Not sure if it is just Norton slowing down my PC?
The other issue is dots appearing and then being replaced with random text in Word, Firefox and Notepad.
I followed the checklist and here are my logs:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7655
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
9/5/2011 9:45:48 AM
mbam-log-2011-09-05 (09-45-48).txt
Scan type: Quick scan
Objects scanned: 170786
Time elapsed: 8 minute(s), 55 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CEFF6CD-6F08-4E4D-BCCD-FF7415288C3B} (Adware.Alexa) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{875A1348-7674-42AA-ADAC-B4F36A004A2D} (Adware.Adband) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1FABE79-25FC-46DE-8C5A-2C6DB9D64333} (Adware.Alexa) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-----------------------------------------------------------------------------------------------
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-09-05 09:56:23
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-19 ST3250620NS rev.3.AEG
Running: jpucnrlh.exe; Driver: C:\DOCUME~1\KELLYC~1\LOCALS~1\Temp\pxtdypow.sys
---- System - GMER 1.0.15 ----
SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateKey [0xBA7832A8]
SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateValueKey [0xBA78E910]
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdePort0 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdePort1 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdePort2 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdePort3 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdePort4 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdePort5 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-6 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-19 8AC4E0F8
Device \Driver\d347prt \Device\Scsi\d347prt1Port6Path0Target0Lun0 8ABEFCC0
Device \Driver\d347prt \Device\Scsi\d347prt1 8ABEFCC0
Device \FileSystem\Ntfs \Ntfs 8AFDFFB0
Device \FileSystem\Fastfat \Fat 8AAAE4D0
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
---- Modules - GMER 1.0.15 ----
Module _________ BA6E5000-BA6FD000 (98304 bytes)
---- EOF - GMER 1.0.15 ----
-------------------------------------------------------------------------------------------------------------
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_05
Run by Kelly Comiskey at 9:58:39 on 2011-09-05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2138 [GMT -5:00]
.
AV: Norton Security Suite *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ASUS\AASP\1.00.01\aaCenter.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = localhost;*.local
BHO: 0<º - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\3.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\3.8.0.41\IPSBHO.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\3.8.0.41\coIEPlg.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: Microsoft CommBand: {4d5c8c2a-d075-11d0-b416-00c04fb90376} - %SystemRoot%\System32\browseui.dll
TB: {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [EPSON Stylus Photo R320 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /M "Stylus Photo R320" /EF "HKCU"
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_0_9
uRun: [EPSON Stylus C120 Series] c:\windows\system32\spool\drivers\w32x86\3\e_faticca.exe /fu "c:\docume~1\kellyc~1\locals~1\temp\E_S3B0.tmp" /EF "HKCU"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10l_Plugin.exe -update plugin
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\SMax4.exe" /tray
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [AsusServiceProvider] c:\program files\asus\aasp\1.00.01\aaCenter.exe
mRun: [Ai Nap] "c:\program files\asus\ai suite\ainap\AiNap.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [DIRECTCD] "c:\program files\intervideo\disc master 2.5\DirectCD.exe"
mRun: [WINCINEMAMGR] "c:\program files\intervideo\common\bin\WinCinemaMgr.exe"
mRun: [EPSON Stylus Photo R320 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe
mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe
mRun: [BCA2000] %SystemRoot%\system32\bca2kcpan.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Conime] %windir%\system32\conime.exe
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [Linksys Wireless Manager] "c:\program files\linksys\linksys wireless manager\LinksysWirelessManager.exe" /cm /min /lcid 1033
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\evolue~1.lnk - c:\windows\installer\{a8323ef0-1e8a-4385-93ed-f97963793042}\_3E7D7F8C756EC1A9420DE2.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
Trusted Zone: intuit.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
Trusted Zone: wealthyaffiliate.com\members
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxps://www.apple.com/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265378970750
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1265378957218
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {FA945BB6-9D37-43FC-9B2A-AF09F56CBBF0} - hxxp://yme.music.yahoo.com/qos/cabs/DiagCollectionControl.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{3FBDA7DD-2685-4E6D-9DF2-64110FB38409} : DhcpNameServer = 68.87.68.166 68.87.74.166
TCP: Interfaces\{63FBE7B3-0857-491B-A885-597E59FFC75A} : DhcpNameServer = 192.168.1.254
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton security suite\engine\3.8.0.41\CoIEPlg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\kelly comiskey\application data\mozilla\firefox\profiles\api6nyah.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Norton Toolbar: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coFFPlgn
.
============= SERVICES / DRIVERS ===============
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2007-3-19 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2007-3-19 5248]
R0 ivicd;Ivi CDVD Filter Driver;c:\windows\system32\drivers\ivicd.sys [2007-3-17 38784]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0308000.029\SymEFA.sys [2010-2-5 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0308000.029\BHDrvx86.sys [2010-2-5 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0308000.029\cchpx86.sys [2010-2-5 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20110902.030\IDSXpx86.sys [2011-9-2 356280]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-7-8 214664]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2010-9-13 308656]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\3.8.0.41\ccSvcHst.exe [2010-2-5 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-8-17 105592]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20110904.002\NAVENG.SYS [2011-9-4 86136]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20110904.002\NAVEX15.SYS [2011-9-4 1576312]
S2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe --> c:\progra~1\mcafee\viruss~1\mcshield.exe [?]
S3 BCA2000;Behringer BCA2000 V2.1.0.6;c:\windows\system32\drivers\BCA2000.SYS [2008-1-18 94624]
S3 BCA2000WDM;Behringer BCA2000WDM V2.1.0.6;c:\windows\system32\drivers\BCA2000WDM.SYS [2008-1-18 27328]
S3 EloBus;Elobus Filter Driver;c:\windows\system32\drivers\elobus.sys --> c:\windows\system32\drivers\EloBus.sys [?]
S3 EloSer;Elo Serial Driver;c:\windows\system32\drivers\eloser.sys --> c:\windows\system32\drivers\EloSer.sys [?]
S3 evomouflt;Evoluent Mouse Filter Service;c:\windows\system32\drivers\evomouflt.sys [2007-12-26 15872]
S3 iviudf;iviudf;c:\windows\system32\drivers\iviudf.sys --> c:\windows\system32\drivers\IviUdf.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-9-5 41272]
S3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe --> c:\progra~1\mcafee\viruss~1\mcsysmon.exe [?]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-9-10 79816]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-9-10 35272]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-9-10 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-9-10 40552]
S3 mosuport;USB Serial/Parallel Ports;c:\windows\system32\drivers\mosuport.sys [2009-4-6 900736]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [2007-11-18 152576]
S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [2009-11-3 627072]
.
=============== Created Last 30 ================
.
2011-09-05 13:47:11 -------- d-----w- c:\documents and settings\kelly comiskey\application data\Malwarebytes
2011-09-05 13:46:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-05 13:46:40 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-09-05 13:46:33 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-05 13:46:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-05 13:29:51 -------- d-----w- c:\program files\ESET
.
==================== Find3M ====================
.
.
============= FINISH: 9:59:07.54 ===============
------------------------------------------------------------------------------------------------------------
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 3/17/2007 4:58:59 AM
System Uptime: 8/24/2011 10:42:35 AM (287 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5B-Deluxe
Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz | LGA 775 | 1866/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 127.213 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 186 GiB total, 24.554 GiB free.
G: is FIXED (FAT32) - 47 GiB total, 46.372 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1339: 6/9/2011 8:31:47 PM - System Checkpoint
RP1340: 6/10/2011 11:21:43 PM - System Checkpoint
RP1341: 6/12/2011 2:39:03 AM - System Checkpoint
RP1342: 6/24/2011 8:24:16 PM - System Checkpoint
RP1343: 6/25/2011 10:28:25 PM - System Checkpoint
RP1344: 6/27/2011 6:31:47 PM - System Checkpoint
RP1345: 6/28/2011 6:32:52 PM - System Checkpoint
RP1346: 6/29/2011 10:11:53 PM - System Checkpoint
RP1347: 6/30/2011 10:22:48 PM - System Checkpoint
RP1348: 7/2/2011 2:25:18 AM - System Checkpoint
RP1349: 7/3/2011 6:10:48 AM - System Checkpoint
RP1350: 8/13/2011 7:47:26 PM - System Checkpoint
RP1351: 8/14/2011 11:32:23 PM - System Checkpoint
RP1352: 8/16/2011 3:20:23 AM - System Checkpoint
RP1353: 8/17/2011 3:32:23 AM - System Checkpoint
RP1354: 8/19/2011 6:40:02 PM - System Checkpoint
RP1355: 8/19/2011 8:53:41 PM - Software Distribution Service 3.0
RP1356: 8/24/2011 12:49:43 PM - System Checkpoint
RP1357: 8/25/2011 4:22:58 PM - System Checkpoint
RP1358: 8/26/2011 8:33:53 PM - System Checkpoint
RP1359: 8/28/2011 12:21:54 AM - System Checkpoint
RP1360: 8/29/2011 4:33:54 AM - System Checkpoint
RP1361: 8/30/2011 8:33:54 AM - System Checkpoint
RP1362: 8/31/2011 12:33:54 PM - System Checkpoint
RP1363: 9/1/2011 4:33:54 PM - System Checkpoint
RP1364: 9/2/2011 8:33:57 PM - System Checkpoint
RP1365: 9/4/2011 12:21:57 AM - System Checkpoint
RP1366: 9/5/2011 12:33:57 AM - System Checkpoint
.
==== Installed Programs ======================
.
.
Adobe Acrobat 4.0
Adobe Acrobat Distiller 6.0
Adobe Audition 1.5
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe PageMaker 6.5
Adobe PageMaker 7.0
Adobe Photoshop 5.5
Adobe Reader 7.0.9
Adobe Shockwave Player
Ai Suite
aiofw
aioprnt
aioscnnr
Amazon MP3 Downloader 1.0.10
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression 3.0
ArcSoft PhotoImpression 6
ArcSoft Print Creations
AsusUpdate
Audit Support Center 1.0
Bandlink
Bonjour
Business Mentor
C4USelfUpdater
Canon MP Navigator EX 3.0
Canon MP560 series MP Drivers
Canon MP560 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCScore
center
Compatibility Pack for the 2007 Office system
DAEMON Tools
Dropbox
EPSON C120 User's Guide
EPSON Printer Software
EPSON Web-To-Page
ESET Online Scanner v3
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSSONIC
ESSTOOLS
essvatgt
Evoluent Mouse Manager
Film Factory
Foxit Reader
Google Earth
GSAK 6.6.0 Build 50 (Final)
GSAK 7.6.1.27 (Final)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Format SDK (KB910998)
Hotfix for Windows XP (KB954550-v5)
InterVideo Launcher
InterVideo MediaOne Gallery
InterVideo WinDVD
iTunes
Java(TM) 6 Update 3
Java(TM) 6 Update 5
kgcbase
KODAK AiO Home Center
Kodak EasyShare software
ksDIP
LG USB Modem driver
LimeWire 4.18.2
Linksys Wireless Manager
Logitech Desktop Messenger
Logitech Print Service
Logitech QuickCam
Logitech® Camera Driver
Macromedia Flash Player
Malwarebytes' Anti-Malware version 1.51.1.1800
Marvell Miniport Driver
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money Plus
Microsoft Money Shared Libraries
Microsoft National Language Support Downlevel APIs
Microsoft Office FrontPage 2003
Microsoft Office OneNote 2003
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Small Business Accounting 2006
Microsoft Office Visio Professional 2003
Microsoft RichCopy 4.0
Microsoft Silverlight
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Motorola Driver Installation
Motorola USB Drivers
Mozilla Firefox (3.6.21)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser
Nero OEM
netbrdg
Norton Security Suite
NVIDIA Drivers
OfotoXMI
oggcodecs 0.71.0946
Palm Desktop
PaperPort 7.02
PC Inspector File Recovery
PC Probe II
PreReq
PrimoDVD (English)
Print Lab Series
Pure Networks Platform
QuickBooks Pro 2005
QuickTime
RealPlayer
Rhapsody Player Engine
SeaWorld Adventure Parks Tycoon 3D
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
SFR
SHASTA
skin0001
SKINXSDK
SmartMusic 2011
SmartMusic 2011a
Sony CD Architect 5.2
SoundMAX
staticcr
SureThing CD Labeler Deluxe 4
tooltips
Turbo Tax Audit Support Center 2.0
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax 2009 wtniper
TurboTax Home & Business 2007
USB Compound Device
V CAST Music
V CAST Music Essentials Manager
Virtual Cable Tester
VPRINTOL
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows XP Service Pack 3
WinRAR archiver
WIRELESS
Yahoo! Music Jukebox
.
==== Event Viewer Messages From Past Week ========
.
9/5/2011 8:54:23 AM, error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).
9/5/2011 8:54:17 AM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
9/5/2011 8:53:42 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
.
==== End Of File ===========================
The other issue is dots appearing and then being replaced with random text in Word, Firefox and Notepad.
I followed the checklist and here are my logs:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7655
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
9/5/2011 9:45:48 AM
mbam-log-2011-09-05 (09-45-48).txt
Scan type: Quick scan
Objects scanned: 170786
Time elapsed: 8 minute(s), 55 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CEFF6CD-6F08-4E4D-BCCD-FF7415288C3B} (Adware.Alexa) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{875A1348-7674-42AA-ADAC-B4F36A004A2D} (Adware.Adband) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1FABE79-25FC-46DE-8C5A-2C6DB9D64333} (Adware.Alexa) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-----------------------------------------------------------------------------------------------
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-09-05 09:56:23
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-19 ST3250620NS rev.3.AEG
Running: jpucnrlh.exe; Driver: C:\DOCUME~1\KELLYC~1\LOCALS~1\Temp\pxtdypow.sys
---- System - GMER 1.0.15 ----
SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateKey [0xBA7832A8]
SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateValueKey [0xBA78E910]
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdePort0 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdePort1 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdePort2 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdePort3 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdePort4 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdePort5 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-6 8AC4E0F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-19 8AC4E0F8
Device \Driver\d347prt \Device\Scsi\d347prt1Port6Path0Target0Lun0 8ABEFCC0
Device \Driver\d347prt \Device\Scsi\d347prt1 8ABEFCC0
Device \FileSystem\Ntfs \Ntfs 8AFDFFB0
Device \FileSystem\Fastfat \Fat 8AAAE4D0
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
---- Modules - GMER 1.0.15 ----
Module _________ BA6E5000-BA6FD000 (98304 bytes)
---- EOF - GMER 1.0.15 ----
-------------------------------------------------------------------------------------------------------------
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_05
Run by Kelly Comiskey at 9:58:39 on 2011-09-05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2138 [GMT -5:00]
.
AV: Norton Security Suite *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ASUS\AASP\1.00.01\aaCenter.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = localhost;*.local
BHO: 0<º - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\3.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\3.8.0.41\IPSBHO.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\3.8.0.41\coIEPlg.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: Microsoft CommBand: {4d5c8c2a-d075-11d0-b416-00c04fb90376} - %SystemRoot%\System32\browseui.dll
TB: {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [EPSON Stylus Photo R320 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /M "Stylus Photo R320" /EF "HKCU"
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_0_9
uRun: [EPSON Stylus C120 Series] c:\windows\system32\spool\drivers\w32x86\3\e_faticca.exe /fu "c:\docume~1\kellyc~1\locals~1\temp\E_S3B0.tmp" /EF "HKCU"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10l_Plugin.exe -update plugin
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\SMax4.exe" /tray
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [AsusServiceProvider] c:\program files\asus\aasp\1.00.01\aaCenter.exe
mRun: [Ai Nap] "c:\program files\asus\ai suite\ainap\AiNap.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [DIRECTCD] "c:\program files\intervideo\disc master 2.5\DirectCD.exe"
mRun: [WINCINEMAMGR] "c:\program files\intervideo\common\bin\WinCinemaMgr.exe"
mRun: [EPSON Stylus Photo R320 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe
mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe
mRun: [BCA2000] %SystemRoot%\system32\bca2kcpan.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Conime] %windir%\system32\conime.exe
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [Linksys Wireless Manager] "c:\program files\linksys\linksys wireless manager\LinksysWirelessManager.exe" /cm /min /lcid 1033
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\evolue~1.lnk - c:\windows\installer\{a8323ef0-1e8a-4385-93ed-f97963793042}\_3E7D7F8C756EC1A9420DE2.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
Trusted Zone: intuit.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
Trusted Zone: wealthyaffiliate.com\members
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxps://www.apple.com/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265378970750
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1265378957218
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {FA945BB6-9D37-43FC-9B2A-AF09F56CBBF0} - hxxp://yme.music.yahoo.com/qos/cabs/DiagCollectionControl.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{3FBDA7DD-2685-4E6D-9DF2-64110FB38409} : DhcpNameServer = 68.87.68.166 68.87.74.166
TCP: Interfaces\{63FBE7B3-0857-491B-A885-597E59FFC75A} : DhcpNameServer = 192.168.1.254
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton security suite\engine\3.8.0.41\CoIEPlg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\kelly comiskey\application data\mozilla\firefox\profiles\api6nyah.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Norton Toolbar: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coFFPlgn
.
============= SERVICES / DRIVERS ===============
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2007-3-19 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2007-3-19 5248]
R0 ivicd;Ivi CDVD Filter Driver;c:\windows\system32\drivers\ivicd.sys [2007-3-17 38784]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0308000.029\SymEFA.sys [2010-2-5 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0308000.029\BHDrvx86.sys [2010-2-5 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0308000.029\cchpx86.sys [2010-2-5 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20110902.030\IDSXpx86.sys [2011-9-2 356280]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-7-8 214664]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2010-9-13 308656]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\3.8.0.41\ccSvcHst.exe [2010-2-5 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-8-17 105592]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20110904.002\NAVENG.SYS [2011-9-4 86136]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20110904.002\NAVEX15.SYS [2011-9-4 1576312]
S2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe --> c:\progra~1\mcafee\viruss~1\mcshield.exe [?]
S3 BCA2000;Behringer BCA2000 V2.1.0.6;c:\windows\system32\drivers\BCA2000.SYS [2008-1-18 94624]
S3 BCA2000WDM;Behringer BCA2000WDM V2.1.0.6;c:\windows\system32\drivers\BCA2000WDM.SYS [2008-1-18 27328]
S3 EloBus;Elobus Filter Driver;c:\windows\system32\drivers\elobus.sys --> c:\windows\system32\drivers\EloBus.sys [?]
S3 EloSer;Elo Serial Driver;c:\windows\system32\drivers\eloser.sys --> c:\windows\system32\drivers\EloSer.sys [?]
S3 evomouflt;Evoluent Mouse Filter Service;c:\windows\system32\drivers\evomouflt.sys [2007-12-26 15872]
S3 iviudf;iviudf;c:\windows\system32\drivers\iviudf.sys --> c:\windows\system32\drivers\IviUdf.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-9-5 41272]
S3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe --> c:\progra~1\mcafee\viruss~1\mcsysmon.exe [?]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-9-10 79816]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-9-10 35272]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-9-10 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-9-10 40552]
S3 mosuport;USB Serial/Parallel Ports;c:\windows\system32\drivers\mosuport.sys [2009-4-6 900736]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [2007-11-18 152576]
S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [2009-11-3 627072]
.
=============== Created Last 30 ================
.
2011-09-05 13:47:11 -------- d-----w- c:\documents and settings\kelly comiskey\application data\Malwarebytes
2011-09-05 13:46:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-05 13:46:40 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-09-05 13:46:33 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-05 13:46:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-05 13:29:51 -------- d-----w- c:\program files\ESET
.
==================== Find3M ====================
.
.
============= FINISH: 9:59:07.54 ===============
------------------------------------------------------------------------------------------------------------
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 3/17/2007 4:58:59 AM
System Uptime: 8/24/2011 10:42:35 AM (287 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5B-Deluxe
Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz | LGA 775 | 1866/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 127.213 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 186 GiB total, 24.554 GiB free.
G: is FIXED (FAT32) - 47 GiB total, 46.372 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1339: 6/9/2011 8:31:47 PM - System Checkpoint
RP1340: 6/10/2011 11:21:43 PM - System Checkpoint
RP1341: 6/12/2011 2:39:03 AM - System Checkpoint
RP1342: 6/24/2011 8:24:16 PM - System Checkpoint
RP1343: 6/25/2011 10:28:25 PM - System Checkpoint
RP1344: 6/27/2011 6:31:47 PM - System Checkpoint
RP1345: 6/28/2011 6:32:52 PM - System Checkpoint
RP1346: 6/29/2011 10:11:53 PM - System Checkpoint
RP1347: 6/30/2011 10:22:48 PM - System Checkpoint
RP1348: 7/2/2011 2:25:18 AM - System Checkpoint
RP1349: 7/3/2011 6:10:48 AM - System Checkpoint
RP1350: 8/13/2011 7:47:26 PM - System Checkpoint
RP1351: 8/14/2011 11:32:23 PM - System Checkpoint
RP1352: 8/16/2011 3:20:23 AM - System Checkpoint
RP1353: 8/17/2011 3:32:23 AM - System Checkpoint
RP1354: 8/19/2011 6:40:02 PM - System Checkpoint
RP1355: 8/19/2011 8:53:41 PM - Software Distribution Service 3.0
RP1356: 8/24/2011 12:49:43 PM - System Checkpoint
RP1357: 8/25/2011 4:22:58 PM - System Checkpoint
RP1358: 8/26/2011 8:33:53 PM - System Checkpoint
RP1359: 8/28/2011 12:21:54 AM - System Checkpoint
RP1360: 8/29/2011 4:33:54 AM - System Checkpoint
RP1361: 8/30/2011 8:33:54 AM - System Checkpoint
RP1362: 8/31/2011 12:33:54 PM - System Checkpoint
RP1363: 9/1/2011 4:33:54 PM - System Checkpoint
RP1364: 9/2/2011 8:33:57 PM - System Checkpoint
RP1365: 9/4/2011 12:21:57 AM - System Checkpoint
RP1366: 9/5/2011 12:33:57 AM - System Checkpoint
.
==== Installed Programs ======================
.
.
Adobe Acrobat 4.0
Adobe Acrobat Distiller 6.0
Adobe Audition 1.5
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe PageMaker 6.5
Adobe PageMaker 7.0
Adobe Photoshop 5.5
Adobe Reader 7.0.9
Adobe Shockwave Player
Ai Suite
aiofw
aioprnt
aioscnnr
Amazon MP3 Downloader 1.0.10
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression 3.0
ArcSoft PhotoImpression 6
ArcSoft Print Creations
AsusUpdate
Audit Support Center 1.0
Bandlink
Bonjour
Business Mentor
C4USelfUpdater
Canon MP Navigator EX 3.0
Canon MP560 series MP Drivers
Canon MP560 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCScore
center
Compatibility Pack for the 2007 Office system
DAEMON Tools
Dropbox
EPSON C120 User's Guide
EPSON Printer Software
EPSON Web-To-Page
ESET Online Scanner v3
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSSONIC
ESSTOOLS
essvatgt
Evoluent Mouse Manager
Film Factory
Foxit Reader
Google Earth
GSAK 6.6.0 Build 50 (Final)
GSAK 7.6.1.27 (Final)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Format SDK (KB910998)
Hotfix for Windows XP (KB954550-v5)
InterVideo Launcher
InterVideo MediaOne Gallery
InterVideo WinDVD
iTunes
Java(TM) 6 Update 3
Java(TM) 6 Update 5
kgcbase
KODAK AiO Home Center
Kodak EasyShare software
ksDIP
LG USB Modem driver
LimeWire 4.18.2
Linksys Wireless Manager
Logitech Desktop Messenger
Logitech Print Service
Logitech QuickCam
Logitech® Camera Driver
Macromedia Flash Player
Malwarebytes' Anti-Malware version 1.51.1.1800
Marvell Miniport Driver
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money Plus
Microsoft Money Shared Libraries
Microsoft National Language Support Downlevel APIs
Microsoft Office FrontPage 2003
Microsoft Office OneNote 2003
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Small Business Accounting 2006
Microsoft Office Visio Professional 2003
Microsoft RichCopy 4.0
Microsoft Silverlight
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Motorola Driver Installation
Motorola USB Drivers
Mozilla Firefox (3.6.21)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser
Nero OEM
netbrdg
Norton Security Suite
NVIDIA Drivers
OfotoXMI
oggcodecs 0.71.0946
Palm Desktop
PaperPort 7.02
PC Inspector File Recovery
PC Probe II
PreReq
PrimoDVD (English)
Print Lab Series
Pure Networks Platform
QuickBooks Pro 2005
QuickTime
RealPlayer
Rhapsody Player Engine
SeaWorld Adventure Parks Tycoon 3D
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
SFR
SHASTA
skin0001
SKINXSDK
SmartMusic 2011
SmartMusic 2011a
Sony CD Architect 5.2
SoundMAX
staticcr
SureThing CD Labeler Deluxe 4
tooltips
Turbo Tax Audit Support Center 2.0
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax 2009 wtniper
TurboTax Home & Business 2007
USB Compound Device
V CAST Music
V CAST Music Essentials Manager
Virtual Cable Tester
VPRINTOL
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows XP Service Pack 3
WinRAR archiver
WIRELESS
Yahoo! Music Jukebox
.
==== Event Viewer Messages From Past Week ========
.
9/5/2011 8:54:23 AM, error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).
9/5/2011 8:54:17 AM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
9/5/2011 8:53:42 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
.
==== End Of File ===========================