Jump to content

XP Computer shuts down after logging into safemode


Tater
 Share

Recommended Posts

Hello Tater and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please download SafeBootKeyRepair.exe (by sUBs) to repair Safe Mode.

To run SafeBootKeyRepair.exe:

1. Close all programs/windows so that you have nothing open and are at your Desktop.

2. Double-click the SafeBootKeyRepair.exe file.

When finished, it shall produce a log for you.

Link to post
Share on other sites

Reg export of SafeBoot key after repair:

========================

 

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot]

"AlternateShell"="cmd.exe"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\85808008.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AppMgmt]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Base]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot Bus Extender]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot file system]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\CryptSvc]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\DcomLaunch]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmadmin]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmboot.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmio.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmload.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmserver]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\EventLog]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\File system]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Filter]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\HelpSvc]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\MCODS]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Netlogon]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PCI Configuration]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PEVSystemStart]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PlugPlay]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PNP Filter]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Primary disk]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\procexp90.Sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\RpcSs]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SCSI Class]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sermouse.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sr.sys]

@="FSFilter System Recovery"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SRService]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\System Bus Extender]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vds]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vga.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vgasave.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\WinMgmt]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\WudfSvc]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

@="Universal Serial Bus controllers"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

@="CD-ROM Drive"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

@="DiskDrive"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

@="Standard floppy disk controller"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

@="Hdc"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

@="Keyboard"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

@="Mouse"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

@="PCMCIA Adapters"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

@="SCSIAdapter"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

@="System"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

@="Floppy disk drive"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

@="Volume shadow copy"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

@="Volume"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

@="Human Interface Devices"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\85808008.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AFD]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AppMgmt]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Base]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot Bus Extender]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot file system]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Browser]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\CryptSvc]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DcomLaunch]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Dhcp]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmadmin]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmboot.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmio.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmload.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmserver]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DnsCache]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\EventLog]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\File system]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Filter]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\HelpSvc]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ip6fw.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ipnat.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanServer]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanWorkstation]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LmHosts]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\MCODS]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Messenger]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\MpfService]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS Wrapper]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Ndisuio]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOS]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOSGroup]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBT]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetDDEGroup]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Netlogon]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetMan]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Network]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetworkProvider]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NtLmSsp]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PCI Configuration]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PEVSystemStart]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PlugPlay]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP Filter]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP_TDI]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Primary disk]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\procexp90.Sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpcdd.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpdd.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpwd.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdsessmgr]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\RpcSs]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SCSI Class]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sermouse.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SharedAccess]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sr.sys]

@="FSFilter System Recovery"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SRService]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Streams Drivers]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\System Bus Extender]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Tcpip]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\TDI]

@="Driver Group"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdpipe.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdtcp.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\termservice]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vga.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vgasave.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Wdf01000.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WinMgmt]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WudfSvc]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WZCSVC]

@="Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

@=""

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{36FC9E60-C465-11CF-8056-444553540000}]

@="Universal Serial Bus controllers"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

@="CD-ROM Drive"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

@="DiskDrive"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

@="Standard floppy disk controller"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

@="Hdc"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

@="Keyboard"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

@="Mouse"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

@="Net"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

@="NetClient"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

@="NetService"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

@="NetTrans"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

@="PCMCIA Adapters"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

@="SCSIAdapter"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

@="System"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

@="Floppy disk drive"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

@="Volume"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

@="Human Interface Devices"

 

========================

 

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\85808008.sys

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\PEVSystemStart

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\procexp90.Sys

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\Wdf01000.sys

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WudfSvc

Link to post
Share on other sites

I ran what you have asked and still have the same problem. Here are the logs you requested.

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.09.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Becky :: FAMILY [administrator]

9/9/2013 4:08:03 PM
mbam-log-2013-09-09 (16-08-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 429462
Time elapsed: 10 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCR\AmiBs.Installer (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
HKCR\AmiBs.Installer.1 (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 8/12/2008 8:51:16 AM

System Uptime: 9/9/2013 5:18:02 PM (1 hours ago)

.

Motherboard: ASUSTeK Computer INC. |  | M2N-MX SE Plus

Processor: AMD Athlon 64 X2 Dual Core Processor 5000+ | AM2 | 2611/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 298 GiB total, 36.257 GiB free.

D: is CDROM (CDFS)

T: is NetworkDisk (NTFS) - 912 GiB total, 539.701 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}

Description: Officejet Pro L7500

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Officejet Pro L7500

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: TeamViewer VPN Adapter

Device ID: ROOT\NET\0000

Manufacturer: TeamViewer GmbH

Name: TeamViewer VPN Adapter

PNP Device ID: ROOT\NET\0000

Service: teamviewervpn

.

==== System Restore Points ===================

.

RP1: 9/6/2013 5:37:54 PM - System Checkpoint

RP2: 9/7/2013 10:09:21 AM - Software Distribution Service 3.0

RP3: 9/7/2013 12:19:14 PM - Software Distribution Service 3.0

RP4: 9/7/2013 1:59:59 PM - Software Distribution Service 3.0

RP5: 9/7/2013 4:18:10 PM - Software Distribution Service 3.0

RP6: 9/8/2013 3:00:19 AM - Software Distribution Service 3.0

RP7: 9/8/2013 12:51:55 PM - Software Distribution Service 3.0

RP8: 9/9/2013 3:00:17 AM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

7500_7600_7700_Help1

Acrobat.com

Adobe AIR

Adobe Download Assistant

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Help Center 2.0

Adobe Photoshop Elements 10

Adobe Photoshop Elements 4.0

Adobe Photoshop.com Inspiration Browser

Adobe Premiere Elements 10

Adobe Reader 9.3.2

Adobe Reader X (10.1.7)

Akamai NetSession Interface

Amazon Cloud Player

Amazon MP3 Downloader 1.0.10

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AXIS Media Control Embedded

Bonjour

bpd_scan_Carrier

BPDSoftware

BPDSoftware_Ini

BufferChm

CCleaner

Compatibility Pack for the 2007 Office system

Convert

CSV2QIF

Data Lifeguard Diagnostic for Windows 1.24

Destinations

DeviceDiscovery

DocProc

DVD Suite

Electrical Calculations

Elements 10 Organizer

exPressit S.E. 2.2

Fax

Fidelity Active Trader Pro®

getPlus® Download Manager for Corel

Google Chrome

Google Earth

Google SketchUp Pro 7

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService2

Hewlett-Packard ACLM.NET v1.1.0.0

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB932716-v2)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB945060-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB954708)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB971276-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Customer Participation Program 14.0

HP Imaging Device Functions 14.0

HP OfficeJet L7300/L7500/7600/7700

HP Photosmart Essential 3.5

HP Solution Center 14.0

HP Update

HPDiagnosticAlert

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

InstantShareAlert

iTunes

Java 2 Runtime Environment, SE v1.4.2_18

Java Auto Updater

Java 6 Update 20

Java 6 Update 7

L7500

LightScribe System Software

LightScribe Template Designs - Fantasy Pack 1

Logitech MouseWare 9.79.1

Logitech Touch Mouse Server 1.0

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Default Manager

Microsoft Digital Image Library 9 - Blocker

Microsoft Digital Image Starter Edition 2006

Microsoft Digital Image Starter Edition 2006 Editor

Microsoft Digital Image Starter Edition 2006 Library

Microsoft IntelliType Pro 5.0

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft National Language Support Downlevel APIs

Microsoft Office 2003 Primary Interop Assemblies

Microsoft Office File Validation Add-In

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Professional Edition 2003

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2008 R2

Microsoft SQL Server 2008 R2 Native Client

Microsoft SQL Server 2008 R2 RsFx Driver

Microsoft SQL Server 2008 R2 Setup (English)

Microsoft SQL Server 2008 Setup Support Files

Microsoft SQL Server Browser

Microsoft SQL Server VSS Writer

Microsoft UI Engine

Microsoft User-Mode Driver Framework Feature Pack 1.9

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual Studio 2005 Tools for Office Runtime

Microsoft WinUsb 1.0

MobileMe Control Panel

Monopoly

Movavi Video Converter 7

Mozilla Firefox 23.0.1 (x86 en-US)

Mozilla Maintenance Service

MPM

MSVCRT

MSVCSetup

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MSXML 6.0 Parser

MSXML 6.0 Parser (KB933579)

Nero 7 Essentials

Nero OEM

Nero Suite

neroxml

Network

Norton Security Suite

NVIDIA Drivers

NVIDIA ForceWare Network Access Manager

OCR Software by I.R.I.S. 14.0

OGA Notifier 2.0.0048.0

PC Probe II

PE Builder 3.1.10a

PRE10STIInstaller

ProductContext

PSE10 STI Installer

QuickBooks

QuickBooks Pro 2010

QuickBooks Pro 2013

QuickBooks Product Listing Service

Quicken 2011

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Safari

Scan

SCRABBLE

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2838727)

Security Update for Windows Internet Explorer 8 (KB2846071)

Security Update for Windows Internet Explorer 8 (KB2862772)

Security Update for Windows Internet Explorer 8 (KB969897)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Security Update for Windows Media Encoder (KB979332)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB2834904-v2)

Security Update for Windows Media Player (KB2834904)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820197)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB2829361)

Security Update for Windows XP (KB2834886)

Security Update for Windows XP (KB2839229)

Security Update for Windows XP (KB2845187)

Security Update for Windows XP (KB2849470)

Security Update for Windows XP (KB2850851)

Security Update for Windows XP (KB2850869)

Security Update for Windows XP (KB2859537)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Segoe UI

Shop for HP Supplies

SketchUp 8

SmartSound Common Data

SmartSound Premiere Elements 10 Plugin

SolutionCenter

Spelling Dictionaries Support For Adobe Reader 9

SQL Server 2008 R2 Common Files

SQL Server 2008 R2 Database Engine Services

SQL Server 2008 R2 Database Engine Shared

Sql Server Customer Experience Improvement Program

Status

TeamViewer 8

Toolbox

TrayApp

UniversalCallerID

UnloadSupport

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB971180)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676-v2)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2749655)

Update for Windows XP (KB2863058)

Update for Windows XP (KB942763)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Viewpoint Media Player

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VZAccess Manager for RIM

WebFldrs XP

WebReg

Windows 7 Upgrade Advisor

Windows Driver Package - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)

Windows Easy Transfer for Windows 7

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Home Server Connector

Windows Imaging Component

Windows Installer Clean Up

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live OneCare safety scanner

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

Windows Media Encoder 9 Series

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows XP Service Pack 3

WPF Toolkit June 2009 (Version 3.5.40619.1)

XFINITY Toolbar

XP Codec Pack

XPS Essentials Pack

XPS Essentials Pack 1.0

.

==== Event Viewer Messages From Past Week ========

.

9/9/2013 11:32:09 AM, error: Service Control Manager [7034]  - The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).

9/7/2013 10:03:39 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AmdK8 AsIO BHDrvx86 ccSet_N360 eeCtrl Fips SRTSPX SymIRON SYMTDI

9/5/2013 8:12:30 PM, error: Service Control Manager [7000]  - The Zune Bus Enumerator Driver service failed to start due to the following error:  The system cannot find the file specified.

9/5/2013 8:12:30 PM, error: Service Control Manager [7000]  - The LogMeIn Kernel Information Provider service failed to start due to the following error:  The system cannot find the path specified.

9/5/2013 5:42:37 PM, error: DCOM [10005]  - DCOM got error "%1058" attempting to start the service gusvc with arguments "" in order to run the server: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}

9/5/2013 4:27:52 PM, error: Srv [2019]  - The server was unable to allocate from the system nonpaged pool because the pool was empty.

9/5/2013 4:19:02 PM, error: DCOM [10005]  - DCOM got error "%1058" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

9/5/2013 12:53:13 PM, error: DCOM [10005]  - DCOM got error "%1058" attempting to start the service gupdatem with arguments "/comsvc" in order to run the server: {E225E692-4B47-4777-9BED-4FD7FE257F0E}

9/4/2013 9:43:40 AM, error: MRxSmb [8003]  - The master browser has received a server announcement from the computer CAPTURESERVER that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7227A1C2-9D88-. The master browser is stopping or an election is being forced.

9/4/2013 8:38:50 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AmdK8 AsIO BHDrvx86 ccSet_N360 eeCtrl Fips i8042prt SRTSPX SymIRON SYMTDI

9/4/2013 8:36:00 AM, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x8007066f: Update for Microsoft Office 2003 (KB949074).

9/4/2013 8:07:22 AM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

9/4/2013 8:06:33 AM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

9/4/2013 2:08:49 PM, error: NetBT [4321]  - The name "WORKGROUP      :1d" could not be registered on the Interface with IP address 192.168.1.10. The machine with the IP address 192.168.1.6 did not allow the name to be claimed by this machine.

9/4/2013 10:46:21 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD AmdK8 AsIO BHDrvx86 ccSet_N360 eeCtrl Fips i8042prt IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SRTSPX SymIRON SYMTDI Tcpip

9/4/2013 10:46:21 AM, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.

9/4/2013 10:46:21 AM, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.

9/4/2013 10:46:21 AM, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.

9/2/2013 10:32:11 AM, error: Service Control Manager [7000]  - The Lavasoft Ad-Aware Service service failed to start due to the following error:  The system cannot find the path specified.

.

==== End Of File ===========================

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_20
Run by Becky at 18:29:06 on 2013-09-09
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2943.2075 [GMT -4:00]
.
AV: Norton Security Suite *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Becky\Local Settings\Application Data\Akamai\netsession_win.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Becky\Local Settings\Application Data\Akamai\netsession_win.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.

uProxyOverride = <-loopback>;<local>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - c:\program files\xfin_portal\comcastdx.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\20.4.0.40\ips\ipsbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: BrowserHelper Class: {9A065C65-4EE7-4DDD-9918-F129089A894A} - c:\program files\windows home server\WHSDeskBands.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - c:\program files\xfin_portal\auxi\comcastAu.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\20.4.0.40\coieplg.dll
TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - c:\program files\xfin_portal\comcastdx.dll
TB: Home Server Banner: {D73E76A3-F902-45BD-8FC8-95AE8E014671} - c:\program files\windows home server\WHSDeskBands.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\20.4.0.40\coieplg.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [Akamai NetSession Interface] "c:\documents and settings\becky\local settings\application data\akamai\netsession_win.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ConduitFloatingPlugin_klibnahbojhkanfgaglnlalfkgpcppfi] "c:\windows\system32\rundll32.exe" "c:\program files\conduit\ct3289847\plugins\TBVerifier.dll",RunConduitFloatingPlugin klibnahbojhkanfgaglnlalfkgpcppfi
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [userFaultCheck] c:\windows\system32\dumprep 0 -u
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: download.microsoft.com
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: mcafee.com
Trusted Zone: update.microsoft.com
Trusted Zone: update.microsoft.com
Trusted Zone: windowsupdate.com
Trusted Zone: windowsupdate.microsoft.com






DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx

























DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx





TCP: NameServer = 192.168.1.1
TCP: Interfaces\{7227A1C2-9D88-40F4-8472-2C391B59BFE0} : DHCPNameServer = 192.168.1.1
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll
Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - c:\program files\intuit\quickbooks 2013\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: x-atng - {7e8717b0-d862-11d5-8c9e-00010304f989} - c:\program files\fidelity investments\fidelity active trader\system\atngprot.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.66\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\becky\application data\mozilla\firefox\profiles\lvzr63u3.default\


FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\becky\application data\mozilla\firefox\profiles\lvzr63u3.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\plugins\np-mswmp.dll
FF - plugin: c:\documents and settings\becky\application data\mozilla\firefox\profiles\lvzr63u3.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect64.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - ExtSQL: 2013-09-04 17:53; {739df940-c5ee-4bab-9d7e-270894ae687a}; c:\documents and settings\becky\application data\mozilla\firefox\profiles\lvzr63u3.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
FF - ExtSQL: !HIDDEN! 2010-12-10 12:55; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1404000.028\symds.sys [2013-9-3 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1404000.028\symefa.sys [2013-9-3 934488]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\bashdefs\20130903.002\BHDrvx86.sys [2013-9-3 1097816]
R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\n360\1404000.028\ccsetx86.sys [2013-9-3 134744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1404000.028\ironx86.sys [2013-9-3 175264]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-4-17 47640]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\20.4.0.40\ccsvchst.exe [2013-9-3 144368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-9-3 108120]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\ipsdefs\20130905.001\IDSXpx86.sys [2013-9-5 380832]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20130909.001\NAVENG.SYS [2013-9-9 93272]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20130909.001\NAVEX15.SYS [2013-9-9 1612376]
S1 AntiLog32;AntiLog32;\??\c:\windows\system32\drivers\antilog32.sys --> c:\windows\system32\drivers\AntiLog32.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]
S3 BackupReader;BackupReader;c:\windows\system32\drivers\BackupReader.sys [2009-3-10 44776]
S3 c4168;c4168;c:\windows\system32\c4168.sys [2009-8-25 54624]
S3 keycrypt;keycrypt;c:\windows\system32\drivers\keycrypt32.sys --> c:\windows\system32\drivers\KeyCrypt32.sys [?]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-4 14336]
S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\drivers\ptsimbus.sys --> c:\windows\system32\drivers\PTSimBus.sys [?]
S3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\drivers\ptsimhid.sys --> c:\windows\system32\drivers\PTSimHid.sys [?]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2008-1-25 25088]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys --> c:\windows\system32\drivers\wdcsam.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;c:\windows\system32\drivers\WPN111.sys [2008-4-18 384608]
S4 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files\adobe\elements 10 organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
S4 MSSQL$ACT7;SQL Server (ACT7);c:\program files\microsoft sql server\mssql10_50.act7\mssql\binn\sqlservr.exe [2010-5-5 42884448]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-5-5 44896]
S4 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2012-11-26 1248256]
S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [2010-4-3 240608]
S4 SQLAgent$ACT7;SQL Server Agent (ACT7);c:\program files\microsoft sql server\mssql10_50.act7\mssql\binn\SQLAGENT.EXE [2010-5-5 367456]
S4 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-5-1 4153184]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-9-11 24652]
S4 WHSConnector;Windows Home Server Connector Service;c:\program files\windows home server\WHSConnector.exe [2011-1-10 376688]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\WINWORD.EXE="c:\program files\microsoft office\office11\WINWORD.EXE" /n /dde [userChoice] [default=edit - 'Open' doesn't exist]
ShellExec: hpqpssp.exe: Open=c:\program files\hp\digital imaging\bin\hpqpssp.exe
ShellExec: hpqpstp.exe: Open=c:\program files\hp\digital imaging\bin\hpqpstp.exe
ShellExec: pi11.exe: Open="c:\program files\microsoft digital image 2006\pi.exe" "%1"
.
=============== Created Last 30 ================
.
2013-09-09 20:06:53 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-09 20:06:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-07 15:43:18 -------- d-----w- C:\FRST
2013-09-06 14:33:52 -------- d-----w- c:\documents and settings\becky\application data\ElevatedDiagnostics
2013-09-06 04:35:09 -------- d-----w- c:\documents and settings\becky\local settings\application data\NPE
2013-09-05 23:49:00 -------- d-sha-r- C:\cmdcons
2013-09-05 23:45:34 208896 ----a-w- c:\windows\MBR.exe
2013-09-05 21:55:05 256904 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2013-09-05 21:55:03 131720 ----a-w- c:\windows\system32\drivers\tmrkb.sys
2013-09-04 21:53:51 -------- d-----w- c:\program files\Conduit
2013-09-04 21:49:38 -------- d-----w- c:\documents and settings\becky\local settings\application data\DefineExt
2013-09-04 21:48:56 -------- d-----w- c:\documents and settings\becky\local settings\application data\CRE
2013-09-04 21:48:56 -------- d-----w- c:\documents and settings\becky\local settings\application data\Conduit
2013-09-04 03:17:35 396760 ----a-w- c:\windows\system32\drivers\n360\1404000.028\symtdi.sys
2013-09-04 03:17:35 352344 ----a-w- c:\windows\system32\drivers\n360\1404000.028\symtdiv.sys
2013-09-04 03:17:34 934488 ----a-w- c:\windows\system32\drivers\n360\1404000.028\symefa.sys
2013-09-04 03:17:34 603224 ----a-w- c:\windows\system32\drivers\n360\1404000.028\srtsp.sys
2013-09-04 03:17:34 367704 ----a-w- c:\windows\system32\drivers\n360\1404000.028\symds.sys
2013-09-04 03:17:34 339544 ----a-w- c:\windows\system32\drivers\n360\1404000.028\symnets.sys
2013-09-04 03:17:34 32344 ----a-w- c:\windows\system32\drivers\n360\1404000.028\srtspx.sys
2013-09-04 03:17:34 21400 ----a-r- c:\windows\system32\drivers\n360\1404000.028\symelam.sys
2013-09-04 03:17:34 175264 ----a-r- c:\windows\system32\drivers\n360\1404000.028\ironx86.sys
2013-09-04 03:17:34 134744 ----a-w- c:\windows\system32\drivers\n360\1404000.028\ccsetx86.sys
2013-09-04 03:17:05 14818 ----a-w- c:\windows\system32\drivers\n360\1404000.028\symvtcer.dat
2013-09-04 03:17:05 -------- d-----w- c:\windows\system32\drivers\n360\1404000.028
2013-09-03 23:08:02 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-09-03 23:08:02 -------- d-----w- c:\program files\Symantec
2013-09-03 23:08:02 -------- d-----w- c:\program files\common files\Symantec Shared
2013-09-03 23:07:18 -------- d-----w- c:\windows\system32\drivers\N360
2013-09-03 23:07:17 -------- d-----w- c:\program files\Norton Security Suite
2013-09-03 23:06:07 -------- d-----w- c:\program files\NortonInstaller
2013-09-03 23:00:05 -------- d-----w- c:\documents and settings\becky\local settings\application data\White_Sky,_Inc
2013-09-02 15:22:03 -------- d-----w- c:\program files\Western Digital Corporation
2013-09-02 14:45:16 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys
2013-09-02 14:45:16 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys
2013-09-02 14:42:43 -------- d-----w- c:\documents and settings\becky\local settings\application data\Akamai
2013-09-01 17:32:49 -------- d-----w- c:\windows\system32\MRT
2013-08-26 18:41:16 17737608 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-08-26 17:01:45 -------- d-----w- c:\windows\system32\wbem\repository\FS
2013-08-26 17:01:45 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M  ====================
.
2013-08-26 18:42:36 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-26 18:42:36 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-03 18:18:38 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-07-26 02:47:17 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:47:13 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-26 02:47:12 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-25 15:52:59 385024 ----a-w- c:\windows\system32\html.iec
2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 03:03:25 2149888 ------w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08:30 2028544 ------w- c:\windows\system32\ntkrnlpa.exe
2013-06-23 16:55:19 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-06-23 16:55:19 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-06-23 16:55:06 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin
.
============= FINISH: 18:35:55.43 ===============

 

Link to post
Share on other sites

Step 1

Please uninstall this application: XFINITY Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

Step by step, you have some other problem we need to fix. Please for more patience.

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

I have ran the ComboFix as you have requested and I still have the same problems. Here is the log.

 

ComboFix 13-09-12.01 - Becky 09/12/2013  17:53:35.7.2 - x86

Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2943.2116 [GMT -4:00]

Running from: c:\documents and settings\Becky\Desktop\ComboFix.exe

AV: Norton Security Suite *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton Security Suite *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\docume~1\Becky\LOCALS~1\Temp\{16AA8FB8-4A98-4757-B7A5-0FF22C0A6E33}_0\dbdata.dll

c:\documents and settings\Becky\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

c:\documents and settings\Becky\Local Settings\Temp\{16AA8FB8-4A98-4757-B7A5-0FF22C0A6E33}_0\dbdata.dll

.

.

(((((((((((((((((((((((((   Files Created from 2013-08-12 to 2013-09-12  )))))))))))))))))))))))))))))))

.

.

2013-09-10 12:55 . 2013-09-10 12:55 --------    d-sh--w-    c:\documents and settings\Becky\IECompatCache

2013-09-10 12:47 . 2013-09-10 15:30 --------    d-----w-    C:\AdwCleaner

2013-09-10 12:36 . 2013-09-10 12:36 --------    d-----w-      c:\windows\ERUNT

2013-09-09 20:06 . 2013-09-09 20:06 --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware

2013-09-09 20:06 . 2013-04-04 18:50 22856 ----a-w-      c:\windows\system32\drivers\mbam.sys

2013-09-07 15:43 . 2013-09-07 15:43 --------    d-----w-    C:\FRST

2013-09-06 21:57 . 2013-09-06 21:57 --------    d-----w-    c:\documents and settings\test

2013-09-06 21:21 . 2013-09-06 21:21 --------    d-----w-    c:\documents and settings\ll

2013-09-06 14:33 . 2013-09-06 14:40 --------    d-----w-    c:\documents and settings\Becky\Application Data\ElevatedDiagnostics

2013-09-06 04:35 . 2013-09-06 13:39 --------    d-----w-    c:\documents and settings\Becky\Local Settings\Application Data\NPE

2013-09-05 21:55 . 2013-09-05 21:55 256904      ----a-w-      c:\windows\system32\drivers\tmcomm.sys

2013-09-05 21:55 . 2013-09-05 21:55 131720      ----a-w-      c:\windows\system32\drivers\tmrkb.sys

2013-09-04 02:22 . 2013-09-04 02:22 --------    d-----w-    c:\documents and settings\LocalService\Local Settings\Application Data\Zemana

2013-09-04 02:22 . 2013-09-04 02:22 --------    d-----w-    c:\documents and settings\LocalService\Local Settings\Application Data\ID Vault

2013-09-03 23:08 . 2013-09-04 03:17 142496      ----a-w-      c:\windows\system32\drivers\SYMEVENT.SYS

2013-09-03 23:08 . 2013-09-03 23:41 --------    d-----w-    c:\program files\Common Files\Symantec Shared

2013-09-03 23:08 . 2013-09-03 23:08 --------    d-----w-    c:\program files\Symantec

2013-09-03 23:07 . 2013-09-04 12:05 --------    d-----w-      c:\windows\system32\drivers\N360

2013-09-03 23:07 . 2013-09-03 23:07 --------    d-----w-    c:\program files\Norton Security Suite

2013-09-03 23:06 . 2013-09-03 23:06 --------    d-----w-    c:\program files\NortonInstaller

2013-09-03 23:00 . 2013-09-03 23:00 --------    d-----w-    c:\documents and settings\Becky\Local Settings\Application Data\White_Sky,_Inc

2013-09-02 15:22 . 2013-09-02 15:22 --------    d-----w-    c:\program files\Western Digital Corporation

2013-09-02 14:45 . 2008-01-04 17:34 11832 ----a-w-      c:\windows\system32\drivers\AsInsHelp64.sys

2013-09-02 14:45 . 2008-01-04 17:34 10216 ----a-w-      c:\windows\system32\drivers\AsInsHelp32.sys

2013-09-02 14:42 . 2013-09-02 14:43 --------    d-----w-    c:\documents and settings\Becky\Local Settings\Application Data\Akamai

2013-09-01 17:32 . 2013-09-01 17:46 --------    d-----w-      c:\windows\system32\MRT

2013-08-26 18:41 . 2013-08-26 18:41 17737608    ----a-w-      c:\windows\system32\FlashPlayerInstaller.exe

2013-08-26 17:01 . 2013-08-26 17:01 --------    d-----w-      c:\windows\system32\wbem\Repository

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-08-26 18:42 . 2012-05-14 20:49 692104      ----a-w-      c:\windows\system32\FlashPlayerApp.exe

2013-08-26 18:42 . 2011-06-04 02:31 71048 ----a-w-      c:\windows\system32\FlashPlayerCPLApp.cpl

2013-08-03 18:18 . 2006-10-19 01:47 1543680     ------w-      c:\windows\system32\wmvdecod.dll

2013-07-26 02:47 . 2004-08-04 12:00 920064      ----a-w-      c:\windows\system32\wininet.dll

2013-07-26 02:47 . 2004-08-04 12:00 43520 ----a-w-      c:\windows\system32\licmgr10.dll

2013-07-26 02:47 . 2004-08-04 12:00 1469440     ----a-w-      c:\windows\system32\inetcpl.cpl

2013-07-25 15:52 . 2004-08-04 12:00 385024      ----a-w-      c:\windows\system32\html.iec

2013-07-10 10:37 . 2004-08-04 12:00 406016      ----a-w-      c:\windows\system32\usp10.dll

2013-07-04 03:03 . 2004-08-04 12:00 2149888     ------w-      c:\windows\system32\ntoskrnl.exe

2013-07-04 02:08 . 2004-08-03 22:59 2028544     ------w-      c:\windows\system32\ntkrnlpa.exe

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Akamai NetSession Interface"="c:\documents and settings\Becky\Local Settings\Application Data\Akamai\netsession_win.exe" [2013-06-05 4489472]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-04-27 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2013-09-12 2807608]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

2009-09-28 23:34  87352 ----a-w-    c:\windows\system32\LMIinit.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Autodetect.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Autodetect.lnk

backup=c:\windows\pss\Autodetect.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Desktop Manager.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Desktop Manager.lnk

backup=c:\windows\pss\Desktop Manager.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Intuit Data Protect.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk

backup=c:\windows\pss\Intuit Data Protect.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk

backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk

backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk

backup=c:\windows\pss\QuickBooks_Standard_21.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Home Server.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Home Server.lnk

backup=c:\windows\pss\Windows Home Server.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Becky^Start Menu^Programs^Startup^hpqtra08.exe]

path=c:\documents and settings\Becky\Start Menu\Programs\Startup\hpqtra08.exe

backup=c:\windows\pss\hpqtra08.exeStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

c:\windows\system32\dumprep 0 -k [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]

c:\windows\system32\dumprep 0 -u [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2013-04-04 21:06  958576      ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

2005-09-09 06:18  57344 ----a-w-    c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2013-05-10 07:57  37960 ----a-w-    c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]

2012-09-20 12:27  444904      ----a-w-    c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Amazon Cloud Player]

2013-07-22 01:08  3109376     ----a-w-    c:\documents and settings\Becky\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

2011-11-02 12:51  59240 ----a-w-    c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2013-01-28 18:08  59720 ----a-w-    c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAHeadless]

2011-09-01 07:25  539800      ----a-w-    c:\program files\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 00:12  15360 ------w-    c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2011-05-10 07:41  49208 ----a-w-    c:\program files\HP\HP Software Update\hpwuschd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]

2008-07-22 23:33  150528      ----a-w-    c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]

2007-05-15 20:55  1057328     ----a-w-    c:\program files\Nero\Nero 7\InCD\InCD.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intuit SyncManager]

2013-09-12 17:17  2807608     ----a-w-    c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]

2008-10-24 13:14  206112      ----a-w-    c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2013-02-20 17:35  152392      ----a-w-    c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]

2003-12-17 13:50  19968 ------w-    c:\windows\LOGI_MWX.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]

2009-07-17 15:12  288080      ----a-w-    c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 00:12  1695232     ------w-    c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-10-25 08:12  421888      ----a-w-    c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

2007-09-27 06:20  16844800    ------r-    c:\windows\RTHDCPL.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]

2007-05-15 20:55  1628208     ----a-w-    c:\program files\Nero\Nero 7\InCD\NBHGui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]

2007-08-03 05:22  1826816     ------r-    c:\windows\SkyTel.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2013-04-27 14:13  39408 ----a-w-    c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2012-05-22 18:49  296056      ----a-w-    c:\program files\real\realplayer\Update\realsched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\type32]

2003-05-15 20:45  114688      ----a-w-    c:\program files\Microsoft IntelliType Pro\type32.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"AVP"=2 (0x2)

"TSScheduleBackup"=2 (0x2)

"ZuneNetworkSvc"=3 (0x3)

"RoxWatch9"=2 (0x2)

"RoxMediaDB9"=3 (0x3)

"RoxLiveShare9"=2 (0x2)

"Roxio Upnp Server 9"=2 (0x2)

"Roxio UPnP Renderer 9"=3 (0x3)

"AdobeActiveFileMonitor8.0"=2 (0x2)

"ACDaemon"=3 (0x3)

"McComponentHostService"=3 (0x3)

"WMPNetworkSvc"=3 (0x3)

"wlidsvc"=2 (0x2)

"WHSConnector"=2 (0x2)

"Viewpoint Manager Service"=2 (0x2)

"TeamViewer8"=2 (0x2)

"SQLWriter"=2 (0x2)

"SQLBrowser"=2 (0x2)

"QBVSS"=2 (0x2)

"QBFCService"=3 (0x3)

"QBCFMonitorService"=2 (0x2)

"ose"=3 (0x3)

"NVSvc"=2 (0x2)

"nSvcLog"=2 (0x2)

"nSvcIp"=2 (0x2)

"NMIndexingService"=3 (0x3)

"NBService"=3 (0x3)

"N360"=2 (0x2)

"MSSQL$ACT7"=2 (0x2)

"MozillaMaintenance"=3 (0x3)

"LogMeIn"=2 (0x2)

"LMIMaint"=2 (0x2)

"LightScribeService"=2 (0x2)

"Lavasoft Ad-Aware Service"=2 (0x2)

"JavaQuickStarterService"=2 (0x2)

"iPod Service"=3 (0x3)

"InCDsrv"=2 (0x2)

"idsvc"=3 (0x3)

"IDriverT"=3 (0x3)

"gusvc"=3 (0x3)

"gupdatem"=3 (0x3)

"gupdate"=2 (0x2)

"ForcewareWebInterface"=2 (0x2)

"FLEXnet Licensing Service"=3 (0x3)

"Bonjour Service"=2 (0x2)

"Apple Mobile Device"=2 (0x2)

"AdobeFlashPlayerUpdateSvc"=3 (0x3)

"AdobeActiveFileMonitor4.0"=2 (0x2)

"AdobeActiveFileMonitor10.0"=2 (0x2)

"CltMngSvc"=2 (0x2)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=

"c:\\Program Files\\Intuit\\QuickBooks 2007\\QBDBMgrN.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Logitech Touch Mouse Server\\iTouch-Server-Win.exe"=

"c:\\Program Files\\Intuit\\QuickBooks 2010\\QBDBMgrN.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\{9D6C64CC-EA60-47A6-9C97-82C38231EDAE}\\setup\\hpznui01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=

"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Intuit\\QuickBooks 2013\\QBDBMgrN.exe"=

"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=

"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=

"c:\\Documents and Settings\\Becky\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

"1078:TCP"= 1078:TCP:Akamai NetSession Interface

"5000:UDP"= 5000:UDP:Akamai NetSession Interface

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1404000.028\symds.sys [9/3/2013 11:17 PM 367704]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1404000.028\symefa.sys [9/3/2013 11:17 PM 934488]

R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130903.002\BHDrvx86.sys [9/3/2013 6:26 PM 1097816]

R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360\1404000.028\ccsetx86.sys [9/3/2013 11:17 PM 134744]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1404000.028\ironx86.sys [9/3/2013 11:17 PM 175264]

R2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\20.4.0.40\ccsvchst.exe [9/3/2013 11:17 PM 144368]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/3/2013 7:31 PM 108120]

R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130911.001\IDSXpx86.sys [9/11/2013 9:13 PM 380832]

S1 AntiLog32;AntiLog32;\??\c:\windows\system32\drivers\AntiLog32.sys --> c:\windows\system32\drivers\AntiLog32.sys [?]

S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]

S3 BackupReader;BackupReader;c:\windows\system32\drivers\BackupReader.sys [3/10/2009 10:45 PM 44776]

S3 c4168;c4168;c:\windows\system32\c4168.sys [8/25/2009 1:16 PM 54624]

S3 keycrypt;keycrypt;c:\windows\system32\DRIVERS\KeyCrypt32.sys --> c:\windows\system32\DRIVERS\KeyCrypt32.sys [?]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [8/4/2004 8:00 AM 14336]

S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys --> c:\windows\system32\DRIVERS\PTSimBus.sys [?]

S3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys --> c:\windows\system32\DRIVERS\PTSimHid.sys [?]

S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [1/25/2008 5:12 AM 25088]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys --> c:\windows\system32\DRIVERS\wdcsam.sys [?]

S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;c:\windows\system32\drivers\WPN111.sys [4/18/2008 3:28 AM 384608]

S4 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [9/1/2011 3:22 AM 169624]

S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?]

S4 MSSQL$ACT7;SQL Server (ACT7);c:\program files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\sqlservr.exe [5/5/2010 10:40 PM 42884448]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [5/5/2010 10:41 PM 44896]

S4 QBVSS;QBIDPService;c:\program files\Common Files\Intuit\DataProtect\QBIDPService.exe [11/26/2012 11:22 AM 1248256]

S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [4/3/2010 11:02 AM 240608]

S4 SQLAgent$ACT7;SQL Server Agent (ACT7);c:\program files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\SQLAGENT.EXE [5/5/2010 10:40 PM 367456]

S4 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [5/1/2013 4:55 PM 4153184]

S4 WHSConnector;Windows Home Server Connector Service;c:\program files\Windows Home Server\WHSConnector.exe [1/10/2011 12:28 PM 376688]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12

getPlusHelper     REG_MULTI_SZ      getPlusHelper

HPService   REG_MULTI_SZ      HPSLPSVC

nosGetPlusHelper  REG_MULTI_SZ      nosGetPlusHelper

hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-03-17 17:14  451872      ----a-w-    c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-09-06 12:19  1177552     ----a-w-    c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 18:42]

.

2013-09-11 c:\windows\Tasks\AdobeAAMUpdater-1.0-FAMILY-Becky.job

- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-09-20 12:27]

.

2013-09-12 c:\windows\Tasks\Amazon Music Helper.job

- c:\documents and settings\Becky\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe [2013-07-04 01:08]

.

2013-09-05 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]

.

2013-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 12:53]

.

2013-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 12:53]

.

2013-09-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-823518204-1935655697-839522115-1003.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 22:21]

.

2013-09-06 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-1935655697-839522115-1003.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 22:21]

.

.

------- Supplementary Scan -------

.

uStart Page = https://www.google.com/

uInternet Settings,ProxyOverride = <-loopback>;<local>

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

Trusted Zone: download.microsoft.com

Trusted Zone: homeserver.com\capture

Trusted Zone: internet

Trusted Zone: mcafee.com

Trusted Zone: microsoft.com\update

Trusted Zone: microsoft.com\windowsupdate

Trusted Zone: update.microsoft.com

Trusted Zone: windowsupdate.com

Trusted Zone: windowsupdate.microsoft.com

TCP: DhcpNameServer = 192.168.1.1

Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - c:\program files\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll

FF - ProfilePath - c:\documents and settings\Becky\Application Data\Mozilla\Firefox\Profiles\lvzr63u3.default\

FF - ExtSQL: !HIDDEN! 2010-12-10 12:55; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-09-12 18:19

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ... 

.

scanning hidden autostart entries ...

.

scanning hidden files ... 

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]

"ImagePath"="\"c:\program files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(704)

c:\windows\system32\LMIinit.dll

c:\windows\system32\LMIRfsClientNP.dll

.

- - - - - - - > 'explorer.exe'(3476)

c:\windows\system32\WININET.dll

c:\windows\system32\msi.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\windows\system32\LMIRfsClientNP.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Completion time: 2013-09-12  18:26:11 - machine was rebooted

ComboFix-quarantined-files.txt  2013-09-12 22:25

ComboFix2.txt  2013-09-06 21:57

ComboFix3.txt  2013-09-06 04:22

ComboFix4.txt  2013-09-06 01:11

ComboFix5.txt  2013-09-12 21:51

.

Pre-Run: 38,212,694,016 bytes free

Post-Run: 38,201,667,584 bytes free

.

- - End Of File - - E8660B2B080181D81FACC145C03AF38A

8F558EB6672622401DA993E1E865C861

Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.