I've suddenly started getting redirects when I attempt to follow the links on a Google search results page.
Your help would be greatly appreciated ... Lynn
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7674
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
9/7/2011 11:46:05 PM
mbam-log-2011-09-07 (23-46-05).txt
Scan type: Quick scan
Objects scanned: 213838
Time elapsed: 8 minute(s), 24 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-09-08 00:40:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e WDC_WD2500JS-75NCB3 rev.10.02E04
Running: mv5tzm7b.exe; Driver: C:\DOCUME~1\Rebecca\LOCALS~1\Temp\pxtdypow.sys
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_27
Run by Rebecca at 0:49:14 on 2011-09-08
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2306 [GMT -7:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\TypeItIn\TypeItIn.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: {E92BEFBA-E79D-4F41-9733-68DA49C4492B} - No File
TB: {5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No File
TB: {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - No File
uRun: [Google Update] "c:\documents and settings\rebecca\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [dbWIMgmt] rundll32.exe "c:\documents and settings\rebecca\local settings\application data\sysmain64\dbWIMgmt.dll",Devobjmm msGL80
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SetDefPrt] c:\program files\brother\brmfl06a\BrStDvPt.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\point32.exe"
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Password Generator - file://c:\program files\siber systems\ai roboform\RoboFormComPasswordGenerator.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F50} - c:\program files\siber systems\ai roboform\RoboFormComPasswordGenerator.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: hancockcollege.edu\myhancock
Trusted Zone: ichotelsgroup.com\secure
Trusted Zone: ichotelsgroup.com\www
Trusted Zone: t-mobile.com\my
Trusted Zone: uboc.com\bankingsso
Trusted Zone: usaa.com\www
Trusted Zone: usairways.com\www
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxps://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} - hxxp://download.microsoft.com/download/f/0/2/f02b515c-7076-4cee-bc08-fd6fea594578/VirtualEarth3D.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - hxxp://inst.c-wss.com/n020p/EN/install/gtdownlr.cab
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} - hxxp://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
DPF: {4125262D-2E47-11D3-9387-00C04F5B12B1} - hxxps://www.backup.com/user/webrestore.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231465235151
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1231465219854
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} - hxxp://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.87.76.182 68.87.78.134 0.0.0.0
TCP: Interfaces\{4BAF0A86-F301-4D5B-8CCA-6E54D2B29A06} : DhcpNameServer = 68.87.76.182 68.87.78.134 0.0.0.0
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\program files\cozi express\CoziProtocolHandler.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: WRNotifier - WRLogonNTF.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rebecca\application data\mozilla\firefox\profiles\jfrt0mtp.default\
FF - component: c:\program files\siber systems\ai roboform\firefox\components\rfproxy_31.dll
FF - plugin: c:\documents and settings\new\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\rebecca\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\rebecca\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\rebecca\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\musicnotes\npmusicn.dll
FF - plugin: c:\program files\musicnotes\NPSibelius.dll
FF - plugin: c:\program files\opera\program\plugins\npMozCouponPrinter.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: AI Roboform Toolbar for Firefox: {22119944-ED35-4ab1-910B-E619EA06A115} - c:\program files\siber systems\ai roboform\Firefox
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\rebecca\application data\Move Networks
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-5-26 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-5-26 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-5-26 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-5-26 66616]
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2004-8-11 14336]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\nitro pdf\reader\NitroPDFReaderDriverService.exe [2011-4-5 196912]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S1 MpKsl13d174b7;MpKsl13d174b7;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{766e6027-6644-4dea-857e-6266e94b8c4c}\mpksl13d174b7.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{766e6027-6644-4dea-857e-6266e94b8c4c}\MpKsl13d174b7.sys [?]
S1 MpKsl4663de32;MpKsl4663de32;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{90a0d05b-0467-4da1-9759-f466ddb96dcb}\mpksl4663de32.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{90a0d05b-0467-4da1-9759-f466ddb96dcb}\MpKsl4663de32.sys [?]
S1 MpKsl934a97e7;MpKsl934a97e7;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{90a0d05b-0467-4da1-9759-f466ddb96dcb}\mpksl934a97e7.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{90a0d05b-0467-4da1-9759-f466ddb96dcb}\MpKsl934a97e7.sys [?]
S1 MpKsld3853577;MpKsld3853577;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0849ac93-7729-4dc7-ad88-845dd1de925f}\mpksld3853577.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0849ac93-7729-4dc7-ad88-845dd1de925f}\MpKsld3853577.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-12 135664]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2010-3-3 25856]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-8-16 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-12 135664]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2009-12-3 19712]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-12-3 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2009-12-3 42752]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2009-11-6 9472]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-11 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-09-05 21:32:08 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-09-05 21:32:08 472808 ----a-w- c:\windows\system32\REN983.tmp
2011-09-03 21:02:24 -------- d-----w- c:\documents and settings\rebecca\local settings\application data\SysMain64
2011-09-01 10:13:25 5632 ----a-w- c:\windows\system32\wbem\snmp\smimsgif.dll
2011-09-01 10:13:25 5632 ----a-w- c:\windows\system32\wbem\snmp\smierrsy.dll
2011-09-01 10:13:25 5632 ----a-w- c:\windows\system32\dllcache\smimsgif.dll
2011-09-01 10:13:25 5632 ----a-w- c:\windows\system32\dllcache\smierrsy.dll
2011-09-01 10:13:24 15872 ----a-w- c:\windows\system32\wbem\snmp\smierrsm.dll
2011-09-01 10:13:24 15872 ----a-w- c:\windows\system32\dllcache\smierrsm.dll
2011-09-01 10:13:24 10240 ----a-w- c:\windows\system32\wbem\snmpstup.dll
2011-09-01 10:13:24 10240 ----a-w- c:\windows\system32\dllcache\snmpstup.dll
2011-08-16 22:05:51 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
==================== Find3M ====================
.
2011-09-05 21:31:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-16 21:49:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-07 02:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-07 02:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-30 10:20:09 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36:30 43520 ------w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13 385024 ------w- c:\windows\system32\html.iec
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
.
============= FINISH: 0:50:01.22 ===============
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 10/21/2006 8:27:19 AM
System Uptime: 9/1/2011 2:23:45 AM (166 hours ago)
.
Motherboard: Dell Inc. | | 0F8096
Processor: Intel(R) Pentium(R) D CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 187.693 GiB free.
D: is CDROM (UDF)
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1834: 6/11/2011 12:50:17 AM - System Checkpoint
RP1835: 6/12/2011 3:53:42 AM - System Checkpoint
RP1836: 6/13/2011 4:02:41 AM - System Checkpoint
RP1837: 6/14/2011 5:16:00 AM - System Checkpoint
RP1838: 6/15/2011 6:04:46 AM - System Checkpoint
RP1839: 6/16/2011 1:20:39 AM - Software Distribution Service 3.0
RP1840: 6/17/2011 1:34:15 AM - System Checkpoint
RP1841: 6/18/2011 2:18:47 AM - System Checkpoint
RP1842: 6/19/2011 2:56:37 AM - System Checkpoint
RP1843: 6/20/2011 3:56:19 AM - System Checkpoint
RP1844: 6/21/2011 4:16:00 AM - System Checkpoint
RP1845: 6/22/2011 4:56:23 AM - System Checkpoint
RP1846: 6/23/2011 5:56:23 AM - System Checkpoint
RP1847: 6/24/2011 6:56:23 AM - System Checkpoint
RP1848: 6/24/2011 10:13:30 PM - Installed Microsoft Office Professional 2010
RP1849: 6/24/2011 10:25:20 PM - Printer Driver Send To Microsoft OneNote 2010 Driver Installed
RP1850: 6/24/2011 11:23:49 PM - Removed Microsoft Office Professional Edition 2003
RP1851: 6/24/2011 11:34:32 PM - Software Distribution Service 3.0
RP1852: 6/24/2011 11:52:08 PM - Software Distribution Service 3.0
RP1853: 6/25/2011 12:00:44 AM - Software Distribution Service 3.0
RP1854: 6/25/2011 3:00:43 AM - Software Distribution Service 3.0
RP1855: 6/26/2011 8:26:04 AM - System Checkpoint
RP1856: 6/27/2011 9:21:24 AM - System Checkpoint
RP1857: 6/28/2011 6:25:21 PM - System Checkpoint
RP1858: 6/29/2011 3:00:38 AM - Software Distribution Service 3.0
RP1859: 6/30/2011 3:42:06 AM - System Checkpoint
RP1860: 7/1/2011 4:23:26 AM - System Checkpoint
RP1861: 7/2/2011 5:23:27 AM - System Checkpoint
RP1862: 7/3/2011 6:23:27 AM - System Checkpoint
RP1863: 7/4/2011 7:23:27 AM - System Checkpoint
RP1864: 7/5/2011 8:23:26 AM - System Checkpoint
RP1865: 7/6/2011 9:32:24 AM - System Checkpoint
RP1866: 7/7/2011 7:30:16 PM - System Checkpoint
RP1867: 7/8/2011 8:57:52 PM - System Checkpoint
RP1868: 7/9/2011 9:19:17 PM - System Checkpoint
RP1869: 7/10/2011 9:24:14 PM - System Checkpoint
RP1870: 7/11/2011 10:22:20 PM - System Checkpoint
RP1871: 7/13/2011 12:29:19 AM - System Checkpoint
RP1872: 7/13/2011 2:49:14 PM - Restore Operation
RP1873: 7/13/2011 2:59:59 PM - Software Distribution Service 3.0
RP1874: 7/14/2011 5:30:19 PM - System Checkpoint
RP1875: 7/15/2011 9:17:25 PM - System Checkpoint
RP1876: 7/16/2011 10:01:49 PM - System Checkpoint
RP1877: 7/17/2011 10:06:08 PM - System Checkpoint
RP1878: 7/18/2011 11:02:02 PM - System Checkpoint
RP1879: 7/20/2011 12:09:45 AM - System Checkpoint
RP1880: 7/21/2011 2:13:20 AM - System Checkpoint
RP1881: 7/22/2011 3:01:38 AM - System Checkpoint
RP1882: 7/23/2011 4:01:37 AM - System Checkpoint
RP1883: 7/24/2011 5:02:12 AM - System Checkpoint
RP1884: 7/25/2011 6:01:37 AM - System Checkpoint
RP1885: 7/26/2011 6:26:00 AM - System Checkpoint
RP1886: 7/27/2011 7:25:10 AM - System Checkpoint
RP1887: 7/28/2011 8:25:14 AM - System Checkpoint
RP1888: 7/29/2011 11:54:56 AM - Installed Microsoft Fix it 50228
RP1889: 7/30/2011 8:39:59 PM - System Checkpoint
RP1890: 7/31/2011 9:00:24 PM - System Checkpoint
RP1891: 8/1/2011 10:00:32 PM - System Checkpoint
RP1892: 8/2/2011 11:46:37 PM - System Checkpoint
RP1893: 8/4/2011 1:36:25 AM - System Checkpoint
RP1894: 8/5/2011 1:59:17 AM - System Checkpoint
RP1895: 8/6/2011 2:14:55 AM - System Checkpoint
RP1896: 8/7/2011 3:14:54 AM - System Checkpoint
RP1897: 8/8/2011 3:38:53 AM - System Checkpoint
RP1898: 8/9/2011 4:18:21 AM - System Checkpoint
RP1899: 8/10/2011 5:18:20 AM - System Checkpoint
RP1900: 8/11/2011 6:18:20 AM - System Checkpoint
RP1901: 8/12/2011 7:18:20 AM - System Checkpoint
RP1902: 8/13/2011 8:18:25 AM - System Checkpoint
RP1903: 8/14/2011 9:17:22 AM - System Checkpoint
RP1904: 8/15/2011 3:28:55 PM - System Checkpoint
RP1905: 8/17/2011 2:01:11 AM - System Checkpoint
RP1906: 8/18/2011 2:17:06 AM - System Checkpoint
RP1907: 8/19/2011 2:46:40 AM - System Checkpoint
RP1908: 8/20/2011 3:17:10 AM - System Checkpoint
RP1909: 8/21/2011 4:17:12 AM - System Checkpoint
RP1910: 8/22/2011 5:17:09 AM - System Checkpoint
RP1911: 8/23/2011 6:26:20 AM - System Checkpoint
RP1912: 8/24/2011 7:17:08 AM - System Checkpoint
RP1913: 8/25/2011 7:30:39 AM - System Checkpoint
RP1914: 8/26/2011 8:17:10 AM - System Checkpoint
RP1915: 8/27/2011 9:17:13 AM - System Checkpoint
RP1916: 8/28/2011 7:32:41 PM - System Checkpoint
RP1917: 8/29/2011 8:02:45 PM - System Checkpoint
RP1918: 8/31/2011 4:20:59 AM - System Checkpoint
RP1919: 9/1/2011 1:27:43 AM - Software Distribution Service 3.0
RP1920: 9/2/2011 2:52:24 AM - System Checkpoint
RP1921: 9/3/2011 4:49:29 PM - System Checkpoint
RP1922: 9/4/2011 5:58:38 PM - System Checkpoint
RP1923: 9/5/2011 2:19:45 PM - Removed Java(TM) 6 Update 20
RP1924: 9/5/2011 2:22:50 PM - Removed Apple Application Support
RP1925: 9/5/2011 2:24:33 PM - Removed Apple Software Update
RP1926: 9/5/2011 2:26:21 PM - Removed calibre
RP1927: 9/5/2011 2:31:51 PM - Installed Java(TM) 6 Update 27
RP1928: 9/5/2011 3:07:18 PM - Removed Evernote v. 4.3
RP1929: 9/6/2011 6:24:03 PM - System Checkpoint
RP1930: 9/7/2011 7:48:02 PM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 8.3.0
AI RoboForm (All Users)
AIM 7
Amazon MP3 Downloader 1.0.10
Aspell English Dictionary-0.50-2
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
Avira AntiVir Personal - Free Antivirus
BodyMedia FIT Software
Brother MFL-Pro Suite
CCleaner
CCScore
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Cozi • FlyLady Edition
Cozi Outlook Toolbar
CustomerResearchQFolder
Definition update for Microsoft Office 2010 (KB982726)
DFX for Windows Media Player
ESSBrwr
ESSCDBK
ESSini
ESSPCD
ESSPDock
GNU Aspell 0.50-3
Google Calendar Sync
Google Chrome
Google Desktop
Google Update Helper
GTK+ Runtime 2.14.7 rev a (remove only)
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Japanese Fonts Support For Adobe Reader 8
Java(TM) 6 Update 27
KhalInstallWrapper
LawWords 1.1 for MS Word(tm)
Logitech Harmony Remote Software 7
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2003 Primary Interop Assemblies
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Personal Folders Backup
Microsoft Reader
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 14
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Works 6-9 Converter
Move Media Player
Mozilla Firefox (3.5.19)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB954459)
Musicnotes Software Suite 1.5.3
muTater
MyFax® Print-to-Fax Assistant
NCH Toolbox
Nitro PDF Reader
NOOK for PC
OGA Notifier 2.0.0048.0
Online Backup
Opera 10.63
OverDrive Media Console
PayPal Plug-In
PdaNet for Android 2.41
PrestoNotes
Quicken 2011
QuickTime
Remote Control USB Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SHASTA
Shipping Assistant 3.4
Smart Defrag
Smilebox
Sony Player Plug-in for Windows Media Player
SoundMAX
Spelling Dictionaries Support For Adobe Reader 8
Spybot - Search & Destroy
staticcr
SUPERAntiSpyware
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual Studio 2005 Tools for Office Second Edition Runtime
WebFldrs XP
WebIQ Technology Engine
WebReg
Windows 7 Upgrade Advisor
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Search 4.0
Windows XP Service Pack 3
WinRAR archiver
WIRELESS
XML Paper Specification Shared Components Pack 1.0
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
9/8/2011 12:45:26 AM, error: Dhcp [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 0014222D5395 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
9/7/2011 11:57:54 PM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
9/4/2011 5:07:59 PM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
9/1/2011 1:20:15 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
.
==== End Of File ===========================
Your help would be greatly appreciated ... Lynn
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7674
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
9/7/2011 11:46:05 PM
mbam-log-2011-09-07 (23-46-05).txt
Scan type: Quick scan
Objects scanned: 213838
Time elapsed: 8 minute(s), 24 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-09-08 00:40:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e WDC_WD2500JS-75NCB3 rev.10.02E04
Running: mv5tzm7b.exe; Driver: C:\DOCUME~1\Rebecca\LOCALS~1\Temp\pxtdypow.sys
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_27
Run by Rebecca at 0:49:14 on 2011-09-08
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2306 [GMT -7:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\TypeItIn\TypeItIn.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: {E92BEFBA-E79D-4F41-9733-68DA49C4492B} - No File
TB: {5B327C15-C1B7-4D1F-A5B7-A2F5FFDF2881} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No File
TB: {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - No File
uRun: [Google Update] "c:\documents and settings\rebecca\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [dbWIMgmt] rundll32.exe "c:\documents and settings\rebecca\local settings\application data\sysmain64\dbWIMgmt.dll",Devobjmm msGL80
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SetDefPrt] c:\program files\brother\brmfl06a\BrStDvPt.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\point32.exe"
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Password Generator - file://c:\program files\siber systems\ai roboform\RoboFormComPasswordGenerator.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F50} - c:\program files\siber systems\ai roboform\RoboFormComPasswordGenerator.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: hancockcollege.edu\myhancock
Trusted Zone: ichotelsgroup.com\secure
Trusted Zone: ichotelsgroup.com\www
Trusted Zone: t-mobile.com\my
Trusted Zone: uboc.com\bankingsso
Trusted Zone: usaa.com\www
Trusted Zone: usairways.com\www
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxps://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} - hxxp://download.microsoft.com/download/f/0/2/f02b515c-7076-4cee-bc08-fd6fea594578/VirtualEarth3D.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - hxxp://inst.c-wss.com/n020p/EN/install/gtdownlr.cab
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} - hxxp://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
DPF: {4125262D-2E47-11D3-9387-00C04F5B12B1} - hxxps://www.backup.com/user/webrestore.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231465235151
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1231465219854
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} - hxxp://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.87.76.182 68.87.78.134 0.0.0.0
TCP: Interfaces\{4BAF0A86-F301-4D5B-8CCA-6E54D2B29A06} : DhcpNameServer = 68.87.76.182 68.87.78.134 0.0.0.0
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\program files\cozi express\CoziProtocolHandler.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: WRNotifier - WRLogonNTF.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rebecca\application data\mozilla\firefox\profiles\jfrt0mtp.default\
FF - component: c:\program files\siber systems\ai roboform\firefox\components\rfproxy_31.dll
FF - plugin: c:\documents and settings\new\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\rebecca\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\rebecca\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\rebecca\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\musicnotes\npmusicn.dll
FF - plugin: c:\program files\musicnotes\NPSibelius.dll
FF - plugin: c:\program files\opera\program\plugins\npMozCouponPrinter.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: AI Roboform Toolbar for Firefox: {22119944-ED35-4ab1-910B-E619EA06A115} - c:\program files\siber systems\ai roboform\Firefox
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\rebecca\application data\Move Networks
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-5-26 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-5-26 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-5-26 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-5-26 66616]
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2004-8-11 14336]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\nitro pdf\reader\NitroPDFReaderDriverService.exe [2011-4-5 196912]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S1 MpKsl13d174b7;MpKsl13d174b7;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{766e6027-6644-4dea-857e-6266e94b8c4c}\mpksl13d174b7.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{766e6027-6644-4dea-857e-6266e94b8c4c}\MpKsl13d174b7.sys [?]
S1 MpKsl4663de32;MpKsl4663de32;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{90a0d05b-0467-4da1-9759-f466ddb96dcb}\mpksl4663de32.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{90a0d05b-0467-4da1-9759-f466ddb96dcb}\MpKsl4663de32.sys [?]
S1 MpKsl934a97e7;MpKsl934a97e7;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{90a0d05b-0467-4da1-9759-f466ddb96dcb}\mpksl934a97e7.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{90a0d05b-0467-4da1-9759-f466ddb96dcb}\MpKsl934a97e7.sys [?]
S1 MpKsld3853577;MpKsld3853577;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0849ac93-7729-4dc7-ad88-845dd1de925f}\mpksld3853577.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0849ac93-7729-4dc7-ad88-845dd1de925f}\MpKsld3853577.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-12 135664]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2010-3-3 25856]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-8-16 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-12 135664]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2009-12-3 19712]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-12-3 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2009-12-3 42752]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2009-11-6 9472]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-11 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-09-05 21:32:08 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-09-05 21:32:08 472808 ----a-w- c:\windows\system32\REN983.tmp
2011-09-03 21:02:24 -------- d-----w- c:\documents and settings\rebecca\local settings\application data\SysMain64
2011-09-01 10:13:25 5632 ----a-w- c:\windows\system32\wbem\snmp\smimsgif.dll
2011-09-01 10:13:25 5632 ----a-w- c:\windows\system32\wbem\snmp\smierrsy.dll
2011-09-01 10:13:25 5632 ----a-w- c:\windows\system32\dllcache\smimsgif.dll
2011-09-01 10:13:25 5632 ----a-w- c:\windows\system32\dllcache\smierrsy.dll
2011-09-01 10:13:24 15872 ----a-w- c:\windows\system32\wbem\snmp\smierrsm.dll
2011-09-01 10:13:24 15872 ----a-w- c:\windows\system32\dllcache\smierrsm.dll
2011-09-01 10:13:24 10240 ----a-w- c:\windows\system32\wbem\snmpstup.dll
2011-09-01 10:13:24 10240 ----a-w- c:\windows\system32\dllcache\snmpstup.dll
2011-08-16 22:05:51 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
==================== Find3M ====================
.
2011-09-05 21:31:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-16 21:49:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-07 02:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-07 02:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-30 10:20:09 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36:30 43520 ------w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13 385024 ------w- c:\windows\system32\html.iec
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
.
============= FINISH: 0:50:01.22 ===============
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 10/21/2006 8:27:19 AM
System Uptime: 9/1/2011 2:23:45 AM (166 hours ago)
.
Motherboard: Dell Inc. | | 0F8096
Processor: Intel(R) Pentium(R) D CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 187.693 GiB free.
D: is CDROM (UDF)
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1834: 6/11/2011 12:50:17 AM - System Checkpoint
RP1835: 6/12/2011 3:53:42 AM - System Checkpoint
RP1836: 6/13/2011 4:02:41 AM - System Checkpoint
RP1837: 6/14/2011 5:16:00 AM - System Checkpoint
RP1838: 6/15/2011 6:04:46 AM - System Checkpoint
RP1839: 6/16/2011 1:20:39 AM - Software Distribution Service 3.0
RP1840: 6/17/2011 1:34:15 AM - System Checkpoint
RP1841: 6/18/2011 2:18:47 AM - System Checkpoint
RP1842: 6/19/2011 2:56:37 AM - System Checkpoint
RP1843: 6/20/2011 3:56:19 AM - System Checkpoint
RP1844: 6/21/2011 4:16:00 AM - System Checkpoint
RP1845: 6/22/2011 4:56:23 AM - System Checkpoint
RP1846: 6/23/2011 5:56:23 AM - System Checkpoint
RP1847: 6/24/2011 6:56:23 AM - System Checkpoint
RP1848: 6/24/2011 10:13:30 PM - Installed Microsoft Office Professional 2010
RP1849: 6/24/2011 10:25:20 PM - Printer Driver Send To Microsoft OneNote 2010 Driver Installed
RP1850: 6/24/2011 11:23:49 PM - Removed Microsoft Office Professional Edition 2003
RP1851: 6/24/2011 11:34:32 PM - Software Distribution Service 3.0
RP1852: 6/24/2011 11:52:08 PM - Software Distribution Service 3.0
RP1853: 6/25/2011 12:00:44 AM - Software Distribution Service 3.0
RP1854: 6/25/2011 3:00:43 AM - Software Distribution Service 3.0
RP1855: 6/26/2011 8:26:04 AM - System Checkpoint
RP1856: 6/27/2011 9:21:24 AM - System Checkpoint
RP1857: 6/28/2011 6:25:21 PM - System Checkpoint
RP1858: 6/29/2011 3:00:38 AM - Software Distribution Service 3.0
RP1859: 6/30/2011 3:42:06 AM - System Checkpoint
RP1860: 7/1/2011 4:23:26 AM - System Checkpoint
RP1861: 7/2/2011 5:23:27 AM - System Checkpoint
RP1862: 7/3/2011 6:23:27 AM - System Checkpoint
RP1863: 7/4/2011 7:23:27 AM - System Checkpoint
RP1864: 7/5/2011 8:23:26 AM - System Checkpoint
RP1865: 7/6/2011 9:32:24 AM - System Checkpoint
RP1866: 7/7/2011 7:30:16 PM - System Checkpoint
RP1867: 7/8/2011 8:57:52 PM - System Checkpoint
RP1868: 7/9/2011 9:19:17 PM - System Checkpoint
RP1869: 7/10/2011 9:24:14 PM - System Checkpoint
RP1870: 7/11/2011 10:22:20 PM - System Checkpoint
RP1871: 7/13/2011 12:29:19 AM - System Checkpoint
RP1872: 7/13/2011 2:49:14 PM - Restore Operation
RP1873: 7/13/2011 2:59:59 PM - Software Distribution Service 3.0
RP1874: 7/14/2011 5:30:19 PM - System Checkpoint
RP1875: 7/15/2011 9:17:25 PM - System Checkpoint
RP1876: 7/16/2011 10:01:49 PM - System Checkpoint
RP1877: 7/17/2011 10:06:08 PM - System Checkpoint
RP1878: 7/18/2011 11:02:02 PM - System Checkpoint
RP1879: 7/20/2011 12:09:45 AM - System Checkpoint
RP1880: 7/21/2011 2:13:20 AM - System Checkpoint
RP1881: 7/22/2011 3:01:38 AM - System Checkpoint
RP1882: 7/23/2011 4:01:37 AM - System Checkpoint
RP1883: 7/24/2011 5:02:12 AM - System Checkpoint
RP1884: 7/25/2011 6:01:37 AM - System Checkpoint
RP1885: 7/26/2011 6:26:00 AM - System Checkpoint
RP1886: 7/27/2011 7:25:10 AM - System Checkpoint
RP1887: 7/28/2011 8:25:14 AM - System Checkpoint
RP1888: 7/29/2011 11:54:56 AM - Installed Microsoft Fix it 50228
RP1889: 7/30/2011 8:39:59 PM - System Checkpoint
RP1890: 7/31/2011 9:00:24 PM - System Checkpoint
RP1891: 8/1/2011 10:00:32 PM - System Checkpoint
RP1892: 8/2/2011 11:46:37 PM - System Checkpoint
RP1893: 8/4/2011 1:36:25 AM - System Checkpoint
RP1894: 8/5/2011 1:59:17 AM - System Checkpoint
RP1895: 8/6/2011 2:14:55 AM - System Checkpoint
RP1896: 8/7/2011 3:14:54 AM - System Checkpoint
RP1897: 8/8/2011 3:38:53 AM - System Checkpoint
RP1898: 8/9/2011 4:18:21 AM - System Checkpoint
RP1899: 8/10/2011 5:18:20 AM - System Checkpoint
RP1900: 8/11/2011 6:18:20 AM - System Checkpoint
RP1901: 8/12/2011 7:18:20 AM - System Checkpoint
RP1902: 8/13/2011 8:18:25 AM - System Checkpoint
RP1903: 8/14/2011 9:17:22 AM - System Checkpoint
RP1904: 8/15/2011 3:28:55 PM - System Checkpoint
RP1905: 8/17/2011 2:01:11 AM - System Checkpoint
RP1906: 8/18/2011 2:17:06 AM - System Checkpoint
RP1907: 8/19/2011 2:46:40 AM - System Checkpoint
RP1908: 8/20/2011 3:17:10 AM - System Checkpoint
RP1909: 8/21/2011 4:17:12 AM - System Checkpoint
RP1910: 8/22/2011 5:17:09 AM - System Checkpoint
RP1911: 8/23/2011 6:26:20 AM - System Checkpoint
RP1912: 8/24/2011 7:17:08 AM - System Checkpoint
RP1913: 8/25/2011 7:30:39 AM - System Checkpoint
RP1914: 8/26/2011 8:17:10 AM - System Checkpoint
RP1915: 8/27/2011 9:17:13 AM - System Checkpoint
RP1916: 8/28/2011 7:32:41 PM - System Checkpoint
RP1917: 8/29/2011 8:02:45 PM - System Checkpoint
RP1918: 8/31/2011 4:20:59 AM - System Checkpoint
RP1919: 9/1/2011 1:27:43 AM - Software Distribution Service 3.0
RP1920: 9/2/2011 2:52:24 AM - System Checkpoint
RP1921: 9/3/2011 4:49:29 PM - System Checkpoint
RP1922: 9/4/2011 5:58:38 PM - System Checkpoint
RP1923: 9/5/2011 2:19:45 PM - Removed Java(TM) 6 Update 20
RP1924: 9/5/2011 2:22:50 PM - Removed Apple Application Support
RP1925: 9/5/2011 2:24:33 PM - Removed Apple Software Update
RP1926: 9/5/2011 2:26:21 PM - Removed calibre
RP1927: 9/5/2011 2:31:51 PM - Installed Java(TM) 6 Update 27
RP1928: 9/5/2011 3:07:18 PM - Removed Evernote v. 4.3
RP1929: 9/6/2011 6:24:03 PM - System Checkpoint
RP1930: 9/7/2011 7:48:02 PM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 8.3.0
AI RoboForm (All Users)
AIM 7
Amazon MP3 Downloader 1.0.10
Aspell English Dictionary-0.50-2
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
Avira AntiVir Personal - Free Antivirus
BodyMedia FIT Software
Brother MFL-Pro Suite
CCleaner
CCScore
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Cozi • FlyLady Edition
Cozi Outlook Toolbar
CustomerResearchQFolder
Definition update for Microsoft Office 2010 (KB982726)
DFX for Windows Media Player
ESSBrwr
ESSCDBK
ESSini
ESSPCD
ESSPDock
GNU Aspell 0.50-3
Google Calendar Sync
Google Chrome
Google Desktop
Google Update Helper
GTK+ Runtime 2.14.7 rev a (remove only)
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Japanese Fonts Support For Adobe Reader 8
Java(TM) 6 Update 27
KhalInstallWrapper
LawWords 1.1 for MS Word(tm)
Logitech Harmony Remote Software 7
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2003 Primary Interop Assemblies
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Personal Folders Backup
Microsoft Reader
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 14
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Works 6-9 Converter
Move Media Player
Mozilla Firefox (3.5.19)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB954459)
Musicnotes Software Suite 1.5.3
muTater
MyFax® Print-to-Fax Assistant
NCH Toolbox
Nitro PDF Reader
NOOK for PC
OGA Notifier 2.0.0048.0
Online Backup
Opera 10.63
OverDrive Media Console
PayPal Plug-In
PdaNet for Android 2.41
PrestoNotes
Quicken 2011
QuickTime
Remote Control USB Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SHASTA
Shipping Assistant 3.4
Smart Defrag
Smilebox
Sony Player Plug-in for Windows Media Player
SoundMAX
Spelling Dictionaries Support For Adobe Reader 8
Spybot - Search & Destroy
staticcr
SUPERAntiSpyware
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual Studio 2005 Tools for Office Second Edition Runtime
WebFldrs XP
WebIQ Technology Engine
WebReg
Windows 7 Upgrade Advisor
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Search 4.0
Windows XP Service Pack 3
WinRAR archiver
WIRELESS
XML Paper Specification Shared Components Pack 1.0
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
9/8/2011 12:45:26 AM, error: Dhcp [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 0014222D5395 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
9/7/2011 11:57:54 PM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
9/4/2011 5:07:59 PM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
9/1/2011 1:20:15 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
.
==== End Of File ===========================