parkcitytrainer
Posts: 18 +0
This Trojan is a real pain. It keeps trying to send out to:
95.215.2.7
95.21.5.2.8
63.223.106.17
46.249.58.48
46.249.59.47
83.133.124.245
It also keeps starting Adobe Flash Player Installer.
I performed;
Step 1: Antivirus scanning
Step 2: Malwarebytes Anti-Malware
Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.03.27.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Rob :: FRANCIS-SV1 [administrator]
Protection: Enabled
3/27/2012 8:02:42 PM
mbam-log-2012-03-27 (20-02-42).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 223740
Time elapsed: 43 minute(s), 29 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Step 3: GMER
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-03-27 21:21:22
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD2500BB-55GUC0 rev.08.02D08
Running: yxu8qi7n.exe; Driver: C:\DOCUME~1\Rob\LOCALS~1\Temp\pxldypog.sys
---- System - GMER 1.0.15 ----
SSDT spoq.sys ZwEnumerateKey [0xF74FCDA4]
SSDT spoq.sys ZwEnumerateValueKey [0xF74FD132]
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\adpu160m \Device\Scsi\adpu160m2Port3Path0Target1Lun0 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m1Port2Path0Target1Lun0 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m1Port2Path0Target3Lun0 8A3541F8
Device \Driver\ax3wod37 \Device\Scsi\ax3wod371 8A0D61F8
Device \Driver\adpu160m \Device\Scsi\adpu160m1 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m2 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m3 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m1Port2Path0Target4Lun0 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m1Port2Path0Target2Lun0 8A3541F8
Device \FileSystem\Ntfs \Ntfs 8A3531F8
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\Tcp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\Udp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\RawIp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
---- EOF - GMER 1.0.15 ----
Step 4: DDS
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Run by Rob at 21:21:33 on 2012-03-27
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.553 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\MCTCIDUtil.exe
C:\WINDOWS\system32\trutil01.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\MFirefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.atcomet.com/b/
uSearch Bar =
uInternet Settings,ProxyOverride = <local>;*.local
mURLSearchHooks: H - No File
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.2.0.3\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.2.0.3\AVG Secure Search_toolbar.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [nwiz] nwiz.exe /install
mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [MCTCIDUtil] c:\windows\system32\MCTCIDUtil.exe
mRun: [trutil0] c:\windows\system32\trutil01.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc1~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpohmr08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll/206
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
LSP: mswsock.dll
Trusted Zone: intuit.com\ttlc
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263616039703
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1263616028390
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\10.2.0\ViProtocol.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rob\application data\mozilla\firefox\profiles\fc6gsug0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2384137&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.atcomet.com/b/
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 49495
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\rob\application data\mozilla\firefox\profiles\fc6gsug0.default\extensions\{5b79bc2a-25c2-4f2a-bb86-606ea88ab950}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\rob\application data\mozilla\firefox\profiles\fc6gsug0.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\IBitCometExtension.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\rob\application data\facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\documents and settings\rob\application data\mozilla\firefox\profiles\fc6gsug0.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\documents and settings\rob\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mfirefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mfirefox\plugins\npdjvu.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np_gp.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np_gp.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2012-3-26 207280]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-9 295248]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2012-3-26 233136]
R1 pfmfs_27B;pfmfs_27B;c:\windows\system32\drivers\pfmfs_27B.sys [2009-3-18 179896]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-5-25 47640]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-4-27 652360]
R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\10.2.0\ToolbarUpdater.exe [2012-3-14 918880]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 16720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-4-27 20464]
R3 xMrMINI;xMrMINI;c:\windows\system32\drivers\xMrMini.sys [2012-3-11 247680]
R3 xVGAMINI;xVGAMINI;c:\windows\system32\drivers\xVgaMini.sys [2012-3-11 253056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]
S2 mclogmanagerservice;Wpsscannersvc;c:\windows\system32\svchost.exe -k netsvcs [2002-8-29 14336]
S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [2006-7-31 580992]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [2012-3-9 45288]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2012-3-26 70408]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\RpcAgentSrv.exe [2009-4-19 98488]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2012-3-26 365280]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2012-3-26 1141712]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 xVGAUSB;USB 2.0 VGA DEVICE-1;c:\windows\system32\drivers\xvgausb.sys [2012-3-11 34944]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2012-03-26 23:28:57 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2012-03-26 23:28:52 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2012-03-26 23:28:52 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2012-03-26 23:28:46 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2012-03-26 23:28:34 -------- d-----w- c:\program files\Spyware Doctor
2012-03-26 23:28:34 -------- d-----w- c:\program files\common files\PC Tools
2012-03-26 23:28:34 -------- d-----w- c:\documents and settings\rob\application data\PC Tools
2012-03-26 23:28:34 -------- d-----w- c:\documents and settings\all users\application data\PC Tools
2012-03-26 23:08:22 -------- d-----w- c:\documents and settings\rob\application data\GetRightToGo
2012-03-26 22:59:58 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-03-26 16:32:14 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-03-11 19:36:17 -------- d-----w- C:\MCT
2012-03-11 19:36:16 315392 ----a-w- c:\windows\system32\MCTCIDUtil.exe
2012-03-11 19:07:27 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2012-03-11 19:07:01 21504 ----a-w- c:\windows\system32\drivers\hidserv.dll
2012-03-11 18:59:55 -------- d-----w- c:\documents and settings\rob\application data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-03-10 05:00:38 -------- d-----w- c:\program files\ATI
2012-03-10 05:00:01 -------- d-----w- c:\program files\ATI Technologies
2012-03-10 04:57:57 -------- d-----w- C:\ATI
2012-03-10 04:57:30 21784 ----a-w- c:\windows\system32\drivers\nuidfltr.sys
2012-03-10 04:57:30 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2012-03-10 04:57:28 45288 ----a-w- c:\windows\system32\drivers\dc3d.sys
2012-03-10 04:57:10 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2012-03-05 22:17:02 -------- d-----w- C:\TRITTON_uv100_8.0.1.0229.1153
.
==================== Find3M ====================
.
.
============= FINISH: 21:23:03.50 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/14/2009 10:50:03 PM
System Uptime: 3/27/2012 6:42:03 AM (15 hours ago)
.
Motherboard: Dell Computer Corp. | |
Processor: Intel(R) XEON(TM) CPU 2.00GHz | Microprocessor | 1977/100mhz
Processor: Intel(R) XEON(TM) CPU 2.00GHz | Microprocessor | 1977/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 105.565 GiB free.
E: is FIXED (NTFS) - 137 GiB total, 67.095 GiB free.
F: is FIXED (NTFS) - 34 GiB total, 4.457 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP671: 12/31/2011 9:48:56 AM - System Checkpoint
RP672: 1/1/2012 10:12:55 AM - System Checkpoint
RP673: 1/2/2012 7:37:19 PM - System Checkpoint
RP674: 1/3/2012 8:26:29 PM - System Checkpoint
RP675: 1/6/2012 6:34:38 PM - System Checkpoint
RP676: 1/8/2012 7:49:45 PM - System Checkpoint
RP677: 1/10/2012 7:23:21 PM - System Checkpoint
RP678: 1/11/2012 7:41:39 PM - System Checkpoint
RP679: 1/12/2012 8:37:31 PM - System Checkpoint
RP680: 1/13/2012 10:08:14 PM - System Checkpoint
RP681: 1/14/2012 11:00:10 PM - System Checkpoint
RP682: 1/19/2012 7:07:42 PM - System Checkpoint
RP683: 1/20/2012 7:12:50 PM - System Checkpoint
RP684: 1/21/2012 7:24:45 PM - System Checkpoint
RP685: 1/23/2012 7:10:34 PM - System Checkpoint
RP686: 1/26/2012 6:20:50 PM - System Checkpoint
RP687: 1/28/2012 9:46:02 AM - System Checkpoint
RP688: 1/29/2012 4:22:49 PM - System Checkpoint
RP689: 1/31/2012 12:44:46 PM - System Checkpoint
RP690: 2/1/2012 6:17:29 PM - System Checkpoint
RP691: 2/4/2012 1:07:01 AM - System Checkpoint
RP692: 2/5/2012 9:54:04 AM - System Checkpoint
RP693: 2/6/2012 10:00:32 AM - System Checkpoint
RP694: 2/7/2012 6:35:45 PM - System Checkpoint
RP695: 2/10/2012 4:16:20 PM - System Checkpoint
RP696: 2/11/2012 4:56:15 PM - System Checkpoint
RP697: 2/12/2012 5:13:12 PM - System Checkpoint
RP698: 2/14/2012 6:43:09 PM - System Checkpoint
RP699: 2/15/2012 6:58:54 PM - System Checkpoint
RP700: 2/17/2012 6:27:02 PM - System Checkpoint
RP701: 2/17/2012 9:00:43 PM - Installed iTunes
RP702: 2/18/2012 9:25:19 PM - System Checkpoint
RP703: 2/20/2012 7:38:53 PM - System Checkpoint
RP704: 2/26/2012 9:29:47 AM - System Checkpoint
RP705: 3/5/2012 3:18:38 PM - Installed SEE2 USB 2.0 VGA Adapter (Multiple)
RP706: 3/5/2012 3:29:33 PM - Unsigned driver install
RP707: 3/5/2012 7:01:09 PM - Removed Microsoft Silverlight
RP708: 3/6/2012 6:19:13 AM - Unsigned driver install
RP709: 3/10/2012 2:46:03 PM - System Checkpoint
RP710: 3/11/2012 1:07:27 PM - Installed Windows XP Wdf01009.
RP711: 3/11/2012 1:25:16 PM - Removed SEE2 USB 2.0 VGA Adapter (Multiple)
RP712: 3/11/2012 1:35:39 PM - Installed SEE2 USB 2.0 VGA Adapter (Multiple)
RP713: 3/11/2012 1:38:14 PM - Unsigned driver install
RP714: 3/12/2012 12:24:07 PM - Unsigned driver install
RP715: 3/12/2012 12:56:04 PM - Unsigned driver install
RP716: 3/14/2012 8:53:56 PM - System Checkpoint
RP717: 3/17/2012 2:23:23 PM - System Checkpoint
RP718: 3/18/2012 2:56:52 PM - System Checkpoint
RP719: 3/19/2012 6:28:15 PM - System Checkpoint
RP720: 3/22/2012 7:38:02 PM - System Checkpoint
RP721: 3/23/2012 7:59:03 PM - System Checkpoint
RP722: 3/25/2012 10:26:41 AM - System Checkpoint
RP723: 3/27/2012 3:41:37 AM - System Checkpoint
RP724: 3/27/2012 7:03:59 AM - Removed Acrobat.com
RP725: 3/27/2012 7:04:56 AM - Removed Adobe Reader 9.5.0.
RP726: 3/27/2012 7:10:25 AM - Removed Adobe Photoshop Elements 5.0
.
==== Installed Programs ======================
.
.
3ivx MPEG-4 5.0.3 (remove only)
7-Zip 4.65
ADS Tech Master Installer V3.8
Advanced SystemCare 3
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ashampoo Burning Studio 9.03
AutoUpdate
AVG 2012
BitComet 1.25
Bonjour
Business Plan Pro 2007
CCleaner
Critical Update for Windows Media Player 11 (KB959772)
CyberLink PowerDirector
CyberLink WaveEditor
CyberView CS - Memor-ease 1.2a (build 20090910)
dcmsvc 1.0
Dell Driver Download Manager
DivX
DivX Player
DriverGuide DriverScan
Facebook Plug-In
FreeRIP v3.42
Google Updater
HGTV Home & Interior Painter
HGTV Home & Landscape Platinum Suite
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
hp instant support
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 1200 series
hp psc 1200 series
ImagXpress
Indeo® software
iTunes
Java Auto Updater
Java(TM) 6 Update 22
LightScribe System Software 1.14.17.1
LizardTech DjVu Control
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft English TTS Engine
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft IntelliType Pro 8.2
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access database engine 2007 (English)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project 2007 Service Pack 2 (SP2)
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Streets & Trips 2009
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MobileMe Control Panel
Mozilla Firefox 11.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
NVIDIA Drivers
Oakley THUMP
OVT Scanner X86
PhotoImpact X3
Pismo File Mount Audit Package
Quicken 2010
QuickTime
Remote Control USB Driver
SAPI Wrapper
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio 2007 (KB2434737)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
SEE2 USB 2.0 VGA Adapter (Multiple) 8.0.1.0229.1153
SiSoftware Sandra Lite 2009.SP2
SmartSound Quicktracks 5
SmartSound Quicktracks Plugin
Spybot - Search & Destroy
Spyware Doctor 7.0
System Requirements Lab
TTS Wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2010 wutiper
Ulead DVD DiskRecorder 2.1.1
Uninstall OVT Scanner
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2508979)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 8.0 ATL (x86) WinSXS MSM
Visual C++ 8.0 CRT (x86) WinSXS MSM
VLC media player 1.0.1
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
Yahoo! BrowserPlus 2.9.8
.
==== Event Viewer Messages From Past Week ========
.
3/26/2012 9:58:26 PM, error: Service Control Manager [7023] - The Wdm_au8820 service terminated with the following error: Access is denied.
3/26/2012 9:43:28 PM, error: Service Control Manager [7023] - The AMDPCI service terminated with the following error: Access is denied.
3/26/2012 9:28:27 PM, error: Service Control Manager [7023] - The Igniteservice.exe service terminated with the following error: Access is denied.
3/26/2012 9:13:26 PM, error: Service Control Manager [7023] - The Stirusb service terminated with the following error: Access is denied.
3/26/2012 8:58:26 PM, error: Service Control Manager [7023] - The Cics.region2 service terminated with the following error: Access is denied.
3/26/2012 8:43:24 PM, error: Service Control Manager [7023] - The Areschatserver service terminated with the following error: Access is denied.
3/26/2012 8:28:22 PM, error: Service Control Manager [7023] - The Servicemgr service terminated with the following error: Access is denied.
3/26/2012 8:13:21 PM, error: Service Control Manager [7023] - The Oracle_load_balancer_60_server-forms6ip14 service terminated with the following error: Access is denied.
3/26/2012 7:58:23 PM, error: Service Control Manager [7023] - The Dpc_srv_webcast service terminated with the following error: Access is denied.
3/26/2012 7:43:21 PM, error: Service Control Manager [7023] - The Wpsscannersvc service terminated with the following error: Access is denied.
3/26/2012 7:28:20 PM, error: Service Control Manager [7023] - The Tablet2k service terminated with the following error: Access is denied.
3/26/2012 7:13:19 PM, error: Service Control Manager [7023] - The WacomVKHid service terminated with the following error: Access is denied.
3/26/2012 6:58:21 PM, error: Service Control Manager [7023] - The Enodpl service terminated with the following error: Access is denied.
3/26/2012 6:43:18 PM, error: Service Control Manager [7023] - The Steamdvr service terminated with the following error: Access is denied.
3/26/2012 6:28:19 PM, error: Service Control Manager [7023] - The HPFECP20 service terminated with the following error: Access is denied.
3/26/2012 6:13:17 PM, error: Service Control Manager [7023] - The Nbservice service terminated with the following error: Access is denied.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Z525mdm service terminated with the following error: Access is denied.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Qbreminderflash service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Openvpnservice service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Ntgrip service terminated with the following error: Access is denied.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The LXARScan service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Lvusbsta service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Lp6nds35 service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Help and Support service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.
3/26/2012 5:53:24 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/26/2012 5:28:37 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
3/26/2012 5:24:05 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}
3/26/2012 5:22:10 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
3/26/2012 5:20:09 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
3/26/2012 5:00:38 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 Fips intelppm sptd
3/26/2012 4:59:40 PM, error: sptd [4] - Driver detected an internal error in its data structures for .
3/26/2012 4:39:52 PM, error: Service Control Manager [7023] - The LXARScan service terminated with the following error: Access is denied.
3/26/2012 2:25:07 PM, error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).
3/26/2012 2:25:02 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
3/26/2012 11:45:19 AM, error: Service Control Manager [7023] - The Qbreminderflash service terminated with the following error: Access is denied.
3/26/2012 11:37:22 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
3/26/2012 11:10:18 AM, error: Service Control Manager [7023] - The Openvpnservice service terminated with the following error: Access is denied.
3/26/2012 10:45:15 AM, error: Service Control Manager [7023] - The Lp6nds35 service terminated with the following error: Access is denied.
3/26/2012 10:43:28 PM, error: Service Control Manager [7023] - The Sk9920nt service terminated with the following error: Access is denied.
3/26/2012 10:32:16 AM, error: Service Control Manager [7023] - The Lvusbsta service terminated with the following error: Access is denied.
3/26/2012 10:28:34 PM, error: Service Control Manager [7023] - The SE2Eobex service terminated with the following error: Access is denied.
3/26/2012 10:13:33 PM, error: Service Control Manager [7023] - The Statusagent4 service terminated with the following error: Access is denied.
.
==== End Of File ===========================
Any and all help to remove this Trojan is much appreciated.
95.215.2.7
95.21.5.2.8
63.223.106.17
46.249.58.48
46.249.59.47
83.133.124.245
It also keeps starting Adobe Flash Player Installer.
I performed;
Step 1: Antivirus scanning
Step 2: Malwarebytes Anti-Malware
Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.03.27.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Rob :: FRANCIS-SV1 [administrator]
Protection: Enabled
3/27/2012 8:02:42 PM
mbam-log-2012-03-27 (20-02-42).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 223740
Time elapsed: 43 minute(s), 29 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Step 3: GMER
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-03-27 21:21:22
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD2500BB-55GUC0 rev.08.02D08
Running: yxu8qi7n.exe; Driver: C:\DOCUME~1\Rob\LOCALS~1\Temp\pxldypog.sys
---- System - GMER 1.0.15 ----
SSDT spoq.sys ZwEnumerateKey [0xF74FCDA4]
SSDT spoq.sys ZwEnumerateValueKey [0xF74FD132]
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\adpu160m \Device\Scsi\adpu160m2Port3Path0Target1Lun0 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m1Port2Path0Target1Lun0 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m1Port2Path0Target3Lun0 8A3541F8
Device \Driver\ax3wod37 \Device\Scsi\ax3wod371 8A0D61F8
Device \Driver\adpu160m \Device\Scsi\adpu160m1 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m2 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m3 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m1Port2Path0Target4Lun0 8A3541F8
Device \Driver\adpu160m \Device\Scsi\adpu160m1Port2Path0Target2Lun0 8A3541F8
Device \FileSystem\Ntfs \Ntfs 8A3531F8
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\Tcp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\Udp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\RawIp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
---- EOF - GMER 1.0.15 ----
Step 4: DDS
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Run by Rob at 21:21:33 on 2012-03-27
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.553 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\MCTCIDUtil.exe
C:\WINDOWS\system32\trutil01.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\MFirefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.atcomet.com/b/
uSearch Bar =
uInternet Settings,ProxyOverride = <local>;*.local
mURLSearchHooks: H - No File
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.2.0.3\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.2.0.3\AVG Secure Search_toolbar.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [nwiz] nwiz.exe /install
mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [MCTCIDUtil] c:\windows\system32\MCTCIDUtil.exe
mRun: [trutil0] c:\windows\system32\trutil01.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc1~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpohmr08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll/206
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
LSP: mswsock.dll
Trusted Zone: intuit.com\ttlc
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263616039703
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1263616028390
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\10.2.0\ViProtocol.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rob\application data\mozilla\firefox\profiles\fc6gsug0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2384137&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.atcomet.com/b/
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 49495
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\rob\application data\mozilla\firefox\profiles\fc6gsug0.default\extensions\{5b79bc2a-25c2-4f2a-bb86-606ea88ab950}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\rob\application data\mozilla\firefox\profiles\fc6gsug0.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\IBitCometExtension.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\rob\application data\facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\documents and settings\rob\application data\mozilla\firefox\profiles\fc6gsug0.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\documents and settings\rob\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mfirefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mfirefox\plugins\npdjvu.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np_gp.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np_gp.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2012-3-26 207280]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-9 295248]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2012-3-26 233136]
R1 pfmfs_27B;pfmfs_27B;c:\windows\system32\drivers\pfmfs_27B.sys [2009-3-18 179896]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-5-25 47640]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-4-27 652360]
R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\10.2.0\ToolbarUpdater.exe [2012-3-14 918880]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 16720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-4-27 20464]
R3 xMrMINI;xMrMINI;c:\windows\system32\drivers\xMrMini.sys [2012-3-11 247680]
R3 xVGAMINI;xVGAMINI;c:\windows\system32\drivers\xVgaMini.sys [2012-3-11 253056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]
S2 mclogmanagerservice;Wpsscannersvc;c:\windows\system32\svchost.exe -k netsvcs [2002-8-29 14336]
S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [2006-7-31 580992]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [2012-3-9 45288]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2012-3-26 70408]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\RpcAgentSrv.exe [2009-4-19 98488]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2012-3-26 365280]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2012-3-26 1141712]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 xVGAUSB;USB 2.0 VGA DEVICE-1;c:\windows\system32\drivers\xvgausb.sys [2012-3-11 34944]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2012-03-26 23:28:57 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2012-03-26 23:28:52 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2012-03-26 23:28:52 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2012-03-26 23:28:46 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2012-03-26 23:28:34 -------- d-----w- c:\program files\Spyware Doctor
2012-03-26 23:28:34 -------- d-----w- c:\program files\common files\PC Tools
2012-03-26 23:28:34 -------- d-----w- c:\documents and settings\rob\application data\PC Tools
2012-03-26 23:28:34 -------- d-----w- c:\documents and settings\all users\application data\PC Tools
2012-03-26 23:08:22 -------- d-----w- c:\documents and settings\rob\application data\GetRightToGo
2012-03-26 22:59:58 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-03-26 16:32:14 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-03-11 19:36:17 -------- d-----w- C:\MCT
2012-03-11 19:36:16 315392 ----a-w- c:\windows\system32\MCTCIDUtil.exe
2012-03-11 19:07:27 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2012-03-11 19:07:01 21504 ----a-w- c:\windows\system32\drivers\hidserv.dll
2012-03-11 18:59:55 -------- d-----w- c:\documents and settings\rob\application data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-03-10 05:00:38 -------- d-----w- c:\program files\ATI
2012-03-10 05:00:01 -------- d-----w- c:\program files\ATI Technologies
2012-03-10 04:57:57 -------- d-----w- C:\ATI
2012-03-10 04:57:30 21784 ----a-w- c:\windows\system32\drivers\nuidfltr.sys
2012-03-10 04:57:30 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2012-03-10 04:57:28 45288 ----a-w- c:\windows\system32\drivers\dc3d.sys
2012-03-10 04:57:10 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2012-03-05 22:17:02 -------- d-----w- C:\TRITTON_uv100_8.0.1.0229.1153
.
==================== Find3M ====================
.
.
============= FINISH: 21:23:03.50 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/14/2009 10:50:03 PM
System Uptime: 3/27/2012 6:42:03 AM (15 hours ago)
.
Motherboard: Dell Computer Corp. | |
Processor: Intel(R) XEON(TM) CPU 2.00GHz | Microprocessor | 1977/100mhz
Processor: Intel(R) XEON(TM) CPU 2.00GHz | Microprocessor | 1977/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 105.565 GiB free.
E: is FIXED (NTFS) - 137 GiB total, 67.095 GiB free.
F: is FIXED (NTFS) - 34 GiB total, 4.457 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP671: 12/31/2011 9:48:56 AM - System Checkpoint
RP672: 1/1/2012 10:12:55 AM - System Checkpoint
RP673: 1/2/2012 7:37:19 PM - System Checkpoint
RP674: 1/3/2012 8:26:29 PM - System Checkpoint
RP675: 1/6/2012 6:34:38 PM - System Checkpoint
RP676: 1/8/2012 7:49:45 PM - System Checkpoint
RP677: 1/10/2012 7:23:21 PM - System Checkpoint
RP678: 1/11/2012 7:41:39 PM - System Checkpoint
RP679: 1/12/2012 8:37:31 PM - System Checkpoint
RP680: 1/13/2012 10:08:14 PM - System Checkpoint
RP681: 1/14/2012 11:00:10 PM - System Checkpoint
RP682: 1/19/2012 7:07:42 PM - System Checkpoint
RP683: 1/20/2012 7:12:50 PM - System Checkpoint
RP684: 1/21/2012 7:24:45 PM - System Checkpoint
RP685: 1/23/2012 7:10:34 PM - System Checkpoint
RP686: 1/26/2012 6:20:50 PM - System Checkpoint
RP687: 1/28/2012 9:46:02 AM - System Checkpoint
RP688: 1/29/2012 4:22:49 PM - System Checkpoint
RP689: 1/31/2012 12:44:46 PM - System Checkpoint
RP690: 2/1/2012 6:17:29 PM - System Checkpoint
RP691: 2/4/2012 1:07:01 AM - System Checkpoint
RP692: 2/5/2012 9:54:04 AM - System Checkpoint
RP693: 2/6/2012 10:00:32 AM - System Checkpoint
RP694: 2/7/2012 6:35:45 PM - System Checkpoint
RP695: 2/10/2012 4:16:20 PM - System Checkpoint
RP696: 2/11/2012 4:56:15 PM - System Checkpoint
RP697: 2/12/2012 5:13:12 PM - System Checkpoint
RP698: 2/14/2012 6:43:09 PM - System Checkpoint
RP699: 2/15/2012 6:58:54 PM - System Checkpoint
RP700: 2/17/2012 6:27:02 PM - System Checkpoint
RP701: 2/17/2012 9:00:43 PM - Installed iTunes
RP702: 2/18/2012 9:25:19 PM - System Checkpoint
RP703: 2/20/2012 7:38:53 PM - System Checkpoint
RP704: 2/26/2012 9:29:47 AM - System Checkpoint
RP705: 3/5/2012 3:18:38 PM - Installed SEE2 USB 2.0 VGA Adapter (Multiple)
RP706: 3/5/2012 3:29:33 PM - Unsigned driver install
RP707: 3/5/2012 7:01:09 PM - Removed Microsoft Silverlight
RP708: 3/6/2012 6:19:13 AM - Unsigned driver install
RP709: 3/10/2012 2:46:03 PM - System Checkpoint
RP710: 3/11/2012 1:07:27 PM - Installed Windows XP Wdf01009.
RP711: 3/11/2012 1:25:16 PM - Removed SEE2 USB 2.0 VGA Adapter (Multiple)
RP712: 3/11/2012 1:35:39 PM - Installed SEE2 USB 2.0 VGA Adapter (Multiple)
RP713: 3/11/2012 1:38:14 PM - Unsigned driver install
RP714: 3/12/2012 12:24:07 PM - Unsigned driver install
RP715: 3/12/2012 12:56:04 PM - Unsigned driver install
RP716: 3/14/2012 8:53:56 PM - System Checkpoint
RP717: 3/17/2012 2:23:23 PM - System Checkpoint
RP718: 3/18/2012 2:56:52 PM - System Checkpoint
RP719: 3/19/2012 6:28:15 PM - System Checkpoint
RP720: 3/22/2012 7:38:02 PM - System Checkpoint
RP721: 3/23/2012 7:59:03 PM - System Checkpoint
RP722: 3/25/2012 10:26:41 AM - System Checkpoint
RP723: 3/27/2012 3:41:37 AM - System Checkpoint
RP724: 3/27/2012 7:03:59 AM - Removed Acrobat.com
RP725: 3/27/2012 7:04:56 AM - Removed Adobe Reader 9.5.0.
RP726: 3/27/2012 7:10:25 AM - Removed Adobe Photoshop Elements 5.0
.
==== Installed Programs ======================
.
.
3ivx MPEG-4 5.0.3 (remove only)
7-Zip 4.65
ADS Tech Master Installer V3.8
Advanced SystemCare 3
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ashampoo Burning Studio 9.03
AutoUpdate
AVG 2012
BitComet 1.25
Bonjour
Business Plan Pro 2007
CCleaner
Critical Update for Windows Media Player 11 (KB959772)
CyberLink PowerDirector
CyberLink WaveEditor
CyberView CS - Memor-ease 1.2a (build 20090910)
dcmsvc 1.0
Dell Driver Download Manager
DivX
DivX Player
DriverGuide DriverScan
Facebook Plug-In
FreeRIP v3.42
Google Updater
HGTV Home & Interior Painter
HGTV Home & Landscape Platinum Suite
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
hp instant support
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 1200 series
hp psc 1200 series
ImagXpress
Indeo® software
iTunes
Java Auto Updater
Java(TM) 6 Update 22
LightScribe System Software 1.14.17.1
LizardTech DjVu Control
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft English TTS Engine
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft IntelliType Pro 8.2
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access database engine 2007 (English)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project 2007 Service Pack 2 (SP2)
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Streets & Trips 2009
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MobileMe Control Panel
Mozilla Firefox 11.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
NVIDIA Drivers
Oakley THUMP
OVT Scanner X86
PhotoImpact X3
Pismo File Mount Audit Package
Quicken 2010
QuickTime
Remote Control USB Driver
SAPI Wrapper
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio 2007 (KB2434737)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
SEE2 USB 2.0 VGA Adapter (Multiple) 8.0.1.0229.1153
SiSoftware Sandra Lite 2009.SP2
SmartSound Quicktracks 5
SmartSound Quicktracks Plugin
Spybot - Search & Destroy
Spyware Doctor 7.0
System Requirements Lab
TTS Wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2010 wutiper
Ulead DVD DiskRecorder 2.1.1
Uninstall OVT Scanner
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2508979)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 8.0 ATL (x86) WinSXS MSM
Visual C++ 8.0 CRT (x86) WinSXS MSM
VLC media player 1.0.1
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
Yahoo! BrowserPlus 2.9.8
.
==== Event Viewer Messages From Past Week ========
.
3/26/2012 9:58:26 PM, error: Service Control Manager [7023] - The Wdm_au8820 service terminated with the following error: Access is denied.
3/26/2012 9:43:28 PM, error: Service Control Manager [7023] - The AMDPCI service terminated with the following error: Access is denied.
3/26/2012 9:28:27 PM, error: Service Control Manager [7023] - The Igniteservice.exe service terminated with the following error: Access is denied.
3/26/2012 9:13:26 PM, error: Service Control Manager [7023] - The Stirusb service terminated with the following error: Access is denied.
3/26/2012 8:58:26 PM, error: Service Control Manager [7023] - The Cics.region2 service terminated with the following error: Access is denied.
3/26/2012 8:43:24 PM, error: Service Control Manager [7023] - The Areschatserver service terminated with the following error: Access is denied.
3/26/2012 8:28:22 PM, error: Service Control Manager [7023] - The Servicemgr service terminated with the following error: Access is denied.
3/26/2012 8:13:21 PM, error: Service Control Manager [7023] - The Oracle_load_balancer_60_server-forms6ip14 service terminated with the following error: Access is denied.
3/26/2012 7:58:23 PM, error: Service Control Manager [7023] - The Dpc_srv_webcast service terminated with the following error: Access is denied.
3/26/2012 7:43:21 PM, error: Service Control Manager [7023] - The Wpsscannersvc service terminated with the following error: Access is denied.
3/26/2012 7:28:20 PM, error: Service Control Manager [7023] - The Tablet2k service terminated with the following error: Access is denied.
3/26/2012 7:13:19 PM, error: Service Control Manager [7023] - The WacomVKHid service terminated with the following error: Access is denied.
3/26/2012 6:58:21 PM, error: Service Control Manager [7023] - The Enodpl service terminated with the following error: Access is denied.
3/26/2012 6:43:18 PM, error: Service Control Manager [7023] - The Steamdvr service terminated with the following error: Access is denied.
3/26/2012 6:28:19 PM, error: Service Control Manager [7023] - The HPFECP20 service terminated with the following error: Access is denied.
3/26/2012 6:13:17 PM, error: Service Control Manager [7023] - The Nbservice service terminated with the following error: Access is denied.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Z525mdm service terminated with the following error: Access is denied.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Qbreminderflash service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Openvpnservice service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Ntgrip service terminated with the following error: Access is denied.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The LXARScan service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Lvusbsta service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Lp6nds35 service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7023] - The Help and Support service terminated with the following error: The specified module could not be found.
3/26/2012 5:58:34 PM, error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.
3/26/2012 5:53:24 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/26/2012 5:28:37 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
3/26/2012 5:24:05 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}
3/26/2012 5:22:10 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
3/26/2012 5:20:09 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
3/26/2012 5:00:38 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 Fips intelppm sptd
3/26/2012 4:59:40 PM, error: sptd [4] - Driver detected an internal error in its data structures for .
3/26/2012 4:39:52 PM, error: Service Control Manager [7023] - The LXARScan service terminated with the following error: Access is denied.
3/26/2012 2:25:07 PM, error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).
3/26/2012 2:25:02 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
3/26/2012 11:45:19 AM, error: Service Control Manager [7023] - The Qbreminderflash service terminated with the following error: Access is denied.
3/26/2012 11:37:22 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
3/26/2012 11:10:18 AM, error: Service Control Manager [7023] - The Openvpnservice service terminated with the following error: Access is denied.
3/26/2012 10:45:15 AM, error: Service Control Manager [7023] - The Lp6nds35 service terminated with the following error: Access is denied.
3/26/2012 10:43:28 PM, error: Service Control Manager [7023] - The Sk9920nt service terminated with the following error: Access is denied.
3/26/2012 10:32:16 AM, error: Service Control Manager [7023] - The Lvusbsta service terminated with the following error: Access is denied.
3/26/2012 10:28:34 PM, error: Service Control Manager [7023] - The SE2Eobex service terminated with the following error: Access is denied.
3/26/2012 10:13:33 PM, error: Service Control Manager [7023] - The Statusagent4 service terminated with the following error: Access is denied.
.
==== End Of File ===========================
Any and all help to remove this Trojan is much appreciated.