Jump to content

Recommended Posts

Hi im having this weird probably connecting to the internet. Im knowledgeable about computers but this problem has baffled me. I have been working on this problem for over a month now and went nowhere. i have 2 other computers wired to a router and they both work fine and 2 laptops connected via wireless and they all work fine. The computer thats not working had mcafee antivirus installed..subscription expired and did not renew and i uninstalled it. I thought mcafee was stopping my connection to the internet but it wasn't. Found traces of mcafee stuff still installed but removed it through the registry and with use of a program called perfect uninstaller. After all that still no internet working. The internet first stopped working when my dad installed cisco vpn client. I deleted and uninstalled that but still no use. I also called my isp..was told to go to command prompt and do flushdns..release and renew..all that did not work either. They said from there end everything looks fine and its probably something taking my connection. I tried all tools like winsock fix... registry cleaners tc/ip connection fixes ip stack configuration fixes..you name it i tried it..i even deleted the ethernet card drivers and reinstalled and updated it. Today i bought a usb wirless dongle to see if maybe the eithernet card is bad and that didnt work either. Im all out of ideas now and seeking a professional take on this. Here is my hijackthis log.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 2:18:06 AM, on 5/18/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG10\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe

C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\AVG\AVG10\avgnsx.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AVG\AVG10\avgtray.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe

C:\Program Files\NETGEAR\WG111v3\WG111v3.exe

C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\PROGRA~1\AVG\AVG10\avgrsx.exe

C:\Program Files\AVG\AVG10\avgcsrvx.exe

C:\Program Files\AVG\AVG10\avgsrmax.exe

C:\Program Files\AVG\AVG10\avgsrmax.exe

C:\Program Files\AVG\AVG10\avgsrmax.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\WINDOWS\system32\wuauclt.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\VIDEOD~1\ARCURL~1.DLL

O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe

O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized

O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe

O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [EPSON WorkForce 600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEKA.EXE /FU "C:\DOCUME~1\DEBBIE~1\LOCALS~1\Temp\E_S70.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\DEBBIE INNISS\Application Data\mjusbsp\cdloader2.exe" MAGICJACK

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\DEBBIE INNISS\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\SYSTEM32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100429 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; CMS Music Store2 v1.00.12 (Music Store,1033); .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; InfoPath.2)

O4 - HKUS\S-1-5-19\..\Run: [warizihura] Rundll32.exe "C:\WINDOWS\system32\zitovovi.dll",s (User 'LOCAL SERVICE')

O4 - S-1-5-18 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')

O4 - S-1-5-18 Startup: PowerReg Scheduler.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')

O4 - .DEFAULT Startup: PowerReg Scheduler.exe (User 'Default user')

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: PowerReg Scheduler.exe

O4 - Global Startup: Microsoft Broadband Networking.lnk = C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe

O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe

O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE

O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127538409000

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/1450/ftp.coupons.com/r3302/cpbrkpie.cab

O16 - DPF: {BCBC9371-9827-11DA-A72B-0800200C9A66} (View22RTEv4 Class) - http://merillat.view22.com/release_3_9_177/View22RTEv4.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O20 - AppInit_DLLs: C:\WINDOWS\system32\ginagado.dll c:\windows\system32\gitoreda.dll C:\WINDOWS\system32\lilofati.dll c:\windows\system32\wiyirive.dll c:\windows\system32\dibewori.dll c:\windows\system32\dibiyowa.dll wlanprov.dll devspl.dll

O20 - Winlogon Notify: cryptnet32 - cryptnet32.dll (file missing)

O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe

O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

O23 - Service: Windows Search (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe (file missing)

--

End of file - 18602 bytes

Link to post
Share on other sites

GMER 1.0.15.15627 - http://www.gmer.net

Rootkit scan 2011-05-18 02:17:31

Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 HDS72404 rev.KFAO

Running: cwt42gss.exe; Driver: C:\DOCUME~1\DEBBIE~1\LOCALS~1\Temp\kwlcipow.sys

---- System - GMER 1.0.15 ----

SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwDeleteKey [0x989E4190]

SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwDeleteValueKey [0x989E40C0]

SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwLoadKey [0x989E4210]

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xBA461738]

SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwReplaceKey [0x989E4380]

SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwRestoreKey [0x989E44C0]

SSDT \??\C:\WINDOWS\system32\vsdatant.sys (TrueVector Device Driver/Zone Labs LLC) ZwSetValueKey [0x989E3FE0]

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xBA4617DC]

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xBA461878]

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xBA461914]

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\DRIVERS\mohfilt.sys entry point in "init" section [0xBA3B3760]

.text C:\WINDOWS\system32\drivers\hardlock.sys section is writeable [0x98FCF400, 0x87EE2, 0xE8000020]

.protect

Link to post
Share on other sites

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by DEBBIE INNISS at 12:08:46.21 on Tue 05/17/2011

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2215 [GMT -4:00]

.

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

svchost.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG10\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe

C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\AVG\AVG10\avgnsx.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AVG\AVG10\avgtray.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Documents and Settings\DEBBIE INNISS\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe

C:\Program Files\NETGEAR\WG111v3\WG111v3.exe

C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\PROGRA~1\AVG\AVG10\avgrsx.exe

C:\Program Files\AVG\AVG10\avgcsrvx.exe

L:\dds.com

.

============== Pseudo HJT Report ===============

.

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 10\SnagitBHO.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - c:\progra~1\arcsoft\videod~1\ARCURL~1.DLL

BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File

TB: Copernic Agent: {f2e259e8-0fc8-438c-a6e0-342dd80fa53e} - c:\program files\copernic agent\CopernicAgentExt.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 10\SnagitIEAddin.dll

TB: AIM Search: {40d41a8b-d79b-43d7-99a7-9ee0f344c385} -

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

TB: {3082E606-C56D-4C45-BD8B-C2F9B42E3EE2} - No File

TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File

EB: Copernic Agent Results: {6f480f82-c3a6-4d35-96f7-b297ad49fbe8} - c:\program files\copernic agent\CopernicAgentExt.dll

EB: Copernic Agent: {f2e259e8-0fc8-438c-a6e0-342dd80fa53e} - c:\program files\copernic agent\CopernicAgentExt.dll

uRun: [MoneyAgent] "c:\program files\microsoft money\system\mnyexpr.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

uRun: [EPSON WorkForce 600 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatieka.exe /fu "c:\docume~1\debbie~1\locals~1\temp\E_S70.tmp" /EF "HKCU"

uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [cdloader] "c:\documents and settings\debbie inniss\application data\mjusbsp\cdloader2.exe" MAGICJACK

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Google Update] "c:\documents and settings\debbie inniss\local settings\application data\google\update\GoogleUpdate.exe" /c

uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1100429 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; CMS Music Store2 v1.00.12 (Music Store,1033); .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; InfoPath.2)

mRun: [Logitech Utility] Logi_MwX.Exe

mRun: [iAAnotif] c:\program files\intel\intel application accelerator\iaanotif.exe

mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe

mRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /r

mRun: [CTDVDDET] "c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDET.EXE"

mRun: [CTHelper] CTHELPER.EXE

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"

mRun: [updateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"

mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [LELA] "c:\program files\linksys\linksys easylink advisor\Linksys EasyLink Advisor.exe" /minimized

mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"

mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe

StartupFolder: c:\docume~1\debbie~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\documents and settings\debbie inniss\start menu\programs\startup\PowerReg Scheduler.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft broadband networking\MSBNTray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe

IE: {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - c:\progra~1\copern~2\COPERN~1.EXE

IE: {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - c:\progra~1\copern~2\COPERN~1.EXE

IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL

Trusted Zone: internet

Trusted Zone: sigmacare.com\login

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab

DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127538409000

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - hxxp://a19.g.akamai.net/7/19/7125/1450/ftp.coupons.com/r3302/cpbrkpie.cab

DPF: {BCBC9371-9827-11DA-A72B-0800200C9A66} - hxxp://merillat.view22.com/release_3_9_177/View22RTEv4.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - hxxp://fdl.msn.com/zone/datafiles/heartbeat.cab

Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\progra~1\copern~2\COPERN~1.DLL

Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\progra~1\copern~2\COPERN~1.DLL

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll

Notify: cryptnet32 - cryptnet32.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\480\G2AWinLogon.dll

AppInit_DLLs: c:\windows\system32\ginagado.dll c:\windows\system32\gitoreda.dll c:\windows\system32\lilofati.dll c:\windows\system32\wiyirive.dll c:\windows\system32\dibewori.dll c:\windows\system32\dibiyowa.dll wlanprov.dll devspl.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

LSA: Notification Packages = scecli c:\windows\system32\ginagado.dll c:\windows\system32\lilofati.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-18 7398752]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]

R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2007-10-9 38144]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-9-30 54752]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2010-12-30 24652]

R2 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-1-26 280344]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 27216]

R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2009-7-31 341504]

S3 BRGSp50;BRGSp50 NDIS Protocol Driver;c:\windows\system32\drivers\BRGSp50.sys [2006-6-14 20608]

S3 EMNG2USB;EMNG2USB;c:\windows\system32\drivers\emng2usb.sys --> c:\windows\system32\drivers\emng2usb.sys [?]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2007-11-4 42112]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);c:\windows\system32\drivers\ZD1211BU.sys [2006-6-14 477696]

S4 0042511294815133mcinstcleanup;0042511294815133mcinstcleanup; [x]

S4 McMPFSvc;McMPFSvc; [x]

.

=============== Created Last 30 ================

.

2011-05-13 19:40:42 -------- d--h--w- C:\$AVG

2011-05-13 19:11:21 -------- d-----w- c:\docume~1\debbie~1\applic~1\AVG10

2011-05-13 19:08:29 -------- d-----w- c:\windows\system32\drivers\AVG

2011-05-13 19:04:51 376832 ----a-w- c:\windows\system32\AegisI5Installer.exe

2011-05-13 19:00:41 -------- d-----w- c:\program files\AVG

2011-05-13 18:59:34 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files

2011-05-13 18:57:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10

2011-05-13 18:18:32 -------- d-----w- C:\OEMSettings

2011-05-13 18:17:58 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys

2011-05-13 18:16:31 -------- d-----w- c:\program files\NETGEAR

2011-05-11 17:56:46 388096 ----a-r- c:\docume~1\debbie~1\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-05-11 17:56:46 -------- d-----w- c:\program files\Trend Micro

2011-05-11 17:30:58 -------- d-----w- c:\program files\ATI Technologies

2011-05-11 17:30:42 6684672 ----a-w- c:\windows\system32\atioglx1.dll

2011-05-11 15:53:03 -------- d-----w- c:\docume~1\debbie~1\applic~1\Malwarebytes

2011-05-11 15:52:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2011-05-11 15:24:49 578560 ----a-w- c:\windows\system32\dllcache\user32.dll

2011-05-11 15:20:46 -------- d-----w- c:\windows\ERUNT

2011-05-10 05:02:02 -------- d-----w- c:\docume~1\debbie~1\locals~1\applic~1\AOL OCP

2011-05-10 03:45:44 -------- d-----w- C:\Rbackup

2011-05-10 03:11:44 -------- d-----w- c:\program files\Perfect Uninstaller

2011-05-07 01:32:04 -------- d-----w- c:\windows\system32\wbem\repository\FS

2011-05-07 01:32:04 -------- d-----w- c:\windows\system32\wbem\Repository

2011-04-28 20:56:25 -------- d-----w- C:\ERDNT

2011-04-28 19:43:24 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData

.

==================== Find3M ====================

.

2011-02-18 21:36:58 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll

2008-09-29 22:43:33 67 -c--a-w- c:\program files\rem_cdk.bat

.

=================== ROOTKIT ====================

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 5.1.2600 Disk: HDS72404 rev.KFAO -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0

.

device: opened successfully

user: MBR read successfully

.

Disk trace:

called modules: >>UNKNOWN [0x804D7000]<< >>UNKNOWN [0xBA168000]<< >>UNKNOWN [0xBA158000]<< >>UNKNOWN [0xB9E96000]<< >>UNKNOWN [0x806E4000]<<

_asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL; }

1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8B28B510]

\Driver\Disk[0x8B28BDC0] -> IRP_MJ_CREATE -> 0xBA16EBB0

3 [0xBA168FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IAAStorageDevice-0[0x8B56D030]

\Driver\iaStor[0x8B5A87B0] -> IRP_MJ_CREATE -> 0xB9EA5094

kernel: MBR read successfully

_asm { CLI ; MOV AX, 0x0; MOV SS, AX; MOV SP, 0x7c00; STI ; MOV DS, AX; CLD ; MOV CX, 0x80; MOV SI, SP; MOV DI, 0x600; MOV ES, AX; REP MOVSD ; JMP FAR 0x0:0x62f; }

detected disk devices:

detected hooks:

\Driver\atapi DriverStartIo -> 0xB9E85864

user & kernel MBR OK

Warning: possible TDL3 rootkit infection !

.

============= FINISH: 12:10:10.79 ===============

Link to post
Share on other sites

Windows IP Configuration Host Name . . . . . . . . . . . . : HOMEBASE Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : Yes WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Wireless Network Connection 5: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : NETGEAR WG111v3 Wireless-G USB Adapter Physical Address. . . . . . . . . : E0-91-F5-9E-51-91 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.1.10 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.1 Lease Obtained. . . . . . . . . . : Tuesday, May 17, 2011 11:51:31 AM Lease Expires . . . . . . . . . . : Wednesday, May 18, 2011 11:51:31 AMEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller Physical Address. . . . . . . . . : 00-13-20-7C-F5-6C Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.1.101 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.1 Lease Obtained. . . . . . . . . . : Tuesday, May 17, 2011 12:24:33 PM Lease Expires . . . . . . . . . . : Wednesday, May 18, 2011 12:24:33 PM

C:\WINDOWS>ping yahoo.com

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=459ms TTL=50

Reply from 209.191.122.70: bytes=32 time=347ms TTL=50

Reply from 209.191.122.70: bytes=32 time=412ms TTL=50

Reply from 209.191.122.70: bytes=32 time=390ms TTL=50

Ping statistics for 209.191.122.70:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 347ms, Maximum = 459ms, Average = 402ms

C:\WINDOWS>ping yahoo.com

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=459ms TTL=50

Reply from 209.191.122.70: bytes=32 time=347ms TTL=50

Reply from 209.191.122.70: bytes=32 time=412ms TTL=50

Reply from 209.191.122.70: bytes=32 time=390ms TTL=50

Ping statistics for 209.191.122.70:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 347ms, Maximum = 459ms, Average = 402ms

C:\WINDOWS>

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, update MBAM, run a Quick Scan, and post its log. Also post a fresh DDS log.

Link to post
Share on other sites

2011/05/22 14:52:59.0406 28460 TDSS rootkit removing tool 2.5.1.0 May 13 2011 13:20:29

2011/05/22 14:53:01.0421 28460 ================================================================================

2011/05/22 14:53:01.0421 28460 SystemInfo:

2011/05/22 14:53:01.0421 28460

2011/05/22 14:53:01.0421 28460 OS Version: 5.1.2600 ServicePack: 3.0

2011/05/22 14:53:01.0421 28460 Product type: Workstation

2011/05/22 14:53:01.0421 28460 ComputerName: HOMEBASE

2011/05/22 14:53:01.0421 28460 UserName: DEBBIE INNISS

2011/05/22 14:53:01.0421 28460 Windows directory: C:\WINDOWS

2011/05/22 14:53:01.0421 28460 System windows directory: C:\WINDOWS

2011/05/22 14:53:01.0421 28460 Processor architecture: Intel x86

2011/05/22 14:53:01.0421 28460 Number of processors: 2

2011/05/22 14:53:01.0421 28460 Page size: 0x1000

2011/05/22 14:53:01.0421 28460 Boot type: Normal boot

2011/05/22 14:53:01.0421 28460 ================================================================================

2011/05/22 14:53:01.0718 28460 Initialize success

2011/05/22 14:53:05.0453 26956 ================================================================================

2011/05/22 14:53:05.0453 26956 Scan started

2011/05/22 14:53:05.0453 26956 Mode: Manual;

2011/05/22 14:53:05.0453 26956 ================================================================================

2011/05/22 14:53:07.0093 26956 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys

2011/05/22 14:53:07.0156 26956 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

2011/05/22 14:53:07.0203 26956 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/05/22 14:53:07.0234 26956 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

2011/05/22 14:53:07.0375 26956 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

2011/05/22 14:53:07.0437 26956 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2011/05/22 14:53:07.0484 26956 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys

2011/05/22 14:53:07.0531 26956 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys

2011/05/22 14:53:07.0687 26956 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

2011/05/22 14:53:07.0734 26956 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

2011/05/22 14:53:07.0750 26956 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

2011/05/22 14:53:07.0765 26956 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

2011/05/22 14:53:07.0812 26956 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

2011/05/22 14:53:07.0828 26956 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

2011/05/22 14:53:07.0859 26956 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

2011/05/22 14:53:07.0875 26956 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

2011/05/22 14:53:07.0906 26956 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

2011/05/22 14:53:08.0031 26956 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

2011/05/22 14:53:08.0093 26956 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

2011/05/22 14:53:08.0109 26956 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

2011/05/22 14:53:08.0125 26956 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

2011/05/22 14:53:08.0156 26956 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

2011/05/22 14:53:08.0203 26956 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/05/22 14:53:08.0234 26956 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/05/22 14:53:08.0406 26956 ati2mtag (a7dd7088e2c987dbcb3f4d6d56f723bd) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

2011/05/22 14:53:08.0625 26956 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/05/22 14:53:08.0671 26956 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/05/22 14:53:08.0703 26956 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys

2011/05/22 14:53:08.0765 26956 AVGIDSDriver (c403e7f715bb0a851a9dfae16ec4ae42) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

2011/05/22 14:53:08.0937 26956 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

2011/05/22 14:53:08.0968 26956 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

2011/05/22 14:53:09.0000 26956 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

2011/05/22 14:53:09.0046 26956 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

2011/05/22 14:53:09.0265 26956 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

2011/05/22 14:53:09.0296 26956 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

2011/05/22 14:53:09.0375 26956 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

2011/05/22 14:53:09.0562 26956 b57w2k (0bb5248a2a5c6fbb50584c75c32ac2d0) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

2011/05/22 14:53:09.0609 26956 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/05/22 14:53:09.0687 26956 BRGSp50 (ee0f41fa0466189a2c8b9caf7d1cddd5) C:\WINDOWS\system32\Drivers\BRGSp50.sys

2011/05/22 14:53:09.0859 26956 BRIDGE (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys

2011/05/22 14:53:09.0875 26956 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys

2011/05/22 14:53:10.0328 26956 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

2011/05/22 14:53:10.0343 26956 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/05/22 14:53:10.0421 26956 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

2011/05/22 14:53:10.0437 26956 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

2011/05/22 14:53:10.0484 26956 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/05/22 14:53:10.0609 26956 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/05/22 14:53:10.0656 26956 cdrbsdrv (351735695e9ead93de6af85d8beb1ca8) C:\WINDOWS\system32\drivers\cdrbsdrv.sys

2011/05/22 14:53:10.0718 26956 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/05/22 14:53:10.0781 26956 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

2011/05/22 14:53:10.0828 26956 COMMONFX.DLL (1ef05b641e9a67ded74ac8ad40055dbf) C:\WINDOWS\system32\COMMONFX.DLL

2011/05/22 14:53:10.0953 26956 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

2011/05/22 14:53:11.0000 26956 CT20XUT.DLL (6191a973461852a09d643609e1d5f7c6) C:\WINDOWS\system32\CT20XUT.DLL

2011/05/22 14:53:11.0062 26956 ctac32k (8ac5f77e30e37d2d11bd99eff0c53d8c) C:\WINDOWS\system32\drivers\ctac32k.sys

2011/05/22 14:53:11.0125 26956 ctaud2k (673241d314e932f4890509ae8ebf26db) C:\WINDOWS\system32\drivers\ctaud2k.sys

2011/05/22 14:53:11.0265 26956 CTAUDFX.DLL (472b82d7e549e7fab428852e4d16f21d) C:\WINDOWS\system32\CTAUDFX.DLL

2011/05/22 14:53:11.0375 26956 ctdvda2k (ed316d4c3d39c5b6c23de067e275c183) C:\WINDOWS\system32\drivers\ctdvda2k.sys

2011/05/22 14:53:11.0421 26956 CTEAPSFX.DLL (6a57f82009563aee8826f117e1d3c72c) C:\WINDOWS\system32\CTEAPSFX.DLL

2011/05/22 14:53:11.0546 26956 CTEDSPFX.DLL (c8ac1ffaeadd655193d7b1811a572d8d) C:\WINDOWS\system32\CTEDSPFX.DLL

2011/05/22 14:53:11.0625 26956 CTEDSPIO.DLL (44495d9daf675257d00b25b041ee6667) C:\WINDOWS\system32\CTEDSPIO.DLL

2011/05/22 14:53:11.0671 26956 CTEDSPSY.DLL (8e90b1762cb42e2fc76dac9210c83c66) C:\WINDOWS\system32\CTEDSPSY.DLL

2011/05/22 14:53:11.0796 26956 CTERFXFX.DLL (d3fbd9983325435b06795f29cb57ed3d) C:\WINDOWS\system32\CTERFXFX.DLL

2011/05/22 14:53:11.0875 26956 CTEXFIFX.DLL (2c48e9d8ca703964463f27ae341115b7) C:\WINDOWS\system32\CTEXFIFX.DLL

2011/05/22 14:53:12.0015 26956 CTHWIUT.DLL (f7657c598e7c29c6683c1e4a8dd68884) C:\WINDOWS\system32\CTHWIUT.DLL

2011/05/22 14:53:12.0109 26956 ctprxy2k (34e7f8a499fd8361df14fedb724c0ad3) C:\WINDOWS\system32\drivers\ctprxy2k.sys

2011/05/22 14:53:12.0156 26956 CTSBLFX.DLL (679ae21eb7f48a08184813aebabdec7c) C:\WINDOWS\system32\CTSBLFX.DLL

2011/05/22 14:53:12.0312 26956 ctsfm2k (32098497cb4dfe9ea7660fa62dd91060) C:\WINDOWS\system32\drivers\ctsfm2k.sys

2011/05/22 14:53:12.0406 26956 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys

2011/05/22 14:53:12.0468 26956 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

2011/05/22 14:53:12.0609 26956 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

2011/05/22 14:53:12.0656 26956 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/05/22 14:53:12.0750 26956 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

2011/05/22 14:53:12.0890 26956 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

2011/05/22 14:53:12.0906 26956 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/05/22 14:53:12.0937 26956 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2011/05/22 14:53:13.0031 26956 DNE (7b4fdfbe97c047175e613aa96f3de987) C:\WINDOWS\system32\DRIVERS\dne2000.sys

2011/05/22 14:53:13.0062 26956 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

2011/05/22 14:53:13.0109 26956 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/05/22 14:53:13.0234 26956 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys

2011/05/22 14:53:13.0250 26956 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys

2011/05/22 14:53:13.0390 26956 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys

2011/05/22 14:53:13.0578 26956 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys

2011/05/22 14:53:13.0640 26956 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys

2011/05/22 14:53:13.0687 26956 EAPPkt (c47e7c5e7410c7de98f7219e3008c23d) C:\WINDOWS\system32\DRIVERS\EAPPkt.sys

2011/05/22 14:53:13.0890 26956 emupia (2885f72d2daffd0329272f12e16d6579) C:\WINDOWS\system32\drivers\emupia2k.sys

2011/05/22 14:53:13.0953 26956 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/05/22 14:53:13.0984 26956 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

2011/05/22 14:53:14.0140 26956 FilterService (ed6c44547540e7892a1c34fd4bd35a53) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys

2011/05/22 14:53:14.0156 26956 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

2011/05/22 14:53:14.0218 26956 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2011/05/22 14:53:14.0328 26956 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

2011/05/22 14:53:14.0718 26956 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys

2011/05/22 14:53:14.0796 26956 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/05/22 14:53:14.0875 26956 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/05/22 14:53:14.0937 26956 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys

2011/05/22 14:53:15.0000 26956 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

2011/05/22 14:53:15.0156 26956 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/05/22 14:53:15.0265 26956 ha10kx2k (da2c735b66d2e7b739f9a46146581a9d) C:\WINDOWS\system32\drivers\ha10kx2k.sys

2011/05/22 14:53:15.0296 26956 hap16v2k (5c7d6d68796e4621b4168c879908dae0) C:\WINDOWS\system32\drivers\hap16v2k.sys

2011/05/22 14:53:15.0328 26956 hap17v2k (a595b88ad16d8b5693ddf08113caf30e) C:\WINDOWS\system32\drivers\hap17v2k.sys

2011/05/22 14:53:15.0515 26956 Hardlock (d95554949082fd29a04d351b58396718) C:\WINDOWS\system32\drivers\hardlock.sys

2011/05/22 14:53:15.0625 26956 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/05/22 14:53:15.0796 26956 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

2011/05/22 14:53:15.0859 26956 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/05/22 14:53:15.0875 26956 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

2011/05/22 14:53:15.0937 26956 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

2011/05/22 14:53:16.0062 26956 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/05/22 14:53:16.0140 26956 iaStor (d7731536e183b4397402ca6f9e1d52f7) C:\WINDOWS\system32\drivers\iaStor.sys

2011/05/22 14:53:16.0171 26956 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/05/22 14:53:16.0218 26956 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

2011/05/22 14:53:16.0296 26956 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys

2011/05/22 14:53:16.0468 26956 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys

2011/05/22 14:53:16.0515 26956 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys

2011/05/22 14:53:16.0562 26956 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

2011/05/22 14:53:16.0625 26956 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2011/05/22 14:53:16.0781 26956 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

2011/05/22 14:53:16.0828 26956 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/05/22 14:53:16.0859 26956 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/05/22 14:53:16.0906 26956 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/05/22 14:53:17.0000 26956 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/05/22 14:53:17.0062 26956 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/05/22 14:53:17.0125 26956 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/05/22 14:53:17.0218 26956 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/05/22 14:53:17.0296 26956 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

2011/05/22 14:53:17.0312 26956 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2011/05/22 14:53:17.0375 26956 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/05/22 14:53:17.0468 26956 L8042PR2 (364731c65e8e39366f70a9fd00577ce4) C:\WINDOWS\system32\Drivers\l8042pr2.sys

2011/05/22 14:53:17.0656 26956 LHidFlt2 (e35a89651ea2f96f4e4f8f87bfcf6072) C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys

2011/05/22 14:53:17.0765 26956 LHidUsb (e9eacb3346df3a398d24290ce503014d) C:\WINDOWS\system32\Drivers\LHidUsb.Sys

2011/05/22 14:53:17.0796 26956 LMouFlt2 (086ecd09258f0478b387882c5397e6ca) C:\WINDOWS\system32\Drivers\LMouFlt2.sys

2011/05/22 14:53:17.0937 26956 Lvckap (fb548ff809634bfa866312b37d8a18ae) C:\WINDOWS\system32\DRIVERS\LVcKap.sys

2011/05/22 14:53:18.0156 26956 lvmvdrv (fe3fb994f8702d9e37648927819b74b8) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys

2011/05/22 14:53:18.0390 26956 lvpopflt (92990b040b68632cc3f80a742d163937) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys

2011/05/22 14:53:18.0484 26956 LVPr2Mon (c7ea51f1ab10b0b2b443f4d5589fc1a5) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys

2011/05/22 14:53:18.0687 26956 LVPrcMon (4fd5a6335fb4fc1f758088b2f90613fe) C:\WINDOWS\system32\drivers\LVPrcMon.sys

2011/05/22 14:53:18.0765 26956 LVUSBSta (caef4c05ba2c1acad4ebcaa4261cd55d) C:\WINDOWS\system32\drivers\LVUSBSta.sys

2011/05/22 14:53:18.0906 26956 LVUVC (b0dfee7da5e6d04762e25e355d94d8b5) C:\WINDOWS\system32\DRIVERS\lvuvc.sys

2011/05/22 14:53:19.0171 26956 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/05/22 14:53:19.0218 26956 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

2011/05/22 14:53:19.0281 26956 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys

2011/05/22 14:53:19.0343 26956 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys

2011/05/22 14:53:19.0500 26956 MotDev (20ff89c59b0a50f53822303064988e00) C:\WINDOWS\system32\DRIVERS\motodrv.sys

2011/05/22 14:53:19.0625 26956 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys

2011/05/22 14:53:19.0765 26956 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/05/22 14:53:19.0843 26956 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/05/22 14:53:19.0890 26956 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/05/22 14:53:19.0968 26956 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

2011/05/22 14:53:20.0000 26956 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/05/22 14:53:20.0046 26956 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/05/22 14:53:20.0156 26956 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys

2011/05/22 14:53:20.0171 26956 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2011/05/22 14:53:20.0203 26956 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/05/22 14:53:20.0296 26956 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/05/22 14:53:20.0328 26956 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/05/22 14:53:20.0421 26956 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/05/22 14:53:20.0453 26956 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

2011/05/22 14:53:20.0562 26956 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

2011/05/22 14:53:20.0609 26956 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

2011/05/22 14:53:20.0703 26956 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2011/05/22 14:53:20.0750 26956 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

2011/05/22 14:53:20.0843 26956 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/05/22 14:53:20.0875 26956 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/05/22 14:53:20.0890 26956 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/05/22 14:53:20.0953 26956 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/05/22 14:53:21.0046 26956 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/05/22 14:53:21.0140 26956 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/05/22 14:53:21.0187 26956 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

2011/05/22 14:53:21.0203 26956 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2011/05/22 14:53:21.0250 26956 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/05/22 14:53:21.0343 26956 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/05/22 14:53:21.0421 26956 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

2011/05/22 14:53:21.0625 26956 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/05/22 14:53:21.0640 26956 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/05/22 14:53:21.0703 26956 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

2011/05/22 14:53:21.0765 26956 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys

2011/05/22 14:53:21.0937 26956 ossrv (61c85afeaa6ef0c1b32d43f84f7bfbcf) C:\WINDOWS\system32\drivers\ctoss2k.sys

2011/05/22 14:53:22.0015 26956 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

2011/05/22 14:53:22.0031 26956 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/05/22 14:53:22.0078 26956 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/05/22 14:53:22.0140 26956 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/05/22 14:53:22.0218 26956 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/05/22 14:53:22.0265 26956 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

2011/05/22 14:53:22.0531 26956 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

2011/05/22 14:53:22.0546 26956 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

2011/05/22 14:53:22.0593 26956 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys

2011/05/22 14:53:22.0718 26956 PfModNT (6dabb70783ef470492adb7b9a6e60bf3) C:\WINDOWS\system32\drivers\PfModNT.sys

2011/05/22 14:53:22.0859 26956 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/05/22 14:53:22.0875 26956 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

2011/05/22 14:53:22.0906 26956 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/05/22 14:53:22.0953 26956 PxHelp20 (30cbae0a34359f1cd19d1576245149ed) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2011/05/22 14:53:23.0000 26956 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

2011/05/22 14:53:23.0062 26956 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

2011/05/22 14:53:23.0078 26956 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

2011/05/22 14:53:23.0109 26956 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

2011/05/22 14:53:23.0125 26956 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

2011/05/22 14:53:23.0187 26956 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/05/22 14:53:23.0250 26956 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/05/22 14:53:23.0265 26956 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/05/22 14:53:23.0281 26956 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/05/22 14:53:23.0312 26956 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/05/22 14:53:23.0328 26956 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/05/22 14:53:23.0359 26956 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/05/22 14:53:23.0406 26956 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/05/22 14:53:23.0593 26956 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/05/22 14:53:23.0656 26956 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys

2011/05/22 14:53:23.0718 26956 RT25USBAP (3ae0728e82edeae0d9c37651c0451535) C:\WINDOWS\system32\DRIVERS\rt25usbap.sys

2011/05/22 14:53:23.0906 26956 RTL8187B (de4635e8b7975d2b5d961299469a7462) C:\WINDOWS\system32\DRIVERS\wg111v3.sys

2011/05/22 14:53:23.0953 26956 sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys

2011/05/22 14:53:24.0015 26956 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/05/22 14:53:24.0046 26956 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

2011/05/22 14:53:24.0187 26956 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

2011/05/22 14:53:24.0250 26956 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

2011/05/22 14:53:24.0312 26956 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

2011/05/22 14:53:24.0375 26956 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

2011/05/22 14:53:24.0531 26956 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS

2011/05/22 14:53:24.0578 26956 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

2011/05/22 14:53:24.0609 26956 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2011/05/22 14:53:24.0671 26956 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/05/22 14:53:24.0734 26956 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/05/22 14:53:24.0906 26956 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys

2011/05/22 14:53:24.0953 26956 sscdbus (86b6905742d77775b558ab19c091d181) C:\WINDOWS\system32\DRIVERS\sscdbus.sys

2011/05/22 14:53:24.0968 26956 sscdmdfl (d6b1ca82860d2fa5558eb2c3fcf566ec) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys

2011/05/22 14:53:25.0000 26956 sscdmdm (84cb615598553a146930cac8c10f9a31) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys

2011/05/22 14:53:25.0171 26956 sscdserd (5474b4391cf52ade2801841afb77e099) C:\WINDOWS\system32\DRIVERS\sscdserd.sys

2011/05/22 14:53:25.0234 26956 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys

2011/05/22 14:53:25.0281 26956 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

2011/05/22 14:53:25.0437 26956 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/05/22 14:53:25.0453 26956 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2011/05/22 14:53:25.0515 26956 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

2011/05/22 14:53:25.0531 26956 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

2011/05/22 14:53:25.0546 26956 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

2011/05/22 14:53:25.0578 26956 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

2011/05/22 14:53:25.0609 26956 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/05/22 14:53:25.0828 26956 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/05/22 14:53:25.0859 26956 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/05/22 14:53:25.0890 26956 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/05/22 14:53:25.0937 26956 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/05/22 14:53:26.0078 26956 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys

2011/05/22 14:53:26.0125 26956 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys

2011/05/22 14:53:26.0171 26956 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys

2011/05/22 14:53:26.0203 26956 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys

2011/05/22 14:53:26.0218 26956 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys

2011/05/22 14:53:26.0250 26956 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys

2011/05/22 14:53:26.0265 26956 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys

2011/05/22 14:53:26.0281 26956 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys

2011/05/22 14:53:26.0312 26956 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys

2011/05/22 14:53:26.0359 26956 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

2011/05/22 14:53:26.0390 26956 TPkd (d42b4f7b63716bde36edc34211ca5464) C:\WINDOWS\system32\drivers\TPkd.sys

2011/05/22 14:53:26.0437 26956 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2011/05/22 14:53:26.0578 26956 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

2011/05/22 14:53:26.0671 26956 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2011/05/22 14:53:26.0718 26956 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys

2011/05/22 14:53:26.0781 26956 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

2011/05/22 14:53:26.0906 26956 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2011/05/22 14:53:26.0953 26956 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/05/22 14:53:27.0000 26956 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/05/22 14:53:27.0062 26956 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

2011/05/22 14:53:27.0234 26956 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2011/05/22 14:53:27.0265 26956 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/05/22 14:53:27.0312 26956 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2011/05/22 14:53:27.0359 26956 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys

2011/05/22 14:53:27.0531 26956 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2011/05/22 14:53:27.0593 26956 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

2011/05/22 14:53:27.0609 26956 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

2011/05/22 14:53:27.0640 26956 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/05/22 14:53:27.0687 26956 vsdatant (27b3dd12a19eec50220df15b64913dda) C:\WINDOWS\system32\vsdatant.sys

2011/05/22 14:53:27.0734 26956 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/05/22 14:53:27.0921 26956 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys

2011/05/22 14:53:27.0953 26956 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys

2011/05/22 14:53:28.0015 26956 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

2011/05/22 14:53:28.0218 26956 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/05/22 14:53:28.0343 26956 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys

2011/05/22 14:53:28.0390 26956 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

2011/05/22 14:53:28.0562 26956 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

2011/05/22 14:53:28.0625 26956 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2011/05/22 14:53:28.0656 26956 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2011/05/22 14:53:28.0718 26956 ZD1211BU(SMC) (154fe6a5a608cd725266877901e883c2) C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys

2011/05/22 14:53:28.0750 26956 ZD1211BU(ZyDAS) (154fe6a5a608cd725266877901e883c2) C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys

2011/05/22 14:53:28.0937 26956 ZDPSp50 (00ae175b903d45ed4a62384d3315dc2a) C:\WINDOWS\system32\Drivers\ZDPSp50.sys

2011/05/22 14:53:30.0718 26956 ================================================================================

2011/05/22 14:53:30.0718 26956 Scan finished

2011/05/22 14:53:30.0718 26956 ================================================================================

2011/05/22 14:53:40.0375 28240 Deinitialize success

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 5363

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

5/22/2011 3:01:14 PM

mbam-log-2011-05-22 (15-01-14).txt

Scan type: Quick scan

Objects scanned: 197220

Time elapsed: 5 minute(s), 7 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by DEBBIE INNISS at 15:18:24.62 on Sun 05/22/2011

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2124 [GMT -4:00]

.

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

svchost.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG10\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Program Files\AVG\AVG10\avgnsx.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe

C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AVG\AVG10\avgtray.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\NETGEAR\WG111v3\WG111v3.exe

C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\WINDOWS\system32\WISPTIS.EXE

C:\PROGRA~1\AVG\AVG10\avgrsx.exe

C:\Program Files\AVG\AVG10\avgcsrvx.exe

C:\Program Files\AVG\AVG10\avgsrmax.exe

C:\WINDOWS\explorer.exe

C:\Program Files\TechSmith\Snagit 10\Snagit32.exe

C:\Program Files\TechSmith\Snagit 10\TSCHelp.exe

C:\Program Files\TechSmith\Snagit 10\SnagPriv.exe

C:\Program Files\TechSmith\Snagit 10\snagiteditor.exe

L:\dds.com

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Connection Wizard,ShellNext = iexplore

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 10\SnagitBHO.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - c:\progra~1\arcsoft\videod~1\ARCURL~1.DLL

BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File

TB: Copernic Agent: {f2e259e8-0fc8-438c-a6e0-342dd80fa53e} - c:\program files\copernic agent\CopernicAgentExt.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 10\SnagitIEAddin.dll

TB: AIM Search: {40d41a8b-d79b-43d7-99a7-9ee0f344c385} -

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

TB: {3082E606-C56D-4C45-BD8B-C2F9B42E3EE2} - No File

TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File

EB: Copernic Agent Results: {6f480f82-c3a6-4d35-96f7-b297ad49fbe8} - c:\program files\copernic agent\CopernicAgentExt.dll

EB: Copernic Agent: {f2e259e8-0fc8-438c-a6e0-342dd80fa53e} - c:\program files\copernic agent\CopernicAgentExt.dll

uRun: [MoneyAgent] "c:\program files\microsoft money\system\mnyexpr.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

uRun: [EPSON WorkForce 600 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatieka.exe /fu "c:\docume~1\debbie~1\locals~1\temp\E_S70.tmp" /EF "HKCU"

uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [cdloader] "c:\documents and settings\debbie inniss\application data\mjusbsp\cdloader2.exe" MAGICJACK

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Google Update] "c:\documents and settings\debbie inniss\local settings\application data\google\update\GoogleUpdate.exe" /c

uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1100429 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; CMS Music Store2 v1.00.12 (Music Store,1033); .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; InfoPath.2)

mRun: [Logitech Utility] Logi_MwX.Exe

mRun: [iAAnotif] c:\program files\intel\intel application accelerator\iaanotif.exe

mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe

mRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /r

mRun: [CTDVDDET] "c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDET.EXE"

mRun: [CTHelper] CTHELPER.EXE

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"

mRun: [updateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"

mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [LELA] "c:\program files\linksys\linksys easylink advisor\Linksys EasyLink Advisor.exe" /minimized

mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"

mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\docume~1\debbie~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\documents and settings\debbie inniss\start menu\programs\startup\PowerReg Scheduler.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft broadband networking\MSBNTray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe

IE: {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - c:\progra~1\copern~2\COPERN~1.EXE

IE: {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - c:\progra~1\copern~2\COPERN~1.EXE

IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\npjpi160_22.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL

Trusted Zone: internet

Trusted Zone: sigmacare.com\login

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab

DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127538409000

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - hxxp://a19.g.akamai.net/7/19/7125/1450/ftp.coupons.com/r3302/cpbrkpie.cab

DPF: {BCBC9371-9827-11DA-A72B-0800200C9A66} - hxxp://merillat.view22.com/release_3_9_177/View22RTEv4.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - hxxp://fdl.msn.com/zone/datafiles/heartbeat.cab

Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\progra~1\copern~2\COPERN~1.DLL

Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\progra~1\copern~2\COPERN~1.DLL

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll

Notify: cryptnet32 - cryptnet32.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\480\G2AWinLogon.dll

AppInit_DLLs: c:\windows\system32\ginagado.dll c:\windows\system32\gitoreda.dll c:\windows\system32\lilofati.dll c:\windows\system32\wiyirive.dll c:\windows\system32\dibewori.dll c:\windows\system32\dibiyowa.dll wlanprov.dll devspl.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

LSA: Notification Packages = scecli c:\windows\system32\ginagado.dll c:\windows\system32\lilofati.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-18 7398752]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]

R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2007-10-9 38144]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-9-30 54752]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2010-12-30 24652]

R2 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-1-26 280344]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 27216]

S3 BRGSp50;BRGSp50 NDIS Protocol Driver;c:\windows\system32\drivers\BRGSp50.sys [2006-6-14 20608]

S3 EMNG2USB;EMNG2USB;c:\windows\system32\drivers\emng2usb.sys --> c:\windows\system32\drivers\emng2usb.sys [?]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2007-11-4 42112]

S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2009-7-31 341504]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);c:\windows\system32\drivers\ZD1211BU.sys [2006-6-14 477696]

S4 0042511294815133mcinstcleanup;0042511294815133mcinstcleanup; [x]

S4 McMPFSvc;McMPFSvc; [x]

.

=============== Created Last 30 ================

.

2011-05-22 18:55:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-22 18:55:02 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-22 18:55:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-05-13 19:40:42 -------- d--h--w- C:\$AVG

2011-05-13 19:11:21 -------- d-----w- c:\docume~1\debbie~1\applic~1\AVG10

2011-05-13 19:08:29 -------- d-----w- c:\windows\system32\drivers\AVG

2011-05-13 19:04:51 376832 ----a-w- c:\windows\system32\AegisI5Installer.exe

2011-05-13 19:00:41 -------- d-----w- c:\program files\AVG

2011-05-13 18:59:34 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files

2011-05-13 18:57:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10

2011-05-13 18:18:32 -------- d-----w- C:\OEMSettings

2011-05-13 18:17:58 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys

2011-05-13 18:16:31 -------- d-----w- c:\program files\NETGEAR

2011-05-11 17:56:46 388096 ----a-r- c:\docume~1\debbie~1\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-05-11 17:56:46 -------- d-----w- c:\program files\Trend Micro

2011-05-11 17:30:58 -------- d-----w- c:\program files\ATI Technologies

2011-05-11 17:30:42 6684672 ----a-w- c:\windows\system32\atioglx1.dll

2011-05-11 15:53:03 -------- d-----w- c:\docume~1\debbie~1\applic~1\Malwarebytes

2011-05-11 15:52:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2011-05-11 15:24:49 578560 ----a-w- c:\windows\system32\dllcache\user32.dll

2011-05-11 15:20:46 -------- d-----w- c:\windows\ERUNT

2011-05-10 03:45:44 -------- d-----w- C:\Rbackup

2011-05-10 03:11:44 -------- d-----w- c:\program files\Perfect Uninstaller

2011-05-07 01:32:04 -------- d-----w- c:\windows\system32\wbem\repository\FS

2011-05-07 01:32:04 -------- d-----w- c:\windows\system32\wbem\Repository

2011-04-28 20:56:25 -------- d-----w- C:\ERDNT

2011-04-28 19:43:24 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData

.

==================== Find3M ====================

.

2008-09-29 22:43:33 67 -c--a-w- c:\program files\rem_cdk.bat

.

============= FINISH: 15:19:37.56 ===============

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_11-03-05.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 3/5/2005 1:55:02 AM

System Uptime: 5/19/2011 8:05:54 PM (67 hours ago)

.

Motherboard: Dell Inc. | | 0DH686

Processor: Intel® Pentium® 4 CPU 3.60GHz | Microprocessor | 3591/800mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 369 GiB total, 305.066 GiB free.

D: is FIXED (NTFS) - 149 GiB total, 140.054 GiB free.

E: is CDROM ()

F: is CDROM ()

H: is Removable

L: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: TI Technologies Inc.

Description: RADEON X850 XT Platinum Edition Secondary

Device ID: PCI\VEN_1002&DEV_5D6D&SUBSYS_03031002&REV_00\4&16EC1A1&0&0108

Manufacturer: ATI Technologies Inc.

Name: RADEON X850 XT Platinum Edition Secondary

PNP Device ID: PCI\VEN_1002&DEV_5D6D&SUBSYS_03031002&REV_00\4&16EC1A1&0&0108

Service: ati2mtag

.

==== System Restore Points ===================

.

RP1806: 1/12/2011 3:00:39 AM - Software Distribution Service 3.0

RP1807: 1/13/2011 3:40:44 AM - System Checkpoint

RP1808: 1/14/2011 8:40:40 AM - System Checkpoint

RP1809: 1/15/2011 8:51:23 AM - System Checkpoint

RP1810: 1/17/2011 1:49:58 PM - System Checkpoint

RP1811: 1/18/2011 5:20:29 PM - System Checkpoint

RP1812: 1/19/2011 5:29:11 PM - System Checkpoint

RP1813: 1/20/2011 5:57:33 PM - System Checkpoint

RP1814: 1/21/2011 7:34:21 PM - System Checkpoint

RP1815: 1/22/2011 7:41:11 PM - System Checkpoint

RP1816: 1/23/2011 8:41:10 PM - System Checkpoint

RP1817: 1/24/2011 4:44:48 PM - Removed Creative MediaSource Detector

RP1818: 1/24/2011 4:45:01 PM - Configured Engine Installer

RP1819: 1/24/2011 4:45:15 PM - Removed Creative MediaSource CD-ROM Burner Plugin

RP1820: 1/24/2011 4:45:23 PM - Configured Your Application Name

RP1821: 1/24/2011 4:45:32 PM - Configured Engine Installer

RP1822: 1/24/2011 4:45:42 PM - Removed Creative MediaSource NOMAD Jukebox 2/3/Zen Plugin

RP1823: 1/24/2011 4:45:53 PM - Removed Creative MediaSource NOMAD MuVo Plugin

RP1824: 1/24/2011 4:46:03 PM - Removed Creative MediaSource Player Skin Pack

RP1825: 1/24/2011 4:46:14 PM - Removed Creative MediaSource Plugin for PlaysForSure devices

RP1826: 1/24/2011 4:46:24 PM - Removed Creative Music Store Plugin

RP1827: 1/24/2011 4:46:34 PM - Configured Engine Installer

RP1828: 1/24/2011 4:46:46 PM - Removed Creative MediaSource

RP1829: 1/24/2011 4:47:01 PM - Configured Engine Installer

RP1830: 1/24/2011 4:47:11 PM - Removed Creative Audio Device Selection

RP1831: 1/24/2011 4:47:22 PM - Removed Creative MediaSource

RP1832: 1/24/2011 4:48:00 PM - Removed Creative Removable Disk Manager

RP1833: 1/24/2011 4:48:22 PM - Removed Creative System Information

RP1834: 1/24/2011 4:48:51 PM - Removed Zen MicroPhoto Media Explorer

RP1835: 1/24/2011 4:49:01 PM - Removed Creative Audio CD Ripper (Unicode)

RP1836: 1/24/2011 4:49:13 PM - Removed Creative Sync Manager

RP1837: 1/24/2011 4:49:24 PM - Configured Engine Installer

RP1838: 1/24/2011 4:49:34 PM - Removed Creative Import Wizard (Unicode)

RP1839: 1/24/2011 4:49:49 PM - Removed Creative Media Toolbox

RP1840: 1/24/2011 4:49:59 PM - Removed Creative Auto Tag Cleaner

RP1841: 1/24/2011 4:50:10 PM - Removed Creative Zen MicroPhoto

RP1842: 1/24/2011 4:50:35 PM - Removed Creative MediaSource 5

RP1843: 1/24/2011 4:52:11 PM - Removed Creative ZEN Vision W

RP1844: 1/24/2011 5:03:50 PM - Removed Bonjour

RP1845: 1/24/2011 5:08:29 PM - Removed MP3 Player Utilities 4.00

RP1846: 1/24/2011 8:08:22 PM - Unsigned driver install

RP1847: 1/25/2011 8:56:52 PM - System Checkpoint

RP1848: 1/26/2011 9:00:27 PM - System Checkpoint

RP1849: 1/27/2011 6:16:57 PM - Installed Microsoft Mouse Mischief

RP1850: 1/28/2011 6:20:33 PM - System Checkpoint

RP1851: 1/29/2011 9:32:27 PM - System Checkpoint

RP1852: 1/31/2011 10:45:05 AM - System Checkpoint

RP1853: 2/1/2011 12:22:39 PM - System Checkpoint

RP1854: 2/2/2011 1:21:23 PM - System Checkpoint

RP1855: 2/2/2011 7:25:28 PM - Removed Dell Support Center (Support Software).

RP1856: 2/3/2011 7:26:33 PM - System Checkpoint

RP1857: 2/4/2011 8:28:11 PM - System Checkpoint

RP1858: 2/5/2011 9:38:18 PM - System Checkpoint

RP1859: 2/6/2011 9:34:32 PM - Installed Java 6 Update 23

RP1860: 2/7/2011 9:45:56 PM - System Checkpoint

RP1861: 2/8/2011 10:50:21 PM - System Checkpoint

RP1862: 2/9/2011 11:14:13 PM - System Checkpoint

RP1863: 2/10/2011 3:00:22 AM - Software Distribution Service 3.0

RP1864: 2/11/2011 3:00:17 AM - Software Distribution Service 3.0

RP1865: 2/12/2011 3:00:17 AM - Software Distribution Service 3.0

RP1866: 2/13/2011 3:00:20 AM - Software Distribution Service 3.0

RP1867: 2/14/2011 3:00:26 AM - Software Distribution Service 3.0

RP1868: 2/15/2011 3:00:26 AM - Software Distribution Service 3.0

RP1869: 2/15/2011 3:27:11 PM - Installed PlaceEngine

RP1870: 2/16/2011 3:00:28 AM - Software Distribution Service 3.0

RP1871: 2/17/2011 3:00:18 AM - Software Distribution Service 3.0

RP1872: 2/18/2011 3:00:17 AM - Software Distribution Service 3.0

RP1873: 2/19/2011 3:00:17 AM - Software Distribution Service 3.0

RP1874: 2/20/2011 3:00:17 AM - Software Distribution Service 3.0

RP1875: 2/21/2011 3:00:17 AM - Software Distribution Service 3.0

RP1876: 2/21/2011 4:03:31 PM - Software Distribution Service 3.0

RP1877: 2/22/2011 3:00:18 AM - Software Distribution Service 3.0

RP1878: 2/23/2011 3:00:17 AM - Software Distribution Service 3.0

RP1879: 2/24/2011 3:00:34 AM - Software Distribution Service 3.0

RP1880: 2/25/2011 3:00:18 AM - Software Distribution Service 3.0

RP1881: 2/26/2011 3:00:27 AM - Software Distribution Service 3.0

RP1882: 2/27/2011 3:00:18 AM - Software Distribution Service 3.0

RP1883: 2/28/2011 3:00:18 AM - Software Distribution Service 3.0

RP1884: 3/1/2011 3:00:20 AM - Software Distribution Service 3.0

RP1885: 3/2/2011 3:00:22 AM - Software Distribution Service 3.0

RP1886: 3/3/2011 3:00:18 AM - Software Distribution Service 3.0

RP1887: 3/4/2011 3:00:20 AM - Software Distribution Service 3.0

RP1888: 3/5/2011 3:00:23 AM - Software Distribution Service 3.0

RP1889: 3/6/2011 3:00:27 AM - Software Distribution Service 3.0

RP1890: 3/7/2011 3:00:28 AM - Software Distribution Service 3.0

RP1891: 3/8/2011 3:00:18 AM - Software Distribution Service 3.0

RP1892: 3/9/2011 3:00:26 AM - Software Distribution Service 3.0

RP1893: 3/10/2011 3:00:28 AM - Software Distribution Service 3.0

RP1894: 3/11/2011 3:00:18 AM - Software Distribution Service 3.0

RP1895: 3/12/2011 3:00:21 AM - Software Distribution Service 3.0

RP1896: 3/12/2011 12:02:42 PM - Software Distribution Service 3.0

RP1897: 3/13/2011 5:00:23 AM - Software Distribution Service 3.0

RP1898: 3/13/2011 2:37:57 PM - Printer Driver Send To Microsoft OneNote Driver Installed

RP1899: 3/14/2011 5:00:29 AM - Software Distribution Service 3.0

RP1900: 3/14/2011 11:37:12 PM - Unsigned driver install

RP1901: 3/15/2011 5:00:28 AM - Software Distribution Service 3.0

RP1902: 3/16/2011 5:00:29 AM - Software Distribution Service 3.0

RP1903: 3/17/2011 12:23:01 AM - Unsigned driver install

RP1904: 3/17/2011 12:37:55 AM - Update to an unsigned driver

RP1905: 3/18/2011 2:13:49 AM - System Checkpoint

RP1906: 3/18/2011 5:00:17 AM - Software Distribution Service 3.0

RP1907: 3/19/2011 5:00:19 AM - Software Distribution Service 3.0

RP1908: 3/20/2011 5:00:17 AM - Software Distribution Service 3.0

RP1909: 3/21/2011 5:00:22 AM - Software Distribution Service 3.0

RP1910: 3/22/2011 5:00:17 AM - Software Distribution Service 3.0

RP1911: 3/23/2011 5:00:20 AM - Software Distribution Service 3.0

RP1912: 3/24/2011 5:00:18 AM - Software Distribution Service 3.0

RP1913: 3/25/2011 5:00:20 AM - Software Distribution Service 3.0

RP1914: 3/26/2011 5:00:24 AM - Software Distribution Service 3.0

RP1915: 3/27/2011 5:00:20 AM - Software Distribution Service 3.0

RP1916: 3/28/2011 5:00:34 AM - Software Distribution Service 3.0

RP1917: 3/28/2011 8:40:52 AM - Software Distribution Service 3.0

RP1918: 3/28/2011 6:02:39 PM - Removed Cisco Systems VPN Client 5.0.02.0090

RP1919: 3/28/2011 6:20:54 PM - Installed Cisco Systems VPN Client 5.0.02.0090

RP1920: 3/29/2011 5:00:26 AM - Software Distribution Service 3.0

RP1921: 3/29/2011 3:36:04 PM - Installed Cisco Systems VPN Client 5.0.02.0090

RP1922: 3/30/2011 12:47:53 AM - Software Distribution Service 3.0

RP1923: 3/30/2011 5:00:37 AM - Software Distribution Service 3.0

RP1924: 3/30/2011 11:48:24 PM - Restore Operation

RP1925: 3/30/2011 11:58:34 PM - Software Distribution Service 3.0

RP1926: 3/31/2011 12:27:50 AM - Software Distribution Service 3.0

RP1927: 3/31/2011 12:35:07 AM - Software Distribution Service 3.0

RP1928: 3/31/2011 5:00:37 AM - Software Distribution Service 3.0

RP1929: 4/1/2011 5:00:37 AM - Software Distribution Service 3.0

RP1930: 4/2/2011 5:00:21 AM - Software Distribution Service 3.0

RP1931: 4/2/2011 6:18:14 PM - Software Distribution Service 3.0

RP1932: 4/2/2011 7:15:01 PM - Restore Operation

RP1933: 4/2/2011 8:22:21 PM - Software Distribution Service 3.0

RP1934: 4/2/2011 8:43:59 PM - Software Distribution Service 3.0

RP1935: 4/3/2011 8:52:47 PM - System Checkpoint

RP1936: 4/4/2011 5:00:31 AM - Software Distribution Service 3.0

RP1937: 4/4/2011 2:56:23 PM - Software Distribution Service 3.0

RP1938: 4/5/2011 4:09:59 PM - Unsigned driver install

RP1939: 4/5/2011 4:15:15 PM - Rollback to an unsigned driver

RP1940: 4/6/2011 5:00:34 AM - Software Distribution Service 3.0

RP1941: 4/7/2011 5:00:27 AM - Software Distribution Service 3.0

RP1942: 4/8/2011 5:00:17 AM - Software Distribution Service 3.0

RP1943: 4/9/2011 5:00:17 AM - Software Distribution Service 3.0

RP1944: 4/10/2011 5:00:17 AM - Software Distribution Service 3.0

RP1945: 4/12/2011 12:03:15 AM - Software Distribution Service 3.0

RP1946: 4/12/2011 5:00:37 AM - Software Distribution Service 3.0

RP1947: 4/12/2011 8:28:54 AM - Software Distribution Service 3.0

RP1948: 4/13/2011 7:51:18 PM - System Checkpoint

RP1949: 4/14/2011 5:00:17 AM - Software Distribution Service 3.0

RP1950: 4/15/2011 5:00:17 AM - Software Distribution Service 3.0

RP1951: 4/16/2011 5:00:17 AM - Software Distribution Service 3.0

RP1952: 4/17/2011 5:00:16 AM - Software Distribution Service 3.0

RP1953: 4/18/2011 5:00:17 AM - Software Distribution Service 3.0

RP1954: 4/19/2011 5:00:17 AM - Software Distribution Service 3.0

RP1955: 4/20/2011 5:00:17 AM - Software Distribution Service 3.0

RP1956: 4/21/2011 5:00:17 AM - Software Distribution Service 3.0

RP1957: 4/22/2011 5:00:17 AM - Software Distribution Service 3.0

RP1958: 4/23/2011 5:00:21 AM - Software Distribution Service 3.0

RP1959: 4/24/2011 5:00:17 AM - Software Distribution Service 3.0

RP1960: 4/28/2011 2:51:08 PM - Software Distribution Service 3.0

RP1961: 4/28/2011 3:22:47 PM - Removed WebEx Support Manager for Internet Explorer

RP1962: 4/28/2011 3:24:33 PM - Removed PlaceEngine

RP1963: 4/28/2011 4:23:33 PM - Unsigned driver install

RP1964: 4/28/2011 4:28:04 PM - Unsigned driver install

RP1965: 4/28/2011 6:31:51 PM - Installed Microsoft Fix it 50199

RP1966: 4/28/2011 6:34:38 PM - Installed Microsoft Fix it 50199

RP1967: 4/28/2011 8:09:40 PM - Restore Operation

RP1968: 4/28/2011 8:16:55 PM - Software Distribution Service 3.0

RP1969: 4/29/2011 3:00:18 AM - Software Distribution Service 3.0

RP1970: 4/30/2011 12:53:16 AM - Unsigned driver install

RP1971: 4/30/2011 2:28:28 AM - Software Distribution Service 3.0

RP1972: 5/1/2011 11:16:06 PM - Unsigned driver install

RP1973: 5/1/2011 11:18:11 PM - Unsigned driver install

RP1974: 5/2/2011 1:41:51 AM - Configured Broadcom Advanced Control Suite 2

RP1975: 5/2/2011 1:42:33 AM - Installed Broadcom Gigabit Integrated Controller

RP1976: 5/2/2011 2:08:29 AM - Update to an unsigned driver

RP1977: 5/2/2011 2:28:48 AM - Software Distribution Service 3.0

RP1978: 5/3/2011 11:57:18 AM - System Checkpoint

RP1979: 5/3/2011 10:54:14 PM - Removed Cisco Systems VPN Client 5.0.02.0090

RP1980: 5/4/2011 12:50:51 AM - Software Distribution Service 3.0

RP1981: 5/4/2011 3:00:18 AM - Software Distribution Service 3.0

RP1982: 5/5/2011 3:00:18 AM - Software Distribution Service 3.0

RP1983: 5/6/2011 3:00:18 AM - Software Distribution Service 3.0

RP1984: 5/6/2011 9:09:45 PM - Unsigned driver install

RP1985: 5/6/2011 9:30:33 PM - Restore Operation

RP1986: 5/6/2011 9:35:53 PM - Software Distribution Service 3.0

RP1987: 5/6/2011 9:44:15 PM - Unsigned driver install

RP1988: 5/8/2011 6:45:50 PM - Unsigned driver install

RP1989: 5/8/2011 6:53:20 PM - Configured Linksys EasyLink Advisor

RP1990: 5/9/2011 3:00:27 AM - Software Distribution Service 3.0

RP1991: 5/9/2011 5:15:11 PM - Software Distribution Service 3.0

RP1992: 5/10/2011 1:20:51 AM - Software Distribution Service 3.0

RP1993: 5/11/2011 1:08:09 PM - Update to an unsigned driver

RP1994: 5/11/2011 1:10:30 PM - Unsigned driver install

RP1995: 5/11/2011 1:49:50 PM - Removed Medieval CUE Splitter

RP1996: 5/11/2011 1:51:28 PM - Removed Skype Toolbars

RP1997: 5/11/2011 1:52:27 PM - Removed Skype

Link to post
Share on other sites

  • Staff

You can transfer over MBAM's database from another computer, but anyway.

Please reboot to Safe Mode With Networking (tap the F8 key just before Windows starts to load and select the Safe Mode With Networking option from the menu).

See if you can connect there.

If no joy, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by DEBBIE INNISS at 17:12:43.83 on Wed 05/25/2011

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2431 [GMT -4:00]

.

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

svchost.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe

C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe

C:\Program Files\NETGEAR\WG111v3\WG111v3.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\WINDOWS\explorer.exe

L:\dds.com

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Connection Wizard,ShellNext = iexplore

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 10\SnagitBHO.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - c:\progra~1\arcsoft\videod~1\ARCURL~1.DLL

BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File

TB: Copernic Agent: {f2e259e8-0fc8-438c-a6e0-342dd80fa53e} - c:\program files\copernic agent\CopernicAgentExt.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 10\SnagitIEAddin.dll

TB: AIM Search: {40d41a8b-d79b-43d7-99a7-9ee0f344c385} -

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File

uRun: [MoneyAgent] "c:\program files\microsoft money\system\mnyexpr.exe"

uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

uRun: [EPSON WorkForce 600 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatieka.exe /fu "c:\docume~1\debbie~1\locals~1\temp\E_S70.tmp" /EF "HKCU"

uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [cdloader] "c:\documents and settings\debbie inniss\application data\mjusbsp\cdloader2.exe" MAGICJACK

uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1100429 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; CMS Music Store2 v1.00.12 (Music Store,1033); .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; InfoPath.2)

mRun: [Logitech Utility] Logi_MwX.Exe

mRun: [iAAnotif] c:\program files\intel\intel application accelerator\iaanotif.exe

mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe

mRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /r

mRun: [CTDVDDET] "c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDET.EXE"

mRun: [CTHelper] CTHELPER.EXE

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"

mRun: [updateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"

mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\docume~1\debbie~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\documents and settings\debbie inniss\start menu\programs\startup\PowerReg Scheduler.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft broadband networking\MSBNTray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe

IE: {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - c:\progra~1\copern~2\COPERN~1.EXE

IE: {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - c:\progra~1\copern~2\COPERN~1.EXE

IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\npjpi160_22.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL

Trusted Zone: internet

Trusted Zone: sigmacare.com\login

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab

DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127538409000

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {BCBC9371-9827-11DA-A72B-0800200C9A66} - hxxp://merillat.view22.com/release_3_9_177/View22RTEv4.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - hxxp://fdl.msn.com/zone/datafiles/heartbeat.cab

Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\progra~1\copern~2\COPERN~1.DLL

Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\progra~1\copern~2\COPERN~1.DLL

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\480\G2AWinLogon.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

============= SERVICES / DRIVERS ===============

.

R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2007-10-9 38144]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-9-30 54752]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2010-12-30 24652]

R2 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-1-26 280344]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-5-22 20952]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-5-22 363344]

S3 BRGSp50;BRGSp50 NDIS Protocol Driver;c:\windows\system32\drivers\BRGSp50.sys [2006-6-14 20608]

S3 EMNG2USB;EMNG2USB;c:\windows\system32\drivers\emng2usb.sys --> c:\windows\system32\drivers\emng2usb.sys [?]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2007-11-4 42112]

S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2009-7-31 341504]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);c:\windows\system32\drivers\ZD1211BU.sys [2006-6-14 477696]

S4 0042511294815133mcinstcleanup;0042511294815133mcinstcleanup; [x]

S4 McMPFSvc;McMPFSvc; [x]

.

=============== Created Last 30 ================

.

2011-05-25 20:41:04 -------- d-sha-r- C:\cmdcons

2011-05-25 20:37:14 98816 ----a-w- c:\windows\sed.exe

2011-05-25 20:37:14 89088 ----a-w- c:\windows\MBR.exe

2011-05-25 20:37:14 256512 ----a-w- c:\windows\PEV.exe

2011-05-25 20:37:14 161792 ----a-w- c:\windows\SWREG.exe

2011-05-22 18:55:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-22 18:55:02 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-22 18:55:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-05-13 19:11:21 -------- d-----w- c:\docume~1\debbie~1\applic~1\AVG10

2011-05-13 19:04:51 376832 ----a-w- c:\windows\system32\AegisI5Installer.exe

2011-05-13 19:00:41 -------- d-----w- c:\program files\AVG

2011-05-13 18:59:34 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files

2011-05-13 18:57:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10

2011-05-13 18:18:32 -------- d-----w- C:\OEMSettings

2011-05-13 18:17:58 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys

2011-05-13 18:16:31 -------- d-----w- c:\program files\NETGEAR

2011-05-11 17:56:46 388096 ----a-r- c:\docume~1\debbie~1\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-05-11 17:56:46 -------- d-----w- c:\program files\Trend Micro

2011-05-11 17:30:58 -------- d-----w- c:\program files\ATI Technologies

2011-05-11 17:30:42 6684672 ----a-w- c:\windows\system32\atioglx1.dll

2011-05-11 15:53:03 -------- d-----w- c:\docume~1\debbie~1\applic~1\Malwarebytes

2011-05-11 15:52:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2011-05-11 15:24:49 578560 ----a-w- c:\windows\system32\dllcache\user32.dll

2011-05-11 15:20:46 -------- d-----w- c:\windows\ERUNT

2011-05-10 03:45:44 -------- d-----w- C:\Rbackup

2011-05-10 03:11:44 -------- d-----w- c:\program files\Perfect Uninstaller

2011-05-07 01:32:04 -------- d-----w- c:\windows\system32\wbem\repository\FS

2011-05-07 01:32:04 -------- d-----w- c:\windows\system32\wbem\Repository

2011-04-28 20:56:25 -------- d-----w- C:\ERDNT

2011-04-28 19:43:24 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData

.

==================== Find3M ====================

.

2008-09-29 22:43:33 67 -c--a-w- c:\program files\rem_cdk.bat

.

============= FINISH: 17:12:58.10 ===============

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_11-03-05.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 3/5/2005 1:55:02 AM

System Uptime: 5/25/2011 4:48:57 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0DH686

Processor: Intel® Pentium® 4 CPU 3.60GHz | Microprocessor | 3591/800mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 369 GiB total, 304.989 GiB free.

D: is FIXED (NTFS) - 149 GiB total, 140.055 GiB free.

E: is CDROM ()

F: is CDROM ()

L: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: TI Technologies Inc.

Description: RADEON X850 XT Platinum Edition Secondary

Device ID: PCI\VEN_1002&DEV_5D6D&SUBSYS_03031002&REV_00\4&16EC1A1&0&0108

Manufacturer: ATI Technologies Inc.

Name: RADEON X850 XT Platinum Edition Secondary

PNP Device ID: PCI\VEN_1002&DEV_5D6D&SUBSYS_03031002&REV_00\4&16EC1A1&0&0108

Service: ati2mtag

.

==== System Restore Points ===================

.

RP1806: 1/12/2011 3:00:39 AM - Software Distribution Service 3.0

RP1807: 1/13/2011 3:40:44 AM - System Checkpoint

RP1808: 1/14/2011 8:40:40 AM - System Checkpoint

RP1809: 1/15/2011 8:51:23 AM - System Checkpoint

RP1810: 1/17/2011 1:49:58 PM - System Checkpoint

RP1811: 1/18/2011 5:20:29 PM - System Checkpoint

RP1812: 1/19/2011 5:29:11 PM - System Checkpoint

RP1813: 1/20/2011 5:57:33 PM - System Checkpoint

RP1814: 1/21/2011 7:34:21 PM - System Checkpoint

RP1815: 1/22/2011 7:41:11 PM - System Checkpoint

RP1816: 1/23/2011 8:41:10 PM - System Checkpoint

RP1817: 1/24/2011 4:44:48 PM - Removed Creative MediaSource Detector

RP1818: 1/24/2011 4:45:01 PM - Configured Engine Installer

RP1819: 1/24/2011 4:45:15 PM - Removed Creative MediaSource CD-ROM Burner Plugin

RP1820: 1/24/2011 4:45:23 PM - Configured Your Application Name

RP1821: 1/24/2011 4:45:32 PM - Configured Engine Installer

RP1822: 1/24/2011 4:45:42 PM - Removed Creative MediaSource NOMAD Jukebox 2/3/Zen Plugin

RP1823: 1/24/2011 4:45:53 PM - Removed Creative MediaSource NOMAD MuVo Plugin

RP1824: 1/24/2011 4:46:03 PM - Removed Creative MediaSource Player Skin Pack

RP1825: 1/24/2011 4:46:14 PM - Removed Creative MediaSource Plugin for PlaysForSure devices

RP1826: 1/24/2011 4:46:24 PM - Removed Creative Music Store Plugin

RP1827: 1/24/2011 4:46:34 PM - Configured Engine Installer

RP1828: 1/24/2011 4:46:46 PM - Removed Creative MediaSource

RP1829: 1/24/2011 4:47:01 PM - Configured Engine Installer

RP1830: 1/24/2011 4:47:11 PM - Removed Creative Audio Device Selection

RP1831: 1/24/2011 4:47:22 PM - Removed Creative MediaSource

RP1832: 1/24/2011 4:48:00 PM - Removed Creative Removable Disk Manager

RP1833: 1/24/2011 4:48:22 PM - Removed Creative System Information

RP1834: 1/24/2011 4:48:51 PM - Removed Zen MicroPhoto Media Explorer

RP1835: 1/24/2011 4:49:01 PM - Removed Creative Audio CD Ripper (Unicode)

RP1836: 1/24/2011 4:49:13 PM - Removed Creative Sync Manager

RP1837: 1/24/2011 4:49:24 PM - Configured Engine Installer

RP1838: 1/24/2011 4:49:34 PM - Removed Creative Import Wizard (Unicode)

RP1839: 1/24/2011 4:49:49 PM - Removed Creative Media Toolbox

RP1840: 1/24/2011 4:49:59 PM - Removed Creative Auto Tag Cleaner

RP1841: 1/24/2011 4:50:10 PM - Removed Creative Zen MicroPhoto

RP1842: 1/24/2011 4:50:35 PM - Removed Creative MediaSource 5

RP1843: 1/24/2011 4:52:11 PM - Removed Creative ZEN Vision W

RP1844: 1/24/2011 5:03:50 PM - Removed Bonjour

RP1845: 1/24/2011 5:08:29 PM - Removed MP3 Player Utilities 4.00

RP1846: 1/24/2011 8:08:22 PM - Unsigned driver install

RP1847: 1/25/2011 8:56:52 PM - System Checkpoint

RP1848: 1/26/2011 9:00:27 PM - System Checkpoint

RP1849: 1/27/2011 6:16:57 PM - Installed Microsoft Mouse Mischief

RP1850: 1/28/2011 6:20:33 PM - System Checkpoint

RP1851: 1/29/2011 9:32:27 PM - System Checkpoint

RP1852: 1/31/2011 10:45:05 AM - System Checkpoint

RP1853: 2/1/2011 12:22:39 PM - System Checkpoint

RP1854: 2/2/2011 1:21:23 PM - System Checkpoint

RP1855: 2/2/2011 7:25:28 PM - Removed Dell Support Center (Support Software).

RP1856: 2/3/2011 7:26:33 PM - System Checkpoint

RP1857: 2/4/2011 8:28:11 PM - System Checkpoint

RP1858: 2/5/2011 9:38:18 PM - System Checkpoint

RP1859: 2/6/2011 9:34:32 PM - Installed Java 6 Update 23

RP1860: 2/7/2011 9:45:56 PM - System Checkpoint

RP1861: 2/8/2011 10:50:21 PM - System Checkpoint

RP1862: 2/9/2011 11:14:13 PM - System Checkpoint

RP1863: 2/10/2011 3:00:22 AM - Software Distribution Service 3.0

RP1864: 2/11/2011 3:00:17 AM - Software Distribution Service 3.0

RP1865: 2/12/2011 3:00:17 AM - Software Distribution Service 3.0

RP1866: 2/13/2011 3:00:20 AM - Software Distribution Service 3.0

RP1867: 2/14/2011 3:00:26 AM - Software Distribution Service 3.0

RP1868: 2/15/2011 3:00:26 AM - Software Distribution Service 3.0

RP1869: 2/15/2011 3:27:11 PM - Installed PlaceEngine

RP1870: 2/16/2011 3:00:28 AM - Software Distribution Service 3.0

RP1871: 2/17/2011 3:00:18 AM - Software Distribution Service 3.0

RP1872: 2/18/2011 3:00:17 AM - Software Distribution Service 3.0

RP1873: 2/19/2011 3:00:17 AM - Software Distribution Service 3.0

RP1874: 2/20/2011 3:00:17 AM - Software Distribution Service 3.0

RP1875: 2/21/2011 3:00:17 AM - Software Distribution Service 3.0

RP1876: 2/21/2011 4:03:31 PM - Software Distribution Service 3.0

RP1877: 2/22/2011 3:00:18 AM - Software Distribution Service 3.0

RP1878: 2/23/2011 3:00:17 AM - Software Distribution Service 3.0

RP1879: 2/24/2011 3:00:34 AM - Software Distribution Service 3.0

RP1880: 2/25/2011 3:00:18 AM - Software Distribution Service 3.0

RP1881: 2/26/2011 3:00:27 AM - Software Distribution Service 3.0

RP1882: 2/27/2011 3:00:18 AM - Software Distribution Service 3.0

RP1883: 2/28/2011 3:00:18 AM - Software Distribution Service 3.0

RP1884: 3/1/2011 3:00:20 AM - Software Distribution Service 3.0

RP1885: 3/2/2011 3:00:22 AM - Software Distribution Service 3.0

RP1886: 3/3/2011 3:00:18 AM - Software Distribution Service 3.0

RP1887: 3/4/2011 3:00:20 AM - Software Distribution Service 3.0

RP1888: 3/5/2011 3:00:23 AM - Software Distribution Service 3.0

RP1889: 3/6/2011 3:00:27 AM - Software Distribution Service 3.0

RP1890: 3/7/2011 3:00:28 AM - Software Distribution Service 3.0

RP1891: 3/8/2011 3:00:18 AM - Software Distribution Service 3.0

RP1892: 3/9/2011 3:00:26 AM - Software Distribution Service 3.0

RP1893: 3/10/2011 3:00:28 AM - Software Distribution Service 3.0

RP1894: 3/11/2011 3:00:18 AM - Software Distribution Service 3.0

RP1895: 3/12/2011 3:00:21 AM - Software Distribution Service 3.0

RP1896: 3/12/2011 12:02:42 PM - Software Distribution Service 3.0

RP1897: 3/13/2011 5:00:23 AM - Software Distribution Service 3.0

RP1898: 3/13/2011 2:37:57 PM - Printer Driver Send To Microsoft OneNote Driver Installed

RP1899: 3/14/2011 5:00:29 AM - Software Distribution Service 3.0

RP1900: 3/14/2011 11:37:12 PM - Unsigned driver install

RP1901: 3/15/2011 5:00:28 AM - Software Distribution Service 3.0

RP1902: 3/16/2011 5:00:29 AM - Software Distribution Service 3.0

RP1903: 3/17/2011 12:23:01 AM - Unsigned driver install

RP1904: 3/17/2011 12:37:55 AM - Update to an unsigned driver

RP1905: 3/18/2011 2:13:49 AM - System Checkpoint

RP1906: 3/18/2011 5:00:17 AM - Software Distribution Service 3.0

RP1907: 3/19/2011 5:00:19 AM - Software Distribution Service 3.0

RP1908: 3/20/2011 5:00:17 AM - Software Distribution Service 3.0

RP1909: 3/21/2011 5:00:22 AM - Software Distribution Service 3.0

RP1910: 3/22/2011 5:00:17 AM - Software Distribution Service 3.0

RP1911: 3/23/2011 5:00:20 AM - Software Distribution Service 3.0

RP1912: 3/24/2011 5:00:18 AM - Software Distribution Service 3.0

RP1913: 3/25/2011 5:00:20 AM - Software Distribution Service 3.0

RP1914: 3/26/2011 5:00:24 AM - Software Distribution Service 3.0

RP1915: 3/27/2011 5:00:20 AM - Software Distribution Service 3.0

RP1916: 3/28/2011 5:00:34 AM - Software Distribution Service 3.0

RP1917: 3/28/2011 8:40:52 AM - Software Distribution Service 3.0

RP1918: 3/28/2011 6:02:39 PM - Removed Cisco Systems VPN Client 5.0.02.0090

RP1919: 3/28/2011 6:20:54 PM - Installed Cisco Systems VPN Client 5.0.02.0090

RP1920: 3/29/2011 5:00:26 AM - Software Distribution Service 3.0

RP1921: 3/29/2011 3:36:04 PM - Installed Cisco Systems VPN Client 5.0.02.0090

RP1922: 3/30/2011 12:47:53 AM - Software Distribution Service 3.0

RP1923: 3/30/2011 5:00:37 AM - Software Distribution Service 3.0

RP1924: 3/30/2011 11:48:24 PM - Restore Operation

RP1925: 3/30/2011 11:58:34 PM - Software Distribution Service 3.0

RP1926: 3/31/2011 12:27:50 AM - Software Distribution Service 3.0

RP1927: 3/31/2011 12:35:07 AM - Software Distribution Service 3.0

RP1928: 3/31/2011 5:00:37 AM - Software Distribution Service 3.0

RP1929: 4/1/2011 5:00:37 AM - Software Distribution Service 3.0

RP1930: 4/2/2011 5:00:21 AM - Software Distribution Service 3.0

RP1931: 4/2/2011 6:18:14 PM - Software Distribution Service 3.0

RP1932: 4/2/2011 7:15:01 PM - Restore Operation

RP1933: 4/2/2011 8:22:21 PM - Software Distribution Service 3.0

RP1934: 4/2/2011 8:43:59 PM - Software Distribution Service 3.0

RP1935: 4/3/2011 8:52:47 PM - System Checkpoint

RP1936: 4/4/2011 5:00:31 AM - Software Distribution Service 3.0

RP1937: 4/4/2011 2:56:23 PM - Software Distribution Service 3.0

RP1938: 4/5/2011 4:09:59 PM - Unsigned driver install

RP1939: 4/5/2011 4:15:15 PM - Rollback to an unsigned driver

RP1940: 4/6/2011 5:00:34 AM - Software Distribution Service 3.0

RP1941: 4/7/2011 5:00:27 AM - Software Distribution Service 3.0

RP1942: 4/8/2011 5:00:17 AM - Software Distribution Service 3.0

RP1943: 4/9/2011 5:00:17 AM - Software Distribution Service 3.0

RP1944: 4/10/2011 5:00:17 AM - Software Distribution Service 3.0

RP1945: 4/12/2011 12:03:15 AM - Software Distribution Service 3.0

RP1946: 4/12/2011 5:00:37 AM - Software Distribution Service 3.0

RP1947: 4/12/2011 8:28:54 AM - Software Distribution Service 3.0

RP1948: 4/13/2011 7:51:18 PM - System Checkpoint

RP1949: 4/14/2011 5:00:17 AM - Software Distribution Service 3.0

RP1950: 4/15/2011 5:00:17 AM - Software Distribution Service 3.0

RP1951: 4/16/2011 5:00:17 AM - Software Distribution Service 3.0

RP1952: 4/17/2011 5:00:16 AM - Software Distribution Service 3.0

RP1953: 4/18/2011 5:00:17 AM - Software Distribution Service 3.0

RP1954: 4/19/2011 5:00:17 AM - Software Distribution Service 3.0

RP1955: 4/20/2011 5:00:17 AM - Software Distribution Service 3.0

RP1956: 4/21/2011 5:00:17 AM - Software Distribution Service 3.0

RP1957: 4/22/2011 5:00:17 AM - Software Distribution Service 3.0

RP1958: 4/23/2011 5:00:21 AM - Software Distribution Service 3.0

RP1959: 4/24/2011 5:00:17 AM - Software Distribution Service 3.0

RP1960: 4/28/2011 2:51:08 PM - Software Distribution Service 3.0

RP1961: 4/28/2011 3:22:47 PM - Removed WebEx Support Manager for Internet Explorer

RP1962: 4/28/2011 3:24:33 PM - Removed PlaceEngine

RP1963: 4/28/2011 4:23:33 PM - Unsigned driver install

RP1964: 4/28/2011 4:28:04 PM - Unsigned driver install

RP1965: 4/28/2011 6:31:51 PM - Installed Microsoft Fix it 50199

RP1966: 4/28/2011 6:34:38 PM - Installed Microsoft Fix it 50199

RP1967: 4/28/2011 8:09:40 PM - Restore Operation

RP1968: 4/28/2011 8:16:55 PM - Software Distribution Service 3.0

RP1969: 4/29/2011 3:00:18 AM - Software Distribution Service 3.0

RP1970: 4/30/2011 12:53:16 AM - Unsigned driver install

RP1971: 4/30/2011 2:28:28 AM - Software Distribution Service 3.0

RP1972: 5/1/2011 11:16:06 PM - Unsigned driver install

RP1973: 5/1/2011 11:18:11 PM - Unsigned driver install

RP1974: 5/2/2011 1:41:51 AM - Configured Broadcom Advanced Control Suite 2

RP1975: 5/2/2011 1:42:33 AM - Installed Broadcom Gigabit Integrated Controller

RP1976: 5/2/2011 2:08:29 AM - Update to an unsigned driver

RP1977: 5/2/2011 2:28:48 AM - Software Distribution Service 3.0

RP1978: 5/3/2011 11:57:18 AM - System Checkpoint

RP1979: 5/3/2011 10:54:14 PM - Removed Cisco Systems VPN Client 5.0.02.0090

RP1980: 5/4/2011 12:50:51 AM - Software Distribution Service 3.0

RP1981: 5/4/2011 3:00:18 AM - Software Distribution Service 3.0

RP1982: 5/5/2011 3:00:18 AM - Software Distribution Service 3.0

RP1983: 5/6/2011 3:00:18 AM - Software Distribution Service 3.0

RP1984: 5/6/2011 9:09:45 PM - Unsigned driver install

RP1985: 5/6/2011 9:30:33 PM - Restore Operation

RP1986: 5/6/2011 9:35:53 PM - Software Distribution Service 3.0

RP1987: 5/6/2011 9:44:15 PM - Unsigned driver install

RP1988: 5/8/2011 6:45:50 PM - Unsigned driver install

RP1989: 5/8/2011 6:53:20 PM - Configured Linksys EasyLink Advisor

RP1990: 5/9/2011 3:00:27 AM - Software Distribution Service 3.0

RP1991: 5/9/2011 5:15:11 PM - Software Distribution Service 3.0

RP1992: 5/10/2011 1:20:51 AM - Software Distribution Service 3.0

RP1993: 5/11/2011 1:08:09 PM - Update to an unsigned driver

RP1994: 5/11/2011 1:10:30 PM - Unsigned driver install

RP1995: 5/11/2011 1:49:50 PM - Removed Medieval CUE Splitter

RP1996: 5/11/2011 1:51:28 PM - Removed Skype Toolbars

RP1997: 5/11/2011 1:52:27 PM - Removed Skype

Link to post
Share on other sites

ok ill try that out..but i did realize while in safe mode i cannot download/update from the windows update site..it doesnt let me...is there a way i can just download a sp3 file and install it?....and if the internet doesnt work after the sp3 install i think im going to go ahead a reinstall the os...didnt wanna do it but nothing else seems to work...hopefully that works...thanks for your help! ill keep you posted

Link to post
Share on other sites

ok soo i tried removing sp3 with 2 of the 4 methods...and other ways..but still couldnt be removed...soo i just ended up installing a fresh copy of windows 7 and everything is perfect now...internet and everything... :) i just wanted everyone to know...and thank everyone that tried to help me! thanks again

Link to post
Share on other sites

  • Staff

Great!

I highly recommend the PRO version of MBAM; with it, it's likely that this issue would have been prevented in the first place.

Now that your computer seems to be in proper working order, please take the following steps to help prevent reinfection:

1) Download and install Javacool's SpywareBlaster, which will prevent malware from being installed on your computer. A tutorial on it can be found here.

2) Go to Windows Update frequently to get all of the latest updates (security or otherwise) for Windows.

3) Make sure your programs are up to date! Older versions may contain security risks. To find out what programs need to be updated, please run Secunia's Software Inspector.

4) WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

  • Green to go
  • Yellow for caution
  • Red to stop

WOT has an addon available for both Firefox and IE.

5) Be sure to update your Antivirus and Antispyware programs often!

Finally, please also take the time to read Tony Klein's excellent article on: So How Did I Get Infected in the First Place?

Safe surfing,

-screen317

Link to post
Share on other sites

  • Staff

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.