TechSpot

AVG threat alerts for IDP.Trojan.1C8D1A13 & Crypt.AQLW

Solved
By mwaugh29
May 3, 2012
  1. Hello!
    I have AVG installed and I receive continuous threat alerts for the IDP.Trojan.1C8D1A13 & Crypt.AQLW viruses/malware. I have reviewed and followed the instructions given in the document "5-step Viruses/Spyware/Malware Preliminary Removal Instructions". Here are the logs that were generated:


    Malwarebytes Anti-Malware (Trial) 1.61.0.1400
    Database version: v2012.05.02.06
    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Matthew :: MATTDESKTOP [administrator]
    Protection: Enabled
    5/2/2012 2:30:01 PM
    mbam-log-2012-05-02 (14-30-01).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 206304
    Time elapsed: 13 minute(s), 40 second(s)
    Memory Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 50
    HKCR\AppID\{E5345AE2-094A-4ae3-9578-1787ECDA733A} (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\Typelib\{28252909-1BE7-4236-BD77-B59CFF2AE6C4} (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\Interface\{1E5DD896-FD9B-4D31-831A-2427216A0A02} (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\Typelib\{2A7DB8D1-43BE-4AD3-A81E-9BB8C9D00073} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
    HKCR\Interface\{2BB15D36-43BE-4743-A3A0-3308F4B1A610} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
    HKCR\Typelib\{58634367-D62B-4C2C-86BE-5AAC45CDB671} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKCR\Interface\{A36A5936-CFD9-4B41-86BD-319A1931887F} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKCR\Typelib\{67907B3C-A6EF-4A01-99AD-3FCD5F526429} (Adware.ISTBar) -> Quarantined and deleted successfully.
    HKCR\Interface\{0985C112-2562-46F2-8DA6-92648BA4630F} (Adware.ISTBar) -> Quarantined and deleted successfully.
    HKCR\Typelib\{D0288A41-9855-4A9B-8316-BABE243648DA} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKCR\Interface\{339D8AFF-0B42-4260-AD82-78CE605A9543} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKCR\Typelib\{E9A5B71C-093B-4F34-AF07-34FCA89BA0DF} (Adware.ISTBar) -> Quarantined and deleted successfully.
    HKCR\Interface\{0E704BA4-C517-4BE7-A1CD-C3FFDA1E1FFE} (Adware.ISTBar) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{8CBA1B49-8144-4721-A7B1-64C578C9EED7} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000010-6F7D-442C-93E3-4A4827C2E4C8} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000010-6F7D-442C-93E3-4A4827C2E4C8} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{531BE052-76FC-4B05-9CCD-AF6AA265113C} (Trojan.Banker) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{531BE052-76FC-4B05-9CCD-AF6AA265113C} (Trojan.Banker) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549B5CA7-4A86-11D7-A4DF-000874180BB3} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FAA356E4-D317-42A6-AB41-A3021C6E7D52} (Adware.ISTBar) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F919FBD3-A96B-4679-AF26-F551439BB5FD} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKCR\fis.amo (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKCR\fis.amo.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKCR\fis.momo (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKCR\fis.momo.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKCR\fis.ohb (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKCR\fis.ohb.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKCR\PAE_BHO.PEDEV_IEListener (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\PAE_BHO.PEDEV_IEListener.1 (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\PEDEV.PEDEVOptions (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\PEDEV.PEDEVOptions.1 (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\PEDEV.PEDEVPDM (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\PEDEV.PEDEVPDM.1 (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\PEDEV.PEDEVStatistic (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\PEDEV.PEDEVStatistic.1 (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\PEDEV.PEDEVUrlChecker (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\PEDEV.PEDEVUrlChecker.1 (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\PEDEV_BHO.PEDEV (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\PEDEV_BHO.PEDEV.1 (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully.
    HKCR\AppID\PEDEV.DLL (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCR\AppID\pedev.EXE (Adware.PeDev) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\884E079B2F78C10334A79B210E9EA2B7 (Adware.SearchTool) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\SmartShopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\XBV6RD5SZF (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AntiVirus 2010 (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully.
    HKLM\System\CurrentControlSet\Services\SPService (TrojanProxy.Agent) -> Quarantined and deleted successfully.
    Registry Values Detected: 8
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{FAA356E4-D317-42A6-AB41-A3021C6E7D52} (Adware.ISTBar) -> Data: -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{10E42047-DEB9-4535-A118-B3F6EC39B807} (Adware.ISTBar) -> Data: -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping|{10E42047-DEB9-4535-A118-B3F6EC39B807} (Adware.ISTBar) -> Data: 8198 -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{FAA356E4-D317-42a6-AB41-A3021C6E7D52} (Adware.ISTBar) -> Data: -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Data: -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Data: sp -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|netsvc (TrojanProxy.Agent) -> Data: SPService^w^ -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad|PSFactoryBuffer (Trojan.Agent) -> Data: {ffe8b3ec-23c7-4c2b-9adb-b70d4929f38c} -> Quarantined and deleted successfully.
    Registry Data Items Detected: 1
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\Windows\System32\wsaupdater.exe,) Good: (Userinit.exe) -> Quarantined and repaired successfully.
    Folders Detected: 5
    C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Matthew\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Matthew\Application Data\WinAntiVirus Pro 2006\Logs (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\Common Files\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    Files Detected: 11
    C:\WINDOWS\SYSTEM32\DRIVERS\cdrom.sys (Rootkit.0Access) -> Quarantined and deleted successfully.
    C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Matthew\Application Data\WinAntiVirus Pro 2006\PGE.dat (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Matthew\Application Data\WinAntiVirus Pro 2006\Logs\update.log (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Matthew\Application Data\WinAntiVirus Pro 2006\Logs\wa6Support.log (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Matthew\Application Data\WinAntiVirus Pro 2006\Logs\winav.log (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\WinAntiVirus Pro 2006\msvcp71.dll (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\WinAntiVirus Pro 2006\msvcr71.dll (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    C:\WINDOWS\smdat32a.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

    (end)



    GMER 1.0.15.15641
    Rootkit quick scan 2012-05-02 15:05:46
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST340014A rev.3.16
    Running: cy0dl57e.exe; Driver: C:\DOCUME~1\Matthew\LOCALS~1\Temp\pwloipow.sys

    ---- Devices - GMER 1.0.15 ----
    AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
    AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    ---- EOF - GMER 1.0.15 ----


    DDS txt and DDS attach in following thread.....
     
  2. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
     
  3. mwaugh29

    mwaugh29 TS Rookie Topic Starter Posts: 36

    DDS text and ATTACH text logs:

    For these logs, what information from the logs do you absolutely need? I have tried pasting them verbatim and the techspot error informs me that new users cannot post websites or email addresses in the forums.

    I have tried just deleting any website addresses/email links from the logs and re-pasting, but I still receive the same message.

    Any suggestions?

    Thanks,
    Matt
     
  4. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    I'm pretty sure you can post them but they'll be visible to you when I approve them.
    Give it a try and PM me when you're done with posting.
     
  5. mwaugh29

    mwaugh29 TS Rookie Topic Starter Posts: 36

    Broni, Hi! Still getting the same error:
    The following error occurred:
    Hello there... In order to prevent SPAM we don't allow newly registered users to post links or email addresses. If you plan to stay for a while and become part of the TechSpot community, then you will know this is the best way to go. Thanks for your understanding.
     
  6. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    OK, I'll report this.
    Meanwhile...

    Upload the file(s) here: http://uploadmb.com/
    Copy the link inside the Direct Link box and post it in your next reply.
     
  7. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    The issue has been fixed.
    You should be able to paste your logs.
     
  8. mwaugh29

    mwaugh29 TS Rookie Topic Starter Posts: 36

  9. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
    Run by Matthew at 19:11:46 on 2012-05-02
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.255 [GMT -4:00]
    .
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\acs.exe
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k Akamai
    C:\Program Files\AVG\AVG10\avgwdsvc.exe
    C:\Program Files\Common Files\Dell\EUSW\Support.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
    C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\WINDOWS\system32\dlcxcoms.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\Iomega\System32\AppServices.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Documents and Settings\Matthew\Local Settings\Application Data\Akamai\netsession_win.exe
    C:\Documents and Settings\Matthew\Local Settings\Application Data\Akamai\netsession_win.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    C:\Program Files\Aladdin Systems\Internet Cleanup\onictask.exe
    C:\Documents and Settings\Matthew\My Documents\RCA Detective\RCADetective.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\Program Files\AVG\AVG10\avgchsvx.exe
    C:\Program Files\AVG\AVG10\avgrsx.exe
    C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\Program Files\AVG\AVG10\avgam.exe
    C:\WINDOWS\System32\msiexec.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.techspot.com/community/topics/updated-5-step-viruses-spyware-malware-preliminary-removal-instructions.58138/
    uSearch Page = hxxp://www.google.com
    uDefault_Page_URL = hxxp://www.dell4me.com/myway
    uWindow Title = Microsoft Internet Explorer provided by Verizon Online
    uSearch Bar = hxxp://www.google.com/ie
    mSearch Bar = hxxp://websearch.drsnsrch.com/sidesearch.cgi?id=
    uInternet Settings,ProxyOverride = 127.0.0.1;127.0.0.1:9421;<local>
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    mCustomizeSearch = hxxp://websearch.drsnsrch.com/sidesearch.cgi?id=
    uURLSearchHooks: H - No File
    mWinlogon: Userinit=Userinit.exe,
    BHO: {0000607D-D204-42C7-8E46-216055BF9918} - No File
    BHO: {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - No File
    BHO: {08E74C67-99A6-45C7-94DA-A397A8FD8082} - No File
    BHO: {12EE7A5E-0674-42f9-A76A-000000004D00} - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: PopupFilter Class: {1f2e844b-8211-46ff-8262-772f03295cf4} - c:\program files\aladdin systems\internet cleanup\PopFiltr.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: {39DD157D-B016-77C7-D255-64557BA07F1E} - No File
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
    BHO: {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - No File
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: {ECF7B474-465D-1EDE-2292-EF28C011DD0C} - No File
    TB: {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - No File
    TB: {12EE7A5E-0674-42f9-A76B-000000004D00} - No File
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: {34F459B8-1D37-4FF2-9EFA-192D8E3ABA6F} - No File
    TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
    TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
    EB: {12EE7A5E-0674-42f9-A76B-000000004D00} - No File
    EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
    EB: {68627251-8a78-4bf4-8dd8-c4231dd80494} - No File
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Easy Dock] c:\documents and settings\matthew\my documents\rca easyrip\EZDock.exe
    uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
    uRun: [Akamai NetSession Interface] "c:\documents and settings\matthew\local settings\application data\akamai\netsession_win.exe"
    mRun: [DwlClient] c:\program files\common files\dell\eusw\Support.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [dlcxmon.exe] "c:\program files\dell photo aio printer 926\dlcxmon.exe"
    mRun: [MemoryCardManager]
    mRun: [Easy Dock]
    mRun: [Corel Photo Downloader] c:\program files\corel\corel photo album 6\MediaDetect.exe
    mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe
    mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
    mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    StartupFolder: c:\docume~1\matthew\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\matthew\application data\dropbox\bin\Dropbox.exe
    StartupFolder: c:\docume~1\matthew\startm~1\programs\startup\ictask~1.lnk - c:\program files\aladdin systems\internet cleanup\onictask.exe
    StartupFolder: c:\docume~1\matthew\startm~1\programs\startup\rcadet~1.lnk - c:\documents and settings\matthew\my documents\rca detective\RCADetective.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\amazon~1.lnk - c:\program files\amazon\amazon unbox video\ADVWindowsClientSystemTray.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{f3c1de9e-5e16-4ba9-b854-7b53a45e3579}\Icon3E5562ED7.ico
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    LSP: mswsock.dll
    Trusted Zone: iomega.com\istorage
    Trusted Zone: musicmatch.com
    Trusted Zone: turbotax.com
    Trusted Zone: contentmatch.net\ny
    Trusted Zone: kent.edu
    Trusted Zone: musicmatch.com
    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
    DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - hxxp://public.windupdates.com/get_file.php?bt=ie&p=8eed54950496bfeb5899b8ba81fbaa8f52698706bfeedff388bf3e8d58cf5f61afd31721d03773ca067a2afbc699d63f22ed05f72cb55925:0db69b72ff39cfe5e585d7b34e81015d
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} - hxxp://www.streamaudio.com/download/ccpm_0237.cab
    DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - hxxp://www.drivecleaner.com/.freeware/installdrivecleanerstart.cab
    DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
    DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
    DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab
    DPF: {5F3B3060-09E0-44C6-86F7-BC7B02B57BEE} - hxxp://downloads.shopathomeselect.com/adpepper/grinstall_ap1001.cab
    DPF: {62789780-B744-11D0-986B-00609731A21D} - hxxp://www.belmontcountygis.com/belmont/html/mgaxctrl.cab
    DPF: {707873C7-03BB-4F1A-95EC-4AAF1C3D463E} - hxxps://iomega-na-en.custhelp.com/rnt/rnw/activex/wspellam.cab
    DPF: {755CC1E8-C05A-4A98-8764-132DB2A0472C} - hxxps://iomega-na-en--rpt.custhelp.com/rnt/rnw/activex/ColorPickerX.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {99C7B1B6-C556-4BA2-BBF6-4E19394A260B} - hxxp://iomega-na-en.custhelp.com/rnt/rnw/client_files/RNTProcMan.cab
    DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} - hxxps://gianteagle.lifepics.com/net/Uploader/LPUploader45.cab
    DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - hxxp://download.yahoo.com/dl/mail/autocomplete.cab
    DPF: {C22877C3-4214-11D0-B0DA-080009C351D7} - hxxp://istorage.iomega.com/istorage.cab
    DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_15-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {E9670165-86FE-4C34-8C4B-D3158DDC5D92} - hxxp://downloads.shopathomeselect.com/axinstall/SRInstall4110.cab
    DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} - hxxp://by23fd.bay23.hotmail.msn.com/activex/HMAtchmt.ocx
    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{B65B27EA-CBF4-4339-B48C-E28A8E180878} : DhcpNameServer = 209.18.47.61 209.18.47.62
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
    Handler: jpip - {B92DD248-E3D5-4A92-B311-C9B841681455} - c:\program files\lizardtech\expressview\expressview.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
    Handler: sidlet - {B92DD248-E3D5-4A92-B311-C9B841681455} - c:\program files\lizardtech\expressview\expressview.dll
    Notify: igfxcui - igfxsrvc.dll
    Notify: TPSvc - TPSvc.dll
    SSODL: jCXOPI - {ECF7B46E-465D-1EC4-690E-DE3CC011DD09} - No File
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    Hosts: 94.63.147.16 www.google.com
    Hosts: 94.63.147.17 www.bing.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\matthew\application data\mozilla\firefox\profiles\t5g9cqyt.default\
    FF - prefs.js: browser.search.selectedEngine - Yahoo
    FF - prefs.js: browser.startup.homepage - hxxp://wacoff05.football.sportsline.com/
    FF - prefs.js: keyword.URL - hxxp://ws1.appswebservice.com/index.php?tpid=10292&ttid=105&st=
    FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
    FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
    FF - component: c:\documents and settings\matthew\application data\mozilla\firefox\profiles\t5g9cqyt.default\extensions\{a0729639-d831-46c9-811b-9b0aa79fb45a}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\matthew\application data\mozilla\firefox\profiles\t5g9cqyt.default\extensions\{a0729639-d831-46c9-811b-9b0aa79fb45a}\components\RadioWMPCore.dll
    FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
    FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg10\Firefox
    FF - Ext: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - %profile%\extensions\{a0729639-d831-46c9-811b-9b0aa79fb45a}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 22992]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 248656]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34896]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 297168]
    R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2003-7-16 14336]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
    R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-5-2 654408]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-3 134480]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-3 24144]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-3 27216]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-5-2 22344]
    S2 antivirscheduler;VIAPFD;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 avgfwsrv;Wacommousefilter;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 avgio;Imonnt;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 avgtdi;Cmpci;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 awhost32;Netsvc;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 BRGSp50;Mssql$pinnaclesys;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 ccevtmgr;Dsncservice;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 CTMFLT;AsDsm;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 DMUSBUSBDCam;Nbf;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 fsssvc;Dbmanagerscheduler;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-10-13 133104]
    S2 kbdes;kbdes;c:\windows\system32\kbdes.exe --> c:\windows\system32\kbdes.exe [?]
    S2 LMIRfsClientNP;HBtnKey;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 lpx;FreshIO;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 mclserviceatl;U81xmdm;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 mcproxy;Racsvc;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 mcrdsvc;Bridge;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 mcredirector;Mindrepair;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 mcshield;F700ius;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 mcsysmon;Eloggersvc6;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 mcupdmgr.exe;ASFWHide;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 mcvsrte;Compaq_rba;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 mferkdk;Aswmon2;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 mksvirmonsvc;Orbpvr;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 naveng;Nimxdfk;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 ndasbus;Se27unic;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 pav_service;Ps2;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 pctavsvc;Nalntservice;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 symantecantibotagent;PTDCVsp;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S2 webrootadminconsole;Alcxwdm;c:\windows\system32\svchost.exe -k netsvcs [2003-7-16 14336]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-10-13 133104]
    S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2008-5-9 174336]
    S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2007-11-14 394952]
    S4 Perdmin;Perdmin;\??\c:\windows\system32\drivers\amsproxy.sys --> c:\windows\system32\drivers\amsproxy.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-05-02 18:28:46 -------- d-----w- c:\documents and settings\matthew\application data\Malwarebytes
    2012-05-02 18:28:37 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2012-05-02 18:28:36 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-05-02 18:28:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-05-01 00:04:20 -------- d-----w- c:\documents and settings\matthew\local settings\application data\PCHealth
    2012-04-30 19:19:16 -------- d-----w- c:\documents and settings\matthew\application data\Anvisoft
    2012-04-30 19:17:54 -------- d-----w- c:\program files\Anvisoft
    2012-04-27 05:13:34 34304 ----a-w- c:\windows\NOAA_32.DLL
    2012-04-27 05:11:43 -------- d-----w- C:\LV6_Demo
    2012-04-25 23:04:46 -------- d-----w- c:\windows\F3C1DE9E5E164BA9B8547B53A45E3579.TMP
    2012-04-23 05:49:34 42864 ----a-r- c:\windows\system32\SBBD.EXE
    2012-04-23 05:49:34 101112 ----a-r- c:\windows\system32\drivers\SBREDrv.sys
    2012-04-20 21:56:45 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
    2012-04-10 21:40:02 -------- d-----w- c:\documents and settings\matthew\application data\Dropbox
    2012-04-04 05:53:56 182160 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
    2012-04-04 05:53:56 182160 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
    .
    ==================== Find3M ====================
    .
    2012-03-15 12:25:44 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2012-03-15 12:25:44 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2012-03-15 12:21:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    .
    ============= FINISH: 19:13:41.34 ===============


    .
     
  10. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 1/1/2005 2:58:13 AM
    System Uptime: 5/2/2012 6:01:47 PM (1 hours ago)
    .
    Motherboard: Dell Computer Corp. | | 0G1548
    Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz | Microprocessor | 2657/533mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 37 GiB total, 5.901 GiB free.
    E: is Removable
    F: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: USBSTOR\CDROM&VEN_LITE-ON&PROD_COMBO_SOHC-5236V&REV_R$0K\DEF10CE0C232&0
    Manufacturer: (Standard CD-ROM drives)
    Name: LITE-ON COMBO SOHC-5236V USB Device
    PNP Device ID: USBSTOR\CDROM&VEN_LITE-ON&PROD_COMBO_SOHC-5236V&REV_R$0K\DEF10CE0C232&0
    Service: cdrom
    .
    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: IDE\CDROMJLMS_DVD-ROM_XJ-HD166___________________DD05____\5&2641F507&0&0.0.0
    Manufacturer: (Standard CD-ROM drives)
    Name: JLMS DVD-ROM XJ-HD166
    PNP Device ID: IDE\CDROMJLMS_DVD-ROM_XJ-HD166___________________DD05____\5&2641F507&0&0.0.0
    Service: cdrom
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Cisco Systems VPN Adapter
    Device ID: ROOT\NET\0000
    Manufacturer: Cisco Systems
    Name: Cisco Systems VPN Adapter
    PNP Device ID: ROOT\NET\0000
    Service: CVirtA
    .
    ==== System Restore Points ===================
    .
    RP691: 4/10/2012 1:37:20 AM - System Checkpoint
    RP692: 4/11/2012 2:37:22 AM - System Checkpoint
    RP693: 4/12/2012 3:37:20 AM - System Checkpoint
    RP694: 4/13/2012 4:37:20 AM - System Checkpoint
    RP695: 4/14/2012 5:37:20 AM - System Checkpoint
    RP696: 4/15/2012 6:37:29 AM - System Checkpoint
    RP697: 4/16/2012 7:37:21 AM - System Checkpoint
    RP698: 4/17/2012 8:37:21 AM - System Checkpoint
    RP699: 4/18/2012 8:50:21 AM - System Checkpoint
    RP700: 4/19/2012 8:51:19 AM - System Checkpoint
    RP701: 4/20/2012 11:39:17 AM - System Checkpoint
    RP702: 4/21/2012 3:49:27 PM - System Checkpoint
    RP703: 4/22/2012 6:36:15 PM - System Checkpoint
    RP704: 4/23/2012 1:48:50 AM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP705: 4/25/2012 12:09:09 AM - System Checkpoint
    RP706: 4/25/2012 7:22:00 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP707: 4/26/2012 8:52:58 PM - System Checkpoint
    RP708: 4/27/2012 9:36:54 PM - System Checkpoint
    RP709: 4/28/2012 11:57:55 PM - System Checkpoint
    RP710: 4/30/2012 12:38:49 PM - System Checkpoint
    RP711: 5/2/2012 7:03:18 PM - Removed XML Notepad 2007
    .
    ==== Installed Programs ======================
    .
    ABBYY FineReader 6.0 Sprint
    Ad-aware 6 Personal
    Adobe AIR
    Adobe Flash Player 10 Plugin
    Adobe Flash Player 11 ActiveX
    Adobe Photoshop Album 2.0 Starter Edition
    Adobe Reader X (10.1.3)
    Akamai NetSession Interface
    Akamai NetSession Interface Service
    Aladdin Systems InternetCleanup 3.0
    Amazon MP3 Downloader 1.0.10
    Amazon Unbox Video
    Analysis of Longwall Pillar Stability 5.1
    AnswerWorks 4.0 Runtime - English
    AQTESOLV Demo 4.5
    ArcGIS Desktop 10
    AVG 2011
    Banctec Service Agreement
    CallTech VPN Client
    Chessmaster 9000
    Cisco Systems VPN Client 5.0.05.0290
    Compatibility Pack for the 2007 Office system
    Conexant D850 56K V.9x DFVc Modem
    Corel Paint Shop Pro X
    Corel Photo Album 6
    Corpscon 6.0.1
    DDT
    Dell Digital Jukebox Driver
    Dell Driver Download Manager
    Dell Networking Guide
    Dell Photo AIO Printer 926
    Dell Solution Center
    Dell Support
    Digital Line Detect
    Dropbox
    FrostWire 5.0.8
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    GRASS
    Help and Support Customization
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Format 11 SDK (KB939209)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    IDL 8.1
    IE Host R3
    Intel(R) Extreme Graphics Driver
    Internet Explorer Default Page
    J2SE Runtime Environment 5.0 Update 15
    J2SE Runtime Environment 5.0 Update 3
    Jasc Paint Shop Photo Album
    Jasc Paint Shop Pro 8 Dell Edition
    Java 2 Runtime Environment, SE v1.4.2
    Java Auto Updater
    Java(TM) 6 Update 2
    Java(TM) 6 Update 23
    Java(TM) SE Runtime Environment 6 Update 1
    LandView 6 Demo, Version 1.0
    LizardTech ExpressView Browser Plug-in
    Malwarebytes Anti-Malware version 1.61.0.1400
    MapWinGIS ActiveX Control
    MetroGnome
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Age of Empires II
    Microsoft Age of Empires II: The Conquerors Expansion
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Encarta Encyclopedia Standard 2004
    Microsoft Office XP Professional with FrontPage
    Microsoft Silverlight
    Microsoft SQL Server 2008 Native Client
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ Redist - ENU
    Mobile Broadband Generic Drivers
    Modem Helper
    Mozilla Firefox (3.5.19)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Musicmatch® Jukebox
    neroxml
    NetWaiting
    pdfsam
    PowerDVD 5.1
    PrimoPDF -- brought to you by Nitro PDF Software
    QuickTime
    RCA Detective™ 3.0.3.0
    RCA easyRip 2.5.6.0
    RCA Updater 2.1.7.0
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    RealUpgrade 1.1
    RockPack III
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB917734)
    Security Update for Windows Media Player 9 (KB936782)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953155)
    Security Update for Windows XP (KB953838)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB963027)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969897)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972260)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974455)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB976325)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982381)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Shockwave
    STOP
    TP-LINK Draft N Wireless Client Utility
    TurboTax Premier 2007
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update for Windows XP (KB976749)
    Update for Windows XP (KB978207)
    Update for Windows XP (KB980182)
    VZAccess Manager
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows SA
    Windows SR 2.0
    Windows XP Service Pack 3
    WinZip
    WordPerfect Office 12
    .
    ==== Event Viewer Messages From Past Week ========
    .
    5/2/2012 6:07:50 PM, error: Service Control Manager [7034] - The W800mgmt service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 6:07:50 PM, error: Service Control Manager [7034] - The Vclone service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 6:07:50 PM, error: Service Control Manager [7034] - The TPECioCtl service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 6:07:50 PM, error: Service Control Manager [7034] - The Tifmsony service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 6:07:50 PM, error: Service Control Manager [7034] - The Sscdmdfl service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 6:07:50 PM, error: Service Control Manager [7034] - The Sfsync02 service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 6:07:50 PM, error: Service Control Manager [7034] - The Proxyhostservice service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 6:07:50 PM, error: Service Control Manager [7034] - The Noipducservice service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 6:07:50 PM, error: Service Control Manager [7034] - The KR3NPXP service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 6:07:50 PM, error: Service Control Manager [7034] - The FsVga service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 6:07:50 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Cdrom Imapi
    5/2/2012 2:51:53 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Zpmysql service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Zebrmdmc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Xpadminserver service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Wlankeeper service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Wlancig service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The VX1000 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Vpnva service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Vmnetdhcp service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The VideX32 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Usrbridg service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Usprserv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Usbmate service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Usbcm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The USB11LDR service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The USA49W service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Ultra66 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Uhcd service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Udfs service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Tvicport service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Trlokom_rmhsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Tavsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Sunkfiltp service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Sptisrv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Spsmqvsm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Sprtsvc_dellsupportcenter service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Spcstb service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Sony_ssm.sys service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Smcirda service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The SE26mdm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The S3savagenb service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The S3savagemx service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The S125mdm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Rvsinst service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The RTL8169 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Rt2500 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Rslinx service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Rkhdrv31 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Pid_0928 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Pelusblf service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Pdlnsx25 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Pavatscheduler service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The P16X service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Ose service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Oracleorahomedatagatherer service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Oracledbconsoleorcl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Opcenum service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Omniserv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The OdysseyIM3 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The NWDHCP service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Nvlddmkm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Nscservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Nscirda service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Npkcusb service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Npapimon service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Nmea service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The NIPALK service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The NetPipeActivator service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The NetMsmqActivator service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The NETMDUSB service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Naveng service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Msvad_simple service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Mstdc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Mssqlserverolapservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Msloop service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Mgabg service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Merakcontrol service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Ma763004 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Lxrsge10s service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Kerbkey service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Kbdhid service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Issuser service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Irsir service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Ipsraidn service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The InterBaseServer service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Intels51 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Incdsrv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Icdsptsv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The IASJet service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The HSONYPVh service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The HpqRemHid service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The HECI service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Hddsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Hamachi service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The GTPTSER service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The GENERICDRV service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The FiltUSBEMPIA service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The ELacpi service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Dtsrvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Dnetc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Dlbx_device service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Digictrl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Deckzpsx service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Cwcspud service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Cwcpsvc20 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Cqmgstor service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Client32 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Cfsvcs service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Ccproxy service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Cardex service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Carboncopy32 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The CamAv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The BRGSp50 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The BASFND service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Axskbus service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Avp service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The ATIVXSTW service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The AtcL002 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The As6frin service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Arc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Alcxwdm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Adihdaudaddservice service terminated with the following error: The specified module could not be found.
     
  11. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The Aclient service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:46 PM, error: Service Control Manager [7023] - The 3compxe service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:45 PM, error: Service Control Manager [7023] - The PTDCVsp service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:45 PM, error: Service Control Manager [7023] - The Procexp111 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:45 PM, error: Service Control Manager [7023] - The McciCMService service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:45 PM, error: Service Control Manager [7023] - The Diskperf service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:45 PM, error: Service Control Manager [7023] - The CTHWIUT.DLL service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:44 PM, error: Service Control Manager [7023] - The Tosrfusb service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:44 PM, error: Service Control Manager [7023] - The Toshidpt service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:44 PM, error: Service Control Manager [7023] - The Serialkeys service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:44 PM, error: Service Control Manager [7023] - The S616mgmt service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:44 PM, error: Service Control Manager [7023] - The Nipsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:44 PM, error: Service Control Manager [7023] - The Crystalinputfileserver service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The ZY202_XP service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Zpcollector service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Zenos1 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Xponaut_WBD service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Xpagentserver service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Xnacc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The XilinxPC4Driver service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Wmiaprpl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Wmconnectcds service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Wlluc48b service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Windowblinds service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Webcompserver service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Wbutton service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The W550mdm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The W200obex service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Vxd service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Vvdsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Vsserv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Vsmon service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The VrAcFil service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Vpcnets2 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Vmodem service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The VMAUDIO service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Viaudio service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The USRpdA service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The USBModem service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Usbbus service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The USB_NDIS_51 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Upnp service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Uclauncherservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The U81xmdm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tvtpktfilter service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tvtnetwk service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The TUWinStylerThemeSvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tsscoreservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Transcode360 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Transarcafsdaemon service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tpkmpsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The TOSHIBASoftModem service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tnbrlds service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tm_cfw service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tfsnopio service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tfsnifs service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tfsndres service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tfsncofs service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Teefer service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tdcmdpst service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The TcpipBM service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tbhsd service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tbaspi service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Tangoservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Sympxsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Symmpi service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The SunkFilt39 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Sscdmdm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Sqlagent$pinnaclesys service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The SPCtl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Sp_clamsrv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The SNMPTRAP service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Smstsmgr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The SMPLSCSI service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The SMCB000 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Smbusp service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Slpsvdr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Sit_mdm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Sisperf service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Sis162u service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The SI3112 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Shuttleengine service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Sfng32 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Servicemgr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The SenFiltService service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Se58bus service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The SE2Cmdm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Se27unic service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The SE26mdfl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The ScFBPNT3 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The S616obex service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The S117obex service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The RR2IOMod service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Roxliveshare service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Rollbackclientservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The RIOXDRV service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Retrolauncher service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Rdpnp service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Rdpdd service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Racsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Qconsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The PSSdk23 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The PSSdk21 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The PSDFilter service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Ps2 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Profos service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Procexp90 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Prevxdriver service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Pnkbstrb service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Pdlndldl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The PBADRV service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Pavprsrv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Pavagente service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The PAR1284 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Ownershipprotocol service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Orbpvr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Oracleservicelocalora service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Oracleorahome811cman service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Oracle_load_balancer_60_client-forms6ip14 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Ooclevercacheagent service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Obvious service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The NxFsMon service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Nwrdr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Nsctop service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Nmraapache service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Nimxdfk service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Nimdbgk service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Nfmservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The NetwareWorkstation service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Netdevio service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Ndisipo service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Navex15 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Nalntservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Naiavfilter1 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The MXOPSWD service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The MxlW2k service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mvdcodec service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The MTC0001_ESB service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The MSIRCOMM service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Msi_wlan_service service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The MSFWDrv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mscsptisrv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The MRENDIS5 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The MREMP50 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mr7910 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mqdmbus service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mpfirewl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The MozyFilter service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mksupdateint service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mindrepair service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Milshieldcleaner service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mi-raysat_3dsmax8 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mgactrl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mfeavfk service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mdvrmng service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Mapserver6.3 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The MailService service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The MagicTune service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Lvprcsrv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The License service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Lhidusb service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The LHidFilt service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Lanusb service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Jsdaemon service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Isdrv120 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Hsf_dpv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Hpzipr12 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Hpqcxs08 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Hpci service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Hcmon service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The HBtnKey service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The HabuFltr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The GTF32BUS service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Gearsecurity service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Gdihook5 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Gbpoll service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The GBDevice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Fssfltr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Fsks service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The FreshIO service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Filechecker service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Fasttrackinstallerservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The F700ius service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Epsonbidirectionalservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Epsonbidirectionalagent service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Emu10k1 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The EmAudio service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Eloggersvc6 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Eliservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The EL2000 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Ehrecvr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The DSI_SiUSBXp_3_1 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The DritekPortIO service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Dlcf_device service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Diskeeper service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Digisptiservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Delldmi service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The DCamUSBDXGTech service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Datunidr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Datasvr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Cygserver service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The CYGF32X service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The CXAVXBAR service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Cwcwdm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The CTAudSvcService service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Ctaud2k service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Crystalaps service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Cqmghost service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Cpqarry2 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Cpqalert service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Compaq_rba service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Cobbmservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The CnxTrLan service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Cmuda3 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Cltnetcnservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Cdvp service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Ccpwdsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Cap7134 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The CAMFLT service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Camdrl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The CAM1210 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Cachemgr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Btwrchid service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Btwhid service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Btnetfilter service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Bthmodem service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Bridge service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Bhmonitorservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The BCM43XV service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The AVWLP_USB service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Avgems service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The ATSWPDRV service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Atinrvxx service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Ati2mtag service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Atfsd service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Aswmon2 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Asuskeyboardservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The AsusACPI service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The ASInsHelp service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The ASFWHide service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The ARSVC service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Arp1394 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Apache2 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Angel2 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Amsmpu4p service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The AmdIde service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Akshhl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Aic116x service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Ahcix86s service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Afs2k service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Afc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Aexnsclienttransport service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The AeLookupSvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The AEAudioService service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Adobeactivefilemonitor4.0 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Addfiltr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:49:43 PM, error: Service Control Manager [7023] - The Acedrv07 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The Wmconnectcds service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The Wlluc48b service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The Tfsnifs service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The SE2Cmdm service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The SE26mdfl service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The MREMP50 service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The HBtnKey service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The Fsks service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The FreshIO service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The DSI_SiUSBXp_3_1 service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The Delldmi service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7034] - The Datasvr service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The ZTEusbmdm6k service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Ypcservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The WUSB54Gv4SVC service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The WUSB54GPV4SRV service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Winmtsrv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The WGX service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Webrootcommagentservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The W800mgmt service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The W800mdm service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Vrfwsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Vmkbd2 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The VIAPFD service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Ventrilo service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Vds service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Vcommmgr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Vclone service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The USBVCD service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Uleadburninghelper service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The TPwSav service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The TPECioCtl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Tmtdi service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Tmmbd service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Tifmsony service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Symids service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Sscdmdfl service terminated with the following error: The specified module could not be found.
     
     
  12. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Sscdbus service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The SQLBrowser service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Sqlagent$soshome22 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The SPFDRV service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Slapd-config52 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The SilverLink service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Sfsync02 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The SE2Emgmt service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Savscan service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Rtl8029 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Rimvserport service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Pwd_2K service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Proxyhostservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The PolarUSB service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The PcdrNt service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The P17 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Oracleorahometnslistener service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Noipducservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The NETw3v32 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Mqdmserd service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Mi-raysat_3dsMax2008_32 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The MA8032C service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Lmab_device service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The L8042mou service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The KR3NPXP service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Jconfigd service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Ixiaendpoint service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Ipahelper.exe service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The IntuitUpdateService service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The IBMTPCHK service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Iam service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Hpzius12 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Govsrv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The FsVga service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The FETNDIS service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The F700isw service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The F700iob service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Eskerlicensecontrol service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Enodpl service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The EIO service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The DVDVRRdr_xp service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Dnserver32 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The DM9102 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The DLH5X service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Dklogger service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The DcPTP service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Ctxhttp service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The CiscoVpnInstallService service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Cdrbsvsd service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Cccredmgr service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The CBTNDIS5 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Carboniteservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The C-dillasrv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The BTSLBCSP service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Bdfsdrv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Avgcoresvc service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Atkkeyboardservice service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Aswupdsv service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Asp.net_2.0.50727 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Asmagent service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The Alpham2 service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The ALABULK service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The ADSMService service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7023] - The {95808DC4-FA4A-4c74-92FE-5B863F82066B} service terminated with the following error: The specified module could not be found.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7022] - The Server service hung on starting.
    5/2/2012 2:13:42 PM, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: After starting, the service hung in a start-pending state.
    5/2/2012 2:12:51 PM, error: DCOM [10005] - DCOM got error "%230" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
    5/2/2012 2:01:09 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The WUSB54Gv4SVC service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Wireless Zero Configuration service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Useraccess service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Tmmbd service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The SE2Emgmt service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Mqdmserd service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The IBMTPCHK service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Govsrv service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The DM9102 service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Dklogger service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The DcPTP service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Avgcoresvc service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Atkkeyboardservice service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7034] - The Asp.net_2.0.50727 service terminated unexpectedly. It has done this 1 time(s).
    5/2/2012 1:08:42 AM, error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The ZuneWlanCfgSvc service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Z525mdfl service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The WUSB54GCSVC service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Whoisd32 service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Wacommousefilter service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The W300mdfl service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Unlockerdriver5 service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The UimBus service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The TClass2k service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Stunnel service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The SPService service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Se59mgmt service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The SaiH040B service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Rt73 service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Rt61 service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The QPCapSvc service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Prosync1 service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Procexp100 service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The PID_08A0 service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The PGPsdkDriver service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Pdagent service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Oracleservicesecinst service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The OracleOraHome92ClientCache service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Oracleformsserver-forms60server-oraform service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Openvpnservice service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The NWSNS service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Nvnforce service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Nvenetfd service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Nsm1serd service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Netsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Mxnic service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Mssql$pinnaclesys service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Msftesql service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Maplom service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Kbstuff service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Imonnt service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The ICM10USB service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Hidir service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Ftrtsvc service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Elockservice service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Dsncservice service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Dot4scan service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Dns4meclient service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The DcFpoint service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Cusrvc service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The CTEXFIFX.DLL service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Cmpci service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The CdaD10BA service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Catchme service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The CAMCHALA service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The BrScnUsb service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Blueletscoaudio service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Aw_host service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Ati service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Apfiltrservice service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Anvi Smart Defender Realtime Guard Service service terminated with the following error: Cannot create a file when that file already exists.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Agentsrv service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Actser service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The Acdpowerservice service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7023] - The {e2b953a6-195a-44f9-9ba3-3d5f4e32bb55} service terminated with the following error: The specified module could not be found.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7001] - The System Event Notification service depends on the COM+ Event System service which failed to start because of the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7001] - The Fax service depends on the Telephony service which failed to start because of the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7000] - The Windows Time service failed to start due to the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7000] - The Telephony service failed to start due to the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7000] - The System Restore Service service failed to start due to the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7000] - The Server service failed to start due to the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7000] - The Network Connections service failed to start due to the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7000] - The kbdes service failed to start due to the following error: The system cannot find the file specified.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7000] - The Help and Support service failed to start due to the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7000] - The Fast User Switching Compatibility service failed to start due to the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7000] - The Distributed Link Tracking Client service failed to start due to the following error: The pipe state is invalid.
    5/2/2012 1:08:42 AM, error: Service Control Manager [7000] - The COM+ Event System service failed to start due to the following error: The pipe state is invalid.
    5/2/2012 1:08:07 AM, error: DCOM [10005] - DCOM got error "%230" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    5/2/2012 1:08:07 AM, error: DCOM [10005] - DCOM got error "%230" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    5/2/2012 1:04:23 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    5/1/2012 9:33:01 AM, error: Service Control Manager [7023] - The NWDHCP service terminated with the following error: Access is denied.
    5/1/2012 9:18:00 AM, error: Service Control Manager [7023] - The License service terminated with the following error: Access is denied.
    5/1/2012 8:17:59 AM, error: Service Control Manager [7023] - The McciCMService service terminated with the following error: Access is denied.
    5/1/2012 8:02:58 AM, error: Service Control Manager [7023] - The Sscdbus service terminated with the following error: Access is denied.
    5/1/2012 7:47:57 AM, error: Service Control Manager [7023] - The Dnetc service terminated with the following error: Access is denied.
    5/1/2012 7:02:55 AM, error: Service Control Manager [7023] - The Aexnsclienttransport service terminated with the following error: Access is denied.
    5/1/2012 6:47:55 AM, error: Service Control Manager [7023] - The Zenos1 service terminated with the following error: Access is denied.
    5/1/2012 6:32:54 AM, error: Service Control Manager [7023] - The Gbpoll service terminated with the following error: Access is denied.
    5/1/2012 6:17:54 AM, error: Service Control Manager [7023] - The Digictrl service terminated with the following error: Access is denied.
    5/1/2012 6:02:54 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avfsmn Avgldx86 Avgmfx86 Fips intelppm
    5/1/2012 6:02:54 PM, error: Service Control Manager [7023] - The Help and Support service terminated with the following error: The specified module could not be found.
    5/1/2012 6:02:53 AM, error: Service Control Manager [7023] - The Sympxsvc service terminated with the following error: Access is denied.
    5/1/2012 5:59:58 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
    5/1/2012 5:47:52 AM, error: Service Control Manager [7023] - The Rdpnp service terminated with the following error: Access is denied.
    5/1/2012 4:47:53 AM, error: Service Control Manager [7023] - The Vcommmgr service terminated with the following error: Access is denied.
    5/1/2012 4:32:49 AM, error: Service Control Manager [7023] - The Ventrilo service terminated with the following error: Access is denied.
    5/1/2012 4:17:51 AM, error: Service Control Manager [7023] - The Apfiltrservice service terminated with the following error: Access is denied.
    5/1/2012 4:02:49 AM, error: Service Control Manager [7023] - The Nfmservice service terminated with the following error: Access is denied.
    5/1/2012 3:47:47 AM, error: Service Control Manager [7023] - The Pcctlcom service terminated with the following error: Access is denied.
    5/1/2012 3:32:45 AM, error: Service Control Manager [7023] - The MozyFilter service terminated with the following error: Access is denied.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7034] - The Error Reporting Service service terminated unexpectedly. It has done this 1 time(s).
    5/1/2012 3:18:40 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 1 time(s).
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Zd1211u(zydas) service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Vetfddnt service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Symevent service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Ssfs0509 service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The SlWdmSup service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The S3psddr service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Rvscc service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Pwd_2K service terminated with the following error: Access is denied.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Mdc8021x service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Magictuneengine service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The M3AD service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The KR10I service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Elotouchscreen service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Driverhardwarev2 service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The DCamUSBSQTECH service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Dbmanagerscheduler service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Db2das00 service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Ctprxy2k service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Avc service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7023] - The Aavmker4 service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:40 PM, error: Service Control Manager [7000] - The System Event Notification service failed to start due to the following error: The pipe state is invalid.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The WNCPKT service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The WINIO service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The W800mgmt service terminated with the following error: Access is denied.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The W300mdm service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Vcomm service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Vaiomediaplatform-mobile-gateway service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Useraccess7 service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Usb_rndisx service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The UMPass service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Tphdexlgsvc service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Sqlserveragent service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The SPFDRV service terminated with the following error: Access is denied.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Snare service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Se45mgmt service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The S116obex service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Rpskt service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Rimmptsk service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Pivotmou service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The PD0620VID service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Pcctlcom service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Oracleservicesecinst service terminated with the following error: Access is denied.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Nvidesm service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Ngdbserv service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Nbf service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The MtxDma0 service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Mssql$pinnaclesys service terminated with the following error: Access is denied.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Mi-raysat_3dsMax2008_32 service terminated with the following error: Access is denied.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Mfesmfk service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Mafwboot service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Lxcc_device service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The LPCFilter service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The LMS service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Ipsecmon service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Ilicensesvc service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Icraplus service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The HidBth service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The FsVga service terminated with the following error: Access is denied.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Freepops service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The ESDCR service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The E1000 service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The COMMONFX.DLL service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The CBTNDIS5 service terminated with the following error: Access is denied.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Btfirst service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The BrSerIf service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Blueservice service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Belmonitorservice service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The ATKFUSService service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The AsDsm service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Amdppm service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The ADSMService service terminated with the following error: Access is denied.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The AdfuUd service terminated with the following error: The specified module could not be found.
    5/1/2012 3:18:39 PM, error: Service Control Manager [7023] - The Acsvc service terminated with the following error: The specified module could not be found.
    5/1/2012 3:17:47 AM, error: Service Control Manager [7023] - The Adobeactivefilemonitor4.0 service terminated with the following error: Access is denied.
    5/1/2012 3:02:43 AM, error: Service Control Manager [7023] - The Racsvc service terminated with the following error: Access is denied.
    5/1/2012 2:47:42 AM, error: Service Control Manager [7023] - The BRGSp50 service terminated with the following error: Access is denied.
    5/1/2012 2:32:41 AM, error: Service Control Manager [7023] - The Govsrv service terminated with the following error: Access is denied.
    5/1/2012 2:17:41 AM, error: Service Control Manager [7023] - The S616mgmt service terminated with the following error: Access is denied.
    5/1/2012 2:02:40 AM, error: Service Control Manager [7023] - The Aw_host service terminated with the following error: Access is denied.
    5/1/2012 12:47:34 AM, error: Service Control Manager [7023] - The Ahcix86s service terminated with the following error: Access is denied.
    5/1/2012 12:32:33 AM, error: Service Control Manager [7023] - The Bthmodem service terminated with the following error: Access is denied.
    5/1/2012 12:17:33 AM, error: Service Control Manager [7023] - The P17 service terminated with the following error: Access is denied.
    5/1/2012 12:02:29 AM, error: Service Control Manager [7023] - The Mfeavfk service terminated with the following error: Access is denied.
    5/1/2012 1:47:40 AM, error: Service Control Manager [7023] - The Nvenetfd service terminated with the following error: Access is denied.
    5/1/2012 1:32:38 AM, error: Service Control Manager [7023] - The CamAv service terminated with the following error: Access is denied.
    5/1/2012 1:17:39 AM, error: Service Control Manager [7023] - The Prevxdriver service terminated with the following error: Access is denied.
    5/1/2012 1:02:37 AM, error: Service Control Manager [7023] - The L8042mou service terminated with the following error: Access is denied.
    4/30/2012 9:47:16 PM, error: Service Control Manager [7023] - The Tmtdi service terminated with the following error: Access is denied.
    4/30/2012 11:47:26 PM, error: Service Control Manager [7023] - The Useraccess service terminated with the following error: Access is denied.
    4/30/2012 11:32:27 PM, error: Service Control Manager [7023] - The Whoisd32 service terminated with the following error: Access is denied.
    4/30/2012 11:17:59 PM, error: Service Control Manager [7023] - The Omniserv service terminated with the following error: Access is denied.
    4/30/2012 11:02:24 PM, error: Service Control Manager [7023] - The SlWdmSup service terminated with the following error: Access is denied.
    4/30/2012 10:47:23 PM, error: Service Control Manager [7023] - The Delldmi service terminated with the following error: Access is denied.
    4/30/2012 10:32:18 PM, error: Service Control Manager [7023] - The Usb_rndisx service terminated with the following error: Access is denied.
    4/30/2012 10:17:14 PM, error: Service Control Manager [7023] - The Cltnetcnservice service terminated with the following error: Access is denied.
    4/30/2012 10:02:13 PM, error: Service Control Manager [7023] - The InterBaseServer service terminated with the following error: Access is denied.
    .
    ==== End Of File ===========================
     
  13. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
    Click the "Scan" button to start scan.
    On completion of the scan click "Save log", save it to your desktop and post in your next reply.

    NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

    ===================================================================

    Download Bootkit Remover to your desktop.

    • Unzip downloaded file to your Desktop.
    • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
    • It will show a Black screen with some data on it.
    • Right click on the screen and click Select All.
    • Press CTRL+C
    • Open a Notepad and press CTRL+V
    • Post the output back here.
     
  14. mwaugh29

    mwaugh29 TS Rookie Topic Starter Posts: 36

    Hi Broni.

    Here is the aswMBR log as requested:

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-05-03 17:39:40
    -----------------------------
    17:39:40.515 OS Version: Windows 5.1.2600 Service Pack 3
    17:39:40.515 Number of processors: 1 586 0x209
    17:39:40.515 ComputerName: MATTDESKTOP UserName: Matthew
    17:39:42.203 Initialize success
    17:41:36.593 AVAST engine defs: 12050301
    17:41:47.937 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
    17:41:47.937 Disk 0 Vendor: ST340014A 3.16 Size: 38146MB BusType: 3
    17:41:47.953 Disk 0 MBR read successfully
    17:41:47.953 Disk 0 MBR scan
    17:41:47.984 Disk 0 Windows XP default MBR code
    17:41:47.984 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 39 MB offset 63
    17:41:48.031 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 38099 MB offset 80325
    17:41:48.046 Disk 0 scanning sectors +78108030
    17:41:48.125 Disk 0 scanning C:\WINDOWS\system32\drivers
    17:42:29.000 Service scanning
    17:43:20.671 Modules scanning
    17:43:35.656 Disk 0 trace - called modules:
    17:43:35.687 ntoskrnl.exe CLASSPNP.SYS disk.sys iomdisk.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
    17:43:36.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a45cab8]
    17:43:36.203 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> [0x8a45dd60]
    17:43:36.203 5 iomdisk.sys[f771feef] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a464d98]
    17:43:37.187 AVAST engine scan C:\WINDOWS
    17:44:11.750 AVAST engine scan C:\WINDOWS\system32
    17:49:09.718 AVAST engine scan C:\WINDOWS\system32\drivers
    17:49:40.453 AVAST engine scan C:\Documents and Settings\Matthew
    17:56:49.281 AVAST engine scan C:\Documents and Settings\All Users
    17:59:07.328 Scan finished successfully
    18:00:27.078 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Matthew\Desktop\MBR.dat"
    18:00:27.078 The log file has been saved successfully to "C:\Documents and Settings\Matthew\Desktop\aswMBR.txt"

    Best,
    Matt
     
  15. mwaugh29

    mwaugh29 TS Rookie Topic Starter Posts: 36

    Additionally, the Bootkit Remover log.....

    Bootkit Remover
    (c) 2009 Esage Lab
    www.esagelab.com
    Program version: 1.2.0.1
    OS Version: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)

    System volume is \\.\C:\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`02738a00
    Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd

    Size Device Name MBR Status
    --------------------------------------------
    37 GB
    \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)

    Done;
    Press any key to quit...


    I have intermittent internet use (lose connectivity after 30-40 mins) and I have now lost function of my internal and external DVD/CD-ROM drives.


    Thank you,

    Matt
     
  16. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
    There are 4 different versions. If one of them won't run then download and try to run the other one.
    Vista and Win7 users need to right click Rkill and choose Run as Administrator
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    * Rkill.com
    * Rkill.scr
    * Rkill.exe
    • Double-click on the Rkill icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.
    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
  17. mwaugh29

    mwaugh29 TS Rookie Topic Starter Posts: 36

    Hi Broni! I apologize for the delay, but AppRemover took quite a long time to remove AVG and Malwarebytes. Subsequently, I have lost internet connection on my desktop computer, and I am using an old laptop.

    I was able to run Combofix successfully, but the program found that my computer did not have Recovery Console installed (or adequately updated). Unfortunately, my lack of internet connection prevented Combofix from downloading the files/updates.

    Here is the log from Combofix:

    ComboFix 12-05-03.02 - Matthew 05/03/2012 22:22:33.1.1 - x86
    Running from: c:\documents and settings\Matthew\Desktop\ComboFix.exe
    .
    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\nsv
    c:\documents and settings\All Users\Application Data\nsv\cache\436.dfn
    c:\documents and settings\All Users\Application Data\nsv\keys.dat
    c:\documents and settings\All Users\Application Data\nsv\s04061220
    c:\documents and settings\All Users\Application Data\nsv\s04061220.xdc
    c:\documents and settings\All Users\Application Data\nsv\wmv0104.dbd
    c:\documents and settings\All Users\Application Data\nsv\wmv0106.ddx
    c:\documents and settings\All Users\Application Data\nsv\wmv0204.ddx
    c:\documents and settings\All Users\Application Data\nsv\wmv0315.ddx
    c:\documents and settings\All Users\Application Data\nsv\wmv0412.ddx
    c:\documents and settings\All Users\Application Data\nsv\wmv0504.ddx
    c:\documents and settings\All Users\Application Data\nsv\wmv0904.ddx
    c:\documents and settings\All Users\Application Data\nsv\wmv1125.ddx
    c:\documents and settings\All Users\Application Data\nsv\wmv1204.ddx
    c:\documents and settings\All Users\Application Data\nsv\wmv1215.dbd
    c:\documents and settings\All Users\Application Data\nsv\wmv1909.ddx
    c:\documents and settings\All Users\Application Data\nsv\wmv1920.dbd
    c:\documents and settings\All Users\Application Data\nsv\wmv2007.dbd
    c:\documents and settings\All Users\Application Data\TEMP
    c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfapx.exe
    c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfarx.dll
    c:\documents and settings\All Users\Application Data\TEMP\AVG\avgntdumpx.exe
    c:\documents and settings\All Users\Application Data\TEMP\AVG\avgrunasx.exe
    c:\documents and settings\All Users\Application Data\TEMP\AVG\avi7.avg
    c:\documents and settings\All Users\Application Data\TEMP\AVG\htmlayout.dll
    c:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_es.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaconf.txt
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfacz.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfada.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaes.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfafr.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfage.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfahu.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaid.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfain.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfait.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfajp.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfako.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfams.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfanl.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapb.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapl.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapt.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaru.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasc.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfask.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasp.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfatr.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaus.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfavera.txt
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaverx.txt
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazh.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazt.lns
    c:\documents and settings\All Users\Application Data\TEMP\AVG\microavi.avg
    c:\documents and settings\All Users\Application Data\TEMP\AVG\miniavi.avg
    c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe
    c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini
    c:\documents and settings\All Users\SPL1C.tmp
    c:\documents and settings\All Users\SPL1C4.tmp
    c:\documents and settings\All Users\SPL208.tmp
    c:\documents and settings\Matthew\Application Data\ptads.bin
    c:\documents and settings\Matthew\Application Data\Sskcwrd.dll
    C:\install.exe
    C:\lswmv.ini
    c:\program files\Common Files\uninstall information
    c:\program files\Common Files\WinSoftware
    c:\program files\Need2Find
    c:\program files\Need2Find\bar\History\search
    c:\program files\x password generator
    c:\program files\x password generator\ot.ico
    c:\program files\x password generator\Thumbs.db
    c:\program files\x password generator\ts.ico
    C:\WA6P
    c:\windows\$NtUninstallKB14898$
    c:\windows\$NtUninstallKB14898$\2296034024\@
    c:\windows\$NtUninstallKB14898$\2296034024\cfg.ini
    c:\windows\$NtUninstallKB14898$\2296034024\Desktop.ini
    c:\windows\$NtUninstallKB14898$\2296034024\L\asobptkf
    c:\windows\$NtUninstallKB14898$\2296034024\oemid
    c:\windows\$NtUninstallKB14898$\2296034024\U\00000001.@
    c:\windows\$NtUninstallKB14898$\2296034024\U\00000002.@
    c:\windows\$NtUninstallKB14898$\2296034024\U\00000004.@
    c:\windows\$NtUninstallKB14898$\2296034024\U\80000000.@
    c:\windows\$NtUninstallKB14898$\2296034024\U\80000004.@
    c:\windows\$NtUninstallKB14898$\2296034024\U\80000032.@
    c:\windows\$NtUninstallKB14898$\2296034024\version
    c:\windows\$NtUninstallKB14898$\3136727224
    c:\windows\cdmxtras
    c:\windows\dasetup.log
    c:\windows\Services
    c:\windows\Services\abcdlist.txt
    c:\windows\system32\dds_trash_log.cmd
    c:\windows\system32\dllcache\dlimport.exe
    c:\windows\system32\dllcache\wmpvis.dll
    c:\windows\system32\ecf7b46d.dll
    c:\windows\system32\nsvsvc
    c:\windows\system32\nsvsvc\License.txt
    c:\windows\system32\regobj.dll
    c:\windows\system32\SearchTool
    c:\windows\system32\SmartShopper
    c:\windows\system32\SmartShopper\js.dll
    c:\windows\system32\SmartShopper\msvcr71d.dll
    c:\windows\system32\srescan.dll
    c:\windows\system32\tb.dr
    c:\windows\system32\vidctrl
    .
    c:\windows\system32\proquota.exe was missing
    Restored copy from - c:\windows\$NtServicePackUninstall$\proquota.exe
    .
    c:\windows\system32\drivers\cdrom.sys was missing
    Restored copy from - c:\windows\system32\dllcache\cdrom.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Legacy_FOPN
    -------\Legacy_NM
    -------\Legacy_SERVICE
    -------\Legacy_STHDA
    -------\Service_nm
    -------\Service_service
    -------\Service_sthda
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-04-04 to 2012-05-04 )))))))))))))))))))))))))))))))
    .
    .
    2012-05-04 02:33 . 2008-04-13 18:40 62976 -c--a-w- c:\windows\system32\dllcache\cdrom.sys
    2012-05-04 02:33 . 2008-04-13 18:40 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
    2012-05-04 02:33 . 2004-08-04 07:56 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
    2012-05-04 02:33 . 2004-08-04 07:56 50176 ----a-w- c:\windows\system32\proquota.exe
    2012-05-02 18:28 . 2012-05-03 22:58 -------- d-----w- c:\documents and settings\Matthew\Application Data\Malwarebytes
    2012-05-01 00:04 . 2012-05-01 00:04 -------- d-----w- c:\documents and settings\Matthew\Local Settings\Application Data\PCHealth
    2012-04-30 19:19 . 2012-04-30 19:19 -------- d-----w- c:\documents and settings\Matthew\Application Data\Anvisoft
    2012-04-30 19:17 . 2012-04-30 19:17 -------- d-----w- c:\program files\Anvisoft
    2012-04-27 05:13 . 2001-04-05 22:55 34304 ----a-w- c:\windows\NOAA_32.DLL
    2012-04-27 05:12 . 2012-04-27 05:12 -------- d-----w- c:\documents and settings\Matthew\Application Data\FileMaker
    2012-04-27 05:11 . 2012-04-27 05:13 -------- d-----w- C:\LV6_Demo
    2012-04-25 23:04 . 2012-04-29 22:13 -------- d-----w- c:\windows\F3C1DE9E5E164BA9B8547B53A45E3579.TMP
    2012-04-23 05:49 . 2012-01-19 14:22 42864 ----a-r- c:\windows\system32\SBBD.EXE
    2012-04-23 05:49 . 2012-01-12 13:26 101112 ----a-r- c:\windows\system32\drivers\SBREDrv.sys
    2012-04-10 21:40 . 2012-05-03 17:53 -------- d-----w- c:\documents and settings\Matthew\Application Data\Dropbox
    2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
    2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-03-15 12:25 . 2003-08-05 17:55 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2012-03-15 12:25 . 2003-08-05 17:55 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2012-03-15 12:21 . 2011-07-02 12:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    .
    .
    ------- Sigcheck -------
    Note: Unsigned files aren't necessarily malware.
    .
    Cryptography Services Error !!
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Matthew\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Matthew\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Matthew\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Matthew\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-15 39408]
    "Easy Dock"="c:\documents and settings\Matthew\My Documents\RCA easyRip\EZDock.exe" [2011-01-18 585728]
    "DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2011-06-08 822456]
    "Akamai NetSession Interface"="c:\documents and settings\Matthew\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-03-13 3331872]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DwlClient"="c:\program files\Common Files\Dell\EUSW\Support.exe" [2004-05-28 323584]
    "IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-04-07 155648]
    "HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-04-07 114688]
    "dlcxmon.exe"="c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
    "Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2005-08-31 106496]
    "mmtask"="c:\program files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe" [2004-10-08 53248]
    "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 53248]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-07-14 77824]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Amazon Unbox.lnk - c:\program files\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe [2010-9-13 97384]
    Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2004-7-13 24576]
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
    VPN Client.lnk - c:\windows\Installer\{F3C1DE9E-5E16-4BA9-B854-7B53A45E3579}\Icon3E5562ED7.ico [2009-9-5 6144]
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0stera\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\98D0CE0C16B1]
    D0CE0C16B1 [X]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "WinToolsSvc"=2 (0x2)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\AGE2_X1.ICD"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    .
    3;2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
    R2 kbdes;kbdes;c:\windows\System32\kbdes.exe [x]
    R2 pcouffin;RIOXDRV;c:\windows\system32\svchost.exe [2008-04-14 14336]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 133104]
    R3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\DRIVERS\nwusbser2.sys [2008-05-09 174336]
    R4 Perdmin;Perdmin;c:\windows\System32\drivers\amsproxy.sys [x]
    S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-04-14 14336]
    S2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe [2006-10-11 532480]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    Akamai REG_MULTI_SZ Akamai
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    pshost
    csctl50
    aiclient
    ARPolicy
    {eda5f5d3-9e0f-4f4d-8a13-1d1cf469c9cc}
    WaveEnrollmentService
    superproserver
    mcvsrte
    smartlinkservice
    pivot
    rupsmon
    db2remotecmd
    ASLDRService
    vpcnfltr
    ulcdrhlp
    MTDVC2
    ADIDTSFiltService
    cfgwzsvc
    webrootadminconsole
    L8042Kbd
    dtscsi
    sandrathesrv
    edspport
    sscdserd
    fsaa
    ltxred
    FlexBios
    USBCamera
    atkdisplf
    SSFS0BB9
    DC21x4
    websensecamreportserver
    prohlp02
    sr_service
    thinkpadmodemservice
    rvscc
    maxbackserviceint
    pctavsvc
    nwlnkipx
    SiSGbeXP
    SNDO763
    btaudio
    tfsnudf
    epson_pm_rpcv2_01
    s117nd5
    sbp2port
    artourservice
    CT20XUT.DLL
    ifxtcs
    SiRemFil
    adaptecstoragemanageragent
    wpsscannersvc
    genmcmn
    dlbu_device
    dlapoolm
    avsvcmonitor
    SIODRV
    W55U01
    ageresoftmodem
    U81xbus
    dcpflics
    mrvw245
    dlaudfam
    sskbfd
    NvNdis
    NdisFilt
    sffp_sd
    SimpTcp
    mferkdk
    a016bus
    VRcore
    commserver
    iisadmin
    cwafrmiregistry
    arkbcfltr
    pciSd
    penrendezvous
    sleepy
    SQLAgent$ABBEYIIOFFLINE
    clcapsvc
    dsproct
    aslm75
    cnxtdiag
    ibmcicstransactiongateway
    websenselogserver
    mr2kserv
    dpc_srv_webcast
    61883
    zmxpzip
    mwspollserver
    lyncusbserv
    OneCareMP
    tosrfhid
    ndasbus
    DMUSBUSBDCam
    MSFWHLPR
    deventagent
    wmccdsls
    idebusdr
    pwkntmon
    SndTDriverV32
    mcredirector
    sonywbms
    ISAMSvc
    ZuneWlanCfgSvc
    igniteservice.exe
    se26nd5
    tmesrv3
    twotrack
    EagleNT
    DS1410D
    szkg
    mpservice
    rnadirectory
    bobo
    com4qlb
    LC7981
    aniwzcsdservice
    nocashio
    sfcure01
    rpcsvr4x
    hpqwmi
    lvuvc
    BrScnUsb
    z800bus
    SRS_SSCFilter
    oracleorahomeagent
    pcampr5
    MSMQTriggers
    FVNETusb
    TIEHDUSB
    lxcgcustomerconnect
    pimsgss
    freepops
    mssqlserveradhelper
    ovepstatusengine
    radclock
    bgmainsvc
    Evian
    adpu320
    usbio
    CTEAPSFX.DLL
    unlockerdriver5
    UxTuneUp
    ntrtscan
    Jukebox
    iAimFP6
    btwmodem
    isamsmt
    akshasp
    Atmuni
    NTSIM
    psasrv
    o2flash
    asuskbnt
    pdlnecfg
    blueservice
    dcstor32
    adfs
    pinnaclesys.mediaserver
    fsssvc
    regmanserv
    CTMFLT
    dntus26
    LMIRfsClientNP
    adihdaudaddservice
    ATKGFNEXSrv
    df5serv
    maya70docserver
    wacomvhid
    dm1service
    SE2Dmdfl
    videX32
    symwsc
    LXARScan
    msmpsvc
    LVBulk
    Intel_MIPMNMP
    ccevtmgr
    WMIService
    fasttraksvc
    avgfwsrv
    slip
    raidmsvr
    RDID1027
    pnkbstrb
    ati2mtaa
    issm
    GoToAssist
    uisp
    GoogleDesktopManager-010708-104812
    UVCFTR
    symantecantibotagent
    UlSata
    TNaviSrv
    mcstrm
    bwmservice
    NVTCP
    lvckap
    JRAID
    ha20x2k
    armoucfltr
    wlankeeper
    DCamUSBEMPIA
    alertmanager
    naveng
    LCcfltr
    wdm_au8820
    soma
    scanwscs
    crystalaps
    EMSCR
    sisidex
    sit_bus
    s3savagemx
    aswupdsv
    Video3D
    VICESYS
    SE27mdfl
    licensemanagersocket
    WscNetDr
    websensewfreportserver
    ctac32k
    ptbsync
    btwdins
    tmlisten
    CTAUDFX.DLL
    bt
    vvdsvc
    A4S2600
    awhost32
    hpqddsvc
    bridge
    SNPSTD3
    wmp54gssvc
    vrmonsvc
    neokdss
    servidor
    lkclassads
    tfsndres
    athr
    NITaggerService
    pav_service
    compaq_rba
    tng-doba
    SaiMini
    tvtfilter
    enxpsvr
    idrivert
    automate6
    pavreport
    oracle_load_balancer_60_server-forms6i
    PGPsdkDriver
    se2Dunic
    atinrvxx
    sysenforce
    int15
    ss_mdm
    tifm21
    transcode360
    mcupdmgr.exe
    USR1806V
    ar5211
    adiloader
    s116obex
    tdrpman174
    rtl8029
    snpstd
    pduip6000dmemcrdmgr
    hpgate
    statusagent4
    mfeapfk
    s217unic
    AsIO
    tosrfbd
    EAWDMFD
    GT891x
    CoolerXPDriver
    nscirda
    nuvaud2
    ihcservice
    symfw
    CTAudSvcService
    aolavupd
    mcproxy
    se44nd5
    PPPoEWin
    AdfuUd
    amusbprt
    aksusb
    s117bus
    spbbcdrv
    NEOFLTR_600_13319
    dbmanagerscheduler
    lvupdtio
    cdvp
    ddxgb
    xusb21
    wmp54gv4svc
    spcsutilityservice
    BRGSp50
    symdns
    tsircsrv
    GTPTSER
    sgeclient
    VAIOMediaPlatform-VideoServer-UPnP
    NWFILTER
    DynDNS_Updater_Service
    iviaspi
    cqmgserv
    cusrvc
    moufiltr
    w550mdm
    st330service
    bcoreusb
    rtm
    PTproct
    hmonitor
    bthserv
    SymIMMP
    livesrv
    s117mdm
    KMW_SYS
    trufos
    flashpnt
    SRTSPL
    Afc
    bb-run
    bc_tdi_f
    emitray
    stylexphelper
    rtport
    networkx
    MRENDIS5
    tmxpflt
    OracleOraHome92ClientCache
    mgabg
    JiaoCap
    se58bus
    autocomplete
    CX88AUD
    spcstb
    patrol_scheduler
    SaiH040B
    oraclesnmppeermasteragent
    proxyhostdriver
    imonitor
    utscsi
    speakerphone
    AtiPcie
    VRFIL
    cypresslink
    ehsched
    NSSvcMgr
    pcx1nd5
    RTLE8023xp
    avc
    Sntnlusb
    AX88772
    SiS300i
    rdnaoflsvc
    MA8032U
    zpcollector
    mcsysmon
    mediamaxxlservice
    dmprimer
    U81xmdfl
    patrolagent
    dlartl_n
    vaiomediaplatform-integratedserver-http
    amdppm
    X4HSX32
    RTHDMIAzAudService
    UpdateCenterService
    ntuneservice
    BrPar
    se2Bunic
    mvserver
    NxSysMon
    LMouKE
    entech
    UsbserFilt
    truecrypt
    db2
    olcamsrv
    Airgo
    SE2Cobex
    p2pgasvc
    netdetect
    GTSCSER
    roxupnprenderer
    ipodservice
    iPassPeriodicUpdateService
    Cam5603C
    GoBack2K
    lpds
    ssidrv
    db2jds
    ccflic0
    zumbus
    mksvirmonsvc
    vpn5000service
    lktimesync
    AtiHdmiService
    mgisvr
    wkscfgsrv
    TICalc
    antivirscheduler
    ownershipprotocol
    hwdatacard
    googledesktopmanager
    pccsmcfd
    siside
    iclarityqosservice
    svv
    avidstartup
    RMCAST
    EUSBMSD
    mrpostman
    cq_mem
    MRESP50
    retrowdsvc
    prtg4service
    smartscaps
    mbackmonitor
    RR2Ctrl
    slabbus
    LVVI500A
    HBtnKey
    SE2Bbus
    wintabservice
    QWAVEDRV
    backupexecjobengine
    NTIDrvr
    nwlnknb
    atiavaiw
    mcrdsvc
    G400DH
    ceepwrsvc
    mclserviceatl
    cercsr6
    qcdonner
    SaiNtSub
    QPSched
    Sk99202k
    CdaD10BA
    SANDRA
    svcwrsssdk
    Wuser32
    vzupsvc
    WmiAcpi
    plscsi
    tosrfnds
    firesvc
    fcdabus
    NWDNS
    vxsvc
    ICAM5USB
    personalsecuredriveservice
    regservice
    avgio
    Tablet2k
    twdns
    CoachUsb
    portio
    lxdmCATSCustConnectService
    eelogsvc
    s125bus
    pcouffin
    fah@c:+fah+fah-service+fah502-console.exe
    xfactorae1
    mfetdik
    softfax
    lxby_device
    cvspydr2
    Cam5607
    qhwscsvc
    tlntsvr
    lckfldservice
    ltmodem5
    lpx
    sfusvc
    jtagserver
    omniusbl
    nlsvc
    IOSLINK
    VNUSB
    zpjava
    gemserv
    RSAFAL
    WLAN_USB
    sglogplayer
    mozybackup
    us30service
    RadProbe
    ZTEusbnmea
    TMMEmu
    TPM
    iirsp
    3c1807pd
    MaVctrl
    besclient
    nvsmu
    lvhidsvc
    AmdLLD
    NIPALK
    SerTVOutCtlr
    {834170a7-af3b-4d34-a757-e05eb29ee96d}
    mwsarcpkt
    rootmodem
    rpcapd
    mdm
    ipssvc
    utilman
    U81xmgmt
    omniinet
    ehstart
    winvnc4
    cpqrcmc
    WavxDMgr
    mstdfrgs
    PAC7302
    USIUDF
    clsched
    merakcontrol
    ativraxx
    Mtlmnt5
    se44mdm
    tsdhd
    pdlncfwk
    sansaservice
    Fd16_700
    UBHelper
    dlaudf_m
    k750obex
    se2End5
    SSHDRV61
    SPFDRV
    hpdskflt
    mohfilt
    websensecpmcommunicationagent
    atiavpci
    wfxsvc
    ZD1211BU(ZyDAS)
    gtndis5
    SiSRaid2
    sp_rssrv
    rslinxng
    mssql$microsoftsmlbiz
    omsad
    odclientservice
    ASUSVRC
    ccispwdsvc
    nmwcd
    NETw4v32
    pca
    AFGMp50
    pinnaclemarvinusb
    nuvvid2
    ShockMgr
    cics.region1
    DSDrv4
    ssdiagn
    pinger
    sr_watchdog
    dlbt_device
    usbvideo
    NAL
    WISTechVIDCAP
    HpqKbFiltr
    WacomVKHid
    SiSRaid
    tunmp
    SRVLOC
    uiusys
    WcesComm
    mssql$microsoftbcm
    ctmmfilt
    ntsvcmgr
    TMBMServer
    protexislicensing
    w3svc
    trackcam4
    entertainment
    ati2mpaa
    backupexecnamingservice
    UNDPX2A
    pdlncbas
    avgtdi
    NCPro
    vmount2
    ibmpmsvc
    hpt3xx
    usbohci
    winachsx
    s125mgmt
    scramby
    s3ssavage
    mcshield
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 19:14]
    .
    2012-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 19:14]
    .
    2007-04-18 c:\windows\Tasks\ISP signup reminder 1.job
    - c:\windows\System32\OOBE\OOBEBALN.EXE [2002-08-29 00:12]
    .
    2012-05-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2771761046-1399984018-4223984257-1007.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 20:02]
    .
    2012-04-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2771761046-1399984018-4223984257-1007.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 20:02]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.techspot.com/community/topics/updated-5-step-viruses-spyware-malware-preliminary-removal-instructions.58138/
    mSearch Bar = hxxp://websearch.drsnsrch.com/sidesearch.cgi?id=
    uInternet Settings,ProxyOverride = 127.0.0.1;127.0.0.1:9421;<local>
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
    Trusted Zone: iomega.com\istorage
    Trusted Zone: musicmatch.com
    Trusted Zone: turbotax.com
    Trusted Zone: contentmatch.net\ny
    Trusted Zone: kent.edu
    Trusted Zone: musicmatch.com
    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
    DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    DPF: {707873C7-03BB-4F1A-95EC-4AAF1C3D463E} - hxxps://iomega-na-en.custhelp.com/rnt/rnw/activex/wspellam.cab
    DPF: {755CC1E8-C05A-4A98-8764-132DB2A0472C} - hxxps://iomega-na-en--rpt.custhelp.com/rnt/rnw/activex/ColorPickerX.cab
    DPF: {99C7B1B6-C556-4BA2-BBF6-4E19394A260B} - hxxp://iomega-na-en.custhelp.com/rnt/rnw/client_files/RNTProcMan.cab
    DPF: {C22877C3-4214-11D0-B0DA-080009C351D7} - hxxp://istorage.iomega.com/istorage.cab
    FF - ProfilePath - c:\documents and settings\Matthew\Application Data\Mozilla\Firefox\Profiles\t5g9cqyt.default\
    FF - prefs.js: browser.search.selectedEngine - Yahoo
    FF - prefs.js: browser.startup.homepage - hxxp://wacoff05.football.sportsline.com/
    FF - prefs.js: keyword.URL - hxxp://ws1.appswebservice.com/index.php?tpid=10292&ttid=105&st=
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
    FF - Ext: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - %profile%\extensions\{a0729639-d831-46c9-811b-9b0aa79fb45a}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    .
    - - - - ORPHANS REMOVED - - - -
    .
    BHO-{39DD157D-B016-77C7-D255-64557BA07F1E} - (no file)
    BHO-{ECF7B474-465D-1EDE-2292-EF28C011DD0C} - (no file)
    HKLM-Run-MemoryCardManager - (no file)
    HKLM-Run-Easy Dock - (no file)
    SSODL-jCXOPI-{ECF7B46E-465D-1EC4-690E-DE3CC011DD09} - (no file)
    Notify-TPSvc - TPSvc.dll
    MSConfigStartUp-A70F6A1D-0195-42a2-934C-D8AC0F7C08EB - E6F1873B.DLL
    MSConfigStartUp-mr2btauwudsp - c:\docume~1\Matthew\LOCALS~1\Temp\svchost.exe
    MSConfigStartUp-winservice - c:\windows\services\svchost.exe
    MSConfigStartUp-{12EE7A5E-0674-42f9-A76B-000000004D00} - stlb2.dll
    AddRemove-58acd0050a8d - c:\windows\System32\blackbox.exe
    AddRemove-Chessmaster 9000 - c:\program files\Ubi Soft\Chessmaster 9000\CM9kUninst.isu
    AddRemove-Windows SA - c:\windows\System32\axuninstall.exe
    AddRemove-Windows SR 2.0 - c:\windows\UnstSA2.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-05-03 22:41
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    DwlClient = c:\program files\Common Files\Dell\EUSW\Support.exe?l?e?s?\?D?e?l?l?\?E?U?S?W?\?S?u?p?p?o?r?t?.?e?x?e???x???x???????????????????x???????????x???x???????????x???????????x???x????????????????????????????????????????D?w????????????7??w????x???x??????????????
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    "ServiceDll"="%systemroot%\system32\iteatapi.dll"
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\fah@c:+fah+fah-service+fah502-console.exe]
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Akamai]
    "ServiceDll"="c:\program files\common files\akamai/netsession_win_6c825ce.dll"
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Iomega Activity Disk2]
    "ImagePath"="\"\""
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'winlogon.exe'(896)
    c:\windows\System32\l3codeca.acm
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\LEXBCES.EXE
    c:\windows\system32\LEXPPS.EXE
    c:\windows\system32\acs.exe
    c:\progra~1\Iomega\System32\AppServices.exe
    c:\program files\Java\jre6\bin\jqs.exe
    .
    **************************************************************************
    .
    Completion time: 2012-05-03 22:43:27 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-05-04 02:43
    .
    Pre-Run: 6,762,713,088 bytes free
    Post-Run: 7,445,454,848 bytes free
    .
    - - End Of File - - 19963945D2157BC38D2210ECA8A015FE




    Thanks again for your help!

    Matt
     
  18. mwaugh29

    mwaugh29 TS Rookie Topic Starter Posts: 36

    I forgot to mention that after running Combofix, I now have both CD/DVD-ROM drives working properly. Should I attempt to install the Recovery Console files from my WinXP installation CD?
     
  19. mwaugh29

    mwaugh29 TS Rookie Topic Starter Posts: 36

    I have rebooted ~5 times and still no internet connection. Any ideas?

    Best,
    Matt
     
  20. mwaugh29

    mwaugh29 TS Rookie Topic Starter Posts: 36

    Hi Broni,

    I am experiencing a few other things since we began:

    Restarting Windows takes a very long time-- I can see only the background with no icons or taskbar for about 4-5 minutes.

    Additionally, I have no sound.

    Finally, still no internet. I have tried restarting the WZC service, but this did nothing. Any suggestions?

    Thanks,
    Matt
     
  21. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    We'll try to take care of your internet connection as soon as we're done with Combofix.

    1. Please open Notepad (Start>All Programs>Accessories>Notepad).

    2. Now copy/paste the entire content of the codebox below into the Notepad window:

    Code:
    File::
    c:\windows\System32\kbdes.exe
    c:\windows\System32\drivers\amsproxy.sys
    c:\windows\Tasks\ISP signup reminder 1.job
    
    DDS::
    uInternet Settings,ProxyOverride = 127.0.0.1;127.0.0.1:9421;<local>
    
    
    Driver::
    kbdes
    Perdmin
    
    Registry::
    
    ClearJavaCache::
    

    3. Save the above as CFScript.txt

    4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

    5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

    [​IMG]


    6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
    • Combofix.txt
     
  22. mwaugh29

    mwaugh29 TS Rookie Topic Starter Posts: 36

    Here is the log from the most recent run...


    ComboFix 12-05-03.02 - Matthew 05/04/2012 22:03:17.2.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.887 [GMT -4:00]
    Running from: c:\documents and settings\Matthew\Desktop\ComboFix.exe
    Command switches used :: c:\documents and settings\Matthew\Desktop\CFScript.txt
    * Created a new restore point
    .
    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .
    FILE ::
    "c:\windows\System32\drivers\amsproxy.sys"
    "c:\windows\System32\kbdes.exe"
    "c:\windows\Tasks\ISP signup reminder 1.job"
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\Tasks\ISP signup reminder 1.job
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Legacy_KBDES
    -------\Legacy_PERDMIN
    -------\Service_kbdes
    -------\Service_Perdmin
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-04-05 to 2012-05-05 )))))))))))))))))))))))))))))))
    .
    .
    2012-05-04 02:33 . 2008-04-13 18:40 62976 -c--a-w- c:\windows\system32\dllcache\cdrom.sys
    2012-05-04 02:33 . 2008-04-13 18:40 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
    2012-05-04 02:33 . 2004-08-04 07:56 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
    2012-05-04 02:33 . 2004-08-04 07:56 50176 ----a-w- c:\windows\system32\proquota.exe
    2012-05-02 18:28 . 2012-05-03 22:58 -------- d-----w- c:\documents and settings\Matthew\Application Data\Malwarebytes
    2012-05-01 00:04 . 2012-05-01 00:04 -------- d-----w- c:\documents and settings\Matthew\Local Settings\Application Data\PCHealth
    2012-04-30 19:19 . 2012-04-30 19:19 -------- d-----w- c:\documents and settings\Matthew\Application Data\Anvisoft
    2012-04-30 19:17 . 2012-04-30 19:17 -------- d-----w- c:\program files\Anvisoft
    2012-04-27 05:13 . 2001-04-05 22:55 34304 ----a-w- c:\windows\NOAA_32.DLL
    2012-04-27 05:12 . 2012-04-27 05:12 -------- d-----w- c:\documents and settings\Matthew\Application Data\FileMaker
    2012-04-27 05:11 . 2012-05-04 03:15 -------- d-----w- C:\LV6_Demo
    2012-04-23 05:49 . 2012-01-19 14:22 42864 ----a-r- c:\windows\system32\SBBD.EXE
    2012-04-23 05:49 . 2012-01-12 13:26 101112 ----a-r- c:\windows\system32\drivers\SBREDrv.sys
    2012-04-10 21:40 . 2012-05-03 17:53 -------- d-----w- c:\documents and settings\Matthew\Application Data\Dropbox
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-03-15 12:25 . 2003-08-05 17:55 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2012-03-15 12:25 . 2003-08-05 17:55 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2012-03-15 12:21 . 2011-07-02 12:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    .
    .
    ------- Sigcheck -------
    Note: Unsigned files aren't necessarily malware.
    .
    Cryptography Services Error !!
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-05-04_02.36.26 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2004-07-13 23:38 . 2012-03-15 12:19 72572 c:\windows\SYSTEM32\PERFC009.DAT
    + 2004-07-13 23:38 . 2012-05-04 02:45 72572 c:\windows\SYSTEM32\PERFC009.DAT
    + 2004-07-13 23:38 . 2012-05-04 02:45 443900 c:\windows\SYSTEM32\PERFH009.DAT
    - 2004-07-13 23:38 . 2012-03-15 12:19 443900 c:\windows\SYSTEM32\PERFH009.DAT
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Matthew\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Matthew\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Matthew\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Matthew\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-15 39408]
    "DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2011-06-08 822456]
    "Akamai NetSession Interface"="c:\documents and settings\Matthew\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-03-13 3331872]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DwlClient"="c:\program files\Common Files\Dell\EUSW\Support.exe" [2004-05-28 323584]
    "IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-04-07 155648]
    "HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-04-07 114688]
    "dlcxmon.exe"="c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
    "Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2005-08-31 106496]
    "mmtask"="c:\program files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe" [2004-10-08 53248]
    "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 53248]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-07-14 77824]
    "Easy Dock"="" [BU]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Amazon Unbox.lnk - c:\program files\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe [2010-9-13 97384]
    Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2004-7-13 24576]
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0stera\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\98D0CE0C16B1]
    D0CE0C16B1 [X]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "WinToolsSvc"=2 (0x2)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\AGE2_X1.ICD"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    .
    R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-04-14 14336]
    R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe [2006-10-11 532480]
    R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 133104]
    R2 pcouffin;RIOXDRV;c:\windows\system32\svchost.exe [2008-04-14 14336]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 133104]
    R3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\DRIVERS\nwusbser2.sys [2008-05-09 174336]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    Akamai REG_MULTI_SZ Akamai
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    pshost
    csctl50
    aiclient
    ARPolicy
    {eda5f5d3-9e0f-4f4d-8a13-1d1cf469c9cc}
    WaveEnrollmentService
    superproserver
    mcvsrte
    smartlinkservice
    pivot
    rupsmon
    db2remotecmd
    ASLDRService
    vpcnfltr
    ulcdrhlp
    MTDVC2
    ADIDTSFiltService
    cfgwzsvc
    webrootadminconsole
    L8042Kbd
    dtscsi
    sandrathesrv
    edspport
    sscdserd
    fsaa
    ltxred
    FlexBios
    USBCamera
    atkdisplf
    SSFS0BB9
    DC21x4
    websensecamreportserver
    prohlp02
    sr_service
    thinkpadmodemservice
    rvscc
    maxbackserviceint
    pctavsvc
    nwlnkipx
    SiSGbeXP
    SNDO763
    btaudio
    tfsnudf
    epson_pm_rpcv2_01
    s117nd5
    sbp2port
    artourservice
    CT20XUT.DLL
    ifxtcs
    SiRemFil
    adaptecstoragemanageragent
    wpsscannersvc
    genmcmn
    dlbu_device
    dlapoolm
    avsvcmonitor
    SIODRV
    W55U01
    ageresoftmodem
    U81xbus
    dcpflics
    mrvw245
    dlaudfam
    sskbfd
    NvNdis
    NdisFilt
    sffp_sd
    SimpTcp
    mferkdk
    a016bus
    VRcore
    commserver
    iisadmin
    cwafrmiregistry
    arkbcfltr
    pciSd
    penrendezvous
    sleepy
    SQLAgent$ABBEYIIOFFLINE
    clcapsvc
    dsproct
    aslm75
    cnxtdiag
    ibmcicstransactiongateway
    websenselogserver
    mr2kserv
    dpc_srv_webcast
    61883
    zmxpzip
    mwspollserver
    lyncusbserv
    OneCareMP
    tosrfhid
    ndasbus
    DMUSBUSBDCam
    MSFWHLPR
    deventagent
    wmccdsls
    idebusdr
    pwkntmon
    SndTDriverV32
    mcredirector
    sonywbms
    ISAMSvc
    ZuneWlanCfgSvc
    igniteservice.exe
    se26nd5
    tmesrv3
    twotrack
    EagleNT
    DS1410D
    szkg
    mpservice
    rnadirectory
    bobo
    com4qlb
    LC7981
    aniwzcsdservice
    nocashio
    sfcure01
    rpcsvr4x
    hpqwmi
    lvuvc
    BrScnUsb
    z800bus
    SRS_SSCFilter
    oracleorahomeagent
    pcampr5
    MSMQTriggers
    FVNETusb
    TIEHDUSB
    lxcgcustomerconnect
    pimsgss
    freepops
    mssqlserveradhelper
    ovepstatusengine
    radclock
    bgmainsvc
    Evian
    adpu320
    usbio
    CTEAPSFX.DLL
    unlockerdriver5
    UxTuneUp
    ntrtscan
    Jukebox
    iAimFP6
    btwmodem
    isamsmt
    akshasp
    Atmuni
    NTSIM
    psasrv
    o2flash
    asuskbnt
    pdlnecfg
    blueservice
    dcstor32
    adfs
    pinnaclesys.mediaserver
    fsssvc
    regmanserv
    CTMFLT
    dntus26
    LMIRfsClientNP
    adihdaudaddservice
    ATKGFNEXSrv
    df5serv
    maya70docserver
    wacomvhid
    dm1service
    SE2Dmdfl
    videX32
    symwsc
    LXARScan
    msmpsvc
    LVBulk
    Intel_MIPMNMP
    ccevtmgr
    WMIService
    fasttraksvc
    avgfwsrv
    slip
    raidmsvr
    RDID1027
    pnkbstrb
    ati2mtaa
    issm
    GoToAssist
    uisp
    GoogleDesktopManager-010708-104812
    UVCFTR
    symantecantibotagent
    UlSata
    TNaviSrv
    mcstrm
    bwmservice
    NVTCP
    lvckap
    JRAID
    ha20x2k
    armoucfltr
    wlankeeper
    DCamUSBEMPIA
    alertmanager
    naveng
    LCcfltr
    wdm_au8820
    soma
    scanwscs
    crystalaps
    EMSCR
    sisidex
    sit_bus
    s3savagemx
    aswupdsv
    Video3D
    VICESYS
    SE27mdfl
    licensemanagersocket
    WscNetDr
    websensewfreportserver
    ctac32k
    ptbsync
    btwdins
    tmlisten
    CTAUDFX.DLL
    bt
    vvdsvc
    A4S2600
    awhost32
    hpqddsvc
    bridge
    SNPSTD3
    wmp54gssvc
    vrmonsvc
    neokdss
    servidor
    lkclassads
    tfsndres
    athr
    NITaggerService
    pav_service
    compaq_rba
    tng-doba
    SaiMini
    tvtfilter
    enxpsvr
    idrivert
    automate6
    pavreport
    oracle_load_balancer_60_server-forms6i
    PGPsdkDriver
    se2Dunic
    atinrvxx
    sysenforce
    int15
    ss_mdm
    tifm21
    transcode360
    mcupdmgr.exe
    USR1806V
    ar5211
    adiloader
    s116obex
    tdrpman174
    rtl8029
    snpstd
    pduip6000dmemcrdmgr
    hpgate
    statusagent4
    mfeapfk
    s217unic
    AsIO
    tosrfbd
    EAWDMFD
    GT891x
    CoolerXPDriver
    nscirda
    nuvaud2
    ihcservice
    symfw
    CTAudSvcService
    aolavupd
    mcproxy
    se44nd5
    PPPoEWin
    AdfuUd
    amusbprt
    aksusb
    s117bus
    spbbcdrv
    NEOFLTR_600_13319
    dbmanagerscheduler
    lvupdtio
    cdvp
    ddxgb
    xusb21
    wmp54gv4svc
    spcsutilityservice
    BRGSp50
    symdns
    tsircsrv
    GTPTSER
    sgeclient
    VAIOMediaPlatform-VideoServer-UPnP
    NWFILTER
    DynDNS_Updater_Service
    iviaspi
    cqmgserv
    cusrvc
    moufiltr
    w550mdm
    st330service
    bcoreusb
    rtm
    PTproct
    hmonitor
    bthserv
    SymIMMP
    livesrv
    s117mdm
    KMW_SYS
    trufos
    flashpnt
    SRTSPL
    Afc
    bb-run
    bc_tdi_f
    emitray
    stylexphelper
    rtport
    networkx
    MRENDIS5
    tmxpflt
    OracleOraHome92ClientCache
    mgabg
    JiaoCap
    se58bus
    autocomplete
    CX88AUD
    spcstb
    patrol_scheduler
    SaiH040B
    oraclesnmppeermasteragent
    proxyhostdriver
    imonitor
    utscsi
    speakerphone
    AtiPcie
    VRFIL
    cypresslink
    ehsched
    NSSvcMgr
    pcx1nd5
    RTLE8023xp
    avc
    Sntnlusb
    AX88772
    SiS300i
    rdnaoflsvc
    MA8032U
    zpcollector
    mcsysmon
    mediamaxxlservice
    dmprimer
    U81xmdfl
    patrolagent
    dlartl_n
    vaiomediaplatform-integratedserver-http
    amdppm
    X4HSX32
    RTHDMIAzAudService
    UpdateCenterService
    ntuneservice
    BrPar
    se2Bunic
    mvserver
    NxSysMon
    LMouKE
    entech
    UsbserFilt
    truecrypt
    db2
    olcamsrv
    Airgo
    SE2Cobex
    p2pgasvc
    netdetect
    GTSCSER
    roxupnprenderer
    ipodservice
    iPassPeriodicUpdateService
    Cam5603C
    GoBack2K
    lpds
    ssidrv
    db2jds
    ccflic0
    zumbus
    mksvirmonsvc
    vpn5000service
    lktimesync
    AtiHdmiService
    mgisvr
    wkscfgsrv
    TICalc
    antivirscheduler
    ownershipprotocol
    hwdatacard
    googledesktopmanager
    pccsmcfd
    siside
    iclarityqosservice
    svv
    avidstartup
    RMCAST
    EUSBMSD
    mrpostman
    cq_mem
    MRESP50
    retrowdsvc
    prtg4service
    smartscaps
    mbackmonitor
    RR2Ctrl
    slabbus
    LVVI500A
    HBtnKey
    SE2Bbus
    wintabservice
    QWAVEDRV
    backupexecjobengine
    NTIDrvr
    nwlnknb
    atiavaiw
    mcrdsvc
    G400DH
    ceepwrsvc
    mclserviceatl
    cercsr6
    qcdonner
    SaiNtSub
    QPSched
    Sk99202k
    CdaD10BA
    SANDRA
    svcwrsssdk
    Wuser32
    vzupsvc
    WmiAcpi
    plscsi
    tosrfnds
    firesvc
    fcdabus
    NWDNS
    vxsvc
    ICAM5USB
    personalsecuredriveservice
    regservice
    avgio
    Tablet2k
    twdns
    CoachUsb
    portio
    lxdmCATSCustConnectService
    eelogsvc
    s125bus
    pcouffin
    fah@c:+fah+fah-service+fah502-console.exe
    xfactorae1
    mfetdik
    softfax
    lxby_device
    cvspydr2
    Cam5607
    qhwscsvc
    tlntsvr
    lckfldservice
    ltmodem5
    lpx
    sfusvc
    jtagserver
    omniusbl
    nlsvc
    IOSLINK
    VNUSB
    zpjava
    gemserv
    RSAFAL
    WLAN_USB
    sglogplayer
    mozybackup
    us30service
    RadProbe
    ZTEusbnmea
    TMMEmu
    TPM
    iirsp
    3c1807pd
    MaVctrl
    besclient
    nvsmu
    lvhidsvc
    AmdLLD
    NIPALK
    SerTVOutCtlr
    {834170a7-af3b-4d34-a757-e05eb29ee96d}
    mwsarcpkt
    rootmodem
    rpcapd
    mdm
    ipssvc
    utilman
    U81xmgmt
    omniinet
    ehstart
    winvnc4
    cpqrcmc
    WavxDMgr
    mstdfrgs
    PAC7302
    USIUDF
    clsched
    merakcontrol
    ativraxx
    Mtlmnt5
    se44mdm
    tsdhd
    pdlncfwk
    sansaservice
    Fd16_700
    UBHelper
    dlaudf_m
    k750obex
    se2End5
    SSHDRV61
    SPFDRV
    hpdskflt
    mohfilt
    websensecpmcommunicationagent
    atiavpci
    wfxsvc
    ZD1211BU(ZyDAS)
    gtndis5
    SiSRaid2
    sp_rssrv
    rslinxng
    mssql$microsoftsmlbiz
    omsad
    odclientservice
    ASUSVRC
    ccispwdsvc
    nmwcd
    NETw4v32
    pca
    AFGMp50
    pinnaclemarvinusb
    nuvvid2
    ShockMgr
    cics.region1
    DSDrv4
    ssdiagn
    pinger
    sr_watchdog
    dlbt_device
    usbvideo
    NAL
    WISTechVIDCAP
    HpqKbFiltr
    WacomVKHid
    SiSRaid
    tunmp
    SRVLOC
    uiusys
    WcesComm
    mssql$microsoftbcm
    ctmmfilt
    ntsvcmgr
    TMBMServer
    protexislicensing
    w3svc
    trackcam4
    entertainment
    ati2mpaa
    backupexecnamingservice
    UNDPX2A
    pdlncbas
    avgtdi
    NCPro
    vmount2
    ibmpmsvc
    hpt3xx
    usbohci
    winachsx
    s125mgmt
    scramby
    s3ssavage
    mcshield
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 19:14]
    .
    2012-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 19:14]
    .
    2012-05-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2771761046-1399984018-4223984257-1007.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 20:02]
    .
    2012-04-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2771761046-1399984018-4223984257-1007.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 20:02]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.techspot.com/community/topics/updated-5-step-viruses-spyware-malware-preliminary-removal-instructions.58138/
    mSearch Bar = hxxp://websearch.drsnsrch.com/sidesearch.cgi?id=
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
    Trusted Zone: iomega.com\istorage
    Trusted Zone: musicmatch.com
    Trusted Zone: turbotax.com
    Trusted Zone: contentmatch.net\ny
    Trusted Zone: kent.edu
    Trusted Zone: musicmatch.com
    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
    DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    DPF: {707873C7-03BB-4F1A-95EC-4AAF1C3D463E} - hxxps://iomega-na-en.custhelp.com/rnt/rnw/activex/wspellam.cab
    DPF: {755CC1E8-C05A-4A98-8764-132DB2A0472C} - hxxps://iomega-na-en--rpt.custhelp.com/rnt/rnw/activex/ColorPickerX.cab
    DPF: {99C7B1B6-C556-4BA2-BBF6-4E19394A260B} - hxxp://iomega-na-en.custhelp.com/rnt/rnw/client_files/RNTProcMan.cab
    DPF: {C22877C3-4214-11D0-B0DA-080009C351D7} - hxxp://istorage.iomega.com/istorage.cab
    FF - ProfilePath - c:\documents and settings\Matthew\Application Data\Mozilla\Firefox\Profiles\t5g9cqyt.default\
    FF - prefs.js: browser.search.selectedEngine - Yahoo
    FF - prefs.js: browser.startup.homepage - hxxp://wacoff05.football.sportsline.com/
    FF - prefs.js: keyword.URL - hxxp://ws1.appswebservice.com/index.php?tpid=10292&ttid=105&st=
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
    FF - Ext: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - %profile%\extensions\{a0729639-d831-46c9-811b-9b0aa79fb45a}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    .
    - - - - ORPHANS REMOVED - - - -
    .
    HKCU-Run-Easy Dock - c:\documents and settings\Matthew\My Documents\RCA easyRip\EZDock.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-05-04 22:19
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    DwlClient = c:\program files\Common Files\Dell\EUSW\Support.exe?l?e?s?\?D?e?l?l?\?E?U?S?W?\?S?u?p?p?o?r?t?.?e?x?e???x???x???????????????????x???????????x???x???????????x???????????x???x????????????????????????????????????????D?w????????????7??w????x???x??????????????
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    "ServiceDll"="%systemroot%\system32\iteatapi.dll"
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\fah@c:+fah+fah-service+fah502-console.exe]
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Akamai]
    "ServiceDll"="c:\program files\common files\akamai/netsession_win_6c825ce.dll"
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Iomega Activity Disk2]
    "ImagePath"="\"\""
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'winlogon.exe'(796)
    c:\windows\System32\l3codeca.acm
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\LEXBCES.EXE
    c:\windows\system32\LEXPPS.EXE
    c:\windows\system32\acs.exe
    c:\progra~1\Iomega\System32\AppServices.exe
    c:\program files\Java\jre6\bin\jqs.exe
    .
    **************************************************************************
    .
    Completion time: 2012-05-04 22:21:30 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-05-05 02:21
    ComboFix2.txt 2012-05-04 02:43
    .
    Pre-Run: 7,914,491,904 bytes free
    Post-Run: 8,015,634,432 bytes free
    .
    - - End Of File - - CF4186C43815E63F0D2ABC325308E634



    Best,
    Matt
     
  23. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Good.

    Let's see about your internet connection now...

    Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center/Action Center
      • Windows Update
      • Windows Defender
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.
     
  24. mwaugh29

    mwaugh29 TS Rookie Topic Starter Posts: 36

    Here is the FSS scan log:

    Farbar Service Scanner Version: 30-04-2012 01
    Ran by Matthew (administrator) on 05-05-2012 at 15:20:23
    Running from "C:\Documents and Settings\Matthew\Desktop"
    Microsoft Windows XP Home Edition Service Pack 3 (X86)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============
    Dhcp Service is not running. Checking service configuration:
    The start type of Dhcp service is OK.
    The ImagePath of Dhcp service is OK.
    The ServiceDll of Dhcp service is OK.


    Connection Status:
    ==============
    Localhost is blocked.
    LAN connected.
    Attempt to access Google IP returned error: Other errors
    Attempt to access Yahoo IP returned error: Other errors


    Windows Firewall:
    =============
    sharedaccess Service is not running. Checking service configuration:
    The start type of sharedaccess service is OK.
    The ImagePath of sharedaccess service is OK.
    The ServiceDll of sharedaccess service is OK.


    Firewall Disabled Policy:
    ==================


    System Restore:
    ============
    Srservice Service is not running. Checking service configuration:
    The start type of Srservice service is OK.
    The ImagePath of Srservice service is OK.
    The ServiceDll of Srservice service is OK.


    System Restore Disabled Policy:
    ========================


    Security Center:
    ============
    wscsvc Service is not running. Checking service configuration:
    The start type of wscsvc service is OK.
    The ImagePath of wscsvc service is OK.
    The ServiceDll of wscsvc service is OK.
    Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


    Windows Update:
    ============
    wuauserv Service is not running. Checking service configuration:
    The start type of wuauserv service is OK.
    The ImagePath of wuauserv service is OK.
    The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

    BITS Service is not running. Checking service configuration:
    The start type of BITS service is set to Demand. The default start type is Auto.
    The ImagePath of BITS service is OK.
    The ServiceDll of BITS service is OK.

    cryptsvc Service is not running. Checking service configuration:
    The start type of cryptsvc service is OK.
    The ImagePath of cryptsvc service is OK.
    The ServiceDll of cryptsvc service is OK.


    Windows Autoupdate Disabled Policy:
    ============================


    File Check:
    ========
    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
    C:\WINDOWS\system32\netman.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\srsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
    C:\WINDOWS\system32\qmgr.dll => MD5 is legit
    C:\WINDOWS\system32\es.dll => MD5 is legit
    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit

    Extra List:
    =======
    DNE(14) Gpc(6) IPSec(4) IPSECSHM(9) NetBT(5) PSched(7) Tcpip(3) WSIMD(13)
    0x0E000000040000000100000002000000030000000C000000060000000700000008000000090000000A0000000B000000050000000D0000000E000000
    IpSec Tag value is correct.

    **** End of log ****


    Best,
    Matt
     
  25. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Let's try to uninstall/reinstall TCP/IP stack.

    1. Download winsock.zip
    Unzip it.
    Right click on Winsock.reg, click "Merge".
    Allow registry merge.

    2. Restart computer.

    3. Go to Start ==> Control Panel. Double-click Network Connections. Right-click Local Area Connection, and select Properties.
    • On the General tab, click Install a popup window opens.
    • Select Protocol from the list and then click Add.
    • A new window opens, click Have Disk....
    • In the browse... box type c:\windows\inf
    • Click OK.
    • Select Internet Protocol (TCP/IP), and then click OK.
    • Restart and check the connection.
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.