemory SecondaryClass Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}Manufacturer: ATI Technologies Inc.Service: ati2mtagName: Microsoft UAA Bus Driver for High Definition AudioDescription: Microsoft UAA Bus Driver for High Definition AudioClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: HDAudBusName: SigmaTel High Definition Audio CODECDescription: SigmaTel High Definition Audio CODECClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: SigmaTelService: STHDAName: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D0Description: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D0Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: IntelService: pciName: Intel® 82801GR/GH/GHM (ICH7 Family) PCI Express Root Port - 27E0Description: Intel® 82801GR/GH/GHM (ICH7 Family) PCI Express Root Port - 27E0Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: IntelService: pciName: Intel® 82801GR/GH/GHM (ICH7 Family) PCI Express Root Port - 27E2Description: Intel® 82801GR/GH/GHM (ICH7 Family) PCI Express Root Port - 27E2Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: IntelService: pciName: Intel® PRO/1000 PL Network ConnectionDescription: Intel® PRO/1000 PL Network ConnectionClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: IntelService: e1expressProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8Class Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: IntelService: usbuhciName: USB Root HubDescription: USB Root HubClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9Class Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: IntelService: usbuhciName: USB Root HubDescription: USB Root HubClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: USB Human Interface DeviceDescription: USB Human Interface DeviceClass Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}Manufacturer: (Standard system devices)Service: HidUsbName: HID Keyboard DeviceDescription: HID Keyboard DeviceClass Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard keyboards)Service: kbdhidName: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CADescription: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CAClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: IntelService: usbuhciName: USB Root HubDescription: USB Root HubClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: USB Human Interface DeviceDescription: USB Human Interface DeviceClass Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}Manufacturer: (Standard system devices)Service: HidUsbName: HID-compliant mouseDescription: HID-compliant mouseClass Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: mouhidName: USB Composite DeviceDescription: USB Composite DeviceClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbccgpName: Dell Photo AIO Printer 924Description: Dell Photo AIO Printer 924Class Guid: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}Manufacturer: DellService: usbscanName: USB Printing SupportDescription: USB Printing SupportClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: MicrosoftService: usbprintName: Dell Photo AIO Printer 924Description: Dell Photo AIO Printer 924Class Guid: {4D36E979-E325-11CE-BFC1-08002BE10318}Manufacturer: Dell Inkjet DriversService:Name: USB Human Interface DeviceDescription: USB Human Interface DeviceClass Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}Manufacturer: (Standard system devices)Service: HidUsbName: HID-compliant deviceDescription: HID-compliant deviceClass Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}Manufacturer: (Standard system devices)Service:Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CBDescription: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CBClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: IntelService: usbuhciName: USB Root HubDescription: USB Root HubClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CCDescription: Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CCClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: IntelService: usbehciName: USB Root HubDescription: USB Root HubClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: USB Mass Storage DeviceDescription: USB Mass Storage DeviceClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: Compatible USB storage deviceService: USBSTORName: SanDisk Cruzer USB DeviceDescription: Disk driveClass Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard disk drives)Service: diskName: Generic volumeDescription: Generic volumeClass Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}Manufacturer: MicrosoftService:Name: SanDisk Cruzer USB DeviceDescription: CD-ROM DriveClass Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard CD-ROM drives)Service: cdromName: Intel® 82801 PCI Bridge - 244EDescription: Intel® 82801 PCI Bridge - 244EClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: IntelService: pciName: Intel® 537EP V9x DF PCI ModemDescription: Intel® 537EP V9x DF PCI ModemClass Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}Manufacturer: Intel CorporationService: ModemName: Unimodem Half-Duplex Audio DeviceDescription: Unimodem Half-Duplex Audio DeviceClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: MODEMCSAName: Intel® 82801GH (ICH7DH) LPC Interface Controller - 27B0Description: Intel® 82801GH (ICH7DH) LPC Interface Controller - 27B0Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: IntelService: isapnpName: ISAPNP Read Data PortDescription: ISAPNP Read Data PortClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System boardDescription: System boardClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Direct memory access controllerDescription: Direct memory access controllerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Numeric data processorDescription: Numeric data processorClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Programmable interrupt controllerDescription: Programmable interrupt controllerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System speakerDescription: System speakerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System CMOS/real time clockDescription: System CMOS/real time clockClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System timerDescription: System timerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Standard floppy disk controllerDescription: Standard floppy disk controllerClass Guid: {4D36E969-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard floppy disk controllers)Service: fdcName: Floppy disk driveDescription: Floppy disk driveClass Guid: {4D36E980-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard floppy disk drives)Service: flpydiskName: Intel® 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DFDescription: Intel® 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DFClass Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}Manufacturer: IntelService: pciideName: Primary IDE ChannelDescription: Primary IDE ChannelClass Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard IDE ATA/ATAPI controllers)Service: atapiName: SONY DVD-ROM DDU1615Description: CD-ROM DriveClass Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard CD-ROM drives)Service: cdromName: HL-DT-ST DVD+-RW GWA4164BDescription: CD-ROM DriveClass Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard CD-ROM drives)Service: cdromName: Intel® 82801GR/GH SATA AHCI ControllerDescription: Intel® 82801GR/GH SATA AHCI ControllerClass Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService: iaStorName: ST380819ASDescription: Disk driveClass Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard disk drives)Service: diskName: Intel® 82801G (ICH7 Family) SMBus Controller - 27DADescription: Intel® 82801G (ICH7 Family) SMBus Controller - 27DAClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: IntelService:Name: System boardDescription: System boardClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Motherboard resourcesDescription: Motherboard resourcesClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: ACPI Fixed Feature ButtonDescription: ACPI Fixed Feature ButtonClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Logical Disk ManagerDescription: Logical Disk ManagerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: dmioName: Volume ManagerDescription: Volume ManagerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: ftdiskName: Generic volumeDescription: Generic volumeClass Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}Manufacturer: MicrosoftService:Name: Generic volumeDescription: Generic volumeClass Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}Manufacturer: MicrosoftService:Name: Generic volumeDescription: Generic volumeClass Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}Manufacturer: MicrosoftService:Name: AFDDescription: AFDClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AFDName: BeepDescription: BeepClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: BeepName: catchmeDescription: catchmeClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: catchmeName: dmbootDescription: dmbootClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: dmbootName: dmloadDescription: dmloadClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: dmloadName: DSproctDescription: DSproctClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: DSproctName: DellSupport UniDriverDescription: DellSupport UniDriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: dsunidrvName: FipsDescription: FipsClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: FipsName: Generic Packet ClassifierDescription: Generic Packet ClassifierClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: GpcName: HTTPDescription: HTTPClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: HTTPName: i2omgmtDescription: i2omgmtClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: i2omgmtName: IP Traffic Filter DriverDescription: IP Traffic Filter DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IpFilterDriverName: IP Network Address TranslatorDescription: IP Network Address TranslatorClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IpNatName: IPSEC driverDescription: IPSEC driverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IPSecName: ksecddDescription: ksecddClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: ksecddName: mnmddDescription: mnmddClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: mnmddName: mountmgrDescription: mountmgrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: mountmgrName: NDIS System DriverDescription: NDIS System DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NDISName: Remote Access NDIS TAPI DriverDescription: Remote Access NDIS TAPI DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NdisTapiName: NDIS Usermode I/O ProtocolDescription: NDIS Usermode I/O ProtocolClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NdisuioName: NDProxyDescription: NDProxyClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NDProxyName: NetBios over TcpipDescription: NetBios over TcpipClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NetBTName: NullDescription: NullClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NullName: NWLink IPX/SPX/NetBIOS Compatible Transport ProtocolDescription: NWLink IPX/SPX/NetBIOS Compatible Transport ProtocolClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NwlnkIpxName: NWLink NetBIOSDescription: NWLink NetBIOSClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NwlnkNbName: NWLink SPX/SPXII ProtocolDescription: NWLink SPX/SPXII ProtocolClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NwlnkSpxName: PartMgrDescription: PartMgrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: PartMgrName: ParVdmDescription: ParVdmClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: ParVdmName: Remote Access Auto Connection DriverDescription: Remote Access Auto Connection DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: RasAcdName: RDPCDDDescription: RDPCDDClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: RDPCDDName: SecdrvDescription: SecdrvClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: SecdrvName: TCP/IP Protocol DriverDescription: TCP/IP Protocol DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: TcpipName: VgaSaveDescription: VgaSaveClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: VgaSaveName: VolSnapDescription: VolSnapClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: VolSnapName: Remote Access IP ARP DriverDescription: Remote Access IP ARP DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: WanarpName: Windows Socket 2.0 Non-IFS Service Provider Support EnvironmentDescription: Windows Socket 2.0 Non-IFS Service Provider Support EnvironmentClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: WS2IFSLName: Audio CodecsDescription: Audio CodecsClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Legacy Audio DriversDescription: Legacy Audio DriversClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Media Control DevicesDescription: Media Control DevicesClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Legacy Video Capture DevicesDescription: Legacy Video Capture DevicesClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Video CodecsDescription: Video CodecsClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: WAN Miniport (L2TP)Description: WAN Miniport (L2TP)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: Rasl2tpName: WAN Miniport (IP)Description: WAN Miniport (IP)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: NdisWanName: WAN Miniport (IPX)Description: WAN Miniport (IPX)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: NdisWanName: WAN Miniport (PPPOE)Description: WAN Miniport (PPPOE)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: RasPppoeName: WAN Miniport (PPTP)Description: WAN Miniport (PPTP)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: PptpMiniportName: Intel® PRO/1000 PL Network Connection - Packet Scheduler MiniportDescription: Packet Scheduler MiniportClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: PSchedName: WAN Miniport (IP) - Packet Scheduler MiniportDescription: Packet Scheduler MiniportClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: PSchedName: Direct ParallelDescription: Direct ParallelClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: RasptiName: Terminal Server Device RedirectorDescription: Terminal Server Device RedirectorClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: rdpdrName: Terminal Server Keyboard DriverDescription: Terminal Server Keyboard DriverClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: TermDDName: Terminal Server Mouse DriverDescription: Terminal Server Mouse DriverClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: TermDDName: Plug and Play Software Device EnumeratorDescription: Plug and Play Software Device EnumeratorClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: swenumName: Microsoft Kernel System Audio DeviceDescription: Microsoft Kernel System Audio DeviceClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: sysaudioName: Microsoft WINMM WDM Audio Compatibility DriverDescription: Microsoft WINMM WDM Audio Compatibility DriverClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: wdmaudName: Microsoft Kernel Wave Audio MixerDescription: Microsoft Kernel Wave Audio MixerClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: kmixerName: Microcode Update DeviceDescription: Microcode Update DeviceClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: updateName: Microsoft System Management BIOS DriverDescription: Microsoft System Management BIOS DriverClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: mssmbios========================= Memory info: ===================================Percentage of memory in use: 43%Total physical RAM: 1022.09 MBAvailable physical RAM: 582.36 MBTotal Pagefile: 2459.75 MBAvailable Pagefile: 2130.99 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1970.7 MB========================= Partitions: =====================================2 Drive c: () (Fixed) (Total:69.79 GB) (Free:19.35 GB) NTFS5 Drive g: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS6 Drive h: () (Removable) (Total:1.86 GB) (Free:1.72 GB) FAT========================= Users: ========================================User accounts for \\JADAAdministrator Guest HelpAssistant Jada & Aaron Admin Jada and Aaron SUPPORT_388945a0 ========================= Minidump Files ==================================C:\WINDOWS\Minidump\Mini103009-01.dmpC:\WINDOWS\Minidump\Mini112709-01.dmp**** End of log **** Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 21, 2012 Root Admin ID:625575 Share Posted December 21, 2012 Please uninstall the following Java apps from your Control Panel, Programs - Add/RemoveJava Auto Updater (Version: 2.0.3.1)Java™ 6 Update 24 (Version: 6.0.240)Please run MBAM and check for updates and do a Quick Scan and post back the log.How is the computer running now?Are there still any signs of an infection? Link to post Share on other sites More sharing options...
ajexpress Posted December 22, 2012 Author ID:626096 Share Posted December 22, 2012 Computer seems to be fine.....but always seemed fairly fine outside of no internet access and it would always take forever to shutdown or restart. MBAM log below. Keep in mind this isn't an updated MBAM due to internet access, but I could put it on the thumb drive and update that way. Let me know if that's what you want me to do. I'll try accessing the internet again and report my findings. Malwarebytes' Anti-Malware 1.41Database version: 3062Windows 5.1.2600 Service Pack 312/22/2012 1:23:35 PMmbam-log-2012-12-22 (13-23-35).txtScan type: Quick ScanObjects scanned: 120968Time elapsed: 5 minute(s), 27 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected) Link to post Share on other sites More sharing options...
ajexpress Posted December 22, 2012 Author ID:626097 Share Posted December 22, 2012 I have internet connectivity again. Attempted to update MBAM and got Error Code: 732 (0,0) Link to post Share on other sites More sharing options...
ajexpress Posted December 22, 2012 Author ID:626100 Share Posted December 22, 2012 Sorry, following another post and removing the existing MBAM and downloading the latest version. Post the log when I use the updated MBAM. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 22, 2012 Root Admin ID:626120 Share Posted December 22, 2012 Please do the following and let us know if this corrects the issue for you or not. Download and run mbam-clean.exe from hereIt will ask to restart your computer, please allow it to do so very importantAfter the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from hereNote: You will need to reactivate the program using the license you were sent via email if using the Pro versionYou can also look up your ID and Key from the Registry and copy and paste it to a Notepad document before running the mbam-clean utility.Location for Windows x86HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-MalwareLocation for Windows x64HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-MalwareIf you cannot locate your registration in the Registry and no longer have access to your order number you can contact Cleverbridge to obtain information about your order and registration information.Cleverbridge customer serviceLaunch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it. Link to post Share on other sites More sharing options...
ajexpress Posted December 22, 2012 Author ID:626121 Share Posted December 22, 2012 W/Updated MBAM.Malwarebytes Anti-Malware (Trial) 1.65.1.1000www.malwarebytes.orgDatabase version: v2012.12.22.05Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702Administrator :: JADA [administrator]Protection: Enabled12/22/2012 1:45:01 PMmbam-log-2012-12-22 (13-45-01).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 251091Time elapsed: 8 minute(s), 11 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 24, 2012 Root Admin ID:626553 Share Posted December 24, 2012 How is the computer running for you now? Is the network connection working now?What issue if any are you still having?Thanks Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 25, 2012 Root Admin ID:626765 Share Posted December 25, 2012 Since it's Christmas we'll probably have to pick back up on this in another day or two.Thanks Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 27, 2012 Root Admin ID:627193 Share Posted December 27, 2012 So how is the computer running now? Is it able to connect to the Internet now on it's own in Normal Mode? Link to post Share on other sites More sharing options...
ajexpress Posted December 28, 2012 Author ID:627618 Share Posted December 28, 2012 The internet connection is back. Before it was very, very slow to shutdown.....I'd say it would almost take almost 5 minutes for it to shutdown or restart. I haven't been able to test that yet, but will tonight. Overall it appears much better. I'll get a chance to test it more thoroughly tonight and I'll report my findings. Thanks again for your help. Link to post Share on other sites More sharing options...
ajexpress Posted December 28, 2012 Author ID:627783 Share Posted December 28, 2012 Ok, the internet connection is great. But, when I go to start > turn off computer it takes roughly two minutes for the box to come up which gives the options of turning off or restarting. Any ideas? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 29, 2012 Root Admin ID:627828 Share Posted December 29, 2012 Well unfortunately slowness can be caused by all types of issues. As long as the computer is no longer infected then you'd need to try and see if you can get general assistance in the General PC help forum.Let me have you run the following one more time though just to take a look at anything else that might be going on.Please run the MiniToolBox from STEP 4 from near the top of your post I replied with. Then run a DDS report as well and attach back all the logs please.Please run the following scanner and send back the logs.Download DDS from one of the locations below and save to your Desktopdds.scrdds.comTemporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsOnce downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administratorClick the Run button if prompted with an Open File - Security Warning dialog box.A black DOS console should open and run for a moment. When done, DDS will open two (2) logs:DDS.txtAttach.txtSave both reports to your desktopPlease include the following logs in your next reply: DDS.txt and Attach.txtYou can ignore the note about zipping the Attach.txt file in most cases.Thanks Link to post Share on other sites More sharing options...
ajexpress Posted January 3, 2013 Author ID:629935 Share Posted January 3, 2013 MiniToolBox by Farbar Version: 25-11-2012Ran by Jada and Aaron (administrator) on 02-01-2013 at 20:16:27Running from "C:\Documents and Settings\Jada and Aaron\My Documents\Downloads"Microsoft Windows XP Service Pack 3 (X86)Boot Mode: Normal***************************************************************************========================= Flush DNS: ===================================Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.========================= IE Proxy Settings: ==============================Proxy is not enabled.No Proxy Server is set."Reset IE Proxy Settings": IE Proxy Settings were reset.========================= FF Proxy Settings: =============================="Reset FF Proxy Settings": Firefox Proxy settings were reset.========================= Hosts content: =================================127.0.0.1 localhost========================= IP Configuration: ================================Intel® PRO/1000 PL Network Connection = Local Area Connection (Connected)# ----------------------------------# Interface IP Configuration # ----------------------------------pushd interface ip# Interface IP Configuration for "Local Area Connection"set address name="Local Area Connection" source=dhcpset dns name="Local Area Connection" source=dhcp register=PRIMARYset wins name="Local Area Connection" source=dhcppopd# End of interface IP configurationWindows IP Configuration Host Name . . . . . . . . . . . . : Jada Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel® PRO/1000 PL Network Connection Physical Address. . . . . . . . . : 00-12-3F-7E-45-E3 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 71.11.122.41 Subnet Mask . . . . . . . . . . . : 255.255.252.0 Default Gateway . . . . . . . . . : 71.11.120.1 DHCP Server . . . . . . . . . . . : 68.114.37.12 DNS Servers . . . . . . . . . . . : 24.217.0.5 24.217.201.67 24.247.15.53 NetBIOS over Tcpip. . . . . . . . : Disabled Lease Obtained. . . . . . . . . . : Wednesday, January 02, 2013 7:51:04 PM Lease Expires . . . . . . . . . . : Wednesday, January 02, 2013 8:51:04 PMServer: vip01olvemo.stls.mo.charter.comAddress: 24.217.0.5Name: google.comAddresses: 74.125.225.66, 74.125.225.73, 74.125.225.69, 74.125.225.64 74.125.225.71, 74.125.225.78, 74.125.225.68, 74.125.225.72, 74.125.225.65 74.125.225.70, 74.125.225.67Pinging google.com [74.125.225.41] with 32 bytes of data:Reply from 74.125.225.41: bytes=32 time=18ms TTL=54Reply from 74.125.225.41: bytes=32 time=19ms TTL=54Ping statistics for 74.125.225.41: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 18ms, Maximum = 19ms, Average = 18msServer: vip01olvemo.stls.mo.charter.comAddress: 24.217.0.5Name: yahoo.comAddresses: 98.138.253.109, 98.139.183.24, 72.30.38.140Pinging yahoo.com [98.138.253.109] with 32 bytes of data:Reply from 98.138.253.109: bytes=32 time=45ms TTL=51Reply from 98.138.253.109: bytes=32 time=53ms TTL=51Ping statistics for 98.138.253.109: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 45ms, Maximum = 53ms, Average = 49msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================Interface List0x1 ........................... MS TCP Loopback interface0x10003 ...00 12 3f 7e 45 e3 ...... Intel® PRO/1000 PL Network Connection======================================================================================================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 71.11.120.1 71.11.122.41 10 71.11.120.0 255.255.252.0 71.11.122.41 71.11.122.41 10 71.11.122.41 255.255.255.255 127.0.0.1 127.0.0.1 10 71.255.255.255 255.255.255.255 71.11.122.41 71.11.122.41 10 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 169.254.0.0 255.255.0.0 71.11.122.41 71.11.122.41 20 224.0.0.0 240.0.0.0 71.11.122.41 71.11.122.41 10 255.255.255.255 255.255.255.255 71.11.122.41 71.11.122.41 1Default Gateway: 71.11.120.1===========================================================================Persistent Routes: None========================= Winsock entries =====================================Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 17 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)Catalog9 18 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)========================= Event log errors: ===============================Application errors:==================Error: (12/22/2012 05:08:52 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1046156Error: (12/22/2012 05:08:52 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 1046156Error: (12/22/2012 05:08:52 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a secondError: (12/20/2012 07:35:33 PM) (Source: ESENT) (User: )Description: wuauclt (3388) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).Error: (12/04/2012 07:38:02 PM) (Source: ESENT) (User: )Description: svchost (1168) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).Error: (12/04/2012 07:38:01 PM) (Source: ESENT) (User: )Description: svchost (1168) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 35109Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 35109Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a secondError: (12/04/2012 07:38:00 PM) (Source: ESENT) (User: )Description: svchost (1168) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).System errors:=============Error: (01/02/2013 07:51:07 PM) (Source: W32Time) (User: )Description: The time provider NtpClient is configured to acquire time from one or moretime sources, however none of the sources are currently accessible.No attempt to contact a source will be made for 15 minutes.NtpClient has no source of accurate time.Error: (01/02/2013 07:51:07 PM) (Source: W32Time) (User: )Description: Time Provider NtpClient: An error occurred during DNS lookup of the manuallyconfigured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15minutes.The error was: A socket operation was attempted to an unreachable host. (0x80072751)Error: (01/02/2013 07:51:07 PM) (Source: W32Time) (User: )Description: The time provider NtpClient is configured to acquire time from one or moretime sources, however none of the sources are currently accessible.No attempt to contact a source will be made for 14 minutes.NtpClient has no source of accurate time.Error: (01/02/2013 07:51:07 PM) (Source: W32Time) (User: )Description: Time Provider NtpClient: An error occurred during DNS lookup of the manuallyconfigured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15minutes.The error was: A socket operation was attempted to an unreachable host. (0x80072751)Error: (01/02/2013 07:51:00 PM) (Source: Dhcp) (User: )Description: Your computer has lost the lease to its IP address 71.10.188.91 on theNetwork Card with network address 00123F7E45E3.Error: (12/30/2012 11:15:44 AM) (Source: Dhcp) (User: )Description: Your computer has lost the lease to its IP address 71.10.188.91 on theNetwork Card with network address 00123F7E45E3.Error: (12/29/2012 00:17:09 PM) (Source: Dhcp) (User: )Description: Your computer has lost the lease to its IP address 24.217.27.141 on theNetwork Card with network address 00123F7E45E3.Error: (12/28/2012 05:27:33 PM) (Source: DCOM) (User: NT AUTHORITY)Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.Error: (12/28/2012 05:25:23 PM) (Source: DCOM) (User: JADA)Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.Error: (12/28/2012 05:18:11 PM) (Source: DCOM) (User: JADA)Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.Microsoft Office Sessions:=========================Error: (12/22/2012 05:08:52 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1046156Error: (12/22/2012 05:08:52 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 1046156Error: (12/22/2012 05:08:52 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a secondError: (12/20/2012 07:35:33 PM) (Source: ESENT)(User: )Description: wuauclt3388C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.Error: (12/04/2012 07:38:02 PM) (Source: ESENT)(User: )Description: svchost1168C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.Error: (12/04/2012 07:38:01 PM) (Source: ESENT)(User: )Description: svchost1168C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 35109Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 35109Error: (12/04/2012 07:38:00 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a secondError: (12/04/2012 07:38:00 PM) (Source: ESENT)(User: )Description: svchost1168C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.=========================== Installed Programs ============================ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.41612)Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)Adobe Flash Player 11 Plugin (Version: 11.3.300.262)Adobe Reader 7.0.9 (Version: 7.0.9)Adobe Shockwave Player 11.5 (Version: 11.5.9.620)AGEIA PhysX v2.4.4Air Conflicts Single Player DemoAOLIcon (Version: 1.00.0000)Apple Application Support (Version: 2.3.2)Apple Mobile Device Support (Version: 6.0.1.3)Apple Software Update (Version: 2.1.3.127)ArcSoft Panorama Maker 4ATI Control Panel (Version: 6.14.10.5160)ATI Display Driver (Version: 8.162-050803a2-025672C-Dell)Battlefield VietnamBlasterball 2 (Version: 09/20/2005 11:55 AM)Bonjour (Version: 3.0.0.10)Canon PhotoRecordCanon PowerShot A40 WIA DriverCanon Utilities PhotoStitch 3.1Canon Utilities RAW Image ConverterCanon Utilities RemoteCapture 2.2Canon Utilities ZoomBrowser EXCompatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)Corel Photo Album 6 (Version: 6.00)Dell Digital Jukebox DriverDell Driver Reset Tool (Version: 1.02.0000)Dell Game ConsoleDell Photo AIO Printer 924Dell System Restore (Version: 2.00.0000)DellSupport (Version: 6.0.3062)Digital Content Portal (Version: 1.00.0000)EducateU (Version: 1.00.0000)Facebook Plug-InFastStone Image Viewer 3.9 (Version: 3.9)File Uploader (Version: 1.1.1)GEAR driver installer for x86 and x64 (Version: 4.015.1)Google AFEGoogle Chrome (Version: 23.0.1271.97)Google Earth (Version: 6.1.0.5001)Google Gears (Version: 0.5.3600)Google Update Helper (Version: 1.3.21.123)Google Updater (Version: 2.4.2432.1652)High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)Intel Matrix Storage ManagerIntel® 537EP V9x DF PCI ModemIntel® PRO Network Connections DriversIntel® PROSet for Wired Connections (Version: 9.30.0000)iPod for Windows 2006-01-10 (Version: 4.7.0)iTunes (Version: 11.0.1.12)Jasc Paint Shop Photo Album 5 (Version: 5.21)Learn2 Player (Uninstall Only)Macromedia Flash Player (Version: 7.0.19.0)Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)MCU (Version: 1.00.0000)Memeo Instant Backup (Version: 4.60.0.7923)Microsoft .NET Framework 1.0 Hotfix (KB2572066)Microsoft .NET Framework 1.0 Hotfix (KB953295)Microsoft .NET Framework 1.0 Hotfix (KB979904)Microsoft .NET Framework 1.1 (Version: 1.1.4322)Microsoft .NET Framework 1.1 Security Update (KB2656353)Microsoft .NET Framework 1.1 Security Update (KB979906)Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)Microsoft Document Explorer 2005Microsoft Document Explorer 2005 (Version: 8.0.50727.42)Microsoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office File Validation Add-In (Version: 14.0.5130.5003)Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)MobileMe Control Panel (Version: 3.1.6.0)Modem Event MonitorModem Helper (Version: 2.40)Modem On Hold (Version: 1.12)Mozilla Firefox (3.6.3) (Version: 3.6.3 (en-US))MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)Musicmatch for Windows Media Player (Version: 0.00.000)Musicmatch® Jukebox (Version: 10.10.1038)Nikon Message Center (Version: 0.92.000)Nikon Transfer (Version: 1.3.0)OttoPicasa 3 (Version: 3.8)PowerDVD 5.5PunkBuster Services (Version: 0.988)QuickBooks Simple Start Special Edition (Version: )QuickTime (Version: 7.73.80.64)Sonic Encoders (Version: 1.00)Spybot - Search & Destroy (Version: 1.6.2)SpywareBlaster 4.2 (Version: 4.2.0)Tweak UIUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)Update for Windows Internet Explorer 8 (KB976662) (Version: 1)Update for Windows Media Player 10 (KB910393)Update for Windows Media Player 10 (KB913800)Update for Windows Media Player 10 (KB926251)Update for Windows XP (KB2141007) (Version: 1)Update for Windows XP (KB2345886) (Version: 1)Update for Windows XP (KB2467659) (Version: 1)Update for Windows XP (KB2541763) (Version: 1)Update for Windows XP (KB2607712) (Version: 1)Update for Windows XP (KB2616676) (Version: 1)Update for Windows XP (KB2641690) (Version: 1)Update for Windows XP (KB951072-v2) (Version: 2)Update for Windows XP (KB951978) (Version: 1)Update for Windows XP (KB955759) (Version: 1)Update for Windows XP (KB955839) (Version: 1)Update for Windows XP (KB967715) (Version: 1)Update for Windows XP (KB968389) (Version: 1)Update for Windows XP (KB971029) (Version: 1)Update for Windows XP (KB971737) (Version: 1)Update for Windows XP (KB973687) (Version: 1)Update for Windows XP (KB973815) (Version: 1)Update Rollup 2 for Windows XP Media Center Edition 2005V1 Home 2.0 (Version: 2.02.13)VandMWD Diagnostics (Version: 1.09.0002)WebFldrs XP (Version: 9.50.7523)WildTangent Web DriverWindows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)Windows Genuine Advantage Notifications (KB905474) (Version: 1.5.0540.0)Windows Genuine Advantage Validation ToolWindows Internet Explorer 7 (Version: 20061027.150806)Windows Internet Explorer 8 (Version: 20090308.140743)Windows Media Format 11 runtimeWindows Media Player 10 (Version: 9.00.3636)Windows Media Player 10 Hotfix - KB895316Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]Windows Media Player 11Windows Media Player Firefox Plugin (Version: 1.0.0.8)Windows PowerShell 1.0 (Version: 2)Windows XP Media Center Edition 2005 KB2502898Windows XP Media Center Edition 2005 KB2619340Windows XP Media Center Edition 2005 KB2628259Windows XP Media Center Edition 2005 KB908246Windows XP Media Center Edition 2005 KB925766Windows XP Media Center Edition 2005 KB973768Windows XP Service Pack 3 (Version: 20080414.031525)WordPerfect Office 12 (Version: 12.01)========================= Devices: ========================================================= Memory info: ===================================Percentage of memory in use: 62%Total physical RAM: 1022.09 MBAvailable physical RAM: 383.58 MBTotal Pagefile: 2459.75 MBAvailable Pagefile: 1929.96 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1970.7 MB========================= Partitions: =====================================2 Drive c: () (Fixed) (Total:69.79 GB) (Free:20.06 GB) NTFS========================= Users: ========================================User accounts for \\JADAAdministrator Guest HelpAssistant Jada & Aaron Admin Jada and Aaron SUPPORT_388945a0 ========================= Minidump Files ==================================C:\WINDOWS\Minidump\Mini103009-01.dmpC:\WINDOWS\Minidump\Mini112709-01.dmp**** End of log ****DDS (Ver_2012-11-20.01) - NTFS_x86Internet Explorer: 8.0.6001.18702Run by Jada and Aaron at 20:23:05 on 2013-01-02Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.373 [GMT -6:00].AV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}.============== Running Processes ================.C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\WINDOWS\stsystra.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeC:\Program Files\Intel\Modem Event Monitor\IntelMEM.exeC:\Program Files\CyberLink\PowerDVD\DVDLauncher.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Dell Photo AIO Printer 924\dlccmon.exeC:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exeC:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exeC:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\DellSupport\DSAgnt.exeC:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\PnkBstrA.exeC:\WINDOWS\system32\locator.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\WINDOWS\ehome\mcrdsvc.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\system32\dlcccoms.exeC:\Program Files\Memeo\AutoBackup\InstantBackup.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\System32\alg.exeC:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exeC:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exec:\program files\common files\installshield\updateservice\isuspm.exeC:\Program Files\Common Files\InstallShield\UpdateService\agent.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\system32\svchost.exe -k DcomLaunchC:\WINDOWS\system32\svchost.exe -k rpcssC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k imgsvc.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.comuSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uInternet Connection Wizard,ShellNext = iexploreuSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%suURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned>dURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned>BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllBHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dllBHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startupuRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exemRun: [sigmatelSysTrayApp] stsystra.exemRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exemRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exemRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startupmRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -startmRun: [MimBoot] c:\progra~1\musicm~1\musicm~3\mimboot.exemRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,_RunDLLEntry@16mRun: [dlccmon.exe] "c:\program files\dell photo aio printer 924\dlccmon.exe"mRun: [hcsystray] c:\program files\kuma games\hcsystray\hc_tray.exemRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exemRun: [Corel Photo Downloader] c:\program files\corel\corel photo album 6\MediaDetect.exemRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [Memeo Instant Backup] c:\program files\memeo\autobackup\MemeoLauncher2.exe --silent --no_uimRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"dRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:323uPolicies-Explorer: NoDriveAutoRun = dword:67108863uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDriveAutoRun = dword:67108863mPolicies-Explorer: NoDriveTypeAutoRun = dword:323mPolicies-Explorer: NoDrives = dword:0mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:323mPolicies-Explorer: NoDriveAutoRun = dword:67108863IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cabDPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cabDPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos.walmart.com/WalmartActivia.cabDPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cabDPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cabDPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143094851980DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cabTCP: NameServer = 24.217.0.5 24.217.201.67 24.247.15.53TCP: Interfaces\{C743B2E2-AF0C-452C-859C-A8CDE93C121B} : DHCPNameServer = 24.217.0.5 24.217.201.67 24.247.15.53Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\jada and aaron\application data\mozilla\firefox\profiles\vgfg5fqn.default\FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dllFF - plugin: c:\documents and settings\jada and aaron\application data\facebook\npfbplugin_1_0_1.dllFF - plugin: c:\documents and settings\jada and aaron\application data\facebook\npfbplugin_1_0_3.dllFF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dllFF - plugin: c:\program files\google\picasa3\npPicasa2.dllFF - plugin: c:\program files\google\picasa3\npPicasa3.dllFF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dllFF - plugin: c:\program files\mozilla firefox\plugins\NPcol500.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dllFF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtensionFF - Ext: XULRunner: {9538ED55-A687-4328-A5EA-E0DBED2FAAF1} - c:\documents and settings\administrator\local settings\application data\{9538ED55-A687-4328-A5EA-E0DBED2FAAF1}FF - Ext: Google Gears: {000a9d1c-beef-4f90-9363-039d445309b8} - c:\program files\google\google gears\Firefox.============= SERVICES / DRIVERS ===============.R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-22 399432]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-22 676936]R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-22 22856]S4 0268541270047218mcinstcleanup;McAfee Application Installer Cleanup (0268541270047218);c:\windows\temp\026854~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\026854~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]S4 MemeoBackgroundService;MemeoBackgroundService;c:\program files\memeo\autobackup\MemeoBackgroundService.exe [2011-5-4 25824].=============== Created Last 30 ================.2012-12-22 20:51:56 -------- d-----w- c:\program files\iTunes2012-12-22 20:51:56 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E12012-12-22 19:43:27 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes2012-12-22 19:43:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2012-12-22 19:43:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-12-21 02:06:56 -------- d-----w- c:\windows\ERUNT2012-12-21 02:06:48 -------- d-----w- C:\JRT2012-12-16 22:36:17 98816 ----a-w- c:\windows\sed.exe2012-12-16 22:36:17 256000 ----a-w- c:\windows\PEV.exe2012-12-16 22:36:17 208896 ----a-w- c:\windows\MBR.exe.==================== Find3M ====================.2012-10-25 09:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx2012-10-25 09:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts2009-09-14 17:44:21 10038 ----a-w- c:\program files\common files\fedykyjasi.pif.============= FINISH: 20:23:17.77 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume2Install Date: 1/3/2006 12:19:49 PMSystem Uptime: 1/2/2013 12:28:02 PM (8 hours ago).Motherboard: Dell Inc. | | 0YC523Processor: Intel® Pentium® D CPU 2.80GHz | Microprocessor | 2793/800mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 70 GiB total, 20.062 GiB free.D: is CDROM ()E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP704: 10/20/2012 10:35:34 AM - System CheckpointRP705: 11/8/2012 7:18:48 PM - System CheckpointRP706: 12/4/2012 8:00:58 PM - ComboFix created restore pointRP707: 12/6/2012 5:49:48 PM - System CheckpointRP708: 12/15/2012 1:26:30 PM - System CheckpointRP709: 12/16/2012 4:34:13 PM - System CheckpointRP710: 12/20/2012 7:46:15 PM - Removed AVG 2012RP711: 12/20/2012 7:48:12 PM - Removed AVG 2012RP712: 12/21/2012 8:00:31 PM - System CheckpointRP713: 12/22/2012 1:13:32 PM - Removed Java 6 Update 24RP714: 12/22/2012 2:27:40 PM - Removed Company of Heroes.RP715: 12/22/2012 2:29:34 PM - Removed Quake Live Mozilla PluginRP716: 12/22/2012 2:32:26 PM - Removed SafariRP717: 12/22/2012 2:34:55 PM - Configured Battlefield VietnamRP718: 12/23/2012 2:55:30 PM - System CheckpointRP719: 12/28/2012 5:53:57 PM - System CheckpointRP720: 12/30/2012 11:33:39 AM - System Checkpoint.==== Installed Programs ======================.ABBYY FineReader 6.0 SprintAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader 7.0.9Adobe Shockwave Player 11.5AGEIA PhysX v2.4.4Air Conflicts Single Player DemoAOLIconApple Application SupportApple Mobile Device SupportApple Software UpdateArcSoft Panorama Maker 4ATI Control PanelATI Display DriverBattlefield VietnamBlasterball 2BonjourCanon PhotoRecordCanon PowerShot A40 WIA DriverCanon Utilities PhotoStitch 3.1Canon Utilities RAW Image ConverterCanon Utilities RemoteCapture 2.2Canon Utilities ZoomBrowser EXCompatibility Pack for the 2007 Office systemCorel Photo Album 6Dell Digital Jukebox DriverDell Driver Reset ToolDell Game ConsoleDell Photo AIO Printer 924Dell System RestoreDellSupportDigital Content PortalEducateUFacebook Plug-InFastStone Image Viewer 3.9File UploaderGEAR driver installer for x86 and x64Google AFEGoogle ChromeGoogle EarthGoogle GearsGoogle Update HelperGoogle UpdaterHigh Definition Audio Driver Package - KB835221Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Internet Explorer 7 (KB947864)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 10 (KB903157)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB2158563)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB2570791)Hotfix for Windows XP (KB2633952)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)Hotfix for Windows XP (KB981793)Intel Matrix Storage ManagerIntel® 537EP V9x DF PCI ModemIntel® PRO Network Connections DriversIntel® PROSet for Wired ConnectionsiPod for Windows 2006-01-10iTunesJasc Paint Shop Photo Album 5Learn2 Player (Uninstall Only)Macromedia Flash PlayerMalwarebytes Anti-Malware version 1.65.1.1000MCUMemeo Instant BackupMicrosoft .NET Framework 1.0 Hotfix (KB2572066)Microsoft .NET Framework 1.0 Hotfix (KB953295)Microsoft .NET Framework 1.0 Hotfix (KB979904)Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB2656353)Microsoft .NET Framework 1.1 Security Update (KB979906)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Compression Client Pack 1.0 for Windows XPMicrosoft Document Explorer 2005Microsoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office File Validation Add-InMicrosoft Office Standard Edition 2003Microsoft Plus! Digital Media Edition InstallerMicrosoft Plus! Photo Story 2 LEMicrosoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161MobileMe Control PanelModem Event MonitorModem HelperModem On HoldMozilla Firefox (3.6.3)MSXML 4.0 SP2 (KB925672)MSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 6.0 Parser (KB933579)Musicmatch for Windows Media PlayerMusicmatch® JukeboxNikon Message CenterNikon TransferOttoPicasa 3PowerDVD 5.5PunkBuster ServicesQuickBooks Simple Start Special EditionQuickTimeSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft Windows (KB2564958)Security Update for Windows Internet Explorer 7 (KB928090)Security Update for Windows Internet Explorer 7 (KB929969)Security Update for Windows Internet Explorer 7 (KB931768)Security Update for Windows Internet Explorer 7 (KB933566)Security Update for Windows Internet Explorer 7 (KB937143)Security Update for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB939653)Security Update for Windows Internet Explorer 7 (KB942615)Security Update for Windows Internet Explorer 7 (KB944533)Security Update for Windows Internet Explorer 7 (KB950759)Security Update for Windows Internet Explorer 7 (KB953838)Security Update for Windows Internet Explorer 7 (KB956390)Security Update for Windows Internet Explorer 7 (KB958215)Security Update for Windows Internet Explorer 7 (KB960714)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Internet Explorer 7 (KB972260)Security Update for Windows Internet Explorer 8 (KB2482017)Security Update for Windows Internet Explorer 8 (KB2497640)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2530548)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2559049)Security Update for Windows Internet Explorer 8 (KB2586448)Security Update for Windows Internet Explorer 8 (KB2618444)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Internet Explorer 8 (KB982381)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 10 (KB911565)Security Update for Windows Media Player 10 (KB917734)Security Update for Windows Media Player 10 (KB936782)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2160329)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2279986)Security Update for Windows XP (KB2286198)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2296199)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2436673)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2476687)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479628)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485376)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2491683)Security Update for Windows XP (KB2503658)Security Update for Windows XP (KB2503665)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2506223)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2511455)Security Update for Windows XP (KB2524375)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2536276)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2544893)Security Update for Windows XP (KB2555917)Security Update for Windows XP (KB2562937)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2567053)Security Update for Windows XP (KB2567680)Security Update for Windows XP (KB2570222)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2624667)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2633171)Security Update for Windows XP (KB2639417)Security Update for Windows XP (KB2646524)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB938464-v2)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951376)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953839)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981852)Security Update for Windows XP (KB981957)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982665)Security Update for Windows XP (KB982802)Sonic EncodersSpybot - Search & DestroySpywareBlaster 4.2Tweak UIUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 8 (KB2447568)Update for Windows Internet Explorer 8 (KB976662)Update for Windows Media Player 10 (KB910393)Update for Windows Media Player 10 (KB913800)Update for Windows Media Player 10 (KB926251)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2467659)Update for Windows XP (KB2541763)Update for Windows XP (KB2607712)Update for Windows XP (KB2616676)Update for Windows XP (KB2641690)Update for Windows XP (KB951072-v2)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)Update Rollup 2 for Windows XP Media Center Edition 2005V1 Home 2.0VandMWD DiagnosticsWebFldrs XPWildTangent Web DriverWindows Feature Pack for Storage (32-bit) - IMAPI update for Blu-RayWindows Genuine Advantage Notifications (KB905474)Windows Genuine Advantage Validation ToolWindows Internet Explorer 7Windows Internet Explorer 8Windows Media Format 11 runtimeWindows Media Player 10Windows Media Player 10 Hotfix - KB895316Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]Windows Media Player 11Windows Media Player Firefox PluginWindows PowerShell 1.0Windows XP Media Center Edition 2005 KB2502898Windows XP Media Center Edition 2005 KB2619340Windows XP Media Center Edition 2005 KB2628259Windows XP Media Center Edition 2005 KB908246Windows XP Media Center Edition 2005 KB925766Windows XP Media Center Edition 2005 KB973768Windows XP Service Pack 3WordPerfect Office 12.==== Event Viewer Messages From Past Week ========.1/2/2013 7:51:07 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751).==== End Of File =========================== Link to post Share on other sites More sharing options...
ajexpress Posted January 3, 2013 Author ID:629936 Share Posted January 3, 2013 Sorry for the delay, the holidays had me away from the computer. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 4, 2013 Root Admin ID:630352 Share Posted January 4, 2013 No problem, busy time for most of us.Please check for updates with Malwarebytes it is now on version 1.7 and the logs show you're using an older one still.Then do a Quick Scan and post back that log on your next reply.You uninstalled AVG antivirus but I don't see that you've installed a different antivirus. Please choose an antivirus and install it and update it and do a System Scan with it and let me know if it finds anything.Thank you Link to post Share on other sites More sharing options...
ajexpress Posted January 12, 2013 Author ID:633057 Share Posted January 12, 2013 Malwarebytes Anti-Malware 1.70.0.1100www.malwarebytes.orgDatabase version: v2013.01.11.15Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702Jada and Aaron :: JADA [administrator]1/11/2013 6:06:25 PMMBAM-log-2013-01-11 (18-19-43).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 253880Time elapsed: 10 minute(s), 46 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 1HKCU\SOFTWARE\U36VRSFLG6 (Trojan.FakeAlert) -> No action taken.Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
ajexpress Posted January 12, 2013 Author ID:633079 Share Posted January 12, 2013 Cut & Paste from AVG scan."";"Found registry key with reference to infected file C:\WINDOWS\system32\drivers\netbt.sys, HKLM\SYSTEM\CurrentControlSet\services\NetBT";"Secured" Link to post Share on other sites More sharing options...
Recommended Posts