MSVBVM60.dll is missing

[dkarst]

It seems like this is common problem but I haven't been able to locate in FAQs or be comfortable with other solutions. MBam has been working perfectly for years, I update and scan weekly. Today went to update and I get the topic error, un-install and reinstall a couple times, reboots, tried this fix-->Microsoft Visual Basic 6.0 Common Controls, still no luck. Don't think I'm infected with anything just can't get update. please help

[daledoc1]

Hi,

I'm just a forum volunteer, but I don't recall seeing this problem recently here at the MBAM forum.

AFAIK, that's a really old VB DLL.

What's your OS?

Have you recently used any registry "cleaners", "optimizers", "tweakers" or similar programs?

Until an MBAM staffer stops by, it might help to know a bit more about your system.

Please follow the instructions below and post back with the following logs as attachments to your next reply:

• Checkresults.txt from mbam-check
  
• A couple of protection logs, if you have them
  
• DDS.txt from DDS
  
• Attach.txt from DDS
  

These will provide the MBAM staff with a bit of information that will help them to pinpoint the cause and the solution for you.

Thanks!

daledoc1

PS A routine Google search turned up this tutorial, which might be helpful?

http://pcsupport.about.com/od/findbyerrormessage/a/msvbvm60-dll-not-found-missing-error.htm

-----------------------------

Step 1 -- Create an mbam-check log:

Download mbam-check.exe from HERE and save it to your desktop.

Double-click on mbam-check.exe to run it, it should then open a log file.

Please attach to your next reply the CheckResults.txt file which should now be located on your desktop.

Then, if you can, please also upload your 3 most recent Protection module logs:

In Windows XP, these logs are located in: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

In Windows Vista/7/8, these logs are located in: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Step 2 -- Run DDS and create 2 logs:

Download DDS from one of the locations below and save it to your Desktop:

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once it is downloaded, you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.

• 
  When done, DDS will open two (2) logs:
• 
  
  1. DDS.txt
     
  2. Attach.txt
     

• Save both reports to your desktop
  
• Please attach both of the following logs to your next reply: DDS.txt and Attach.txt
  --->You can ignore the note about zipping the Attach.txt file in most cases.
  

[dkarst]

Sorry to be so short in initial post but hoping this is easier fix than most. System is HP/Compaq running XP SP3 and I haven't done tweaking/optimizing etc. and try to stay away from trouble as don't enjoy fixing.

Here is MBAM check:

mbam-check result log version: 2.0.0.1000

Malwarebytes Version: REG_SZ 1.70.0.1100

Date Log Created: 01/19/13

Time Log Created: 08:50:18

User Account type: Administrator

32 bit Operating System

Product Name: REG_SZ Microsoft Windows XP

Current Build Number: 2600

Current Version Number: 5.1

Current CSDVersion: Service Pack 3

OS Product Info: Professional

Proxy Status: No proxy is Set

Proxy Override:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\

ProxyOverride REG_SZ *.local

LAN Settings:

=============

No Settings are Set <--NOT DETECTING SETTING AUTOMATICALLY

SystemPartition:

================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\

SystemPartition REG_SZ \Device\HarddiskVolume1

Balloon Tips Status:

====================

Enabled

Time Format Settings:

=====================

Should be:

h:mm:ss tt

AM

PM

:

Currently:

REG_SZ h:mm:ss tt

REG_SZ AM

REG_SZ PM

REG_SZ :

Language and Regional Settings:

===============================

ACP: Language is English (United States)

MACCP: Language is English (United States)

OEMCP: Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:

====================================================

All Users Startup Folder Exists.

Current User's startup Folder Exists.

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

===============================================================================

TERMService:

==============

Type : 32

State : 4 (The service is running.) (State is stopped)

WIN32_EXIT_CODE : 0

Hmmmm logs file is empty, maybe it emptied them when I un-installed, guess you have to believe me last scans were clean...

here is dds:

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.11.2

Run by DKarst at 8:57:12 on 2013-01-19

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.648 [GMT -6:00]

.

AV: Symantec AntiVirus Corporate Edition *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}

.

============== Running Processes ================

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\IFXTCS.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\SCardSvr.exe

C:\WINDOWS\system32\msdtc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\WINDOWS\system32\IFXSPMGT.exe

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE

C:\Program Files\Symantec AntiVirus\SavRoam.exe

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\system32\mqsvc.exe

C:\Program Files\Windows Media Player\WMPNetwk.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\Program Files\HPQ\IAM\bin\asghost.exe

C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe

C:\Program Files\ProtectTools\Embedded Security Software\SpTna.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\HPQ\HP ProtectTools Security Manager\PTServs.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\AccelerometerSt.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\WINDOWS\SMINST\Scheduler.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\PROGRA~1\SYMANT~1\VPTray.exe

C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE

C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe

C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe

C:\WINDOWS\keyacc32.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Sierra\Planner\PLNRnote.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Webshots\Smile Desktop\Smile.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k Cognizance

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

mSearchAssistant = hxxp://www.google.com/ie

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: HP Credential Manager for ProtectTools: {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\program files\hpq\iam\bin\ItIeAddIN.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [MsmqIntCert] regsvr32 /s mqrt.dll

mRun: [AGRSMMSG] AGRSMMSG.exe

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [soundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray

mRun: [AccelerometerSysTrayApplet] c:\windows\system32\AccelerometerSt.exe

mRun: [FRYMXINS] "c:\program files\ati technologies\fire gl 3d studio max\atiimxgl"

mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay

mRun: [PTHOSTTR] c:\program files\hpq\hp protecttools security manager\PTHOSTTR.EXE /Start

mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe

mRun: [CognizanceTS] rundll32.exe c:\progra~1\hpq\iam\bin\AsTsVcc.dll,RegisterModule

mRun: [QlbCtrl] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start

mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe

mRun: [Recguard] c:\windows\sminst\Recguard.exe

mRun: [Reminder] c:\windows\creator\Remind_XP.exe

mRun: [scheduler] c:\windows\sminst\Scheduler.exe

mRun: [WatchDog] c:\program files\intervideo\dvd check\DVDCheck.exe

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [vptray] c:\progra~1\symant~1\VPTray.exe

mRun: [synchronization Manager] c:\windows\system32\mobsync.exe /logon

mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot

mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"

mRun: [KeyAccess] c:\windows\keyacc32.exe

mRun: [userFaultCheck] c:\windows\system32\dumprep 0 -u

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [CanonQuickMenu] c:\program files\canon\quick menu\CNQMMAIN.EXE /logon

mRun: [iJNetworkScannerSelectorEX] c:\program files\canon\ij network scanner selector ex\CNMNSST.exe /FORCE

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\docume~1\dkarst~1.hyl\startm~1\programs\startup\smiled~1.lnk - c:\program files\webshots\smile desktop\Smile.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dvdche~1.lnk - c:\program files\intervideo\dvd check\DVDCheck.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventp~1.lnk - c:\sierra\planner\PLNRnote.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventr~1.lnk - c:\program files\broderbund\printmaster\PMremind.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{176130bc-99a1-41fe-a78b-56045e33ad70}\Icon3E5562ED7.ico

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoWelcomeScreen = dword:1

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

LSP: mswsock.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} - hxxp://h20278.www2.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

DPF: {3AC3D009-2E89-4F1E-9F51-04D4FBD50122} - hxxp://phone/shorewaredirector/clientinstall/ShoretelClientInstall.ocx

DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177102966941

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1348404929343

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab

DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab

DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://idahotech.webex.com/client/T27L/webex/ieatgpc.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.2.cab

TCP: NameServer = 206.9.88.12 206.9.88.13

TCP: Interfaces\{49B2D701-1C2F-48CA-AB92-A658562D0FAE} : DHCPNameServer = 206.9.88.12 206.9.88.13

TCP: Interfaces\{9E5CCDCA-96CC-43E6-91BE-8877385A0BFD} : DHCPNameServer = 206.9.88.12 206.9.88.13

Notify: AtiExtEvent - Ati2evxx.dll

Notify: IfxWlxEN - IfxWlxEN.dll

Notify: NavLogon - c:\windows\system32\NavLogon.dll

Notify: OneCard - c:\program files\hpq\iam\bin\AsWlnPkg.dll

AppInit_DLLs= KATRACK.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll

LSA: Notification Packages = scecli AsWlnPkg

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\dkarst.hylas-lt-005\application data\mozilla\firefox\profiles\tlpafk4k.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin.dll

FF - plugin: c:\program files\canon\my image garden\addon\cig\npmigfpi.dll

FF - plugin: c:\program files\common files\oberon media\ncadapter\1.0.0.7\npapicomadapter.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\musicnotes\npmusicn.dll

FF - plugin: c:\program files\musicnotes\NPSibelius.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll

FF - ExtSQL: !HIDDEN! 2009-07-11 17:21; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

.

============= SERVICES / DRIVERS ===============

.

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-8-30 28544]

R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2005-10-25 35488]

R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2006-9-6 337592]

R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2006-9-6 54968]

R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2004-8-4 14336]

R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-7-19 192160]

R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-7-19 169632]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2012-8-23 13672]

R2 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-9-27 116464]

R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-9-27 1813232]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-9-22 106656]

R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2006-4-21 87936]

R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2005-6-10 35968]

R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20130111.003\naveng.sys [2013-1-12 92704]

R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20130111.003\navex15.sys [2013-1-12 1601184]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 SydexFDD;Sydex Diskette Driver;c:\windows\system32\drivers\SYDEXFDD.SYS [2008-7-4 13359]

S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-1-26 280344]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S3 ZSTAR;Virtual Serial USB driver for Freescale USB Adapter;c:\windows\system32\drivers\usbser-zstar.sys [2007-10-17 25600]

.

=============== File Associations ===============

.

FileExt: .reg: regfile=regedit.exe "%1" %*

ShellExec: NWC32.EXE: open=c:\progra~1\notewo~1\NWC32.EXE

.

=============== Created Last 30 ================

.

2013-01-19 14:19:17 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-19 14:19:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-01-19 13:04:19 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-01-14 20:55:57 -------- d-----w- c:\program files\Notation

2013-01-14 20:36:18 -------- d-----w- c:\program files\Akoff Music Composer Demo

.

==================== Find3M ====================

.

2013-01-08 23:16:31 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-01-08 23:16:30 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-08 23:16:27 16369160 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-11-06 02:01:39 1371648 ------w- c:\windows\system32\msxml6.dll

2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35:34 385024 ----a-w- c:\windows\system32\html.iec

2012-10-25 09:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2012-10-25 09:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts

2011-01-10 13:46:58 436 ----a-w- c:\program files\011020117465817.bat

.

============= FINISH: 8:58:53.71 ===============

here is attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 4/13/2007 9:44:01 PM

System Uptime: 1/19/2013 8:07:55 AM (0 hours ago)

.

Motherboard: Hewlett-Packard | | 30A3

Processor: Intel® Core2 CPU T7200 @ 2.00GHz | U10 | 1995/166mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 68 GiB total, 9.185 GiB free.

D: is CDROM ()

E: is FIXED (FAT32) - 7 GiB total, 0.554 GiB free.

F: is FIXED (NTFS) - 466 GiB total, 436.332 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Cisco Systems VPN Adapter

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco Systems VPN Adapter

PNP Device ID: ROOT\NET\0000

Service: CVirtA

.

==== System Restore Points ===================

.

RP1724: 12/1/2012 3:58:27 PM - System Checkpoint

RP1725: 12/2/2012 4:13:08 PM - System Checkpoint

RP1726: 12/8/2012 9:31:22 PM - System Checkpoint

RP1727: 12/9/2012 10:19:35 PM - System Checkpoint

RP1728: 12/11/2012 8:19:14 AM - System Checkpoint

RP1729: 12/12/2012 7:02:15 AM - Software Distribution Service 3.0

RP1730: 12/13/2012 5:26:44 PM - System Checkpoint

RP1731: 12/14/2012 5:44:12 PM - System Checkpoint

RP1732: 12/15/2012 7:37:31 PM - System Checkpoint

RP1733: 12/17/2012 11:16:06 AM - System Checkpoint

RP1734: 12/18/2012 12:49:14 PM - System Checkpoint

RP1735: 12/19/2012 1:23:11 PM - System Checkpoint

RP1736: 12/20/2012 1:44:11 PM - System Checkpoint

RP1737: 12/21/2012 7:13:10 AM - Software Distribution Service 3.0

RP1738: 12/22/2012 10:31:57 AM - System Checkpoint

RP1739: 12/23/2012 10:45:16 AM - System Checkpoint

RP1740: 12/24/2012 11:29:47 AM - System Checkpoint

RP1741: 12/25/2012 12:25:09 PM - System Checkpoint

RP1742: 12/26/2012 1:19:52 PM - System Checkpoint

RP1743: 12/27/2012 1:49:14 PM - System Checkpoint

RP1744: 12/28/2012 2:59:45 PM - System Checkpoint

RP1745: 12/29/2012 3:11:43 PM - System Checkpoint

RP1746: 12/30/2012 4:41:36 PM - System Checkpoint

RP1747: 12/31/2012 4:57:14 PM - System Checkpoint

RP1748: 1/1/2013 7:25:40 PM - System Checkpoint

RP1749: 1/2/2013 7:27:16 PM - System Checkpoint

RP1750: 1/6/2013 1:40:46 PM - Software Distribution Service 3.0

RP1751: 1/7/2013 2:31:11 PM - System Checkpoint

RP1752: 1/8/2013 3:39:29 PM - System Checkpoint

RP1753: 1/9/2013 6:31:37 AM - Software Distribution Service 3.0

RP1754: 1/10/2013 9:03:01 AM - System Checkpoint

RP1755: 1/11/2013 10:37:52 AM - System Checkpoint

RP1756: 1/12/2013 8:09:58 AM - Installed TurboTax 2012 wrapper

RP1757: 1/13/2013 8:51:41 AM - System Checkpoint

RP1758: 1/14/2013 9:12:52 AM - System Checkpoint

RP1759: 1/15/2013 6:51:01 AM - Software Distribution Service 3.0

RP1760: 1/16/2013 9:47:09 AM - System Checkpoint

RP1761: 1/17/2013 4:48:55 PM - System Checkpoint

RP1762: 1/18/2013 5:37:00 PM - System Checkpoint

RP1763: 1/19/2013 7:03:40 AM - Installed Java 7 Update 11

.

==== Installed Programs ======================

.

Acrobat.com

Adobe AIR

Adobe Digital Editions

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.3

Agere Systems HDA Modem

Amazing Designs - Edit Express Lite

Amazon MP3 Downloader 1.0.15

AnswerWorks 4.0 Runtime - English

AnswerWorks 5.0 English Runtime

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AppleWorks 6

Application Installer 4.00.B5

ATI Catalyst Control Center

ATI Display Driver

Bonjour

Canon Camera Access Library

Canon Camera Support Core Library

Canon Camera Window DC_DV 5 for ZoomBrowser EX

Canon Camera Window DC_DV 6 for ZoomBrowser EX

Canon Camera Window MC 6 for ZoomBrowser EX

Canon Easy-PhotoPrint EX

Canon Easy-WebPrint EX

Canon G.726 WMP-Decoder

Canon IJ Network Scanner Selector EX

Canon IJ Network Tool

Canon MG5300 series MP Drivers

Canon MG5300 series User Registration

Canon MovieEdit Task for ZoomBrowser EX

Canon MP Navigator EX 5.0

Canon My Image Garden

Canon My Image Garden Design Files

Canon My Printer

Canon Quick Menu

Canon RAW Image Task for ZoomBrowser EX

Canon RemoteCapture Task for ZoomBrowser EX

Canon Utilities EOS Utility

Canon Utilities PhotoStitch

Canon Utilities ZoomBrowser EX

Chromas Lite

Cisco Systems VPN Client 4.8.02.0010

Compatibility Pack for the 2007 Office system

Coupon Printer for Windows

Critical Update for Windows Media Player 11 (KB959772)

Customizer 10000 Plus

Desktop Decorator 01.00.031 - KopyKake

Digitizer 10000

Drive Manager

Embroidery Fonts Plus

Event Planner

FireGL driver for 3D Studio MAX/VIZ

GenoPro 2.5.4.1

Google Toolbar for Internet Explorer

Google Update Helper

Halley's Bible Handbook

Hallmark Card Studio 3 Deluxe

Hallmark Holiday Card Studio

Hewlett-Packard ACLM.NET v1.1.0.0

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Backup and Recovery Manager Installer

HP BIOS Configuration for ProtectTools 2.00 C3

HP Credential Manager for ProtectTools

HP Embedded Security for ProtectTools

HP Help and Support

HP Mobile Data Protection System

HP Notebook Accessories Product Tour

HP Performance Tuning Framework

HP Product Detection

HP ProtectTools Security Manager 2.00 C3

HP Quick Launch Buttons 6.00 D2

HP Update

HP User Guides 0020

HP Wireless Assistant 2.00 E1

HpSdpAppCoreApp

HyperSnap 6.61.03

InterVideo DVD Check

InterVideo WinDVD

iTunes

Java 7 Update 11

Java Auto Updater

Java 6 Update 35

Knitware Basics 2.50

Knitware Skirts and Shawls 2.50

Knitware Sweaters 2.50

LightScribe 1.4.67.1

LiveUpdate 3.1 (Symantec Corporation)

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2742597)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office File Validation Add-In

Microsoft Office Outlook 2003

Microsoft Office Professional Edition 2003

Microsoft Office Small Business Edition 2003

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Web Publishing Wizard 1.52

MobileMe Control Panel

Moorhuhn 2 V1.1

Moorhuhn 3 DL

Moorhuhn Winter-Edition

Mozilla Firefox 18.0.1 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Musicnotes Software Suite 1.4.2

NoteWorthy Composer

NoteWorthy Composer Browser Plug-in

NoteWorthy Player

OGA Notifier 2.0.0048.0

Oligo

Oligo 7.51 Demo

OverDrive Media Console

Panda ActiveScan 2.0

PED 6.0.2

PrintMaster

QuickTime

Sassafras K2 Client

ScanSoft OmniPage SE 4

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 7 (KB928090)

Security Update for Windows Internet Explorer 7 (KB929969)

Security Update for Windows Internet Explorer 7 (KB931768)

Security Update for Windows Internet Explorer 7 (KB933566)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB969897)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 (KB911565)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Sequencher 4.8 Demo

SharpEye Music Reader 2

Shockwave

Sibelius Scorch (ActiveX Only)

SmartDraw PDF Export (novaPDF 6.4 printer)

SmartDraw VP

Smile Desktop version 1.0.12.332

Solero Music Viewer 8.0.25.332

Sonic Audio Module

Sonic Copy Module

Sonic Data Module

Sonic DLA

Sonic Express Labeler

Sonic MyDVD Plus

Sonic Update Manager

SoundMAX

Spelling Dictionaries Support For Adobe Reader 9

Spybot - Search & Destroy

Symantec AntiVirus

Synaptics Pointing Device Driver

Texas Instruments PCIxx21/x515/xx12 drivers.

TIPCI

TURBOFloorPlan3D Home & Landscape PRO

TurboTax 2008

TurboTax 2008 WinPerFedFormset

TurboTax 2008 WinPerProgramHelp

TurboTax 2008 WinPerReleaseEngine

TurboTax 2008 WinPerTaxSupport

TurboTax 2008 WinPerUserEducation

TurboTax 2008 wrapper

TurboTax 2009

TurboTax 2009 WinPerFedFormset

TurboTax 2009 WinPerReleaseEngine

TurboTax 2009 WinPerTaxSupport

TurboTax 2009 wmniper

TurboTax 2009 wrapper

TurboTax 2010

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wmniper

TurboTax 2010 wrapper

TurboTax 2011

TurboTax 2011 WinPerFedFormset

TurboTax 2011 WinPerReleaseEngine

TurboTax 2011 WinPerTaxSupport

TurboTax 2011 wmniper

TurboTax 2011 wrapper

TurboTax 2012

TurboTax 2012 WinPerFedFormset

TurboTax 2012 WinPerReleaseEngine

TurboTax 2012 WinPerTaxSupport

TurboTax 2012 wrapper

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB971930)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebEx

WebFldrs XP

Wilcom TrueSizer

Windows Defender

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

.

==== Event Viewer Messages From Past Week ========

.

1/15/2013 8:55:29 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

1/15/2013 8:53:42 AM, error: ati2mtag [52249] - CPLIB :: Initialization - Failed to load the library

1/15/2013 4:54:12 PM, error: NETLOGON [5719] - No Domain Controller is available for domain HYLAS due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

.

==== End Of File ===========================

[daledoc1]

Thanks for the logs.

We'll need to wait for an MBAM staffer to review them and make some recommendations.

Cheers,

daledoc1

PS Generally, forum Admin AdvancedSetup, who reviews these sorts of cases, would prefer that the logs be attached, rather than pasted inline. So, if possible, you might want to reply back here again, this time ATTACHING the logs.

[dkarst]

okey dokey per your request, thanks again for your help.

attach.txt

CheckResults.txt

dds.txt

[AdvancedSetup]

Your computer shows signs of having the ZeroAccess rootkit.

One or more of the identified infections is related to a nasty

rootkit component

which is difficult to remove. Rootkits and

backdoor Trojans

are

very dangerous

because they use advanced techniques (backdoors) as a means of accessing a computer system that bypasses security mechanisms and steal sensitive information which they send back to the hacker. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Remote attackers use

backdoor Trojans

and rootkits as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge.

If your computer was used for online banking, has credit card information or other sensitive data on it, you should immediately disconnect from the Internet until your system is cleaned.

All passwords should be changed immediately

to include those used for banking, email, eBay, paypal and online forums

from a CLEAN COMPUTER

. You should consider them to be compromised. You should change each password by using a different computer and not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Although the rootkit has been identified and may be removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again.

It is dangerous and incorrect to assume that because this malware has been removed the computer is now secure.

In some instances an infection may have caused so much damage to your system that it cannot be completely cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, delete the partition, reformat and reinstall the OS.

Please read:

• When should I re-format? How should I reinstall?
  
  
• Help: I Got Hacked. Now What Do I Do?
  
  
• Where to draw the line? When to recommend a format and reinstall?
  
  

Should you decide not to follow this advice, we will do our best to help clean the computer of any infections but we cannot guarantee it to be trustworthy or that the removal will be successful. If you wish to proceed, disinfection will require more time and more advanced tools.

If you do wish to proceed with trying to clean the computer please follow the advice from here: Available Assistance for Possibly Infected Computers one of the Experts will assist you.

Message borrowed from quietman7 with minor wording and link changes

.