Hi there guys,
I don't usually use my family PC, but recently I have had to and I've noticed a couple of problems with it:
1) Google redirects to random sites when clicking links, not all the time but it happens a fair amount. Usually shopping websites and porn :haha:
2) The command prompt does not work properly. Typing 'cmd' into Run gives "cmd is not a valid Win32 application". Typing 'command' gives the black command box (with capital text instead of lower case) but with the pathway "C:\WINDOWS\system32\command.com" which I thought was pretty strange.
Typing 'cmd.exe' into Run works fine, but using some commands such as 'ping' gives "C:\WINDOWS\system32\ping.com is not a valid Win32 application".
I discovered this while trying to resolve DNS lookup failures, which brings me to #3:
3) Sometimes certain websites will become inaccessible due to DNS lookup failures e.g. Google will work perfectly fine while hotmail.com and various tech support forums won't load. This is usually resolved by resetting my router but keeps popping back, and I'm not sure whether or not this could be the result of having malware on the system.
Anyway I've been through the 5 preliminary steps and here are the logs as requested (AVG found nothing)...
Malwarebytes
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7490
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11
17/08/2011 22:46:25
mbam-log-2011-08-17 (22-46-25).txt
Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 322585
Time elapsed: 3 hour(s), 31 minute(s), 30 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 30
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 9
Files Infected: 12
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{F244A744-534D-4A46-855F-C0C7E9F27DAA} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3E2DFD6A-4E20-4D4C-AA8B-E1F9DBEF3C80} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButton.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButton (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{714E0876-FCEE-49CE-A429-B9AD8AEFCB56} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{DD15BCC0-5FE9-4690-A957-99FA60ED9D26} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbAx.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbAx (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D44FD6F0-9746-484E-B5C4-C66688393872} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419D-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419d-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419d-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
c:\documents and settings\Kazz\application data\shoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\db (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\dwld (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\report (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\res1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin\2.7.37 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
Files Infected:
c:\program files\shoppingreport2\Bin\2.7.37\shoppingreport.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\local settings\Temp\_te2CF.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\my documents\downloads\MPLSetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\my documents\downloads\wirelesskeyview\wirelesskeyview.exe (PUP.WirelessKeyView) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\Config.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\db\Aliases.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\db\Sites.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\dwld\whitelist.xip (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\report\aggr_storage.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\report\send_storage.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\res1\whitelist.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Uninst.exe (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
GMER
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-08-18 16:20:51
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 Hitachi_HDS721616PLA380 rev.P22OA92A
Running: 1x9s10qp.exe; Driver: C:\DOCUME~1\Kazz\LOCALS~1\Temp\kxdyapod.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xED0E7738]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xED0E77DC]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xED0E7878]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xED0E7914]
---- Kernel code sections - GMER 1.0.15 ----
? rxuu.sys The system cannot find the file specified. !
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!LoadResource 7C80A055 7 Bytes JMP 2806D940 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!FindResourceExW 7C80AD28 7 Bytes JMP 2806D7A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!FindResourceW 7C80BC6E 7 Bytes JMP 2806D720 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!SizeofResource 7C80BD09 7 Bytes JMP 2806D9F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!FindResourceA 7C80BF29 7 Bytes JMP 2806D820 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!LockResource 7C80CD37 5 Bytes JMP 2806DA60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!CreateEventA 7C8308B5 5 Bytes JMP 2806D380 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!FindResourceExA 7C835FA8 7 Bytes JMP 2806D8B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] ADVAPI32.dll!CryptDeriveKey 77DE9FFD 7 Bytes JMP 2806CE90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 2806CEF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!GetWindowLongW 7E4188A6 7 Bytes JMP 28071930 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!PeekMessageW 7E41929B 5 Bytes JMP 2806F930 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!SetWindowPlacement 7E41DE46 5 Bytes JMP 28070EA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!CreateDialogParamW 7E41EA3B 5 Bytes JMP 28070FF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!LoadImageW 7E427B97 5 Bytes JMP 28071680 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 2806EEC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!SetWindowRgn 7E42E528 7 Bytes JMP 28070F40 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!LoadIconW 7E42E8BC 5 Bytes JMP 28071800 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 28071220 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!TrackPopupMenuEx 7E46CF62 5 Bytes JMP 2806FFB0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] SHELL32.dll!Shell_NotifyIconW 7CA2A537 5 Bytes JMP 2806E630 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 2806E040 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] ole32.dll!CoInitializeEx 77501473 5 Bytes JMP 2806DCC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] ole32.dll!CoRegisterClassObject 775179C0 5 Bytes JMP 2806DDC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] WININET.dll!InternetCloseHandle 3D944261 5 Bytes JMP 28074490 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] WININET.dll!HttpOpenRequestA 3D94AA5B 5 Bytes JMP 280741F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] WININET.dll!InternetReadFile 3D9513D4 5 Bytes JMP 28074350 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] WININET.dll!HttpSendRequestA 3D953558 5 Bytes JMP 280743F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \FileSystem\Fastfat \Fat B6745D20
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet@5 43259
---- Files - GMER 1.0.15 ----
File C:\System Volume Information\catalog.wci\00010007.dir 0 bytes
---- EOF - GMER 1.0.15 ----
DDS 'attach'
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 03/01/2007 18:44:49
System Uptime: 18/08/2011 16:23:51 (1 hours ago)
.
Motherboard: Dell Inc | | 0HY175
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket M2 | 2204/1000mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 107 GiB total, 22.592 GiB free.
D: is FIXED (NTFS) - 37 GiB total, 37.166 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: RangeMax Wireless-N USB Adapter WN111v2
Device ID: USB\VID_0846&PID_9001\12345
Manufacturer: NETGEAR Inc
Name: RangeMax Wireless-N USB Adapter WN111v2
PNP Device ID: USB\VID_0846&PID_9001\12345
Service: WN111v2
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 3600 slide
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 3600 slide
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP73: 20/05/2011 16:43:28 - Software Distribution Service 3.0
RP74: 21/05/2011 10:56:19 - Software Distribution Service 3.0
RP75: 30/05/2011 15:11:55 - Software Distribution Service 3.0
RP76: 30/05/2011 16:06:59 - Installed Sony Image Data Suite
RP77: 01/06/2011 21:22:48 - Software Distribution Service 3.0
RP78: 08/06/2011 21:12:50 - Software Distribution Service 3.0
RP79: 10/06/2011 23:23:35 - Software Distribution Service 3.0
RP80: 14/06/2011 17:57:05 - Software Distribution Service 3.0
RP81: 16/06/2011 16:37:11 - System Checkpoint
RP82: 18/06/2011 19:09:47 - Software Distribution Service 3.0
RP83: 19/06/2011 03:00:54 - Software Distribution Service 3.0
RP84: 19/06/2011 18:09:08 - Software Distribution Service 3.0
RP85: 20/06/2011 12:43:00 - Software Distribution Service 3.0
RP86: 20/06/2011 14:47:31 - Software Distribution Service 3.0
RP87: 20/06/2011 18:27:05 - Software Distribution Service 3.0
RP88: 22/06/2011 18:25:51 - Software Distribution Service 3.0
RP89: 24/06/2011 16:15:56 - Software Distribution Service 3.0
RP90: 25/06/2011 17:28:26 - Software Distribution Service 3.0
RP91: 26/06/2011 12:02:02 - Software Distribution Service 3.0
RP92: 26/06/2011 14:06:58 - Software Distribution Service 3.0
RP93: 27/06/2011 12:31:12 - Software Distribution Service 3.0
RP94: 27/06/2011 13:21:00 - Software Distribution Service 3.0
RP95: 27/06/2011 16:53:39 - Software Distribution Service 3.0
RP96: 02/07/2011 09:57:54 - System Checkpoint
RP97: 03/07/2011 03:01:42 - Software Distribution Service 3.0
RP98: 06/07/2011 12:13:13 - Software Distribution Service 3.0
RP99: 07/07/2011 23:10:05 - Software Distribution Service 3.0
RP100: 10/07/2011 12:23:21 - Software Distribution Service 3.0
RP101: 16/07/2011 19:56:13 - Software Distribution Service 3.0
RP102: 17/07/2011 03:01:52 - Software Distribution Service 3.0
RP103: 17/07/2011 17:35:21 - Software Distribution Service 3.0
RP104: 20/07/2011 13:20:30 - System Checkpoint
RP105: 20/07/2011 15:03:38 - Software Distribution Service 3.0
RP106: 20/07/2011 15:21:48 - Software Distribution Service 3.0
RP107: 20/07/2011 18:27:24 - Software Distribution Service 3.0
RP108: 23/07/2011 10:36:03 - Software Distribution Service 3.0
RP109: 27/07/2011 00:43:53 - Software Distribution Service 3.0
RP110: 27/07/2011 03:01:03 - Software Distribution Service 3.0
RP111: 27/07/2011 04:26:45 - Software Distribution Service 3.0
RP112: 27/07/2011 19:51:07 - Software Distribution Service 3.0
RP113: 29/07/2011 02:51:54 - Software Distribution Service 3.0
RP114: 30/07/2011 03:00:59 - Software Distribution Service 3.0
RP115: 30/07/2011 03:53:05 - Software Distribution Service 3.0
RP116: 31/07/2011 03:00:55 - Software Distribution Service 3.0
RP117: 01/08/2011 03:01:01 - Software Distribution Service 3.0
RP118: 01/08/2011 03:56:46 - Software Distribution Service 3.0
RP119: 02/08/2011 03:01:09 - Software Distribution Service 3.0
RP120: 02/08/2011 03:51:57 - Software Distribution Service 3.0
RP121: 03/08/2011 03:00:55 - Software Distribution Service 3.0
RP122: 03/08/2011 04:07:02 - Software Distribution Service 3.0
RP123: 04/08/2011 03:00:56 - Software Distribution Service 3.0
RP124: 04/08/2011 12:24:41 - Software Distribution Service 3.0
RP125: 07/08/2011 03:01:56 - Software Distribution Service 3.0
RP126: 07/08/2011 04:21:20 - Software Distribution Service 3.0
RP127: 08/08/2011 20:45:09 - System Checkpoint
RP128: 08/08/2011 23:15:17 - Software Distribution Service 3.0
RP129: 09/08/2011 15:17:04 - Software Distribution Service 3.0
RP130: 10/08/2011 18:07:43 - System Checkpoint
RP131: 11/08/2011 03:01:37 - Software Distribution Service 3.0
RP132: 14/08/2011 13:57:46 - Software Distribution Service 3.0
RP133: 14/08/2011 22:59:49 - Software Distribution Service 3.0
RP134: 15/08/2011 23:06:35 - System Checkpoint
RP135: 16/08/2011 11:09:41 - Software Distribution Service 3.0
RP136: 16/08/2011 12:47:02 - Software Distribution Service 3.0
RP137: 17/08/2011 13:47:25 - System Checkpoint
RP138: 17/08/2011 19:22:57 - Removed Kaspersky Internet Security 2009.
RP139: 17/08/2011 19:50:12 - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP140: 17/08/2011 19:50:33 - Installed AVG 2011
RP141: 17/08/2011 19:52:29 - Installed AVG 2011
RP142: 18/08/2011 10:26:50 - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
4oD
Acrobat.com
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge 1.0
Adobe Bridge CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop CS3
Adobe Reader 9.4.5
Adobe Setup
Adobe Shockwave Player 11
ATI Display Driver
AVG 2011
Bonjour
CDDRV_Installer
Chinese Traditional Fonts Support For Adobe Reader 9
Compact Wireless-G USB Adapter
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Dell CinePlayer
Dell Network Assistant
Dell Support 3.2.1
Dell System Restore
Disc2Phone
Dungeon Keeper 2
e+ 48U
Empire Earth II
Eye 312
Garmin City Navigator Europe NT 2011.10
Garmin USB Drivers
Garmin WebUpdater
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) 6 Update 7
Junk Mail filter update
KhalInstallWrapper
Logitech Registration
Logitech SetPoint
Malwarebytes' Anti-Malware version 1.51.1.1800
MCU
Media Center Extender
Messenger Plus! Live
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveX Control Pad
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Standard Edition 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
mplayer.com
MSN
MSVC80_x86
MSVC80_x86_v2
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OpenOffice.org Installer 1.0
Paint.NET v3.5.6
PC Connectivity Solution
QuickTime
RangeMax Wireless-N USB Adapter WN111v2
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Shockwave
Skype™ 4.2
SnowChristmasTree 1.6
Sonic Activation Module
Sonic Encoders
SonicStage 4.3
Sony Ericsson PC Suite
Sony Image Data Suite
Sony Picture Utility
Spotify
Tiscali Internet
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Usb Button
VLC media player 1.1.8
WavePad Sound Editor
WebFldrs XP
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows XP Media Center Edition 2005 KB905589
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Wireless WEP Key Password Spy
WN111v2
Yahoo! Messenger
ZyDAS IEEE 802.11 b+g Wireless LAN - USB
.
==== Event Viewer Messages From Past Week ========
.
18/08/2011 10:46:54, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
18/08/2011 10:46:19, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
17/08/2011 22:57:38, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: UsbSync
14/08/2011 13:54:52, error: Service Control Manager [7023] - The Google Software Updater service terminated with the following error: %%2147942402
11/08/2011 10:24:43, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
.
==== End Of File ===========================
And that's about it...I'm a new member here btw so please tell me if I've done anything wrong. I know you guys do this during your spare time, so any help would be greatly appreciated!
Thanks for your time!
Edit: the I've exceeded the character limit so I'll include the last DDS log data in my next post.
I don't usually use my family PC, but recently I have had to and I've noticed a couple of problems with it:
1) Google redirects to random sites when clicking links, not all the time but it happens a fair amount. Usually shopping websites and porn :haha:
2) The command prompt does not work properly. Typing 'cmd' into Run gives "cmd is not a valid Win32 application". Typing 'command' gives the black command box (with capital text instead of lower case) but with the pathway "C:\WINDOWS\system32\command.com" which I thought was pretty strange.
Typing 'cmd.exe' into Run works fine, but using some commands such as 'ping' gives "C:\WINDOWS\system32\ping.com is not a valid Win32 application".
I discovered this while trying to resolve DNS lookup failures, which brings me to #3:
3) Sometimes certain websites will become inaccessible due to DNS lookup failures e.g. Google will work perfectly fine while hotmail.com and various tech support forums won't load. This is usually resolved by resetting my router but keeps popping back, and I'm not sure whether or not this could be the result of having malware on the system.
Anyway I've been through the 5 preliminary steps and here are the logs as requested (AVG found nothing)...
Malwarebytes
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7490
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11
17/08/2011 22:46:25
mbam-log-2011-08-17 (22-46-25).txt
Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 322585
Time elapsed: 3 hour(s), 31 minute(s), 30 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 30
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 9
Files Infected: 12
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{F244A744-534D-4A46-855F-C0C7E9F27DAA} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3E2DFD6A-4E20-4D4C-AA8B-E1F9DBEF3C80} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButton.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButton (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{714E0876-FCEE-49CE-A429-B9AD8AEFCB56} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{DD15BCC0-5FE9-4690-A957-99FA60ED9D26} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbAx.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbAx (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D44FD6F0-9746-484E-B5C4-C66688393872} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419D-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419d-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419d-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
c:\documents and settings\Kazz\application data\shoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\db (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\dwld (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\report (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\res1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin\2.7.37 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
Files Infected:
c:\program files\shoppingreport2\Bin\2.7.37\shoppingreport.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\local settings\Temp\_te2CF.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\my documents\downloads\MPLSetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\my documents\downloads\wirelesskeyview\wirelesskeyview.exe (PUP.WirelessKeyView) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\Config.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\db\Aliases.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\db\Sites.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\dwld\whitelist.xip (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\report\aggr_storage.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\report\send_storage.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\documents and settings\Kazz\application data\shoppingreport2\cs\res1\whitelist.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Uninst.exe (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
GMER
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-08-18 16:20:51
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 Hitachi_HDS721616PLA380 rev.P22OA92A
Running: 1x9s10qp.exe; Driver: C:\DOCUME~1\Kazz\LOCALS~1\Temp\kxdyapod.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xED0E7738]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xED0E77DC]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xED0E7878]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xED0E7914]
---- Kernel code sections - GMER 1.0.15 ----
? rxuu.sys The system cannot find the file specified. !
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!LoadResource 7C80A055 7 Bytes JMP 2806D940 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!FindResourceExW 7C80AD28 7 Bytes JMP 2806D7A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!FindResourceW 7C80BC6E 7 Bytes JMP 2806D720 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!SizeofResource 7C80BD09 7 Bytes JMP 2806D9F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!FindResourceA 7C80BF29 7 Bytes JMP 2806D820 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!LockResource 7C80CD37 5 Bytes JMP 2806DA60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!CreateEventA 7C8308B5 5 Bytes JMP 2806D380 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] kernel32.dll!FindResourceExA 7C835FA8 7 Bytes JMP 2806D8B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] ADVAPI32.dll!CryptDeriveKey 77DE9FFD 7 Bytes JMP 2806CE90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] ADVAPI32.dll!CryptDecrypt 77DEA129 7 Bytes JMP 2806CEF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!GetWindowLongW 7E4188A6 7 Bytes JMP 28071930 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!PeekMessageW 7E41929B 5 Bytes JMP 2806F930 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!SetWindowPlacement 7E41DE46 5 Bytes JMP 28070EA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!CreateDialogParamW 7E41EA3B 5 Bytes JMP 28070FF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!LoadImageW 7E427B97 5 Bytes JMP 28071680 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 2806EEC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!SetWindowRgn 7E42E528 7 Bytes JMP 28070F40 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!LoadIconW 7E42E8BC 5 Bytes JMP 28071800 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 28071220 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] USER32.dll!TrackPopupMenuEx 7E46CF62 5 Bytes JMP 2806FFB0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] SHELL32.dll!Shell_NotifyIconW 7CA2A537 5 Bytes JMP 2806E630 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 2806E040 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] ole32.dll!CoInitializeEx 77501473 5 Bytes JMP 2806DCC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] ole32.dll!CoRegisterClassObject 775179C0 5 Bytes JMP 2806DDC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] WININET.dll!InternetCloseHandle 3D944261 5 Bytes JMP 28074490 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] WININET.dll!HttpOpenRequestA 3D94AA5B 5 Bytes JMP 280741F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] WININET.dll!InternetReadFile 3D9513D4 5 Bytes JMP 28074350 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3572] WININET.dll!HttpSendRequestA 3D953558 5 Bytes JMP 280743F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \FileSystem\Fastfat \Fat B6745D20
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet@5 43259
---- Files - GMER 1.0.15 ----
File C:\System Volume Information\catalog.wci\00010007.dir 0 bytes
---- EOF - GMER 1.0.15 ----
DDS 'attach'
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 03/01/2007 18:44:49
System Uptime: 18/08/2011 16:23:51 (1 hours ago)
.
Motherboard: Dell Inc | | 0HY175
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket M2 | 2204/1000mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 107 GiB total, 22.592 GiB free.
D: is FIXED (NTFS) - 37 GiB total, 37.166 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: RangeMax Wireless-N USB Adapter WN111v2
Device ID: USB\VID_0846&PID_9001\12345
Manufacturer: NETGEAR Inc
Name: RangeMax Wireless-N USB Adapter WN111v2
PNP Device ID: USB\VID_0846&PID_9001\12345
Service: WN111v2
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 3600 slide
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 3600 slide
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP73: 20/05/2011 16:43:28 - Software Distribution Service 3.0
RP74: 21/05/2011 10:56:19 - Software Distribution Service 3.0
RP75: 30/05/2011 15:11:55 - Software Distribution Service 3.0
RP76: 30/05/2011 16:06:59 - Installed Sony Image Data Suite
RP77: 01/06/2011 21:22:48 - Software Distribution Service 3.0
RP78: 08/06/2011 21:12:50 - Software Distribution Service 3.0
RP79: 10/06/2011 23:23:35 - Software Distribution Service 3.0
RP80: 14/06/2011 17:57:05 - Software Distribution Service 3.0
RP81: 16/06/2011 16:37:11 - System Checkpoint
RP82: 18/06/2011 19:09:47 - Software Distribution Service 3.0
RP83: 19/06/2011 03:00:54 - Software Distribution Service 3.0
RP84: 19/06/2011 18:09:08 - Software Distribution Service 3.0
RP85: 20/06/2011 12:43:00 - Software Distribution Service 3.0
RP86: 20/06/2011 14:47:31 - Software Distribution Service 3.0
RP87: 20/06/2011 18:27:05 - Software Distribution Service 3.0
RP88: 22/06/2011 18:25:51 - Software Distribution Service 3.0
RP89: 24/06/2011 16:15:56 - Software Distribution Service 3.0
RP90: 25/06/2011 17:28:26 - Software Distribution Service 3.0
RP91: 26/06/2011 12:02:02 - Software Distribution Service 3.0
RP92: 26/06/2011 14:06:58 - Software Distribution Service 3.0
RP93: 27/06/2011 12:31:12 - Software Distribution Service 3.0
RP94: 27/06/2011 13:21:00 - Software Distribution Service 3.0
RP95: 27/06/2011 16:53:39 - Software Distribution Service 3.0
RP96: 02/07/2011 09:57:54 - System Checkpoint
RP97: 03/07/2011 03:01:42 - Software Distribution Service 3.0
RP98: 06/07/2011 12:13:13 - Software Distribution Service 3.0
RP99: 07/07/2011 23:10:05 - Software Distribution Service 3.0
RP100: 10/07/2011 12:23:21 - Software Distribution Service 3.0
RP101: 16/07/2011 19:56:13 - Software Distribution Service 3.0
RP102: 17/07/2011 03:01:52 - Software Distribution Service 3.0
RP103: 17/07/2011 17:35:21 - Software Distribution Service 3.0
RP104: 20/07/2011 13:20:30 - System Checkpoint
RP105: 20/07/2011 15:03:38 - Software Distribution Service 3.0
RP106: 20/07/2011 15:21:48 - Software Distribution Service 3.0
RP107: 20/07/2011 18:27:24 - Software Distribution Service 3.0
RP108: 23/07/2011 10:36:03 - Software Distribution Service 3.0
RP109: 27/07/2011 00:43:53 - Software Distribution Service 3.0
RP110: 27/07/2011 03:01:03 - Software Distribution Service 3.0
RP111: 27/07/2011 04:26:45 - Software Distribution Service 3.0
RP112: 27/07/2011 19:51:07 - Software Distribution Service 3.0
RP113: 29/07/2011 02:51:54 - Software Distribution Service 3.0
RP114: 30/07/2011 03:00:59 - Software Distribution Service 3.0
RP115: 30/07/2011 03:53:05 - Software Distribution Service 3.0
RP116: 31/07/2011 03:00:55 - Software Distribution Service 3.0
RP117: 01/08/2011 03:01:01 - Software Distribution Service 3.0
RP118: 01/08/2011 03:56:46 - Software Distribution Service 3.0
RP119: 02/08/2011 03:01:09 - Software Distribution Service 3.0
RP120: 02/08/2011 03:51:57 - Software Distribution Service 3.0
RP121: 03/08/2011 03:00:55 - Software Distribution Service 3.0
RP122: 03/08/2011 04:07:02 - Software Distribution Service 3.0
RP123: 04/08/2011 03:00:56 - Software Distribution Service 3.0
RP124: 04/08/2011 12:24:41 - Software Distribution Service 3.0
RP125: 07/08/2011 03:01:56 - Software Distribution Service 3.0
RP126: 07/08/2011 04:21:20 - Software Distribution Service 3.0
RP127: 08/08/2011 20:45:09 - System Checkpoint
RP128: 08/08/2011 23:15:17 - Software Distribution Service 3.0
RP129: 09/08/2011 15:17:04 - Software Distribution Service 3.0
RP130: 10/08/2011 18:07:43 - System Checkpoint
RP131: 11/08/2011 03:01:37 - Software Distribution Service 3.0
RP132: 14/08/2011 13:57:46 - Software Distribution Service 3.0
RP133: 14/08/2011 22:59:49 - Software Distribution Service 3.0
RP134: 15/08/2011 23:06:35 - System Checkpoint
RP135: 16/08/2011 11:09:41 - Software Distribution Service 3.0
RP136: 16/08/2011 12:47:02 - Software Distribution Service 3.0
RP137: 17/08/2011 13:47:25 - System Checkpoint
RP138: 17/08/2011 19:22:57 - Removed Kaspersky Internet Security 2009.
RP139: 17/08/2011 19:50:12 - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP140: 17/08/2011 19:50:33 - Installed AVG 2011
RP141: 17/08/2011 19:52:29 - Installed AVG 2011
RP142: 18/08/2011 10:26:50 - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
4oD
Acrobat.com
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge 1.0
Adobe Bridge CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop CS3
Adobe Reader 9.4.5
Adobe Setup
Adobe Shockwave Player 11
ATI Display Driver
AVG 2011
Bonjour
CDDRV_Installer
Chinese Traditional Fonts Support For Adobe Reader 9
Compact Wireless-G USB Adapter
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Dell CinePlayer
Dell Network Assistant
Dell Support 3.2.1
Dell System Restore
Disc2Phone
Dungeon Keeper 2
e+ 48U
Empire Earth II
Eye 312
Garmin City Navigator Europe NT 2011.10
Garmin USB Drivers
Garmin WebUpdater
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) 6 Update 7
Junk Mail filter update
KhalInstallWrapper
Logitech Registration
Logitech SetPoint
Malwarebytes' Anti-Malware version 1.51.1.1800
MCU
Media Center Extender
Messenger Plus! Live
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveX Control Pad
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Standard Edition 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
mplayer.com
MSN
MSVC80_x86
MSVC80_x86_v2
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OpenOffice.org Installer 1.0
Paint.NET v3.5.6
PC Connectivity Solution
QuickTime
RangeMax Wireless-N USB Adapter WN111v2
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Shockwave
Skype™ 4.2
SnowChristmasTree 1.6
Sonic Activation Module
Sonic Encoders
SonicStage 4.3
Sony Ericsson PC Suite
Sony Image Data Suite
Sony Picture Utility
Spotify
Tiscali Internet
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Usb Button
VLC media player 1.1.8
WavePad Sound Editor
WebFldrs XP
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows XP Media Center Edition 2005 KB905589
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Wireless WEP Key Password Spy
WN111v2
Yahoo! Messenger
ZyDAS IEEE 802.11 b+g Wireless LAN - USB
.
==== Event Viewer Messages From Past Week ========
.
18/08/2011 10:46:54, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
18/08/2011 10:46:19, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
17/08/2011 22:57:38, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: UsbSync
14/08/2011 13:54:52, error: Service Control Manager [7023] - The Google Software Updater service terminated with the following error: %%2147942402
11/08/2011 10:24:43, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
.
==== End Of File ===========================
And that's about it...I'm a new member here btw so please tell me if I've done anything wrong. I know you guys do this during your spare time, so any help would be greatly appreciated!
Thanks for your time!
Edit: the I've exceeded the character limit so I'll include the last DDS log data in my next post.