Jump to content

Registry scan results please help me finish the scan


Recommended Posts

Hi, I did a registry scan and I thought it would decipher it for me but it does not. Now it wants me to "click" the boxes to "fix" the errors found but it warns on the bottom that not everything is malware or a problem. Can someone please help me with which ones are errors or need to stay? If I posted this in the wrong place I am sorry but I have no idea what to do now. Any help with this is greatly appreciated.

Logfile of Advanced SystemCare 3 Security Analyzer

Scan saved at 10:51:42 AM, on 3/15/2011

Platform: Windows XP (WinNT 5.1)

MSIE: Internet Explorer v8.0 (8.0.6001.18702)

Boot mode: Normal

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINNT\System32\MsPMSPSv.exe

C:\WINNT\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINNT\system32\wscntfy.exe

C:\WINNT\Explorer.EXE

C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

C:\WINNT\system32\EXSHOW95.EXE

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\Windows Defender\MSASCui.exe

C:\WINNT\system32\ctfmon.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\WINNT\system32\wuauclt.exe

C:\WINNT\system32\msiexec.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\DOCUME~1\LISAGO~1\LOCALS~1\Temp\is-4URD3.tmp\Toolbar-SetDefaultSearch.exe

C:\Program Files\IObit\Advanced SystemCare 3\FreeSoftwareDownloader_ASC.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWCInit.exe

C:\Program Files\IObit\Advanced SystemCare 3\Awc.exe

O2 - BHO: SearchElf 1.1 Toolbar - {00f2c0c6-2194-484e-9064-44e57787867b} - C:\Program Files\SearchElf_1.1\tbSea1.dll

O2 - BHO: SearchElf 1.1 Toolbar - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: HP Print Enhancer - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: HP Print Enhancer - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\VIDEOD~1\ARCURL~1.DLL

O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll

O2 - BHO: Conduit Engine - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: Conduit Engine - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll

O2 - BHO: Conduit Engine - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll

O2 - BHO: Conduit Engine - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Conduit Engine - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll

O2 - BHO: Conduit Engine - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Conduit Engine - {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\PROGRA~1\ArcSoft\RAWTHU~1\EXIFToolBar.dll

O2 - BHO: Conduit Engine - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll

O2 - BHO: Conduit Engine - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Conduit Engine - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: CouponBar - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - C:\WINNT\CouponBarIE.dll

O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll

O3 - Toolbar: RAW Thumbnail Viewer - {F301665A-12F8-4331-804A-5BCBD379668C} - C:\PROGRA~1\ArcSoft\RAWTHU~1\EXIFToolBar.dll

O3 - Toolbar: SearchElf 1.1 Toolbar - {00f2c0c6-2194-484e-9064-44e57787867b} - C:\Program Files\SearchElf_1.1\tbSea1.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll

O3 - Toolbar: (no name) - 10 - (no file)

O3 - Toolbar: Sammsoft Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O4 - HKCU\..\Run: [H/PC Connection Agent] "G:\Program Files\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1

O4 - HKCU\..\Run: [fxkierbt] C:\Documents and Settings\Lisa Goyette\Local Settings\Application Data\pkiumg\wdnpsftav.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup

O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

O4 - HKLM\..\Run: [EXSHOW95.EXE] EXSHOW95.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: []

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [fxkierbt] C:\Documents and Settings\Lisa Goyette\Local Settings\Application Data\pkiumg\wdnpsftav.exe

O4 - HKLM\..\Run: [CrossFTP Server] javaws.exe -Xnosplash -offline "http://www.crossftp.com/crossftpserver.jnlp"

O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O8 - Extra context menu item: &Search - ?p=ZCman000

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm

O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm

O9 - Extra button: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} -

O9 - Extra button: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -

O9 - Extra button: - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} -

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} -

O9 - Extra button: - {925DAB62-F9AC-4221-806A-057BFB1014AA} -

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} -

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab

O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

O16 - DPF: {2DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} (ActiveWorldsDownload Control) - http://www.activeworlds.com/products/ActiveWorldsDownload.cab

O16 - DPF: {352797A0-EFD0-4FA6-B229-145120EA4B8A} (Walt Disney Internet Group Hardware Control) - https://disneyblast.go.com/v3/setup/activex/DIGHardwareControl.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab

O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_5.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab

O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1207267968750

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_10) - http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx

O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab

O16 - DPF: {A8658086-E6AC-4957-BC8E-8D54A7E8A790} (GDIChk Object) - http://www.microsoft.com/security/controls/GDI/0/GDIChk.CAB

O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab

O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx

O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://a.download.toontown.com/sv1.0.15.44/ttinst.cab

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) - http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe

O16 - DPF: {D44C75D8-C827-473E-8F68-A77E42500782} (Uploader Class) - http://photo.walmart.com/photo/uploads/WebUploadClient.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F229AB32-7BF9-4225-B78F-B4680AE6FC23} (Snapfish File Upload ActiveX Control) - http://www.snapfish.com/SnapfishUpload.cab

O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: (Ati HotKey Poller) - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update Service (gupdate1c998318337d0e4) (gupdate1c998318337d0e4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: Roxio UPnP Renderer 9 - Unknown - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Unknown - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

I would recommend first uninstalling Advanced SystemCare 3.

Next, update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post DDS.txt directly into your reply.

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_11-03-05.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 3/21/2008 11:54:26 AM

System Uptime: 3/14/2011 9:02:40 AM (48 hours ago)

.

Motherboard: Intel | | 945GCT-M

Processor: Intel® Pentium® Dual CPU E2160 @ 1.80GHz | CPU 1 | 1795/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (FAT32) - 37 GiB total, 0.902 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1217: 2/17/2011 3:00:36 AM - Software Distribution Service 3.0

RP1218: 2/18/2011 3:00:19 AM - Software Distribution Service 3.0

RP1219: 2/18/2011 6:11:30 PM - Software Distribution Service 3.0

RP1220: 2/19/2011 3:00:18 AM - Software Distribution Service 3.0

RP1221: 2/20/2011 3:00:19 AM - Software Distribution Service 3.0

RP1222: 2/20/2011 9:00:18 AM - Software Distribution Service 3.0

RP1223: 2/21/2011 9:00:19 AM - Software Distribution Service 3.0

RP1224: 2/22/2011 9:00:22 AM - Software Distribution Service 3.0

RP1225: 2/22/2011 2:28:26 PM - Software Distribution Service 3.0

RP1226: 2/23/2011 9:00:23 AM - Software Distribution Service 3.0

RP1227: 2/24/2011 9:00:21 AM - Software Distribution Service 3.0

RP1228: 2/25/2011 9:00:52 AM - Software Distribution Service 3.0

RP1229: 2/25/2011 5:10:54 PM - Software Distribution Service 3.0

RP1230: 2/26/2011 9:00:24 AM - Software Distribution Service 3.0

RP1231: 2/27/2011 9:00:32 AM - Software Distribution Service 3.0

RP1232: 2/28/2011 9:00:24 AM - Software Distribution Service 3.0

RP1233: 3/1/2011 9:00:21 AM - Software Distribution Service 3.0

RP1234: 3/1/2011 7:27:01 PM - Software Distribution Service 3.0

RP1235: 3/2/2011 9:00:21 AM - Software Distribution Service 3.0

RP1236: 3/3/2011 9:00:28 AM - Software Distribution Service 3.0

RP1237: 3/4/2011 9:00:23 AM - Software Distribution Service 3.0

RP1238: 3/4/2011 12:42:53 PM - Software Distribution Service 3.0

RP1239: 3/5/2011 9:00:24 AM - Software Distribution Service 3.0

RP1240: 3/6/2011 9:00:34 AM - Software Distribution Service 3.0

RP1241: 3/7/2011 9:00:29 AM - Software Distribution Service 3.0

RP1242: 3/8/2011 9:00:25 AM - Software Distribution Service 3.0

RP1243: 3/8/2011 11:51:12 AM - Software Distribution Service 3.0

RP1244: 3/9/2011 9:00:20 AM - Software Distribution Service 3.0

RP1245: 3/10/2011 9:00:27 AM - Software Distribution Service 3.0

RP1246: 3/11/2011 9:00:28 AM - Software Distribution Service 3.0

RP1247: 3/11/2011 4:10:58 PM - Software Distribution Service 3.0

RP1248: 3/12/2011 9:00:29 AM - Software Distribution Service 3.0

RP1249: 3/13/2011 9:00:27 AM - Software Distribution Service 3.0

RP1250: 3/14/2011 9:01:09 AM - Software Distribution Service 3.0

RP1251: 3/14/2011 9:06:40 AM - Software Distribution Service 3.0

RP1252: 3/15/2011 9:00:27 AM - Software Distribution Service 3.0

RP1253: 3/15/2011 9:17:02 AM - ARO 2011 - Before Installation

RP1254: 3/15/2011 9:17:40 AM - ARO 2011 - FIRST RUN

RP1255: 3/15/2011 9:26:40 AM - ARO 2011 Tue, Mar 15, 11 09:26

RP1256: 3/15/2011 9:29:24 AM - Removed BlackBerry Desktop Software 4.5.

RP1257: 3/15/2011 9:30:18 AM - Removed Grover's Travels

RP1258: 3/15/2011 9:33:27 AM - Advanced SystemCare RestorePoint

RP1259: 3/15/2011 4:02:48 PM - Software Distribution Service 3.0

RP1260: 3/16/2011 9:01:23 AM - Software Distribution Service 3.0

RP1261: 3/16/2011 9:03:51 AM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

Sansa Media Converter

32 Bit HP CIO Components Installer

4500_G510af_Help

4500G510af

4500G510af_Software_Min

Acrobat.com

ActiveWorlds 4.2

Ad-Aware Email Scanner for Outlook

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Photoshop Album 2.0 Starter Edition

Adobe Reader 7.0

Adobe Shockwave Player 11.5

AIO_Scan

ANIO Service

ANIWZCS Service

Apple Mobile Device Support

Apple Software Update

ArcSoft Panorama Maker 4

ArcSoft Print Creations

ArcSoft Print Creations - Brochures & Flyers

ArcSoft RAW Thumbnail Viewer

ArcSoft Scan-n-Stitch Deluxe

ArcSoft Video Downloader

Ask Toolbar

ATI Display Driver

BlackBerry Desktop Software 4.5

Bonjour

Bookworm Adventures (remove only)

BufferChm

Camera Driver

Conduit Engine

ContentSAFER for Wizmax

Copy

CouponBar

Critical Update for Windows Media Player 11 (KB959772)

Curious George Downtown Adventure

Dedicated Server

Destinations

DeviceDiscovery

DeviceManagementQFolder

Disney's Mickey Mouse Preschool

Disney's Toontown Online

Disney Toontown Online

DocMgr

DocProc

Download Updater (AOL LLC)

Draw 4 App

Dungeons & Dragons Online - Eberron Unlimited

Link to post
Share on other sites

  • Staff

Hi,

Next, update MBAM, run a Quick Scan, and post its log.

Please use the Add Reply button instead of the "Reply button.

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

hi This is becoming so redundant and daunting. I seem to be running scan after scan

after scan to only get no where. U will do this but after a while , Im giving up, as much as

I want my computer cleaned out, its just doesnt seem worth it to me anymore.......

but I will scan this last scan and see what happens........

lisa

Link to post
Share on other sites

this latest scan just sits there. It says its scanning but it has been scanning for a very long time now..... plus, it just going to make results logs like I've already posted to you correct?.

DDS (Ver_11-03-05.01) - FAT32x86

Run by Lisa Goyette at 13:43:52.81 on Fri 03/18/2011

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1382 [GMT -4:00]

.

.

============== Running Processes ===============

.

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\svchost -k DcomLaunch

svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINNT\System32\svchost.exe -k netsvcs

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINNT\system32\spoolsv.exe

svchost.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINNT\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINNT\System32\svchost.exe -k HPZ12

C:\WINNT\System32\svchost.exe -k HPZ12

C:\WINNT\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINNT\System32\MsPMSPSv.exe

C:\WINNT\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINNT\system32\wscntfy.exe

C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe

C:\WINNT\system32\EXSHOW95.EXE

C:\Program Files\QuickTime\qttask.exe

C:\WINNT\System32\svchost.exe -k HTTPFilter

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\AWS\WeatherBug\Weather.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\WINNT\explorer.exe

C:\WINNT\system32\notepad.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Lisa Goyette\My Documents\Downloads\dds(2).scr

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uInternet Settings,ProxyServer = http=127.0.0.1:5555

uInternet Settings,ProxyOverride = <local>

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

uURLSearchHooks: SearchElf 1.1 Toolbar: {00f2c0c6-2194-484e-9064-44e57787867b} - c:\program files\searchelf_1.1\tbSea1.dll

BHO: SOFTWARE - No File

BHO: SearchElf 1.1 Toolbar: {00f2c0c6-2194-484e-9064-44e57787867b} - c:\program files\searchelf_1.1\tbSea1.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - c:\progra~1\arcsoft\videod~1\ARCURL~1.DLL

BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll

BHO: UberButton Class: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll

BHO: YahooTaggedBM Class: {65d886a2-7ca7-479b-bb95-14d1efb7946a} - c:\program files\yahoo!\common\YIeTagBm.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: ToolbarBHO Class: {9519af7e-638d-4933-bad6-d33d23c79fe5} - c:\progra~1\arcsoft\rawthu~1\EXIFToolBar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: Sammsoft Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: RAW Thumbnail Viewer: {f301665a-12f8-4331-804a-5bcbd379668c} - c:\progra~1\arcsoft\rawthu~1\EXIFToolBar.dll

TB: SearchElf 1.1 Toolbar: {00f2c0c6-2194-484e-9064-44e57787867b} - c:\program files\searchelf_1.1\tbSea1.dll

TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Sammsoft Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\progra~1\yahoo!\common\yhexbmesus.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [H/PC Connection Agent] "g:\program files\microsoft activesync\wcescomm.exe"

uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup

mRun: [ANIWZCSService] c:\program files\alpha networks\aniwzcs service\WZCSLDR.exe

mRun: [EXSHOW95.EXE] EXSHOW95.EXE

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"

mRun: [CrossFTP Server] javaws.exe -Xnosplash -offline "http://www.crossftp.com/crossftpserver.jnlp"

mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe

mRun: [iObit Security 360] c:\program files\iobit\iobit security 360\IS360tray.exe

dRun: [NvMediaCenter] RUNDLL32.EXE c:\winnt\system32\NVMCTRAY.DLL,NvTaskbarInit

dRun: [ALUAlert] c:\program files\symantec\liveupdate\ALUNotify.exe

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

dRunOnce: [^SetupICWDesktop] c:\program files\internet explorer\connection wizard\icwconn1.exe /desktop

dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe

dRunOnce: [RunNarrator] Narrator.exe

StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\ma111c~1.lnk - c:\program files\netgear\ma111 configuration utility\wlancfg.exe

StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe

StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm

IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm

IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm

IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB}

IE: {925DAB62-F9AC-4221-806A-057BFB1014AA}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\winnt\system32\Msjava.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - g:\progra~1\micros~1\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - g:\progra~1\micros~1\INetRepl.dll

IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab

DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} - hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab

DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

DPF: {2DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} - hxxp://www.activeworlds.com/products/ActiveWorldsDownload.cab

DPF: {352797A0-EFD0-4FA6-B229-145120EA4B8A} - hxxps://disneyblast.go.com/v3/setup/activex/DIGHardwareControl.cab

DPF: {49232000-16E4-426C-A231-62846947304B} - hxxps://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab

DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} - hxxp://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_5.cab

DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab

DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1207267968750

DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab

DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - hxxp://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx

DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab

DPF: {A8658086-E6AC-4957-BC8E-8D54A7E8A790} - hxxp://www.microsoft.com/security/controls/GDI/0/GDIChk.CAB

DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab

DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx

DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://a.download.toontown.com/sv1.0.15.44/ttinst.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab

DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://3dlifeplayer.dl.3dvia.com/player/install/installer.exe

DPF: {D44C75D8-C827-473E-8F68-A77E42500782} - hxxp://photo.walmart.com/photo/uploads/WebUploadClient.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F229AB32-7BF9-4225-B78F-B4680AE6FC23} - hxxp://www.snapfish.com/SnapfishUpload.cab

DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} - hxxp://cdn.digitalcity.com/_media/dalaillama/ampx.cab

Notify: AtiExtEvent - Ati2evxx.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\winnt\system32\WPDShServiceObj.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~2\MpShHook.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\docume~1\lisago~1\applic~1\mozilla\firefox\profiles\6ud6nwip.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/

FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=

FF - component: c:\documents and settings\lisa goyette\application data\mozilla\firefox\profiles\6ud6nwip.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\components\MailUtil.dll

FF - component: c:\program files\arcsoft\raw thumbnail viewer\firefox extension\components\FirefoxMenu.dll

FF - plugin: c:\documents and settings\lisa goyette\application data\mozilla\firefox\profiles\6ud6nwip.default\extensions\{0c7e3f01-99e9-4095-9bdc-f84724960b57}\plugins\NPCpnMgr.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Coupon Manager: {0C7E3F01-99E9-4095-9BDC-F84724960B57} - %profile%\extensions\{0C7E3F01-99E9-4095-9BDC-F84724960B57}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: AOL Toolbar: {7affbfae-c4e2-4915-8c0f-00fa3ec610a1} - %profile%\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}

FF - Ext: Sammsoft Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\winnt\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: RAW Thumbnail Viewer: RAWThumbnailViewer@arcsoft.com.cn - c:\program files\arcsoft\raw thumbnail viewer\FireFox Extension

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

.

============= SERVICES / DRIVERS ===============

.

R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2011-3-15 312152]

R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

S0 Lbd;Lbd;c:\winnt\system32\drivers\lbd.sys --> c:\winnt\system32\drivers\Lbd.sys [?]

S0 SmartDefragDriver;SmartDefragDriver;c:\winnt\system32\drivers\SmartDefragDriver.sys [2011-3-15 14776]

S2 gupdate1c998318337d0e4;Google Update Service (gupdate1c998318337d0e4);c:\program files\google\update\GoogleUpdate.exe [2009-2-26 133104]

S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\winnt\system32\drivers\A3AB.sys [2003-10-22 547744]

S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;\??\c:\winnt\system32\drivers\nsdriver.sys --> c:\winnt\system32\drivers\NSDriver.sys [?]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\winnt\system32\svchost.exe -k nosGetPlusHelper [2004-8-4 14336]

S3 usbhub20;USB 2.0 Root Hub Support;c:\winnt\system32\drivers\usbhub20.sys [2003-8-1 49776]

S3 VIASens;Vinyl Sensaura WDM 3D Audio Driver;c:\winnt\system32\drivers\viasens.sys [2003-11-7 391680]

.

=============== Created Last 30 ================

.

2011-03-18 14:36:29 -------- d-sha-r- C:\cmdcons

2011-03-18 14:31:58 98816 ----a-w- c:\winnt\sed.exe

2011-03-18 14:31:58 89088 ----a-w- c:\winnt\MBR.exe

2011-03-18 14:31:58 256512 ----a-w- c:\winnt\PEV.exe

2011-03-18 14:31:58 161792 ----a-w- c:\winnt\SWREG.exe

2011-03-18 12:50:57 5943120 ----a-w- c:\docume~1\alluse~1.win\applic~1\microsoft\windows defender\definition updates\{8afae630-e0e5-41fe-a6df-e9c4fab8762e}\mpengine.dll

2011-03-17 15:17:36 -------- d-----w- C:\FOUND.076

2011-03-16 21:45:16 -------- d-----w- c:\docume~1\lisago~1\locals~1\applic~1\Intuit

2011-03-16 21:45:02 -------- d-----w- c:\docume~1\lisago~1\applic~1\Intuit

2011-03-16 21:43:37 -------- d-----w- c:\program files\common files\AnswerWorks 5.0

2011-03-16 21:39:23 -------- d-----w- c:\program files\common files\Intuit

2011-03-16 21:39:23 -------- d-----w- c:\docume~1\alluse~1.win\applic~1\Intuit

2011-03-16 21:38:40 -------- d-----w- c:\program files\TurboTax

2011-03-16 14:47:50 -------- d-----w- c:\docume~1\lisago~1\locals~1\applic~1\AskToolbar

2011-03-16 14:33:12 -------- d-----w- C:\FOUND.000

2011-03-16 13:24:35 -------- d-----w- C:\Malwarebytes' Anti-Malware

2011-03-15 15:03:37 28496 ----a-w- c:\winnt\system32\SmartDefragBootTime.exe

2011-03-15 15:03:37 14776 ----a-w- c:\winnt\system32\drivers\SmartDefragDriver.sys

2011-03-15 15:03:18 -------- d-----w- c:\docume~1\alluse~1.win\applic~1\IObit

2011-03-15 13:32:44 -------- d-----w- c:\program files\IObit

2011-03-15 13:32:44 -------- d-----w- c:\docume~1\lisago~1\applic~1\IObit

2011-03-15 13:17:22 -------- d-----w- c:\docume~1\lisago~1\applic~1\Sammsoft

2011-03-15 13:17:02 -------- d-----w- c:\program files\ARO 2011

2011-03-12 16:17:00 -------- d-----w- c:\program files\common files\Software Update Utility

2011-03-12 16:16:35 -------- d-----w- c:\docume~1\lisago~1\locals~1\applic~1\OpenCandy

2011-03-12 16:16:33 -------- d-----w- c:\docume~1\lisago~1\applic~1\OpenCandy

.

==================== Find3M ====================

.

2011-02-02 21:11:20 222080 ------w- c:\winnt\system32\MpSigStub.exe

2011-02-02 06:58:36 2067456 ----a-w- c:\winnt\system32\mstscax.dll

2011-01-27 10:57:06 677888 ----a-w- c:\winnt\system32\mstsc.exe

2011-01-21 13:44:38 439296 ----a-w- c:\winnt\system32\shimgvw.dll

2011-01-21 12:36:30 8582536 ----a-w- c:\program files\Firefox Setup 3.6.13.exe

2011-01-14 19:52:02 43520 ----a-w- c:\winnt\system32\CmdLineExt03.dll

2011-01-07 13:09:02 290048 ----a-w- c:\winnt\system32\atmfd.dll

2010-12-31 12:10:34 1854976 ----a-w- c:\winnt\system32\win32k.sys

2010-12-22 11:34:28 301568 ----a-w- c:\winnt\system32\kerberos.dll

2010-12-20 22:59:20 916480 ----a-w- c:\winnt\system32\wininet.dll

2010-12-20 22:59:20 43520 ------w- c:\winnt\system32\licmgr10.dll

2010-12-20 22:59:20 1469440 ------w- c:\winnt\system32\inetcpl.cpl

2010-12-20 16:26:00 730112 ----a-w- c:\winnt\system32\lsasrv.dll

2010-12-20 11:55:26 385024 ------w- c:\winnt\system32\html.iec

2008-10-26 16:09:50 12113 ----a-w- c:\program files\common files\ojitec.bin

1999-02-22 21:46:38 148992 ----a-w- c:\program files\UNWISE.EXE

.

============= FINISH: 13:49:08.40 ===============

next one:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_11-03-05.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 3/21/2008 11:54:26 AM

System Uptime: 3/18/2011 10:44:57 AM (3 hours ago)

.

Motherboard: Intel | | 945GCT-M

Processor: Intel® Pentium® Dual CPU E2160 @ 1.80GHz | CPU 1 | 1795/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (FAT32) - 37 GiB total, 5.134 GiB free.

D: is CDROM ()

F: is FIXED (NTFS) - 59 GiB total, 56.963 GiB free.

G: is FIXED (NTFS) - 90 GiB total, 0.414 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1250: 3/14/2011 9:01:09 AM - Software Distribution Service 3.0

RP1251: 3/14/2011 9:06:40 AM - Software Distribution Service 3.0

RP1252: 3/15/2011 9:00:27 AM - Software Distribution Service 3.0

RP1253: 3/15/2011 9:17:02 AM - ARO 2011 - Before Installation

RP1254: 3/15/2011 9:17:40 AM - ARO 2011 - FIRST RUN

RP1255: 3/15/2011 9:26:40 AM - ARO 2011 Tue, Mar 15, 11 09:26

RP1256: 3/15/2011 9:29:24 AM - Removed BlackBerry Desktop Software 4.5.

RP1257: 3/15/2011 9:30:18 AM - Removed Grover's Travels

RP1258: 3/15/2011 9:33:27 AM - Advanced SystemCare RestorePoint

RP1259: 3/15/2011 4:02:48 PM - Software Distribution Service 3.0

RP1260: 3/16/2011 9:01:23 AM - Software Distribution Service 3.0

RP1261: 3/16/2011 9:03:51 AM - Software Distribution Service 3.0

RP1262: 3/16/2011 10:11:20 AM - Software Distribution Service 3.0

RP1263: 3/16/2011 5:40:07 PM - Installed TurboTax 2008 wrapper

RP1264: 3/16/2011 5:40:44 PM - Installed TurboTax 2008 WinPerReleaseEngine

RP1265: 3/16/2011 5:41:57 PM - Installed TurboTax 2008 WinPerFedFormset

RP1266: 3/16/2011 5:42:30 PM - Installed TurboTax 2008 WinPerTaxSupport

RP1267: 3/16/2011 5:42:51 PM - Installed TurboTax 2008 WinPerProgramHelp

RP1268: 3/16/2011 5:43:18 PM - Installed TurboTax 2008 WinPerUserEducation

RP1269: 3/16/2011 5:43:35 PM - Installed AnswerWorks 5.0 English Runtime

RP1270: 3/17/2011 9:00:31 AM - Software Distribution Service 3.0

RP1271: 3/18/2011 8:50:54 AM - Software Distribution Service 3.0

RP1272: 3/18/2011 9:00:25 AM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

Sansa Media Converter

32 Bit HP CIO Components Installer

4500_G510af_Help

4500G510af

4500G510af_Software_Min

Acrobat.com

Ad-Aware Email Scanner for Outlook

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Photoshop Album 2.0 Starter Edition

Adobe Reader 7.0

Adobe Shockwave Player 11.5

AIO_Scan

ANIO Service

ANIWZCS Service

AnswerWorks 5.0 English Runtime

Apple Mobile Device Support

Apple Software Update

ArcSoft Panorama Maker 4

ArcSoft Print Creations

ArcSoft Print Creations - Brochures & Flyers

ArcSoft RAW Thumbnail Viewer

ArcSoft Scan-n-Stitch Deluxe

ArcSoft Video Downloader

Ask Toolbar

ATI Display Driver

BlackBerry Desktop Software 4.5

Bonjour

Bookworm Adventures (remove only)

BufferChm

Camera Driver

Conduit Engine

ContentSAFER for Wizmax

Copy

CouponBar

Critical Update for Windows Media Player 11 (KB959772)

Curious George Downtown Adventure

Dedicated Server

Destinations

DeviceDiscovery

DeviceManagementQFolder

Disney's Mickey Mouse Preschool

DocMgr

DocProc

Download Updater (AOL LLC)

Draw 4 App

Dungeons & Dragons Online - Eberron Unlimited

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.