I'm dealing with a family win xp laptop computer that hadn't been turned on in awhile but apparently was mistreated security wise. My father was using a subscription of spynomore but that is expired and running in demo mode. It has mcafee enterprise but it didn't find any updates but considering its been no use for at least the past 6 months(no power brick for awhile) it should've had updates. So I installed MSE and updated it and have kept mcafee on-access scanner turned off during this process.
The initial symptoms were running slow, windows explorer crashed anytime I tried to access a folder/directory(my computer, control panel, etc), and internet explorer 8 would crash as well. I downloaded install files on usb and placed them on the desktop in safe mode as that was the only way I could get them on this computer(I installed and ran them in normal mode just fine). Luckily after Malwarebytes Anti-Malware, I have the ability to access directories again and to use internet explorer but even still I put the logs on usb and brought them to my desktop to make the post. This computer has a lot of crap on here, it even still has limewire... yeah I'm deeply concerned about my father's intelligence for him having used limewire. Wonder where the malware came from. Anyway, I'd love for someone to look over the logs for other potential problems before I proceed to make changes and uninstall some of the crap ware and redundant security programs. Also I haven't run updates but I think it might have done so automatically last night because I left the anti-virus scanning go during the night and I came back to a restarted computer. I redid the virus scan.
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.14.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Daniel Smith :: DBSMITH [administrator]
8/14/2012 12:25:21 PM
mbam-log-2012-08-14 (12-25-21).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 279152
Time elapsed: 30 minute(s), 47 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 16
HKCR\AppID\{8D71EEB8-A1A7-4733-8FA2-1CAC015C967D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKCR\CLSID\{8BBE6A70-EF84-47FA-B5DE-EDD0DF18461F} (Trojan.Banker) -> Quarantined and deleted successfully.
HKCR\linkrd.AIEbho.1 (Trojan.Banker) -> Quarantined and deleted successfully.
HKCR\linkrd.AIEbho (Trojan.Banker) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8BBE6A70-EF84-47FA-B5DE-EDD0DF18461F} (Trojan.Banker) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BBE6A70-EF84-47FA-B5DE-EDD0DF18461F} (Trojan.Banker) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdssiteSearchAssistant (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\AppID\Sidebar.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\MediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\prh (Trojan.Banker) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\tst (Trojan.Banker) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Custom Tools (Trojan.Zlob) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Safety Features (Trojan.Zlob) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center (Trojan.Zlob) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 5
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q={searchTerms}) Good: (http://www.Google.com/) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w| (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q=%s) Good: (http://www.Google.com/) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q={searchTerms}) Good: (http://www.Google.com/) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w| (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q=%s) Good: (http://www.Google.com/) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\appConf32.exe,) Good: (userinit.exe) -> Quarantined and repaired successfully.
Folders Detected: 2
C:\WINDOWS\system32\912525 (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm (Stolen.Data) -> Quarantined and deleted successfully.
Files Detected: 16
C:\WINDOWS\system32\WhoisCL.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\AcroIEHelpe.dll (Trojan.Banker) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\AcroIEHelpe.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Daniel Smith\Favorites\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\adssite_sidebar_uninstall.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.13.115258_daniel_smith@quantserve[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122239_daniel_smith@a1.interclick[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122239_daniel_smith@abmr[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122239_daniel_smith@burstnet[2].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122239_daniel_smith@interclick[2].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@quantserve[2].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@scorecardresearch[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@sharethis[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@turn[2].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@wd.sharethis[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@www.burstnet[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-08-14 13:09:01
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK1234GSX rev.AH001A
Running: ocinprei.exe; Driver: C:\DOCUME~1\DANIEL~1\LOCALS~1\Temp\pwldapob.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs naiavf5x.sys (Anti-Virus File System Filter Driver/McAfee Inc.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat naiavf5x.sys (Anti-Virus File System Filter Driver/McAfee Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Daniel Smith at 13:09:58 on 2012-08-14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1241 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Rockwell Software\RSCommon\RSOBSERV.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\PROGRA~1\ROCKWE~1\RSLinx\RSLINX.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\ScsiAccess.EXE
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Smith Micro\StuffIt 2010\ArcNameService.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Rockwell Automation\Rockwell Automation USB CIP Driver Package\UsbCipHelper\UsbCipHelper.exe
C:\WINDOWS\vphc700.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchMigratedDefaultURL = hxxp://www.Google.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
mSearchMigratedDefaultURL = hxxp://www.Google.com/
uInternet Settings,ProxyOverride = localhost
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: P2P Max Toolbar: {72ae8426-3b8d-4ead-b191-8d0ad1c62158} - c:\program files\p2p_max\tbP2P_.dll
mWinlogon: Userinit=userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: PriceGongBHO Class: {1631550f-191d-4826-b069-d9439253d926} - c:\program files\pricegong\2.1.0\PriceGongIE.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Max EN Toolbar: {867dd841-5bf7-44ca-8426-c5a6eda00735} - c:\program files\max_en\prxtbMax0.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar3.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Browser protection: {fb9ffb4b-9680-4256-8178-5ecdb2c19b23} - c:\progra~1\spynom~1\SNMIEG~1.DLL
TB: Max EN Toolbar: {867dd841-5bf7-44ca-8426-c5a6eda00735} - c:\program files\max_en\prxtbMax0.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dll
TB: {F2BADA0D-FD61-45EF-A994-64A073FD6613} - No File
TB: P2P Max Toolbar: {72ae8426-3b8d-4ead-b191-8d0ad1c62158} - c:\program files\p2p_max\tbP2P_.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [PxDotNetLoader] "c:\program files\fidelity investments\fidelity active trader\system\ATPStartupAssistant.exe"
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [TPSMain] TPSMain.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [TFncKy] TFncKy.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SNM] c:\program files\spynomore\SNM.exe /startup
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [SkyTel] SkyTel.EXE
mRun: [ShStatEXE] "c:\program files\network associates\virusscan\SHSTAT.EXE" /STANDALONE
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [Network Associates Error Reporting Service] "c:\program files\common files\network associates\talkback\tbmon.exe"
mRun: [NDSTray.exe] NDSTray.exe
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UpdaterUI.exe" /StartedFromRunKey
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [DDWMon] c:\program files\toshiba\toshiba direct disc writer\\ddwmon.exe
mRun: [CFSServ.exe] CFSServ.exe -NoClient
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [UsbCipHelper] c:\program files\rockwell automation\rockwell automation usb cip driver package\usbciphelper\UsbCipHelper.exe
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [phc700] c:\windows\vphc700.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [<NO NAME>]
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\docume~1\daniel~1\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
StartupFolder: c:\docume~1\daniel~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office11\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\program\backWeb-7288971.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\traymi~1.lnk - c:\program files\philips\spc 700nc pc camera\TrayMin700.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {4FF0ADF7-4C00-4A2F-A00A-8F0EFD85D80E} - hxxps://imail.tema.toyota.com/images/whlcache.cab?egap=internal
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162687796125
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://imail.tema.toyota.com/dwa7W.cab
Handler: x-atng - {7e8717b0-d862-11d5-8c9e-00010304f989} - c:\program files\fidelity investments\fidelity active trader\system\atngprot.dll
Notify: igfxcui - igfxdev.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
Notify: psfus - psqlpwd.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
LSA: Notification Packages = scecli psqlpwd
.
============= SERVICES / DRIVERS ===============
.
P2 McShield;Network Associates McShield;c:\program files\network associates\virusscan\mcshield.exe [2006-2-14 221191]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [2006-11-4 58464]
R2 FdRedir;FdRedir;c:\program files\common files\protector suite ql\drivers\FdRedir.sys [2006-5-5 13568]
R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\common files\protector suite ql\drivers\filedisk.sys [2006-5-5 33024]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2006-11-4 98304]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 McTaskManager;Network Associates Task Manager;c:\program files\network associates\virusscan\vstskmgr.exe [2006-6-8 29184]
R2 MioNet;MioNet Service;c:\program files\mionet\MioNetManager.exe [2005-7-15 139264]
R2 smihlp;SMI helper driver;c:\program files\protector suite ql\smihlp.sys [2006-5-5 3456]
R2 tdudf;TOSHIBA UDF File System Driver;c:\windows\system32\drivers\tdudf.sys [2006-6-28 98816]
R3 NaiAvFilter1;NaiAvFilter1;c:\windows\system32\drivers\naiavf5x.sys [2006-11-4 116864]
S1 VirtualBackplane;A-B Virtual Backplane;c:\windows\system32\drivers\virtualbackplane.sys --> c:\windows\system32\drivers\VirtualBackplane.sys [?]
S3 ABKTCX;Rockwell Automation 1784-KTC(X) Driver;c:\windows\system32\drivers\abktcx.sys [2000-5-31 71448]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\google\google desktop search\GoogleDesktop.exe [2006-8-11 30192]
S3 IO_Memory;IO_Memory;\??\c:\sysprep\drivers\ioport.sys --> c:\sysprep\drivers\ioport.sys [?]
S3 phc700;USB PC Camera (phc700);c:\windows\system32\drivers\phc700.sys [2008-1-3 541568]
S3 RS_SS_NT;RSLinx Classic S-S SD/SD2 Device Driver;c:\windows\system32\RS_SS_NT.SYS [1999-11-10 142592]
S3 RsiKtControl;RsiKtControl;c:\windows\system32\RSIKT.SYS [2006-1-18 39067]
S3 RSSERIAL;RSLinx Classic Serial Driver;c:\windows\system32\rsserial.sys [1999-5-11 155440]
S3 SVRPEDRV;SVRPEDRV;\??\c:\sysprep\pedrv.sys --> c:\sysprep\PEDrv.sys [?]
.
=============== Created Last 30 ================
.
2012-08-14 18:09:33 6891424 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f960e024-5cd0-4722-b6d9-5c26b0948133}\mpengine.dll
2012-08-14 17:24:24 -------- d-----w- c:\documents and settings\daniel smith\application data\Malwarebytes
2012-08-14 17:23:35 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-08-14 17:23:33 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-14 17:23:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-14 10:41:53 -------- d-sh--w- c:\documents and settings\daniel smith\IETldCache
2012-08-14 09:21:30 -------- dc-h--w- c:\windows\ie8
2012-08-13 23:04:39 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2012-08-13 22:59:51 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2012-08-13 22:59:48 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-08-13 22:59:48 3072 ------w- c:\windows\system32\iacenc.dll
2012-08-13 22:27:13 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-08-13 22:14:59 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-13 22:14:04 -------- d-----w- C:\9763613b9eb5a4033f9b3a2195c65735
2012-08-13 21:26:03 -------- d-----w- c:\windows\system32\UAs
2012-08-13 21:24:42 264 ----a-w- c:\windows\system32\srvblck5.tmp
2012-08-13 21:23:51 -------- d-----w- c:\windows\system32\kock
.
==================== Find3M ====================
.
2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50:25 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 20:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 20:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 20:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 20:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 20:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 20:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 20:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 20:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2008-12-09 15:23:13 51152 --sh--r- c:\windows\system32\appConf32.exe
.
============= FINISH: 13:11:25.92 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/4/2006 6:50:13 PM
System Uptime: 8/14/2012 12:59:01 PM (1 hours ago)
.
Motherboard: Intel Corporation | | MPAD-MSAE Customer Reference Boards
Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz | U1 | 1662/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 111 GiB total, 79.61 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP309: 8/13/2012 5:27:12 PM - Software Distribution Service 3.0
RP310: 8/14/2012 3:01:20 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0.9
Adssite Games Collection
America Online (Choose which version to remove)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Spyware Protection
AOL You've Got Pictures Screensaver
aspi
BalanceLog
Bejeweled 2 Deluxe
Big Sky Screen Saver
Blackhawk Striker 2
Blasterball 2 Revolution
Bluetooth Stack for Windows by Toshiba
BootP-DHCP Server
CCHelp
CCScore
CD/DVD Drive Acoustic Silencer
CDDRV_Installer
Chuzzle Deluxe
ClearKeeper
ControlFLASH
CR2
Desktop Dialer
DeviceNet Node Commissioning Tool
DriveExecutive V4.01
DVD-RAM Driver
EasyGPS
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSTUTOR
ESSvpaht
ESSvpot
FactoryTalk Activation Client v2.00.01 (CPR 7)
FATE
Fidelity Active Trader Pro®
FXCM Trading Station
Garmin Trip and Waypoint Manager v5
Garmin USB Drivers
Garmin WebUpdater
GemMaster Mystic
GLOBEtrotter FLEXid Drivers
Google Desktop
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 11
KhalInstallWrapper
Kodak EasyShare software
KSU
LimeWire 5.4.7
Logitech SetPoint
Logix CPU Security Tool
Logix5000 Clock Update Tool
Logix5000 Task Monitor
Mah Jong Quest
Malwarebytes Anti-Malware version 1.62.0.1300
MapSend Lite
MapSend Streets and Destinations USA
Max_EN Toolbar
McAfee VirusScan Enterprise
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office OneNote 2003
Microsoft Office Standard Edition 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MioNet
Move Networks Media Player for Internet Explorer
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Notifier
Office 2003 Trial Assistant
OTtBP
Otto
P2P_Max Toolbar
Parker Isysnet Analog Module Profiles
Parker Isysnet ASCII Module Profile
Parker Isysnet Discrete Module Profiles
PCDLNCH
PDF Plain Text Extractor (remove only)
Penguins!
Philips Firmware Manager
Philips SPC 700NC PC Camera
Philips VLounge
Picasa 2
PID Calculation Program
PL-2303 USB-to-Serial
Polar Bowler
Polar Golfer
PriceGong 2.1.0
Protector Suite 5.4
Pure Networks Port Magic
QuickTime
RealPlayer Basic
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Rockwell Automation 1734 Analog Module Profiles
Rockwell Automation 1734 ASCII Module Profiles
Rockwell Automation 1734 Discrete Module Profiles
Rockwell Automation 1734 Specialty Module Profiles
Rockwell Automation 1738 Analog Module Profiles
Rockwell Automation 1738 ASCII Module Profiles
Rockwell Automation 1738 Discrete Module Profiles
Rockwell Automation 1738 Specialty Module Profiles
Rockwell Automation 1756 CNet Comms Module Profiles
Rockwell Automation 1756 ENet Comms Module Profiles
Rockwell Automation 1756 HART Module Profiles
Rockwell Automation 1769 Analog Module Profiles
Rockwell Automation 1769 Boolean Module Profiles
Rockwell Automation 1769 Discrete Module Profiles
Rockwell Automation 1769 Specialty Module Profiles
Rockwell Automation 1791DS Discrete Module Profiles
Rockwell Automation Drives PowerFlex 4 Module Profiles
Rockwell Automation Drives PowerFlex 7 Module Profiles
Rockwell Automation Drives SCANport Module Profiles
Rockwell Automation Generic Safety Module Profiles
Rockwell Automation USB CIP Driver Package
Rockwell Software Hardware Maintenance Tool
Rockwell Windows Firewall Configuration Utility 1.00.01
RSLinx Classic 2.51.00 (CPR 7)
RSLogix 5 English 7.10.02 (CPR 7)
RSLogix 500 English 7.10.00 (CPR 7)
RSLogix 5000 Compare v2
RSLogix 5000 DeviceNet Tag Generator
RSLogix 5000 Faceplates
RSLogix 5000 IEC61131-3 Translation Tool
RSLogix 5000 Module Profile Core
RSLogix 5000 Module Profile Setup Utility
RSLogix 5000 Online Books v16.00.00
RSLogix 5000 Setup Installer
RSLogix 5000 Start Page Media v16.00.05
RSLogix 5000 System Updates
RSLogix 5000 v13.04
RSLogix 5000 v15.02
RSLogix 5000 v16.00.00
RSNetWorx for ControlNet 8.00.00 (CPR 7)
RSNetWorx for DeviceNet 8.00.01 (CPR 7)
RSNetWorx for EtherNet/IP 8.00.00 (CPR 7)
SCRABBLE
SD Secure Module
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sentinel System Driver
SFR
SFR2
SIPPS
Sonic Encoders
StuffIt 2010
Synaptics Pointing Device Driver
Tag Data Monitor Tool
Tag Import Utility
Tag Upload Download Tool
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Direct Disc Writer
TOSHIBA Disc Creator
TOSHIBA Game Console
TOSHIBA Hotkey Utility
Toshiba Media Center Game Console
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
TOSHIBA Recovery Disc Creator
Toshiba Registration
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA TouchPad ON/Off Utility
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Touch and Launch
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2718704)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
WeatherBug
WebFldrs XP
WildTangent Web Driver
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format Runtime
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB894553
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
8/14/2012 5:49:00 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the FactoryTalk Diagnostics Local Reader service to connect.
8/14/2012 5:49:00 AM, error: Service Control Manager [7000] - The FactoryTalk Diagnostics Local Reader service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/14/2012 5:44:08 AM, error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 1 time(s).
8/14/2012 3:01:28 AM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\D.
8/14/2012 12:14:41 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
8/14/2012 1:10:09 AM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 68:7F:74:F0:24:F7. Network operations on this system may be disrupted as a result.
8/14/2012 1:09:09 AM, error: Dhcp [1002] - The IP address lease 192.168.1.109 for the Network Card with network address 0018DE2B2EC2 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
8/14/2012 1:00:07 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
8/13/2012 6:15:21 PM, error: Service Control Manager [7034] - The Network Associates McShield service terminated unexpectedly. It has done this 3 time(s).
8/13/2012 5:34:17 PM, error: Service Control Manager [7034] - The Network Associates McShield service terminated unexpectedly. It has done this 2 time(s).
8/13/2012 5:32:31 PM, error: Service Control Manager [7034] - The Network Associates McShield service terminated unexpectedly. It has done this 1 time(s).
8/13/2012 11:45:49 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/13/2012 11:44:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MpFilter MRxSmb NaiAvTdi1 NetBIOS NetBT RasAcd Rdbss Tcpip
8/13/2012 11:44:45 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2012 11:44:45 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2012 11:44:45 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2012 11:44:45 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2012 11:44:32 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
.
==== End Of File ===========================
The initial symptoms were running slow, windows explorer crashed anytime I tried to access a folder/directory(my computer, control panel, etc), and internet explorer 8 would crash as well. I downloaded install files on usb and placed them on the desktop in safe mode as that was the only way I could get them on this computer(I installed and ran them in normal mode just fine). Luckily after Malwarebytes Anti-Malware, I have the ability to access directories again and to use internet explorer but even still I put the logs on usb and brought them to my desktop to make the post. This computer has a lot of crap on here, it even still has limewire... yeah I'm deeply concerned about my father's intelligence for him having used limewire. Wonder where the malware came from. Anyway, I'd love for someone to look over the logs for other potential problems before I proceed to make changes and uninstall some of the crap ware and redundant security programs. Also I haven't run updates but I think it might have done so automatically last night because I left the anti-virus scanning go during the night and I came back to a restarted computer. I redid the virus scan.
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.14.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Daniel Smith :: DBSMITH [administrator]
8/14/2012 12:25:21 PM
mbam-log-2012-08-14 (12-25-21).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 279152
Time elapsed: 30 minute(s), 47 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 16
HKCR\AppID\{8D71EEB8-A1A7-4733-8FA2-1CAC015C967D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKCR\CLSID\{8BBE6A70-EF84-47FA-B5DE-EDD0DF18461F} (Trojan.Banker) -> Quarantined and deleted successfully.
HKCR\linkrd.AIEbho.1 (Trojan.Banker) -> Quarantined and deleted successfully.
HKCR\linkrd.AIEbho (Trojan.Banker) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8BBE6A70-EF84-47FA-B5DE-EDD0DF18461F} (Trojan.Banker) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BBE6A70-EF84-47FA-B5DE-EDD0DF18461F} (Trojan.Banker) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdssiteSearchAssistant (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\AppID\Sidebar.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\MediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\prh (Trojan.Banker) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\tst (Trojan.Banker) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Custom Tools (Trojan.Zlob) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Safety Features (Trojan.Zlob) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Information Center (Trojan.Zlob) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 5
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q={searchTerms}) Good: (http://www.Google.com/) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w| (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q=%s) Good: (http://www.Google.com/) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q={searchTerms}) Good: (http://www.Google.com/) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w| (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q=%s) Good: (http://www.Google.com/) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\appConf32.exe,) Good: (userinit.exe) -> Quarantined and repaired successfully.
Folders Detected: 2
C:\WINDOWS\system32\912525 (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm (Stolen.Data) -> Quarantined and deleted successfully.
Files Detected: 16
C:\WINDOWS\system32\WhoisCL.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\AcroIEHelpe.dll (Trojan.Banker) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\AcroIEHelpe.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Daniel Smith\Favorites\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\adssite_sidebar_uninstall.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.13.115258_daniel_smith@quantserve[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122239_daniel_smith@a1.interclick[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122239_daniel_smith@abmr[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122239_daniel_smith@burstnet[2].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122239_daniel_smith@interclick[2].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@quantserve[2].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@scorecardresearch[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@sharethis[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@turn[2].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@wd.sharethis[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xmldm\netbank_2012.08.14.122240_daniel_smith@www.burstnet[1].txt (Stolen.Data) -> Quarantined and deleted successfully.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-08-14 13:09:01
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK1234GSX rev.AH001A
Running: ocinprei.exe; Driver: C:\DOCUME~1\DANIEL~1\LOCALS~1\Temp\pwldapob.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs naiavf5x.sys (Anti-Virus File System Filter Driver/McAfee Inc.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat naiavf5x.sys (Anti-Virus File System Filter Driver/McAfee Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Daniel Smith at 13:09:58 on 2012-08-14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1241 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Rockwell Software\RSCommon\RSOBSERV.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\PROGRA~1\ROCKWE~1\RSLinx\RSLINX.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\ScsiAccess.EXE
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Smith Micro\StuffIt 2010\ArcNameService.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Rockwell Automation\Rockwell Automation USB CIP Driver Package\UsbCipHelper\UsbCipHelper.exe
C:\WINDOWS\vphc700.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchMigratedDefaultURL = hxxp://www.Google.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
mSearchMigratedDefaultURL = hxxp://www.Google.com/
uInternet Settings,ProxyOverride = localhost
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: P2P Max Toolbar: {72ae8426-3b8d-4ead-b191-8d0ad1c62158} - c:\program files\p2p_max\tbP2P_.dll
mWinlogon: Userinit=userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: PriceGongBHO Class: {1631550f-191d-4826-b069-d9439253d926} - c:\program files\pricegong\2.1.0\PriceGongIE.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Max EN Toolbar: {867dd841-5bf7-44ca-8426-c5a6eda00735} - c:\program files\max_en\prxtbMax0.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar3.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Browser protection: {fb9ffb4b-9680-4256-8178-5ecdb2c19b23} - c:\progra~1\spynom~1\SNMIEG~1.DLL
TB: Max EN Toolbar: {867dd841-5bf7-44ca-8426-c5a6eda00735} - c:\program files\max_en\prxtbMax0.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dll
TB: {F2BADA0D-FD61-45EF-A994-64A073FD6613} - No File
TB: P2P Max Toolbar: {72ae8426-3b8d-4ead-b191-8d0ad1c62158} - c:\program files\p2p_max\tbP2P_.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [PxDotNetLoader] "c:\program files\fidelity investments\fidelity active trader\system\ATPStartupAssistant.exe"
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [TPSMain] TPSMain.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [TFncKy] TFncKy.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SNM] c:\program files\spynomore\SNM.exe /startup
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [SkyTel] SkyTel.EXE
mRun: [ShStatEXE] "c:\program files\network associates\virusscan\SHSTAT.EXE" /STANDALONE
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [Network Associates Error Reporting Service] "c:\program files\common files\network associates\talkback\tbmon.exe"
mRun: [NDSTray.exe] NDSTray.exe
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UpdaterUI.exe" /StartedFromRunKey
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [DDWMon] c:\program files\toshiba\toshiba direct disc writer\\ddwmon.exe
mRun: [CFSServ.exe] CFSServ.exe -NoClient
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [UsbCipHelper] c:\program files\rockwell automation\rockwell automation usb cip driver package\usbciphelper\UsbCipHelper.exe
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [phc700] c:\windows\vphc700.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [<NO NAME>]
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\docume~1\daniel~1\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
StartupFolder: c:\docume~1\daniel~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office11\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\program\backWeb-7288971.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\traymi~1.lnk - c:\program files\philips\spc 700nc pc camera\TrayMin700.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {4FF0ADF7-4C00-4A2F-A00A-8F0EFD85D80E} - hxxps://imail.tema.toyota.com/images/whlcache.cab?egap=internal
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162687796125
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://imail.tema.toyota.com/dwa7W.cab
Handler: x-atng - {7e8717b0-d862-11d5-8c9e-00010304f989} - c:\program files\fidelity investments\fidelity active trader\system\atngprot.dll
Notify: igfxcui - igfxdev.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
Notify: psfus - psqlpwd.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
LSA: Notification Packages = scecli psqlpwd
.
============= SERVICES / DRIVERS ===============
.
P2 McShield;Network Associates McShield;c:\program files\network associates\virusscan\mcshield.exe [2006-2-14 221191]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [2006-11-4 58464]
R2 FdRedir;FdRedir;c:\program files\common files\protector suite ql\drivers\FdRedir.sys [2006-5-5 13568]
R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\common files\protector suite ql\drivers\filedisk.sys [2006-5-5 33024]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2006-11-4 98304]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 McTaskManager;Network Associates Task Manager;c:\program files\network associates\virusscan\vstskmgr.exe [2006-6-8 29184]
R2 MioNet;MioNet Service;c:\program files\mionet\MioNetManager.exe [2005-7-15 139264]
R2 smihlp;SMI helper driver;c:\program files\protector suite ql\smihlp.sys [2006-5-5 3456]
R2 tdudf;TOSHIBA UDF File System Driver;c:\windows\system32\drivers\tdudf.sys [2006-6-28 98816]
R3 NaiAvFilter1;NaiAvFilter1;c:\windows\system32\drivers\naiavf5x.sys [2006-11-4 116864]
S1 VirtualBackplane;A-B Virtual Backplane;c:\windows\system32\drivers\virtualbackplane.sys --> c:\windows\system32\drivers\VirtualBackplane.sys [?]
S3 ABKTCX;Rockwell Automation 1784-KTC(X) Driver;c:\windows\system32\drivers\abktcx.sys [2000-5-31 71448]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\google\google desktop search\GoogleDesktop.exe [2006-8-11 30192]
S3 IO_Memory;IO_Memory;\??\c:\sysprep\drivers\ioport.sys --> c:\sysprep\drivers\ioport.sys [?]
S3 phc700;USB PC Camera (phc700);c:\windows\system32\drivers\phc700.sys [2008-1-3 541568]
S3 RS_SS_NT;RSLinx Classic S-S SD/SD2 Device Driver;c:\windows\system32\RS_SS_NT.SYS [1999-11-10 142592]
S3 RsiKtControl;RsiKtControl;c:\windows\system32\RSIKT.SYS [2006-1-18 39067]
S3 RSSERIAL;RSLinx Classic Serial Driver;c:\windows\system32\rsserial.sys [1999-5-11 155440]
S3 SVRPEDRV;SVRPEDRV;\??\c:\sysprep\pedrv.sys --> c:\sysprep\PEDrv.sys [?]
.
=============== Created Last 30 ================
.
2012-08-14 18:09:33 6891424 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f960e024-5cd0-4722-b6d9-5c26b0948133}\mpengine.dll
2012-08-14 17:24:24 -------- d-----w- c:\documents and settings\daniel smith\application data\Malwarebytes
2012-08-14 17:23:35 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-08-14 17:23:33 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-14 17:23:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-14 10:41:53 -------- d-sh--w- c:\documents and settings\daniel smith\IETldCache
2012-08-14 09:21:30 -------- dc-h--w- c:\windows\ie8
2012-08-13 23:04:39 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2012-08-13 22:59:51 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2012-08-13 22:59:48 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-08-13 22:59:48 3072 ------w- c:\windows\system32\iacenc.dll
2012-08-13 22:27:13 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-08-13 22:14:59 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-13 22:14:04 -------- d-----w- C:\9763613b9eb5a4033f9b3a2195c65735
2012-08-13 21:26:03 -------- d-----w- c:\windows\system32\UAs
2012-08-13 21:24:42 264 ----a-w- c:\windows\system32\srvblck5.tmp
2012-08-13 21:23:51 -------- d-----w- c:\windows\system32\kock
.
==================== Find3M ====================
.
2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50:25 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 20:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 20:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 20:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 20:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 20:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 20:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 20:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 20:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2008-12-09 15:23:13 51152 --sh--r- c:\windows\system32\appConf32.exe
.
============= FINISH: 13:11:25.92 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/4/2006 6:50:13 PM
System Uptime: 8/14/2012 12:59:01 PM (1 hours ago)
.
Motherboard: Intel Corporation | | MPAD-MSAE Customer Reference Boards
Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz | U1 | 1662/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 111 GiB total, 79.61 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP309: 8/13/2012 5:27:12 PM - Software Distribution Service 3.0
RP310: 8/14/2012 3:01:20 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0.9
Adssite Games Collection
America Online (Choose which version to remove)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Spyware Protection
AOL You've Got Pictures Screensaver
aspi
BalanceLog
Bejeweled 2 Deluxe
Big Sky Screen Saver
Blackhawk Striker 2
Blasterball 2 Revolution
Bluetooth Stack for Windows by Toshiba
BootP-DHCP Server
CCHelp
CCScore
CD/DVD Drive Acoustic Silencer
CDDRV_Installer
Chuzzle Deluxe
ClearKeeper
ControlFLASH
CR2
Desktop Dialer
DeviceNet Node Commissioning Tool
DriveExecutive V4.01
DVD-RAM Driver
EasyGPS
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSTUTOR
ESSvpaht
ESSvpot
FactoryTalk Activation Client v2.00.01 (CPR 7)
FATE
Fidelity Active Trader Pro®
FXCM Trading Station
Garmin Trip and Waypoint Manager v5
Garmin USB Drivers
Garmin WebUpdater
GemMaster Mystic
GLOBEtrotter FLEXid Drivers
Google Desktop
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 11
KhalInstallWrapper
Kodak EasyShare software
KSU
LimeWire 5.4.7
Logitech SetPoint
Logix CPU Security Tool
Logix5000 Clock Update Tool
Logix5000 Task Monitor
Mah Jong Quest
Malwarebytes Anti-Malware version 1.62.0.1300
MapSend Lite
MapSend Streets and Destinations USA
Max_EN Toolbar
McAfee VirusScan Enterprise
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office OneNote 2003
Microsoft Office Standard Edition 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MioNet
Move Networks Media Player for Internet Explorer
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Notifier
Office 2003 Trial Assistant
OTtBP
Otto
P2P_Max Toolbar
Parker Isysnet Analog Module Profiles
Parker Isysnet ASCII Module Profile
Parker Isysnet Discrete Module Profiles
PCDLNCH
PDF Plain Text Extractor (remove only)
Penguins!
Philips Firmware Manager
Philips SPC 700NC PC Camera
Philips VLounge
Picasa 2
PID Calculation Program
PL-2303 USB-to-Serial
Polar Bowler
Polar Golfer
PriceGong 2.1.0
Protector Suite 5.4
Pure Networks Port Magic
QuickTime
RealPlayer Basic
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Rockwell Automation 1734 Analog Module Profiles
Rockwell Automation 1734 ASCII Module Profiles
Rockwell Automation 1734 Discrete Module Profiles
Rockwell Automation 1734 Specialty Module Profiles
Rockwell Automation 1738 Analog Module Profiles
Rockwell Automation 1738 ASCII Module Profiles
Rockwell Automation 1738 Discrete Module Profiles
Rockwell Automation 1738 Specialty Module Profiles
Rockwell Automation 1756 CNet Comms Module Profiles
Rockwell Automation 1756 ENet Comms Module Profiles
Rockwell Automation 1756 HART Module Profiles
Rockwell Automation 1769 Analog Module Profiles
Rockwell Automation 1769 Boolean Module Profiles
Rockwell Automation 1769 Discrete Module Profiles
Rockwell Automation 1769 Specialty Module Profiles
Rockwell Automation 1791DS Discrete Module Profiles
Rockwell Automation Drives PowerFlex 4 Module Profiles
Rockwell Automation Drives PowerFlex 7 Module Profiles
Rockwell Automation Drives SCANport Module Profiles
Rockwell Automation Generic Safety Module Profiles
Rockwell Automation USB CIP Driver Package
Rockwell Software Hardware Maintenance Tool
Rockwell Windows Firewall Configuration Utility 1.00.01
RSLinx Classic 2.51.00 (CPR 7)
RSLogix 5 English 7.10.02 (CPR 7)
RSLogix 500 English 7.10.00 (CPR 7)
RSLogix 5000 Compare v2
RSLogix 5000 DeviceNet Tag Generator
RSLogix 5000 Faceplates
RSLogix 5000 IEC61131-3 Translation Tool
RSLogix 5000 Module Profile Core
RSLogix 5000 Module Profile Setup Utility
RSLogix 5000 Online Books v16.00.00
RSLogix 5000 Setup Installer
RSLogix 5000 Start Page Media v16.00.05
RSLogix 5000 System Updates
RSLogix 5000 v13.04
RSLogix 5000 v15.02
RSLogix 5000 v16.00.00
RSNetWorx for ControlNet 8.00.00 (CPR 7)
RSNetWorx for DeviceNet 8.00.01 (CPR 7)
RSNetWorx for EtherNet/IP 8.00.00 (CPR 7)
SCRABBLE
SD Secure Module
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sentinel System Driver
SFR
SFR2
SIPPS
Sonic Encoders
StuffIt 2010
Synaptics Pointing Device Driver
Tag Data Monitor Tool
Tag Import Utility
Tag Upload Download Tool
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Direct Disc Writer
TOSHIBA Disc Creator
TOSHIBA Game Console
TOSHIBA Hotkey Utility
Toshiba Media Center Game Console
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
TOSHIBA Recovery Disc Creator
Toshiba Registration
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA TouchPad ON/Off Utility
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Touch and Launch
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2718704)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
WeatherBug
WebFldrs XP
WildTangent Web Driver
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format Runtime
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB894553
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
8/14/2012 5:49:00 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the FactoryTalk Diagnostics Local Reader service to connect.
8/14/2012 5:49:00 AM, error: Service Control Manager [7000] - The FactoryTalk Diagnostics Local Reader service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/14/2012 5:44:08 AM, error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 1 time(s).
8/14/2012 3:01:28 AM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\D.
8/14/2012 12:14:41 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
8/14/2012 1:10:09 AM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 68:7F:74:F0:24:F7. Network operations on this system may be disrupted as a result.
8/14/2012 1:09:09 AM, error: Dhcp [1002] - The IP address lease 192.168.1.109 for the Network Card with network address 0018DE2B2EC2 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
8/14/2012 1:00:07 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
8/13/2012 6:15:21 PM, error: Service Control Manager [7034] - The Network Associates McShield service terminated unexpectedly. It has done this 3 time(s).
8/13/2012 5:34:17 PM, error: Service Control Manager [7034] - The Network Associates McShield service terminated unexpectedly. It has done this 2 time(s).
8/13/2012 5:32:31 PM, error: Service Control Manager [7034] - The Network Associates McShield service terminated unexpectedly. It has done this 1 time(s).
8/13/2012 11:45:49 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/13/2012 11:44:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MpFilter MRxSmb NaiAvTdi1 NetBIOS NetBT RasAcd Rdbss Tcpip
8/13/2012 11:44:45 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2012 11:44:45 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2012 11:44:45 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2012 11:44:45 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2012 11:44:32 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
.
==== End Of File ===========================