Trojan horse help! AVG is detecting Trojan horse crypt.aqlw and win32/Sirefef.ER

Inactive
By twister141
Feb 28, 2012
Topic Status:
Not open for further replies.
  1. I saw a few posts about these error messages and was wondering if I could get some help with my computer too.

    I'm getting constant AVG Threat Detected alerts stating Infection: "Trojan Horse Crypt.AQLW" and Malware: "Win32/Sirefref.ER". I keep moving them to the virus vault but I'm getting like 15 a day now. All of them are "C:\windows\system32\(different letters each time).dll"

    I've also used Malwarebytes Anti-Malware in Safe Mode a couple of times, ran quick and normal scans, but this hasn't done anything to clear up the infection.

    Please help!

    Thank you,
    Stephanie
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    Welcome to TechSpot, Stephanie! I will attempt to help with the malware.

    The indication is as least one rootkit- which an be very difficult to remove. Let us check further to identify the extent of the malware: I am going to have you do some scans first before I refer you to the preliminary scans:

    To run the Eset Online Virus Scan:
    If you use Internet Explorer:
    1. Open the ESETOnlineScan
    2. Skip to #4 to "Continue with the directions"

      If you are using a browser other than Internet Explorer
    3. Open Eset Smart Installer
      [o] Click on the esetsmartinstaller_enu.exelink and save to the desktop.
      [o] Double click on the desktop icon to run.
      [o] After successful installation of the ESET Smart Installer, the ESET Online Scanner will be launched in a new Window
    4. Continue with the directions.
    5. Check 'Yes I accept terms of use.'
    6. Click Start button
    7. Accept any security warnings from your browser.
      [​IMG]
    8. Uncheck 'Remove found threats'
    9. Check 'Scan archives/
    10. Leave remaining settings as is.
    11. Press the Start button.
    12. ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    13. When the scan completes, press List of found threats
    14. Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    15. Push the Back button, then Finish
    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
    =======================================
    • Please download Malwarebytes' Anti-Malware from from HERE
    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to
      [o] Update Malwarebytes' Anti-Malware
      [o] and Launch Malwarebytes' Anti-Malware
    • then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform Quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. please attach this log with your reply
      Note: on opening Notepad, click on Format> make sure Word Wrap is unchecked.
      [o] If you accidentally close it, the log file is saved here and will be named like this:
      [o] C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    ========================
    I'd like you to run Combofix- but it won't run with AVG. You will need to temporarily uninstall AVG as follows:

    Download AppRemover and save to the desktop
    1. Double click the setup on the desktop> click Next
    2. Select “Remove Security Application”
    3. Let scan finish to determine security apps
    4. A screen like below will appear:
      [​IMG]
    5. Click on Next after choice has been made
    6. Check the AVG program you want to uninstall
    7. After uninstall shows complete, follow online prompts to Exit the program.

    Temporary AV: Use one:
    Microsoft Security Essentials
    Avast Free Version
    =============================
    Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    --------------------------------------
    Download Combofix from HERE or HERE and save to the desktop
    • Double click combofix.exe [​IMG]& follow the prompts.
    • If prompted for Recovery Console, please allow.
    • Once installed, you should see a blue screen prompt that says:
      • The Recovery Console was successfully installed.[/b]
      • Note: If Combofix was downloaded to a flash drive, the Recovery Console will not install- just bypass and go on.[/b]
      • Note: No query will be made if the Recovery Console is already on the system.
    • .Close/disable all anti virus and anti malware programs
      (If you need help with this, please see HERE)
    • .Close any open browsers.
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.
    Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    Note 2:If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart the computer.
    Note 3:CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    ======================================
    It is possible that the malware may prevent running some of these scans. Do as many of the 3 as you can. IF one is a problem, please let me know and I'll help with it.
    ============================================
    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
    ======================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time. I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me. Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't follow directions given to someone else
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.

    If I haven't replied back to you within 48 hours, you can send a PM with your thread link in it as a reminder. Do not include technical problems from your thread. Support is given only in the forum.
    Threads are closed after 5 days if there is no reply.
  3. twister141

    twister141 Newcomer, in training Topic Starter

    Thanks for helping me!

    The ESET online scanner log:
    C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\15\73204a0f-4a9624ed Java/Exploit.CVE-2011-3544.T trojan
    C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\25\236e16d9-7b23452e Java/Exploit.CVE-2011-3544.AG trojan
    C:\WINDOWS\system32\drivers\ipsec.sys Win32/Sirefef.DA trojan
    C:\WINDOWS\Temp\jar_cache3910684005835577682.tmp Java/TrojanDownloader.Agent.NDJ trojan
    C:\WINDOWS\Temp\jar_cache8437672994087386344.tmp Java/TrojanDownloader.Agent.NDJ trojan
    Operating memory multiple threats

    Malwarebytes:
    2012/02/28 00:37:05 -0500 SCOOPER Scoop DETECTION C:\WINDOWS\system32\{d31a0762-0ceb-444e-acff-b049a1f6fe91}.dll Trojan.Agent QUARANTINE
    2012/02/28 00:37:05 -0500 SCOOPER Scoop ERROR Quarantine failed: SDKQuarantine failed with error code 5
    2012/02/28 00:37:06 -0500 SCOOPER Scoop DETECTION C:\WINDOWS\system32\{d31a0762-0ceb-444e-acff-b049a1f6fe91}.dll Trojan.Agent DENY

    Seems like a lot has been discovered. If you need me to run more tests, please let me know.

    Thanks again.
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    What you left for the Eset scan is fine. But I want the full logs from other scans, including Malwarebytes> from the Header before the entries start down to the end.

    Did you run Combofix? If not please do so. If you did, please give me the log.
    ---------------------------------
    This is one of out preliminary scan I'd like you to run. It will return 2 logs:
    • Download DDS by sUBs and save it to your desktop.
      After downloading the tool, disconnect from the internet and disable all antivirus protection.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
    • Notepad will open with the results, click b]No[/b] to the Optional_Scan
    • When the DDS scan finishes,it will open two (2) logs.
      [o] DDS.txt
      [o] Attach.txt
    • Save both to your desktop.(The logs will disappear when you close them otherwise.)
    • Copy and paste both logs into your reply.
      [o] Ignore instruction to zip and attach the Attach.txt.
    Note1: If you get notice about script running and scan won't run, after the program has been downloaded, disconnect from the internet and disable the AV.
    Note2: See How To Disable AV
    Note3: Enable your A/V and reconnect to the internet when finished.
    =================================
    • Download the file TDSSKiller.zip and save to the desktop.
      (If you are unable to download the file for some reason, then TDSS may be blocking it. You would then need to download it first to a clean computer and then transfer it to the infected one using an external drive or USB flash drive.)
    • Right-click the tdsskiller.zip file> Select Extract All into a folder on the infected (or potentially infected) PC.
    • Double click on TDSSKiller.exe. to run the scan
    • When the scan is over, the utility outputs a list of detected objects with description.
      The utility automatically selects an action (Cure or Delete) for malicious objects.
      The utility prompts the user to select an action to apply to suspicious objects (Skip, by default).
    • Select the action Quarantine to quarantine detected objects.
      The default quarantine folder is in the system disk root folder, e.g.: C:\TDSSKiller_Quarantine\23.07.2010_15.31.43
    • After clicking Next, the utility applies selected actions and outputs the result.
    • A reboot is required after disinfection.
    =======================================
    Logs to leave in your next reply: Combofix, Malwarebytes, 2 from DDS TDSSKiller
  5. twister141

    twister141 Newcomer, in training Topic Starter

    Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.03.03.03

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 6.0.2900.5512
    Scoop :: SCOOPER [administrator]

    Protection: Enabled

    3/3/2012 2:10:40 AM
    mbam-log-2012-03-03 (02-10-40).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 205762
    Time elapsed: 7 minute(s), 45 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 10/10/2009 4:41:16 PM
    System Uptime: 3/3/2012 1:44:21 AM (1 hours ago)
    .
    Motherboard: Dell Inc. | | 0FF049
    Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz | Microprocessor | 1664/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 298 GiB total, 231.989 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Intel(R) PRO/Wireless 3945ABG Network Connection
    Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10208086&REV_02\4&360A6DE&0&00E1
    Manufacturer: Intel Corporation
    Name: Intel(R) PRO/Wireless 3945ABG Network Connection
    PNP Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10208086&REV_02\4&360A6DE&0&00E1
    Service: NETw4x32
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Broadcom 440x 10/100 Integrated Controller
    Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01CD1028&REV_02\4&2FE911E8&0&00F0
    Manufacturer: Broadcom
    Name: Broadcom 440x 10/100 Integrated Controller
    PNP Device ID: PCI\VEN_14E4&DEV_170C&SUBSYS_01CD1028&REV_02\4&2FE911E8&0&00F0
    Service: bcm4sbxp
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: 1394 Net Adapter
    Device ID: V1394\NIC1394\1F716521484FC000
    Manufacturer: Microsoft
    Name: 1394 Net Adapter
    PNP Device ID: V1394\NIC1394\1F716521484FC000
    Service: NIC1394
    .
    ==== System Restore Points ===================
    .
    RP438: 10/28/2011 9:54:37 PM - System Checkpoint
    RP439: 10/31/2011 10:32:08 PM - System Checkpoint
    RP440: 11/1/2011 10:58:17 PM - System Checkpoint
    RP441: 11/2/2011 11:36:48 PM - System Checkpoint
    RP442: 11/4/2011 12:18:50 AM - System Checkpoint
    RP443: 11/7/2011 12:08:29 PM - System Checkpoint
    RP444: 11/8/2011 12:36:05 PM - System Checkpoint
    RP445: 11/9/2011 1:19:53 PM - Software Distribution Service 3.0
    RP446: 11/10/2011 1:34:13 PM - System Checkpoint
    RP447: 11/11/2011 2:12:13 PM - Software Distribution Service 3.0
    RP448: 11/13/2011 1:37:16 AM - System Checkpoint
    RP449: 11/14/2011 2:29:10 PM - System Checkpoint
    RP450: 11/15/2011 11:04:52 PM - System Checkpoint
    RP451: 11/16/2011 11:53:17 PM - System Checkpoint
    RP452: 11/18/2011 12:01:16 AM - System Checkpoint
    RP453: 11/20/2011 1:07:20 AM - System Checkpoint
    RP454: 11/21/2011 1:31:20 AM - System Checkpoint
    RP455: 11/22/2011 2:29:35 PM - System Checkpoint
    RP456: 11/23/2011 11:39:25 PM - System Checkpoint
    RP457: 11/25/2011 7:57:11 PM - System Checkpoint
    RP458: 11/28/2011 8:38:02 PM - System Checkpoint
    RP459: 11/29/2011 9:19:35 PM - System Checkpoint
    RP460: 11/30/2011 9:45:21 PM - System Checkpoint
    RP461: 12/2/2011 1:32:49 AM - System Checkpoint
    RP462: 12/3/2011 3:37:42 AM - System Checkpoint
    RP463: 12/4/2011 8:33:48 PM - Restore Operation
    RP464: 12/6/2011 12:09:45 AM - System Checkpoint
    RP465: 12/7/2011 1:16:21 AM - System Checkpoint
    RP466: 12/8/2011 2:07:06 PM - System Checkpoint
    RP467: 12/9/2011 4:09:54 PM - System Checkpoint
    RP468: 12/10/2011 6:48:14 PM - System Checkpoint
    RP469: 12/11/2011 9:29:37 PM - System Checkpoint
    RP470: 12/13/2011 12:30:41 AM - System Checkpoint
    RP471: 12/14/2011 12:57:06 AM - System Checkpoint
    RP472: 12/15/2011 1:06:42 AM - System Checkpoint
    RP473: 12/15/2011 4:37:37 PM - Software Distribution Service 3.0
    RP474: 12/16/2011 7:33:27 PM - System Checkpoint
    RP475: 12/17/2011 7:48:17 PM - System Checkpoint
    RP476: 12/18/2011 9:08:05 PM - System Checkpoint
    RP477: 12/19/2011 10:57:31 PM - System Checkpoint
    RP478: 12/20/2011 11:15:14 PM - System Checkpoint
    RP479: 12/22/2011 2:05:01 PM - System Checkpoint
    RP480: 12/23/2011 5:02:39 PM - System Checkpoint
    RP481: 12/24/2011 5:26:24 PM - System Checkpoint
    RP482: 12/25/2011 5:43:25 PM - System Checkpoint
    RP483: 12/26/2011 8:19:42 PM - System Checkpoint
    RP484: 12/27/2011 9:10:32 PM - System Checkpoint
    RP485: 12/28/2011 10:46:05 PM - System Checkpoint
    RP486: 12/29/2011 11:00:50 PM - System Checkpoint
    RP487: 12/30/2011 11:43:19 PM - System Checkpoint
    RP488: 1/1/2012 12:37:16 AM - System Checkpoint
    RP489: 1/2/2012 4:23:48 PM - System Checkpoint
    RP490: 1/3/2012 7:14:31 PM - System Checkpoint
    RP491: 1/4/2012 7:33:13 PM - System Checkpoint
    RP492: 1/5/2012 8:09:40 PM - System Checkpoint
    RP493: 1/6/2012 11:10:03 PM - System Checkpoint
    RP494: 1/7/2012 11:36:18 PM - System Checkpoint
    RP495: 1/9/2012 2:32:49 PM - System Checkpoint
    RP496: 1/10/2012 6:02:59 PM - System Checkpoint
    RP497: 1/12/2012 1:35:59 PM - Software Distribution Service 3.0
    RP498: 1/13/2012 2:30:51 AM - Software Distribution Service 3.0
    RP499: 1/14/2012 2:37:38 AM - System Checkpoint
    RP500: 1/14/2012 3:00:14 AM - Software Distribution Service 3.0
    RP501: 1/15/2012 3:29:09 AM - System Checkpoint
    RP502: 1/16/2012 4:26:03 PM - System Checkpoint
    RP503: 1/17/2012 7:21:15 PM - System Checkpoint
    RP504: 1/18/2012 8:15:45 PM - System Checkpoint
    RP505: 1/19/2012 8:31:57 PM - System Checkpoint
    RP506: 1/21/2012 6:14:28 PM - System Checkpoint
    RP507: 1/22/2012 7:26:32 PM - System Checkpoint
    RP508: 1/23/2012 3:26:02 PM - Restore Operation
    RP509: 1/23/2012 3:30:32 PM - Restore Operation
    RP510: 1/23/2012 3:35:24 PM - Restore Operation
    RP511: 1/23/2012 3:43:20 PM - Restore Operation
    RP512: 1/24/2012 4:21:57 PM - System Checkpoint
    RP513: 1/25/2012 5:20:00 PM - System Checkpoint
    RP514: 2/1/2012 10:32:11 AM - Software Distribution Service 3.0
    RP515: 2/8/2012 2:13:52 AM - Installed HiJackThis
    RP516: 2/15/2012 3:00:23 AM - Software Distribution Service 3.0
    RP517: 2/16/2012 2:44:05 AM - Software Distribution Service 3.0
  6. twister141

    twister141 Newcomer, in training Topic Starter

    ==== Installed Programs ======================
    .
    µTorrent
    32 Bit HP CIO Components Installer
    7-Zip 9.20
    Adobe Flash Player 11 Plugin
    Adobe Flash Player ActiveX
    AIO_Scan
    Apple Application Support
    Ashampoo Burning Studio 10.0.4
    Ashampoo Burning Studio 6 FREE v.6.80
    AVG 2012
    AVI to DVD Converter
    Broadcom 440x 10/100 Integrated Controller
    CCleaner
    Conexant HDA D110 MDC V.92 Modem
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Dell Bluetooth Software
    Dell ResourceCD
    ESET Online Scanner v3
    FastStone Image Viewer 4.0
    Foxit PDF Editor
    Foxit Reader
    Freebie Notes
    High Definition Audio Driver Package - KB835221
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP Photosmart All-In-One Software 9.0
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) PROSet/Wireless Software
    J2SE Runtime Environment 5.0 Update 6
    Java(TM) 6 Update 16
    Magic Berry
    Malwarebytes Anti-Malware version 1.60.1.1000
    mCore
    mDriver
    mDrWiFi
    MediaMonkey 4.0
    mHlpDell
    Microsoft .NET Framework 1.0 Hotfix (KB2572066)
    Microsoft .NET Framework 1.0 Hotfix (KB953295)
    Microsoft .NET Framework 1.0 Hotfix (KB979904)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 14
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    mIWA
    mLogView
    mMHouse
    Mozilla Firefox 10.0.2 (x86 en-US)
    mPfMgr
    mPfWiz
    mProSafe
    mSCfg
    mSSO
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6.0 Parser
    Music Manager
    mWlsSafe
    mWMI
    mZConfig
    Otto
    PowerISO
    PS_AIO_Software_min
    QuickTime
    Scan
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
    Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
    Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2183461)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360131)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2416400)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2482017)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2497640)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2530548)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544521)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2559049)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2586448)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618444)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647516)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371-v2)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972260)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974455)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB976325)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982381)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    SigmaTel Audio
    Skype™ 5.0
    Sonic Encoders
    Spotify
    TomTom HOME 2.8.2.2264
    TomTom HOME Visual Studio Merge Modules
    Toolbox
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553092)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
    Update for Microsoft Outlook Social Connector (KB2583935)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2616676-v2)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update for Windows XP (KB978207)
    Update for Windows XP (KB980182)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    VLC media player 1.0.2
    WebFldrs XP
    Windows Driver Package - Ricoh Company Memorystick Host Controller (07/09/2005 1.00.01.12)
    Windows Driver Package - Ricoh Company MMC Host Controller (07/14/2005 1.00.00.06)
    Windows Driver Package - Ricoh Company xD-Picture Card/SmartMedia Host Controller (07/14/2005 1.00.02.04)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Media Format Runtime
    Windows Media Player Firefox Plugin
    Windows XP Media Center Edition 2005 KB2502898
    Windows XP Media Center Edition 2005 KB2619340
    Windows XP Media Center Edition 2005 KB2628259
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    WinRAR archiver
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/3/2012 2:18:12 AM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.100 with the system having network hardware address D8:B3:77:5E:8E:09. Network operations on this system may be disrupted as a result.
    3/3/2012 2:16:51 AM, error: Service Control Manager [7023] - The Zpsc service terminated with the following error: Access is denied.
    3/3/2012 2:01:50 AM, error: Service Control Manager [7023] - The Sisidex service terminated with the following error: Access is denied.
    3/3/2012 1:46:50 AM, error: Service Control Manager [7023] - The NetMsmqActivator service terminated with the following error: Access is denied.
    3/3/2012 1:46:21 AM, error: Service Control Manager [7023] - The Zpjava service terminated with the following error: The specified module could not be found.
    3/3/2012 1:46:21 AM, error: Service Control Manager [7023] - The Tvicport service terminated with the following error: The specified module could not be found.
    3/3/2012 1:46:21 AM, error: Service Control Manager [7023] - The Timounter service terminated with the following error: The specified module could not be found.
    3/3/2012 1:46:21 AM, error: Service Control Manager [7023] - The Smsmdd service terminated with the following error: The specified module could not be found.
    3/3/2012 1:46:21 AM, error: Service Control Manager [7023] - The Owstimer service terminated with the following error: The specified module could not be found.
    3/3/2012 1:46:21 AM, error: Service Control Manager [7023] - The Netrcacm service terminated with the following error: The specified module could not be found.
    3/3/2012 1:46:21 AM, error: Service Control Manager [7023] - The HssSrv service terminated with the following error: The specified module could not be found.
    3/3/2012 1:46:21 AM, error: Service Control Manager [7023] - The HSONYPVh service terminated with the following error: The specified module could not be found.
    3/3/2012 1:46:21 AM, error: Service Control Manager [7023] - The Dcstor32 service terminated with the following error: Access is denied.
    3/3/2012 1:46:21 AM, error: Service Control Manager [7023] - The Atimtag service terminated with the following error: The specified module could not be found.
    3/2/2012 12:45:48 AM, error: Service Control Manager [7023] - The Owstimer service terminated with the following error: Access is denied.
    3/2/2012 12:30:48 AM, error: Service Control Manager [7023] - The Zpjava service terminated with the following error: Access is denied.
    3/2/2012 12:15:48 AM, error: Service Control Manager [7023] - The Netrcacm service terminated with the following error: Access is denied.
    3/2/2012 12:00:49 AM, error: Service Control Manager [7023] - The HSONYPVh service terminated with the following error: Access is denied.
    3/2/2012 12:00:21 AM, error: Service Control Manager [7023] - The W300mdm service terminated with the following error: The specified module could not be found.
    3/2/2012 12:00:21 AM, error: Service Control Manager [7023] - The TPM service terminated with the following error: The specified module could not be found.
    3/2/2012 12:00:21 AM, error: Service Control Manager [7023] - The Oraclewebassistant service terminated with the following error: The specified module could not be found.
    3/2/2012 12:00:21 AM, error: Service Control Manager [7023] - The KLOGNT service terminated with the following error: The specified module could not be found.
    3/2/2012 12:00:21 AM, error: Service Control Manager [7023] - The GTSCSER service terminated with the following error: The specified module could not be found.
    3/2/2012 12:00:21 AM, error: Service Control Manager [7023] - The ELhid service terminated with the following error: The specified module could not be found.
    3/2/2012 12:00:21 AM, error: Service Control Manager [7023] - The Cdr4_xp service terminated with the following error: The specified module could not be found.
    3/2/2012 12:00:21 AM, error: Service Control Manager [7023] - The Cacheserver service terminated with the following error: The specified module could not be found.
    3/2/2012 12:00:21 AM, error: Service Control Manager [7023] - The Atimtag service terminated with the following error: Access is denied.
    3/2/2012 12:00:21 AM, error: Service Control Manager [7023] - The Asapiw2k service terminated with the following error: The specified module could not be found.
    3/2/2012 1:45:49 AM, error: Service Control Manager [7023] - The Tvicport service terminated with the following error: Access is denied.
    3/2/2012 1:30:49 AM, error: Service Control Manager [7023] - The Smsmdd service terminated with the following error: Access is denied.
    3/2/2012 1:15:48 AM, error: Service Control Manager [7023] - The HssSrv service terminated with the following error: Access is denied.
    3/2/2012 1:00:48 AM, error: Service Control Manager [7023] - The Timounter service terminated with the following error: Access is denied.
    3/1/2012 2:30:55 AM, error: Service Control Manager [7023] - The Asapiw2k service terminated with the following error: Access is denied.
    3/1/2012 2:15:54 AM, error: Service Control Manager [7023] - The ELhid service terminated with the following error: Access is denied.
    3/1/2012 2:00:53 AM, error: Service Control Manager [7023] - The Cdr4_xp service terminated with the following error: Access is denied.
    3/1/2012 12:45:53 AM, error: Service Control Manager [7023] - The Cacheserver service terminated with the following error: Access is denied.
    3/1/2012 12:45:25 AM, error: Service Control Manager [7023] - The W300mdm service terminated with the following error: Access is denied.
    3/1/2012 1:45:53 AM, error: Service Control Manager [7023] - The KLOGNT service terminated with the following error: Access is denied.
    3/1/2012 1:30:53 AM, error: Service Control Manager [7023] - The Oraclewebassistant service terminated with the following error: Access is denied.
    3/1/2012 1:15:53 AM, error: Service Control Manager [7023] - The GTSCSER service terminated with the following error: Access is denied.
    3/1/2012 1:00:53 AM, error: Service Control Manager [7023] - The TPM service terminated with the following error: Access is denied.
    2/29/2012 3:55:02 AM, error: Service Control Manager [7023] - The Cam5607 service terminated with the following error: Access is denied.
    2/29/2012 3:40:01 AM, error: Service Control Manager [7023] - The L6POD service terminated with the following error: Access is denied.
    2/29/2012 3:25:03 AM, error: Service Control Manager [7023] - The LVPrcMon service terminated with the following error: Access is denied.
    2/29/2012 3:10:02 AM, error: Service Control Manager [7023] - The Rp32service service terminated with the following error: Access is denied.
    2/29/2012 2:55:02 AM, error: Service Control Manager [7023] - The Pdlndint service terminated with the following error: Access is denied.
    2/29/2012 2:40:02 AM, error: Service Control Manager [7023] - The Cwafeventrouter service terminated with the following error: Access is denied.
    2/29/2012 2:24:58 AM, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: Access is denied.
    2/29/2012 2:09:57 AM, error: Service Control Manager [7023] - The Passthru service terminated with the following error: Access is denied.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The Ssdiagn service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The Rp32service service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The Pdlndint service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The Passthru service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The MREMP50 service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The LVPrcMon service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The Lemsgt service terminated with the following error: Access is denied.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The L6POD service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The Cwafeventrouter service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The Cmdmon service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The Cmdagent service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The Cam5607 service terminated with the following error: The specified module could not be found.
    2/29/2012 10:09:24 PM, error: Service Control Manager [7023] - The BASFND service terminated with the following error: The specified module could not be found.
    2/29/2012 1:54:55 AM, error: Service Control Manager [7023] - The SPLITCAM service terminated with the following error: Access is denied.
    2/29/2012 1:54:21 AM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.100 with the system having network hardware address FC:25:3F:61:46:EB. Network operations on this system may be disrupted as a result.
    2/29/2012 1:39:55 AM, error: Service Control Manager [7023] - The Cmdmon service terminated with the following error: Access is denied.
    2/29/2012 1:24:53 AM, error: Service Control Manager [7023] - The Cmdagent service terminated with the following error: Access is denied.
    2/29/2012 1:09:53 AM, error: Service Control Manager [7023] - The BASFND service terminated with the following error: Access is denied.
    2/29/2012 1:05:24 AM, error: Service Control Manager [7023] - The WUSB54Gv4SVC service terminated with the following error: The specified module could not be found.
    2/29/2012 1:05:24 AM, error: Service Control Manager [7023] - The Symproxysvc service terminated with the following error: The specified module could not be found.
    2/29/2012 1:05:24 AM, error: Service Control Manager [7023] - The Slabbus service terminated with the following error: The specified module could not be found.
    2/29/2012 1:05:24 AM, error: Service Control Manager [7023] - The Se2Cunic service terminated with the following error: The specified module could not be found.
    2/29/2012 1:05:24 AM, error: Service Control Manager [7023] - The Pdlndlpb service terminated with the following error: The specified module could not be found.
    2/29/2012 1:05:24 AM, error: Service Control Manager [7023] - The Inotask service terminated with the following error: The specified module could not be found.
    2/29/2012 1:05:24 AM, error: Service Control Manager [7023] - The Dashsvc service terminated with the following error: The specified module could not be found.
    2/29/2012 1:05:24 AM, error: Service Control Manager [7023] - The Bufserv service terminated with the following error: The specified module could not be found.
    2/29/2012 1:05:24 AM, error: Service Control Manager [7023] - The BsHelpCS service terminated with the following error: The specified module could not be found.
    2/29/2012 1:05:24 AM, error: Service Control Manager [7023] - The AN983 service terminated with the following error: Access is denied.
    2/28/2012 6:49:49 AM, error: Service Control Manager [7023] - The Qcdonner service terminated with the following error: Access is denied.
    2/28/2012 6:34:49 AM, error: Service Control Manager [7023] - The Cam5603C service terminated with the following error: Access is denied.
    2/28/2012 6:19:49 AM, error: Service Control Manager [7023] - The U81xmdm service terminated with the following error: Access is denied.
    2/28/2012 6:04:49 AM, error: Service Control Manager [7023] - The Roxmediadb service terminated with the following error: Access is denied.
    2/28/2012 5:49:49 AM, error: Service Control Manager [7023] - The Sfdrv01 service terminated with the following error: Access is denied.
    2/28/2012 5:49:46 PM, error: Service Control Manager [7023] - The WUSB54Gv4SVC service terminated with the following error: Access is denied.
    2/28/2012 5:34:52 PM, error: Service Control Manager [7023] - The Ssdiagn service terminated with the following error: Access is denied.
    2/28/2012 5:34:49 AM, error: Service Control Manager [7023] - The VX3000 service terminated with the following error: Access is denied.
    2/28/2012 5:32:21 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
    2/28/2012 5:29:39 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
    2/28/2012 5:19:49 AM, error: Service Control Manager [7023] - The Hidbatt service terminated with the following error: Access is denied.
    2/28/2012 5:19:48 PM, error: Service Control Manager [7023] - The Bufserv service terminated with the following error: Access is denied.
    2/28/2012 5:04:50 PM, error: Service Control Manager [7023] - The MREMP50 service terminated with the following error: Access is denied.
    2/28/2012 5:04:49 AM, error: Service Control Manager [7023] - The SndTDriverV32 service terminated with the following error: Access is denied.
    2/28/2012 4:49:49 AM, error: Service Control Manager [7023] - The Bgs_sdservice service terminated with the following error: Access is denied.
    2/28/2012 4:49:45 PM, error: Service Control Manager [7023] - The Se2Cunic service terminated with the following error: Access is denied.
    2/28/2012 4:34:49 AM, error: Service Control Manager [7023] - The EIO_XP service terminated with the following error: Access is denied.
    2/28/2012 4:34:47 PM, error: Service Control Manager [7023] - The Symproxysvc service terminated with the following error: Access is denied.
    2/28/2012 4:19:49 PM, error: Service Control Manager [7023] - The BsHelpCS service terminated with the following error: Access is denied.
    2/28/2012 4:19:49 AM, error: Service Control Manager [7023] - The LVVI500A service terminated with the following error: Access is denied.
    2/28/2012 4:04:49 AM, error: Service Control Manager [7023] - The Vpcvmm service terminated with the following error: Access is denied.
    2/28/2012 4:04:42 PM, error: Service Control Manager [7023] - The Pdlndlpb service terminated with the following error: Access is denied.
    2/28/2012 3:49:48 AM, error: Service Control Manager [7023] - The PNRPSvc service terminated with the following error: Access is denied.
    2/28/2012 3:49:42 PM, error: Service Control Manager [7023] - The Dashsvc service terminated with the following error: Access is denied.
    2/28/2012 3:34:49 AM, error: Service Control Manager [7023] - The Netdevio service terminated with the following error: Access is denied.
    2/28/2012 3:34:42 PM, error: Service Control Manager [7023] - The Inotask service terminated with the following error: Access is denied.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Vpcvmm service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Usbbus service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Uclauncherservice service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Tos_sps32 service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Tng-dts service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The TcUsb service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Svchost service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Ssm_mdfl service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Spkrmon service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Slabbus service terminated with the following error: Access is denied.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Siskp service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Sfdrv01 service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Servicemgr service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Sentinel service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The S616nd5 service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The RTHDMIAzAudService service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Roxmediadb service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Quickhealfirewall service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Qcdonner service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The PNRPSvc service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Nwdls service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Ndisipo service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Mqdmserd service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The MegaSR service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Ftpds service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Fasttraksvc service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Emu10k1 service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Dtsagntsvc service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The DNE service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The DCamUSBEMPIA service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The CX88ENC service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The C-dillacdac11ba service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Bgs_sdservice service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:12 PM, error: Service Control Manager [7023] - The Areschatserver service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Z800mdm service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Z800bus service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Wpsscannersvc service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Wpsdrvnt service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Wmp54gssvc service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The WmBEnum service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Winss service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Webrootenterpriseupdateservice service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Vxd service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The VX3000 service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Vpcbus service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Vmount2 service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Uim_IM service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The U81xmdm service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Sysaidagent service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The STV680 service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The SndTDriverV32 service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The S616mdfl service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Retinaengine service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Portio service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The P16X service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Oracleorahome92tnslistener service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The OEM02Dev service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Ntcharge service terminated with the following error: Access is denied.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Ngdbserv service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Netdevio service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The NEOFLTR_600_13319 service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Mssql$microsoftbcm service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Mindretrieve service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Mctaskmanager service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Mclogmanagerservice service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The LVVI500A service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Lvupdtio service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Iomdisk service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The IntelC51 service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Incdrm service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Hidbatt service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Epfwtdi service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The EIO_XP service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Digitizer service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Clcapsvc service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Cam5603C service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The Awhost32 service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The ASMMAP service terminated with the following error: The specified module could not be found.
    2/28/2012 3:34:11 PM, error: Service Control Manager [7023] - The 3dkeybd service terminated with the following error: The specified module could not be found.
    2/28/2012 3:19:48 AM, error: Service Control Manager [7023] - The Oracleorahome92tnslistener service terminated with the following error: Access is denied.
    2/28/2012 3:04:48 AM, error: Service Control Manager [7023] - The Areschatserver service terminated with the following error: Access is denied.
    2/28/2012 2:49:48 AM, error: Service Control Manager [7023] - The STV680 service terminated with the following error: Access is denied.
    2/28/2012 2:34:48 AM, error: Service Control Manager [7023] - The Awhost32 service terminated with the following error: Access is denied.
    2/28/2012 2:19:48 AM, error: Service Control Manager [7023] - The NEOFLTR_600_13319 service terminated with the following error: Access is denied.
    2/28/2012 2:04:48 AM, error: Service Control Manager [7023] - The Lvupdtio service terminated with the following error: Access is denied.
    2/28/2012 12:49:47 AM, error: Service Control Manager [7023] - The Sysaidagent service terminated with the following error: Access is denied.
    2/28/2012 12:37:06 AM, error: Service Control Manager [7023] - The Incdrm service terminated with the following error: The specified procedure could not be found.
    2/28/2012 1:49:47 AM, error: Service Control Manager [7023] - The MegaSR service terminated with the following error: Access is denied.
    2/28/2012 1:34:47 AM, error: Service Control Manager [7023] - The Tos_sps32 service terminated with the following error: Access is denied.
    2/28/2012 1:19:47 AM, error: Service Control Manager [7023] - The Retinaengine service terminated with the following error: Access is denied.
    2/28/2012 1:04:47 AM, error: Service Control Manager [7023] - The P16X service terminated with the following error: Access is denied.
    2/27/2012 9:49:46 PM, error: Service Control Manager [7023] - The Mclogmanagerservice service terminated with the following error: Access is denied.
    2/27/2012 9:34:46 PM, error: Service Control Manager [7023] - The Emu10k1 service terminated with the following error: Access is denied.
    2/27/2012 9:04:46 PM, error: Service Control Manager [7023] - The CX88ENC service terminated with the following error: Access is denied.
    2/27/2012 8:49:46 PM, error: Service Control Manager [7023] - The S616mdfl service terminated with the following error: Access is denied.
    2/27/2012 8:34:46 PM, error: Service Control Manager [7023] - The Tng-dts service terminated with the following error: Access is denied.
    2/27/2012 8:19:46 PM, error: Service Control Manager [7023] - The 3dkeybd service terminated with the following error: Access is denied.
    2/27/2012 8:04:46 PM, error: Service Control Manager [7023] - The Ssm_mdfl service terminated with the following error: Access is denied.
    2/27/2012 7:49:46 PM, error: Service Control Manager [7023] - The Spkrmon service terminated with the following error: Access is denied.
    2/27/2012 7:34:46 PM, error: Service Control Manager [7023] - The Portio service terminated with the following error: Access is denied.
    2/27/2012 7:19:46 PM, error: Service Control Manager [7023] - The Mssql$microsoftbcm service terminated with the following error: Access is denied.
    2/27/2012 7:04:46 PM, error: Service Control Manager [7023] - The DNE service terminated with the following error: Access is denied.
    2/27/2012 6:49:46 PM, error: Service Control Manager [7023] - The Ndisipo service terminated with the following error: Access is denied.
    2/27/2012 6:34:48 PM, error: Service Control Manager [7023] - The Vmount2 service terminated with the following error: Access is denied.
    2/27/2012 6:19:46 PM, error: Service Control Manager [7023] - The OEM02Dev service terminated with the following error: Access is denied.
    2/27/2012 6:04:46 PM, error: Service Control Manager [7023] - The Wpsscannersvc service terminated with the following error: Access is denied.
    2/27/2012 5:34:46 PM, error: Service Control Manager [7023] - The Mindretrieve service terminated with the following error: Access is denied.
    2/27/2012 5:19:46 PM, error: Service Control Manager [7023] - The Dtsagntsvc service terminated with the following error: Access is denied.
    2/27/2012 5:04:45 PM, error: Service Control Manager [7023] - The Clcapsvc service terminated with the following error: Access is denied.
    2/27/2012 4:49:45 PM, error: Service Control Manager [7023] - The Uclauncherservice service terminated with the following error: Access is denied.
    2/27/2012 4:49:17 PM, error: Service Control Manager [7023] - The Epfwtdi service terminated with the following error: Access is denied.
    2/27/2012 4:48:02 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    2/27/2012 10:19:47 PM, error: Service Control Manager [7023] - The C-dillacdac11ba service terminated with the following error: Access is denied.
    2/27/2012 10:04:47 PM, error: Service Control Manager [7023] - The IntelC51 service terminated with the following error: Access is denied.
    2/25/2012 6:35:30 PM, error: Service Control Manager [7023] - The Uim_IM service terminated with the following error: Access is denied.
    2/25/2012 6:20:30 PM, error: Service Control Manager [7023] - The Ftpds service terminated with the following error: Access is denied.
    2/25/2012 6:05:31 PM, error: Service Control Manager [7023] - The TcUsb service terminated with the following error: Access is denied.
    2/25/2012 5:50:30 PM, error: Service Control Manager [7023] - The Digitizer service terminated with the following error: Access is denied.
    2/25/2012 5:35:30 PM, error: Service Control Manager [7023] - The Z800bus service terminated with the following error: Access is denied.
    2/25/2012 5:20:30 PM, error: Service Control Manager [7023] - The RTHDMIAzAudService service terminated with the following error: Access is denied.
    2/25/2012 5:05:31 PM, error: Service Control Manager [7023] - The Ngdbserv service terminated with the following error: Access is denied.
    2/25/2012 5:05:04 PM, error: Service Control Manager [7023] - The Quickhealfirewall service terminated with the following error: Access is denied.
    .
  7. twister141

    twister141 Newcomer, in training Topic Starter

    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_16
    Run by Scoop at 2:22:52 on 2012-03-03
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.940 [GMT -5:00]
    .
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\AVG\AVG2012\avgemcx.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\Scoop\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\BSPlayer\Webteh\BSplayerPro\bsplayer.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\WINDOWS\notepad.exe
    .
  8. twister141

    twister141 Newcomer, in training Topic Starter

    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\scoop\application data\mozilla\firefox\profiles\savzx878.default\
    FF - prefs.js: browser.startup.homepage - google.com
    FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
    FF - plugin: c:\documents and settings\scoop\local settings\application data\google\update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-9 295248]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-24 652360]
    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134608]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 16720]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-24 20464]
    S?4 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
    S2 avgio;HssSrv;c:\windows\system32\svchost.exe -k netsvcs [2004-8-10 14336]
    S2 avgtdi;Oraclewebassistant;c:\windows\system32\svchost.exe -k netsvcs [2004-8-10 14336]
    S2 aw_host;WmBEnum;c:\windows\system32\svchost.exe -k netsvcs [2004-8-10 14336]
    S2 cpuz132;Uim_IM;c:\windows\system32\svchost.exe -k netsvcs [2004-8-10 14336]
    S2 DMUSBUSBDCam;3dkeybd;c:\windows\system32\svchost.exe -k netsvcs [2004-8-10 14336]
    S2 KMService;KMService;c:\windows\system32\srvany.exe [2011-9-21 8192]
    S2 LMIRfsDriver;Cdr4_xp;c:\windows\system32\svchost.exe -k netsvcs [2004-8-10 14336]
    S2 mcafeeantispyware;Cmdagent;c:\windows\system32\svchost.exe -k netsvcs [2004-8-10 14336]
    S2 ZDCNDIS5;Lemsgt;c:\windows\system32\svchost.exe -k netsvcs [2004-8-10 14336]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S3 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]
    .
    =============== Created Last 30 ================
    .
    2012-02-28 21:39:49 -------- d-----w- c:\program files\ESET
    2012-02-15 18:53:30 -------- d-----w- c:\documents and settings\scoop\local settings\application data\Programs
    2012-02-15 18:53:01 -------- d-----w- c:\documents and settings\scoop\local settings\application data\Google
    2012-02-15 01:04:16 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
    2012-02-15 01:04:16 3072 ------w- c:\windows\system32\iacenc.dll
    2012-02-08 07:13:54 388096 ----a-r- c:\documents and settings\scoop\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2012-02-08 07:13:53 -------- d-----w- c:\program files\Trend Micro
    2012-02-06 07:54:02 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
    .
    ==================== Find3M ====================
    .
    2012-01-12 16:53:24 1859968 ----a-w- c:\windows\system32\win32k.sys
    2011-12-19 08:53:33 667136 ----a-w- c:\windows\system32\wininet.dll
    2011-12-19 08:53:33 61952 ----a-w- c:\windows\system32\tdc.ocx
    2011-12-19 08:53:32 81920 ----a-w- c:\windows\system32\ieencode.dll
    2011-12-16 13:16:31 369664 ----a-w- c:\windows\system32\html.iec
    2011-12-10 20:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-07-19 22:21:36 19495102 ----a-w- c:\program files\vlc-1.1.0-win32.exe
    .
    ============= FINISH: 2:24:06.50 ===============
  9. twister141

    twister141 Newcomer, in training Topic Starter

    I successfully ran Combofix but unable to connect to the internet. I've restarted multiple of times and tried ipconfig renew and flushdns but still nothing. It keeps saying an internal error occured: the request is not supported. Can you think of how i can get the internet back?
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    Looking at the errors> I see these reasons for almost nothing working on the system:
    1. Access is denied
    2. The specified module could not be found.
    But please stop trying to fix this on your own if you want me to help you.
    ----------------------------
    1. Is this your work computer?.
    2. There is conflicting security:
      [o]Quick Heal Firewall Service> Module missing
      [o]Symproxysvc service
    3. There is a problem with the TOSHIBA ... Hardware Compatibility
    The number of errors and the processes that don't work are not from an average home computer and although I have work with this rootkit quite a lot, I have not seen so much shut down and am not familiar with many of the processes that aren't working
    -------------------------
    At this point, I don't know if his system can be fixed. It has a ZeroAccess rootkit infection-at least. And it is curious that the rerun of Mbam came up clean, considering that the attempt to fix the original entries failed.
    ----------------------------------------
    One of the many services that failed is:Areschatserver service terminated with the following error: The specified module could not be found.
    Put the Combofix log on a flash drive and use a clean computer to send it.
    ===============================
    The following also needs to be run on the infected computer:
    Please run the MGA Diagnostics tool
    • You will be prompted to either “Run” or “Save” the tool. Choose to “Run” the tool and follow the on-screen prompts.
    • You will receive an Internet Explorer-Security Warning dialog box for the Windows Genuine Advantage Diagnostic Tool>
    • You must choose to Run this tool when prompted.
    • Once you are presented with the Diagnostics tool choose Continue to run the diagnostic report.
    • If the RESOLVE button is available after running the diagnostics, please click RESOLVE to allow the diagnostic tool to attempt a repair.
    • After running the MGA Diagnostic tool, click on the Windows tab and then click on Copy
    • Please return to this thread and Paste the results here for review.
    ------------------------------------------
    This tool will is to look on the computer itself, in the documentation you received with the computer or with your retail purchase of Windows to see if you have a Certificate of Authenticity (COA). If you have one, tell us about the COA. Tell us:

    1. What edition of Windows XP is it for, Home, Pro, or Media Center, or another version of Windows?
    2. Does it read "OEM Software" or "OEM Product" in black lettering?
    3. Or, does it have the computer manufacturer's name in black lettering?
    4. DO NOT post the Product Key.

    NOTE: The data collected with the Genuine Diagnostics Tool does NOT contain any information that can personally identify you and can be fully reviewed, by you, before being posted.
    ===============================

    I need some kind of description about what you do with the system. Is it yours? Are you the Administrator?
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.