TechSpot

[Closed] M$SE was not removing virus/trojan/malware

By shivmister
Mar 22, 2012
Topic Status:
Not open for further replies.
  1. I accidentally set the thread as active. I am not sure if i should have or not. Though I do not think anyone has looked at the problem.
    If this changes please feel free to delete this message and the title.
    Thank you!
    -3/22/12
    --------------------------------------------------------------------

    Malwarebytes Anti-Malware (Trial) 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.03.22.01

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    HP_Administrator :: MANOJ_R_SHAH [administrator]

    Protection: Enabled

    3/21/2012 11:17:05 PM
    mbam-log-2012-03-21 (23-43-29).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 233856
    Time elapsed: 24 minute(s), 45 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 1
    C:\WINDOWS\system32\NEUSBw32.dll (Trojan.Dropper) -> No action taken.

    Registry Keys Detected: 1
    HKCU\SOFTWARE\MFJJEC0A1L (Trojan.FakeAlert) -> No action taken.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 2
    C:\WINDOWS\system32\NEUSBw32.dll (Trojan.Dropper) -> No action taken.
    C:\Documents and Settings\HP_Administrator\0.02356483905905471.exe (Trojan.Agent.Gen) -> No action taken.

    (end)
    ------------------------------------------
    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit quick scan 2012-03-22 00:10:52
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2 SAMSUNG_ rev.VT10
    Running: 8ji4lkv4.exe; Driver: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\agdoykob.sys


    ---- System - GMER 1.0.15 ----

    SSDT sptd.sys ZwEnumerateKey [0xB9ED684C]
    SSDT sptd.sys ZwEnumerateValueKey [0xB9ED6BEC]

    ---- Devices - GMER 1.0.15 ----

    Device \Driver\iaStor \Device\Ide\iaStor0 8B14B1D8
    Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 8B14B1D8
    Device \Driver\iaStor \Device\Ide\IAAStorageDevice-1 8B14B1D8
    Device \Driver\iaStor \Device\Ide\IAAStorageDevice-2 8B14B1D8
    Device \Driver\iaStor \Device\Ide\IAAStorageDevice-3 8B14B1D8
    Device \Driver\akptod50 \Device\Scsi\akptod501Port2Path0Target0Lun0 8A615980
    Device \Driver\akptod50 \Device\Scsi\akptod501 8A615980
    Device \FileSystem\Ntfs \Ntfs 8B0D61D8
    Device \FileSystem\Fastfat \Fat 88BC6980

    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----
    -------------------------------------------------------------
    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_14
    Run by HP_Administrator at 0:18:20 on 2012-03-22
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1144 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Citrix\ICA Client\concentr.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Citrix\ICA Client\wfcrun32.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Citrix\Secure Access Client\nsload.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\wuauclt.exe
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\taskmgr.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.bing.com/
    uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
    BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbitdownloader\orbitcth.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
    BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
    BHO: IDXHlprObj Class: {31816979-f864-4acf-919f-d0b3b56432e6} - c:\windows\downloaded program files\IDXIEController.DLL
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
    BHO: Tunebite_WebRipPlugin Class: {aa102584-3b97-47e7-b9bc-75d54c110a7d} - c:\program files\rapidsolution\tunebite\plugins\ie\TB_WebRipIePlugin.dll
    BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
    BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: DictateBHO: {e12a882b-f14f-4440-9bc0-84a5eb766605} - c:\windows\downloaded program files\DictateBar.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
    TB: TouchWorks Dictate: {6f60c5c5-61b3-4378-8902-ed9497663ac9} - c:\windows\downloaded program files\DictateBar.dll
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\program files\orbitdownloader\GrabPro.dll
    TB: Foxit Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
    uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
    uRun: [NetMeter] c:\documents and settings\hp_administrator\my documents\netmeter\NetMeter114beta_4.exe
    uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
    uRun: [Google Update] "c:\documents and settings\hp_administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
    mRun: [ehTray] c:\windows\ehome\ehtray.exe
    mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Alcmtr] ALCMTR.EXE
    mRun: [<NO NAME>]
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
    mRun: [DMAScheduler] "c:\program files\hp digitalmedia archive\DMAScheduler.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\citrix~1.lnk - c:\program files\citrix\secure access client\nsload.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201
    IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204
    IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203
    IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
    IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
    IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    LSP: mswsock.dll
    Trusted Zone: intuit.com\ttlc
    Trusted Zone: turbotax.com
    DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
    DPF: {019D5592-3928-4DE4-BAA2-1F2E5EEF4CF6} - /Touchworks/AHSCompressionEngine.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
    DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    DPF: {27B87596-448E-40CB-B3B4-4F329FF540EC} - /TouchWorks/ResultWorks/CHWorks/VitalSigns/wavitalsigns.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {45EEDB84-57BC-4FBD-8065-7AB8E971B545} - TouchWorks/Common/Components/AtalaSoft/ImgXDialog61.cab
    DPF: {46965FE7-2129-407B-938C-BE358A56D11E} - hxxp://tworks.amg.advocatehealth.com/TouchWorks/DocWorks/CHWorks/Unstructured/aicviewer3.cab
    DPF: {501D93F5-74BE-4306-A90C-9FFD1574A6A6} - hxxp://centricityweb-luth.advocatehealth.com/ami/install/amiviewer.cab
    DPF: {56B46BBB-F6C4-4B6B-8EDF-BEE6C9661E4E}
    DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.systemrequirementslab.com/sysreqlab2.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174963884478
    DPF: {7E8DC73D-69CD-4F67-99B1-8DC6E42F6246} - /TouchWorks/Common/Components/AtalaSoft/ImgX61.cab
    DPF: {860FFAFE-5AAA-11D2-81EB-006008A2E49D} - /TouchWorks/ResultWorks/chworks/flowsheets/pe32.cab
    DPF: {8613571C-30D2-4BD4-9710-3DFDBADE8190} - hxxp://localhost/ami/install/amiviewer.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {95D88B35-A521-472B-A182-BB1A98356421} - hxxp://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
    DPF: {9A0CA502-7DA4-4B72-B5D4-D280DE8D4512} - /Touchworks/DictionaryManager.CAB
    DPF: {A8B3A7FE-9C8D-4F15-9B01-8805BDF43B1B} - hxxp://localhost/ami/install/amiviewer.cab
    DPF: {ACEFFC26-4628-11D1-B14A-105C01C13001} - /TouchWorks/DocWorks/CHWorks/Note/wspell.cab
    DPF: {AECD14A8-F662-11D1-A395-00805F535788} - hxxp://www.investors.com/member/ocx/plotwon.ocx
    DPF: {B7B8B614-6A5C-4140-A303-43CEB589D6A5} - /TouchWorks/DocWorks/CHWorks/Note/TWRTF.cab
    DPF: {B7EA9615-586E-4193-9C3C-A29CA577E040} - /Touchworks/DictateBar.cab
    DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
    DPF: {CE10AD66-84BC-46A9-9424-C863199C0408} - hxxp://tworks.amg.advocatehealth.com/TouchWorks/DocWorks/CHWorks/Unstructured/aic_viewer2.cab
    DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} - hxxp://asp.mathxl.com/books/_Players/MathPlayer.cab
    TCP: Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
    Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: NecUsb3Sevices - USB3Sw32.dll
    Notify: USB3Sw32 - USB3Sw32.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\7gbqr2lq.default\
    FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:eek:fficial
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    FF - prefs.js: network.proxy.ftp - 208.43.135.133
    FF - prefs.js: network.proxy.ftp_port - 80
    FF - prefs.js: network.proxy.gopher - 208.43.135.133
    FF - prefs.js: network.proxy.gopher_port - 80
    FF - prefs.js: network.proxy.http - 208.43.135.133
    FF - prefs.js: network.proxy.http_port - 80
    FF - prefs.js: network.proxy.socks - 208.43.135.133
    FF - prefs.js: network.proxy.socks_port - 80
    FF - prefs.js: network.proxy.ssl - 208.43.135.133
    FF - prefs.js: network.proxy.ssl_port - 80
    FF - prefs.js: network.proxy.type - 2
    FF - plugin: c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\7gbqr2lq.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
    FF - plugin: c:\documents and settings\hp_administrator\application data\mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\documents and settings\hp_administrator\application data\mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: c:\documents and settings\hp_administrator\local settings\application data\google\update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: c:\documents and settings\hp_administrator\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\citrix\secure access client\npagee.dll
    FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npaxctrl.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
    FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: content.max.tokenizing.time - 200000
    FF - user.js: content.notify.interval - 100000
    FF - user.js: content.switch.threshold - 650000
    FF - user.js: nglayout.initialpaint.delay - 300
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-6-17 20744]
    R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2011-4-25 65584]
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-12-2 165648]
    R1 MpKsl402eaab5;MpKsl402eaab5;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{df7d1a2c-3084-4cd7-981c-818738597d25}\MpKsl402eaab5.sys [2012-3-22 29904]
    R2 BCMNTIO;BCMNTIO;c:\progra~1\checkit\diagno~1\BCMNTIO.sys [2007-1-11 3744]
    R2 cag;Citrix cag plugin for Access Gateway;c:\program files\common files\deterministic networks\common files\cag.sys [2009-10-22 80920]
    R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672]
    R2 MAPMEM;MAPMEM;c:\progra~1\checkit\diagno~1\MAPMEM.sys [2007-1-11 3904]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-1-14 652360]
    R2 nsverctl;Citrix Secure Access Client Service;c:\program files\citrix\secure access client\nsverctl.exe [2010-1-19 154264]
    R2 StarWindService;StarWind iSCSI Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindService.exe [2005-4-1 217600]
    R3 ctxva51;Citrix Virtual Adapter;c:\windows\system32\drivers\ctxva51.sys [2010-1-19 41624]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-1-14 20464]
    RUnknown MpKsl7422ca67;MpKsl7422ca67; [x]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 CWMonitor;Symantec Crimeware Protection Driver;\??\c:\program files\common files\symantec shared\coshared\cw\1.0\monitor.sys --> c:\program files\common files\symantec shared\coshared\cw\1.0\Monitor.sys [?]
    S2 LMIRfsDriver;Vpctcom;c:\windows\system32\svchost.exe -k netsvcs [2004-8-9 14336]
    S2 NecUsb3;USB3 Service;c:\windows\system32\svchost.exe -k NecUsb3Sevic [2004-8-9 14336]
    S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2009-6-17 29192]
    S3 CXFALCON;Conexant Falcon II NTSC Video Capture;c:\windows\system32\drivers\cxfalcon.sys [2006-8-24 82048]
    S3 ICDUSB2;Sony IC Recorder (P);c:\windows\system32\drivers\IcdUsb2.sys [2008-8-5 39048]
    S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2009-6-17 25480]
    S3 Net6IM;Net6;c:\windows\system32\drivers\net6im51.sys --> c:\windows\system32\drivers\net6im51.sys [?]
    S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-9 14336]
    S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [2006-8-24 468768]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    S4 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-7-7 611664]
    S4 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    .
    =============== Created Last 30 ================
    .
    2012-03-22 05:09:41 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{df7d1a2c-3084-4cd7-981c-818738597d25}\MpKsl402eaab5.sys
    2012-03-22 04:47:48 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{df7d1a2c-3084-4cd7-981c-818738597d25}\MpKsl7422ca67.sys
    2012-03-22 04:02:23 6582328 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{df7d1a2c-3084-4cd7-981c-818738597d25}\mpengine.dll
    2012-03-21 01:09:14 38400 ----a-w- c:\windows\system32\USB3Sw32.dll
    2012-03-21 00:59:08 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
    2012-03-19 16:49:39 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
    2012-03-19 16:49:39 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll
    2012-02-25 20:39:32 -------- d-----w- c:\documents and settings\hp_administrator\application data\Windows Search
    .
    ==================== Find3M ====================
    .
    2012-03-19 13:57:37 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
    2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
    2012-01-23 03:42:58 208896 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
    2012-01-23 03:42:38 45056 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\uninstallui\eHelpSetup.exe
    2012-01-23 03:42:37 44032 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\scripts\devcon.exe
    2012-01-23 03:42:36 61440 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemutil.dll
    2012-01-23 03:42:36 40960 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\ScDmi.dll
    2012-01-23 03:42:36 341048 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\HPBasicDetection3.dll
    2012-01-23 03:42:36 32768 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\uploadHSC.dll
    2012-01-23 03:42:36 32768 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\Scom.dll
    2012-01-23 03:42:36 163840 ----a-w- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemcheck.dll
    2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll
    2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    .
    ============= FINISH: 0:19:13.40 ===============
    ---------------------------------------------------------------------------
  2. shivmister

    shivmister Newcomer, in training Topic Starter Posts: 33

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 1/9/2007 10:35:00 PM
    System Uptime: 3/22/2012 12:05:18 AM (0 hours ago)
    .
    Motherboard: ASUSTek Computer INC. | | Basswood
    Processor: Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz | Socket 775 | 2133/266mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 224 GiB total, 37.76 GiB free.
    D: is FIXED (NTFS) - 233 GiB total, 211.752 GiB free.
    E: is FIXED (FAT32) - 9 GiB total, 0.418 GiB free.
    F: is CDROM ()
    G: is CDROM ()
    H: is CDROM (UDF)
    J: is Removable
    K: is Removable
    L: is Removable
    M: is Removable
    N: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Intel(R) 82562V 10/100 Network Connection
    Device ID: PCI\VEN_8086&DEV_104C&SUBSYS_2A36103C&REV_02\3&2411E6FE&0&C8
    Manufacturer: Intel
    Name: Intel(R) 82562V 10/100 Network Connection
    PNP Device ID: PCI\VEN_8086&DEV_104C&SUBSYS_2A36103C&REV_02\3&2411E6FE&0&C8
    Service: e1express
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: 1394 Net Adapter
    Device ID: V1394\NIC1394\FFA6C911D800
    Manufacturer: Microsoft
    Name: 1394 Net Adapter
    PNP Device ID: V1394\NIC1394\FFA6C911D800
    Service: NIC1394
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Wireless LAN PCI 802.11 b/g adapter WN5301A
    Device ID: PCI\VEN_168C&DEV_001B&SUBSYS_500111AD&REV_01\4&11B6166B&0&18F0
    Manufacturer: Liteon
    Name: Wireless LAN PCI 802.11 b/g adapter WN5301A
    PNP Device ID: PCI\VEN_168C&DEV_001B&SUBSYS_500111AD&REV_01\4&11B6166B&0&18F0
    Service: WN5301
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Bluetooth PAN Network Adapter
    Device ID: ROOT\NET\0000
    Manufacturer: IVT Corporation
    Name: Bluetooth PAN Network Adapter
    PNP Device ID: ROOT\NET\0000
    Service: BT
    .
    ==== System Restore Points ===================
    .
    RP1472: 12/21/2011 9:43:31 AM - System Checkpoint
    RP1473: 12/21/2011 1:16:36 PM - Software Distribution Service 3.0
    RP1474: 12/22/2011 5:07:30 PM - Software Distribution Service 3.0
    RP1475: 12/23/2011 8:21:19 PM - Software Distribution Service 3.0
    RP1476: 12/24/2011 10:00:03 PM - Software Distribution Service 3.0
    RP1477: 12/26/2011 12:35:30 AM - Software Distribution Service 3.0
    RP1478: 12/26/2011 3:13:17 PM - Revo Uninstaller's restore point - dBpoweramp Music Converter
    RP1479: 12/26/2011 3:19:14 PM - Revo Uninstaller's restore point - dBpoweramp DSP Effects
    RP1480: 12/26/2011 3:21:32 PM - Revo Uninstaller's restore point - dBpoweramp Ogg Vorbis Codec
    RP1481: 12/26/2011 3:22:23 PM - Revo Uninstaller's restore point - Microsoft Halo
    RP1482: 12/26/2011 3:23:33 PM - Revo Uninstaller's restore point - dBpoweramp FLAC Codec
    RP1483: 12/26/2011 3:24:38 PM - Revo Uninstaller's restore point - Adobe Reader 9.4.6
    RP1484: 12/26/2011 3:25:18 PM - Removed Adobe Reader 9.4.6.
    RP1485: 12/26/2011 3:26:59 PM - Revo Uninstaller's restore point - dBpoweramp [Calculate Audio CRC] Codec
    RP1486: 12/26/2011 3:27:30 PM - Revo Uninstaller's restore point - dBpoweramp Dalet Codec
    RP1487: 12/26/2011 3:28:00 PM - Revo Uninstaller's restore point - dBpoweramp Monkeys Audio Codec
    RP1488: 12/26/2011 3:28:29 PM - Revo Uninstaller's restore point - dBpoweramp Mp2 and BwfMp2 codec
    RP1489: 12/27/2011 7:55:23 AM - Software Distribution Service 3.0
    RP1490: 12/28/2011 8:19:20 AM - Software Distribution Service 3.0
    RP1491: 12/29/2011 8:20:53 AM - System Checkpoint
    RP1492: 12/30/2011 1:10:43 AM - Software Distribution Service 3.0
    RP1493: 12/31/2011 3:28:15 AM - Software Distribution Service 3.0
    RP1494: 1/1/2012 8:28:53 AM - Software Distribution Service 3.0
    RP1495: 1/2/2012 9:30:36 AM - System Checkpoint
    RP1496: 1/3/2012 8:10:48 AM - Software Distribution Service 3.0
    RP1497: 1/4/2012 10:13:05 AM - Software Distribution Service 3.0
    RP1498: 1/5/2012 10:16:06 AM - System Checkpoint
    RP1499: 1/5/2012 6:03:12 PM - Software Distribution Service 3.0
    RP1500: 1/6/2012 6:07:16 PM - Software Distribution Service 3.0
    RP1501: 1/7/2012 7:02:41 PM - System Checkpoint
    RP1502: 1/7/2012 8:54:06 PM - Software Distribution Service 3.0
    RP1503: 1/8/2012 10:01:26 PM - Software Distribution Service 3.0
    RP1504: 1/10/2012 1:51:03 PM - Software Distribution Service 3.0
    RP1505: 1/11/2012 2:45:39 PM - System Checkpoint
    RP1506: 1/11/2012 11:11:28 PM - Software Distribution Service 3.0
    RP1507: 1/12/2012 8:29:51 AM - Software Distribution Service 3.0
    RP1508: 1/13/2012 8:33:12 AM - Software Distribution Service 3.0
    RP1509: 1/14/2012 10:12:23 AM - System Checkpoint
    RP1510: 1/14/2012 11:48:29 AM - Software Distribution Service 3.0
    RP1511: 1/15/2012 1:38:11 PM - System Checkpoint
    RP1512: 1/15/2012 4:58:40 PM - Software Distribution Service 3.0
    RP1513: 1/16/2012 7:31:49 PM - Software Distribution Service 3.0
    RP1514: 1/17/2012 7:39:25 PM - Software Distribution Service 3.0
    RP1515: 1/18/2012 8:06:43 PM - System Checkpoint
    RP1516: 1/19/2012 8:52:28 AM - Software Distribution Service 3.0
    RP1517: 1/20/2012 9:25:43 AM - Software Distribution Service 3.0
    RP1518: 1/21/2012 10:14:26 AM - System Checkpoint
    RP1519: 1/21/2012 11:04:18 AM - Software Distribution Service 3.0
    RP1520: 1/22/2012 10:49:42 AM - pre service pack 3, for windows xp
    RP1521: 1/22/2012 9:28:10 PM - Software Distribution Service 3.0
    RP1522: 1/22/2012 9:58:51 PM - Software Distribution Service 3.0
    RP1523: 1/22/2012 10:26:30 PM - Software Distribution Service 3.0
    RP1524: 1/22/2012 11:28:07 PM - Software Distribution Service 3.0
    RP1525: 1/23/2012 12:44:00 AM - Software Distribution Service 3.0
    RP1526: 1/24/2012 9:07:14 AM - Software Distribution Service 3.0
    RP1527: 1/24/2012 10:46:50 PM - Installed TurboTax 2011 wrapper
    RP1528: 1/25/2012 6:53:35 PM - Software Distribution Service 3.0
    RP1529: 1/26/2012 4:03:30 PM - Software Distribution Service 3.0
    RP1530: 1/27/2012 4:21:22 PM - System Checkpoint
    RP1531: 1/28/2012 8:41:30 AM - Software Distribution Service 3.0
    RP1532: 1/29/2012 10:27:51 AM - System Checkpoint
    RP1533: 1/29/2012 2:59:57 PM - Software Distribution Service 3.0
    RP1534: 1/30/2012 3:59:34 PM - System Checkpoint
    RP1535: 1/31/2012 9:31:02 AM - Software Distribution Service 3.0
    RP1536: 2/1/2012 10:00:38 AM - System Checkpoint
    RP1537: 2/1/2012 9:25:35 PM - Software Distribution Service 3.0
    RP1538: 2/2/2012 9:47:55 PM - Software Distribution Service 3.0
    RP1539: 2/4/2012 6:45:00 AM - Software Distribution Service 3.0
    RP1540: 2/5/2012 8:14:11 AM - Software Distribution Service 3.0
    RP1541: 2/6/2012 9:48:07 AM - Software Distribution Service 3.0
    RP1542: 2/7/2012 11:18:07 AM - System Checkpoint
    RP1543: 2/7/2012 3:06:29 PM - Software Distribution Service 3.0
    RP1544: 2/8/2012 3:37:55 PM - System Checkpoint
    RP1545: 2/8/2012 7:13:10 PM - Software Distribution Service 3.0
    RP1546: 2/9/2012 8:28:49 PM - Software Distribution Service 3.0
    RP1547: 2/10/2012 9:23:17 PM - System Checkpoint
    RP1548: 2/11/2012 12:38:04 AM - Software Distribution Service 3.0
    RP1549: 2/12/2012 7:50:31 AM - Software Distribution Service 3.0
    RP1550: 2/12/2012 7:42:26 PM - Installed TurboTax 2011 wiliper
    RP1551: 2/13/2012 8:18:46 AM - Software Distribution Service 3.0
    RP1552: 2/14/2012 1:22:07 PM - Software Distribution Service 3.0
    RP1553: 2/15/2012 2:25:24 PM - System Checkpoint
    RP1554: 2/16/2012 8:28:23 AM - Software Distribution Service 3.0
    RP1555: 2/16/2012 10:53:56 PM - Software Distribution Service 3.0
    RP1556: 2/17/2012 8:17:51 PM - Software Distribution Service 3.0
    RP1557: 2/18/2012 8:25:09 PM - System Checkpoint
    RP1558: 2/19/2012 12:04:46 AM - Software Distribution Service 3.0
    RP1559: 2/20/2012 8:34:38 AM - Software Distribution Service 3.0
    RP1560: 2/21/2012 8:57:50 AM - System Checkpoint
    RP1561: 2/21/2012 5:36:27 PM - Software Distribution Service 3.0
    RP1562: 2/22/2012 7:03:36 PM - System Checkpoint
    RP1563: 2/22/2012 9:39:08 PM - Software Distribution Service 3.0
    RP1564: 2/24/2012 8:26:58 AM - Software Distribution Service 3.0
    RP1565: 2/25/2012 8:44:42 AM - Software Distribution Service 3.0
    RP1566: 2/26/2012 10:40:40 AM - System Checkpoint
    RP1567: 2/26/2012 2:49:28 PM - Software Distribution Service 3.0
    RP1568: 2/27/2012 3:28:11 PM - System Checkpoint
    RP1569: 2/27/2012 5:44:04 PM - Software Distribution Service 3.0
    RP1570: 2/28/2012 6:14:56 PM - Software Distribution Service 3.0
    RP1571: 2/29/2012 9:51:24 PM - System Checkpoint
    RP1572: 3/1/2012 7:51:37 AM - Software Distribution Service 3.0
    RP1573: 3/2/2012 8:13:34 AM - Software Distribution Service 3.0
    RP1574: 3/3/2012 8:14:10 AM - Software Distribution Service 3.0
    RP1575: 3/4/2012 10:30:50 AM - Software Distribution Service 3.0
    RP1576: 3/5/2012 10:42:51 AM - System Checkpoint
    RP1577: 3/5/2012 5:49:26 PM - Software Distribution Service 3.0
    RP1578: 3/6/2012 8:54:12 PM - Software Distribution Service 3.0
    RP1579: 3/7/2012 8:59:26 PM - Software Distribution Service 3.0
    RP1580: 3/8/2012 10:46:58 PM - Software Distribution Service 3.0
    RP1581: 3/10/2012 9:29:26 AM - Software Distribution Service 3.0
    RP1582: 3/11/2012 1:20:30 PM - Software Distribution Service 3.0
    RP1583: 3/12/2012 1:50:04 PM - System Checkpoint
    RP1584: 3/12/2012 8:18:12 PM - Software Distribution Service 3.0
    RP1585: 3/13/2012 8:52:07 PM - System Checkpoint
    RP1586: 3/14/2012 8:20:49 AM - Software Distribution Service 3.0
    RP1587: 3/14/2012 7:21:38 PM - Software Distribution Service 3.0
    RP1588: 3/15/2012 10:52:37 PM - Software Distribution Service 3.0
    RP1589: 3/16/2012 11:37:39 PM - Software Distribution Service 3.0
    RP1590: 3/18/2012 10:00:36 AM - Software Distribution Service 3.0
    RP1591: 3/19/2012 10:51:31 AM - System Checkpoint
    RP1592: 3/19/2012 9:12:22 PM - Software Distribution Service 3.0
    RP1593: 3/20/2012 9:30:58 PM - Software Distribution Service 3.0
    RP1594: 3/21/2012 11:02:20 PM - Software Distribution Service 3.0
    .
    ==== Installed Programs ======================
    .
    .
    µTorrent
    Acrobat.com
    Ad-Aware
    Adobe AIR
    Adobe Digital Editions
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Shockwave Player
    AnswerWorks 4.0 Runtime - English
    AnswerWorks 5.0 English Runtime
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Audacity 1.2.6
    Auto Gordian Knot 2.55
    AutoUpdate
    AviSynth 2.5
    BlueSoleil
    Bonjour
    BSPlayer
    BufferChm
    CCleaner
    CheckIt Diagnostics
    Citrix Access Gateway Plug-in
    Citrix online plug-in - web
    Citrix online plug-in (DV)
    Citrix online plug-in (HDX)
    Citrix online plug-in (USB)
    Citrix online plug-in (Web)
    Combined Community Codec Pack 2008-09-21 16:18
    Comical 0.8
    Compatibility Pack for the 2007 Office system
    CP_AtenaShokunin1Config
    CP_CalendarTemplates1
    cp_LightScribeConfig
    cp_OnlineProjectsConfig
    CP_Package_Basic1
    CP_Package_Variety1
    CP_Package_Variety2
    CP_Package_Variety3
    CP_Panorama1Config
    cp_PosterPrintConfig
    cp_UpdateProjectsConfig
    CueTour
    Customer Experience Enhancement
    Data Fax SoftModem with SmartCP
    dBpoweramp mp3 (Fraunhofer IIS) Codec
    dBpoweramp Real Audio (Helix) Encoder
    dBPoweramp tooLame MP2 codec
    dBpoweramp Wave64 Codec
    dBpoweramp WavPack Codec
    Destinations
    DeviceManagementQFolder
    Digsby
    DirectVobSub (remove only)
    DivX Codec
    DivX Player
    DivX Web Player
    DivXLand Media Subtitler
    Drive Manager
    DVD Decrypter (Remove Only)
    DVD Shrink 3.2
    DVDFab 8.0.4.0 (11/11/2010)
    Enhanced Multimedia Keyboard Solution
    EVEREST Home Edition v2.20
    Exact Audio Copy 0.99pb5
    FileZilla Client 3.3.0.1
    FLAC 1.2.1b (remove only)
    foobar2000 v0.9.6.3
    Forces in 1D
    Foxit PDF Editor
    Foxit Reader
    Foxit Toolbar
    FullDPAppQFolder
    GameSpy Arcade
    GemMaster Mystic
    Google Chrome
    Google Talk (remove only)
    Google Talk Plugin
    Haali Media Splitter
    HandBrake 0.9.5
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows XP (KB954550-v5)
    HP Boot Optimizer
    HP DigitalMedia Archive
    HP DVD Play 2.1
    HP Imaging Device Functions 7.0
    HP Photosmart for Media Center PC
    HP Photosmart Premier Software 6.5
    HP Precisionscan Pro 3.1
    HP Share-to-Web
    HP Update
    HP Web Helper
    HPPhotoSmartExpress
    HpSdpAppCoreApp
    IDM Flash 4.4.0.468
    Image to PDF Converter Free 4.0
    ImTOO iPod Computer Transfer
    InstantShareAlert
    InstantShareDevices
    Intel(R) Matrix Storage Manager
    Intel(R) Network Connections Drivers
    Intel(R) Quick Resume Technology Drivers
    Intel® Viiv™ Software
    Investor's Toolkit
    iPad/iPhone/iPod to Computer Transfer 7.5.7
    iSEEK AnswerWorks English Runtime
    ItsDeductible Express
    iTunes
    Java(TM) 6 Update 14
    K-Lite Codec Pack 5.5.1 (Basic)
    LightScribe 1.4.105.1
    LiveUpdate 3.1 (Symantec Corporation)
    Magic ISO Maker v5.5 (build 0273)
    MagicDisc 2.7.105
    Malwarebytes Anti-Malware version 1.60.1.1000
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft ActiveSync
    Microsoft Antimalware
    Microsoft Application Error Reporting
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Professional with FrontPage
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    mIRC
    mkv2vob
    MKVtoolnix 3.4.0
    MobileMe Control Panel
    Mozilla Firefox 11.0 (x86 en-US)
    Mp3tag v2.46a
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    MSXML 6 Service Pack 2 (KB973686)
    MusicBrainz Picard
    muvee autoProducer 5.0
    muvee autoProducer unPlugged 2.0
    NAIC Investor's Toolkit
    NAIC Stock Analyst
    NAIC Take $tock
    Nero 7 Ultra Edition
    NNScript
    Nokia Connectivity Cable Driver
    Notepad++
    NVIDIA Drivers
    Office Password Recovery v2.0 (remove only)
    OptionalContentQFolder
    Orbit Downloader
    Otto
    OverDrive Media Console
    Paint.NET v3.36
    Pando Media Booster
    PC-Doctor 5 for Windows
    PC Connectivity Solution
    Pepsky Free CD Maker 5.0.1
    PhotoGallery
    Python 2.6
    Quicken 2011
    QuickTime
    RandMap
    RealPlayer
    Realtek High Definition Audio Driver
    Rehan Pan Zoom Effects
    Revo Uninstaller 1.89
    Rhapsody
    Rhapsody Player Engine
    Safari
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 7 (KB978207)
    Security Update for Windows Internet Explorer 7 (KB982381)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2647518)
    SESAP 12
    SkinsHP1
    Skype Toolbars
    Skype™ 5.0
    SlideShow
    SlideShowMusic
    smARTupdate
    Sonic_PrimoSDK
    Sony Digital Voice Editor 3
    Spybot - Search & Destroy
    Spybot - Search & Destroy 1.4
    SpywareBlaster 4.2
    starwars_screensaver_pc
    Stock Investor Professional
    System Requirements Lab
    System Requirements Lab CYRI
    Take $tock 4
    Take $tock Companion
    Total Video Converter 3.10
    TouchWorks Web Controls
    Tunebite
    TurboTax 2008
    TurboTax 2008 WinPerFedFormset
    TurboTax 2008 WinPerProgramHelp
    TurboTax 2008 WinPerReleaseEngine
    TurboTax 2008 WinPerTaxSupport
    TurboTax 2008 WinPerUserEducation
    TurboTax 2008 wrapper
    TurboTax 2009
    TurboTax 2009 wiliper
    TurboTax 2009 WinPerFedFormset
    TurboTax 2009 WinPerReleaseEngine
    TurboTax 2009 WinPerTaxSupport
    TurboTax 2009 wrapper
    TurboTax 2010
    TurboTax 2010 wiliper
    TurboTax 2010 WinPerFedFormset
    TurboTax 2010 WinPerReleaseEngine
    TurboTax 2010 WinPerTaxSupport
    TurboTax 2010 wrapper
    TurboTax 2011
    TurboTax 2011 wiliper
    TurboTax 2011 WinPerFedFormset
    TurboTax 2011 WinPerReleaseEngine
    TurboTax 2011 WinPerTaxSupport
    TurboTax 2011 wrapper
    TurboTax ItsDeductible 2005
    TurboTax ItsDeductible 2006
    TurboTax Premier 2003
    TurboTax Premier 2004
    TurboTax Premier 2005
    TurboTax Premier 2007
    TurboTax Premier Investments 2006
    Unload
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 7 (KB980182)
    Update for Windows Internet Explorer 8 (KB2598845)
    Update for Windows Internet Explorer 8 (KB2632503)
    Update for Windows Internet Explorer 8 (KB976662)
    Updates from HP (remove only)
    VeryPDF PDF Split-Merge v3.0
    Vidomi (remove only)
    VLC media player 1.1.9
    VobSub v2.23 (Remove Only)
    WashMan (PocketPC and Smartphone) v 10.0.5 by Skyscape
    WebFldrs XP
    WexTech AnswerWorks
    WinAVI All in One Converter
    WinAVI MP4 Converter
    Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Imaging Component
    Windows Internet Explorer 8
    Windows Management Framework Core
    Windows Media Format 11 runtime
    Windows Media Format 11 SDK
    Windows Media Player 11
    Windows Media Player Firefox Plugin
    Windows Presentation Foundation
    Windows Search 4.0
    Windows XP Service Pack 3
    WinRAR archiver
    XML Paper Specification Shared Components Pack 1.0
    Xvid 1.2.2 final uninstall
    XviD MPEG4 Video Codec (remove only)
    Yahoo! Anti-Spy
    Yahoo! Browser Services
    Yahoo! BrowserPlus 2.9.8
    Yahoo! Install Manager
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/21/2012 9:48:53 AM, error: Service Control Manager [7023] - The UlSata service terminated with the following error: Access is denied.
    3/21/2012 9:33:53 AM, error: Service Control Manager [7023] - The VNUSB service terminated with the following error: Access is denied.
    3/21/2012 9:18:53 AM, error: Service Control Manager [7023] - The Avsvcmonitor service terminated with the following error: Access is denied.
    3/21/2012 9:03:54 AM, error: Service Control Manager [7023] - The Acrsch2svc service terminated with the following error: Access is denied.
    3/21/2012 8:48:56 PM, error: Service Control Manager [7023] - The Defrag32 service terminated with the following error: The specified procedure could not be found.
    3/21/2012 8:48:53 AM, error: Service Control Manager [7023] - The FA312 service terminated with the following error: Access is denied.
    3/21/2012 8:33:53 AM, error: Service Control Manager [7023] - The Co_mon service terminated with the following error: Access is denied.
    3/21/2012 8:19:53 AM, error: Service Control Manager [7023] - The Knobserv service terminated with the following error: Access is denied.
    3/21/2012 8:19:28 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
    3/21/2012 8:19:20 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
    3/21/2012 7:03:57 PM, error: Service Control Manager [7023] - The Atierecord service terminated with the following error: Access is denied.
    3/21/2012 6:48:57 PM, error: Service Control Manager [7023] - The Avgcoresvc service terminated with the following error: Access is denied.
    3/21/2012 6:33:58 PM, error: Service Control Manager [7023] - The Epsonbidirectionalagent service terminated with the following error: Access is denied.
    3/21/2012 6:18:57 PM, error: Service Control Manager [7023] - The Zebrceb service terminated with the following error: Access is denied.
    3/21/2012 6:03:57 PM, error: Service Control Manager [7023] - The Elotouchscreen service terminated with the following error: Access is denied.
    3/21/2012 5:48:57 PM, error: Service Control Manager [7023] - The Issimon service terminated with the following error: Access is denied.
    3/21/2012 5:33:57 PM, error: Service Control Manager [7023] - The DfwWebAgent service terminated with the following error: Access is denied.
    3/21/2012 5:18:58 PM, error: Service Control Manager [7023] - The Vrservice service terminated with the following error: Access is denied.
    3/21/2012 5:03:57 PM, error: Service Control Manager [7023] - The Lxcj_device service terminated with the following error: Access is denied.
    3/21/2012 4:48:57 PM, error: Service Control Manager [7023] - The Stllssvr service terminated with the following error: Access is denied.
    3/21/2012 4:33:57 PM, error: Service Control Manager [7023] - The Vtserver service terminated with the following error: Access is denied.
    3/21/2012 4:18:57 PM, error: Service Control Manager [7023] - The Cics.region2 service terminated with the following error: Access is denied.
    3/21/2012 4:03:56 PM, error: Service Control Manager [7023] - The Oracle_load_balancer_60_server-forms6i service terminated with the following error: Access is denied.
    3/21/2012 3:48:56 PM, error: Service Control Manager [7023] - The Usbbus service terminated with the following error: Access is denied.
    3/21/2012 3:33:56 PM, error: Service Control Manager [7023] - The XTrapD12 service terminated with the following error: Access is denied.
    3/21/2012 3:18:57 PM, error: Service Control Manager [7023] - The Scramby service terminated with the following error: Access is denied.
    3/21/2012 3:13:36 PM, error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
    3/21/2012 3:03:56 PM, error: Service Control Manager [7023] - The WINUSB service terminated with the following error: Access is denied.
    3/21/2012 2:48:56 PM, error: Service Control Manager [7023] - The Defrag32 service terminated with the following error: Access is denied.
    3/21/2012 2:33:56 PM, error: Service Control Manager [7023] - The Hpqwmi service terminated with the following error: Access is denied.
    3/21/2012 2:18:56 PM, error: Service Control Manager [7023] - The USB28xxBGA service terminated with the following error: Access is denied.
    3/21/2012 2:03:56 PM, error: Service Control Manager [7023] - The S616unic service terminated with the following error: Access is denied.
    3/21/2012 12:48:55 PM, error: Service Control Manager [7023] - The Fsssvc service terminated with the following error: Access is denied.
    3/21/2012 12:33:55 PM, error: Service Control Manager [7023] - The Digisptiservice service terminated with the following error: Access is denied.
    3/21/2012 12:18:55 PM, error: Service Control Manager [7023] - The Tfsnifs service terminated with the following error: Access is denied.
    3/21/2012 12:03:55 PM, error: Service Control Manager [7023] - The Iksyssec service terminated with the following error: Access is denied.
    3/21/2012 11:48:55 AM, error: Service Control Manager [7023] - The ZD1211BU(ZyDAS) service terminated with the following error: Access is denied.
    3/21/2012 11:33:53 AM, error: Service Control Manager [7023] - The Nicconfigsvc service terminated with the following error: Access is denied.
    3/21/2012 11:18:53 AM, error: Service Control Manager [7023] - The CTEDSPSY.DLL service terminated with the following error: Access is denied.
    3/21/2012 11:03:53 AM, error: Service Control Manager [7023] - The Entertainment service terminated with the following error: Access is denied.
    3/21/2012 11:01:32 AM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
    3/21/2012 10:48:53 AM, error: Service Control Manager [7023] - The Uclauncherservice service terminated with the following error: Access is denied.
    3/21/2012 10:33:53 AM, error: Service Control Manager [7023] - The N3900 service terminated with the following error: Access is denied.
    3/21/2012 10:18:53 AM, error: Service Control Manager [7023] - The PSDNServ service terminated with the following error: Access is denied.
    3/21/2012 10:03:53 AM, error: Service Control Manager [7023] - The Mfesmfk service terminated with the following error: Access is denied.
    3/21/2012 1:48:56 PM, error: Service Control Manager [7023] - The Imap4d32 service terminated with the following error: Access is denied.
    3/21/2012 1:33:55 PM, error: Service Control Manager [7023] - The UsbDiag service terminated with the following error: Access is denied.
    3/21/2012 1:18:55 PM, error: Service Control Manager [7023] - The Pdlnepkt service terminated with the following error: Access is denied.
    3/21/2012 1:03:55 PM, error: Service Control Manager [7023] - The Irbus service terminated with the following error: Access is denied.
    3/20/2012 9:18:51 PM, error: PSched [14103] - QoS [Adapter {6257C9F0-FE5C-4174-9E33-3F3DB0FA4F35}]: The netcard driver failed the query for OID_GEN_LINK_SPEED.
    3/20/2012 8:04:09 PM, error: Service Control Manager [7023] - The SNP2UVC service terminated with the following error: Access is denied.
    3/20/2012 8:03:09 PM, error: Service Control Manager [7023] - The Maplom service terminated with the following error: Access is denied.
    3/20/2012 7:59:09 PM, error: Service Control Manager [7023] - The SWNC8U51 service terminated with the following error: Access is denied.
    3/20/2012 6:30:02 PM, error: Dhcp [1002] - The IP address lease 192.168.1.7 for the Network Card with network address 00C0A8B96795 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    3/20/2012 10:32:13 PM, error: Service Control Manager [7023] - The CAMFLT service terminated with the following error: Access is denied.
    3/15/2012 9:03:41 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.121.1489.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8101.0 Error code: 0x80072ee2 Error description: The operation timed out
    .
    ==== End Of File ===========================
    ----------------------------------------------------------------------------------------

    Thank You in advance for all of your help.
  3. shivmister

    shivmister Newcomer, in training Topic Starter Posts: 33

    I understand that the tech support on this site work very hard to accommodate everyone...I was just wondering if anyone had a chance to check out my logs?

    Thank you again!
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.