TechSpot

Windows XP SP3 only boots in safe mode

Solved
By JJ Street
May 31, 2013
  1. Hello friends. Here we go with one of these issues. I'm helping a friend at work with an old Dell Optiplex that won't boot into normal mode, only safe mode. I ran Malwarebytes and DDS. Logs are below. Can you help me get this cleaned up for him?

    Thanks!

    JJ Street

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.05.31.06

    Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
    Internet Explorer 7.0.5730.11
    Administrator :: WS4 [administrator]

    5/31/2013 2:01:29 PM
    mbam-log-2013-05-31 (14-01-29).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 276060
    Time elapsed: 4 minute(s), 28 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
    DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
    Internet Explorer: 7.0.6000.17123 BrowserJavaVersion: 1.6.0_26
    Run by Administrator at 14:14:01 on 2013-05-31
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.765 [GMT -5:00]
    .
    .
    ============== Running Processes ================
    .
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uSearch Bar = hxxp://bfc.myway.com/search/de_srchlft.html
    uDefault_Page_URL = hxxp://www.dell4me.com/myway
    mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
    mDefault_Page_URL = hxxp://companyweb
    uURLSearchHooks: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - <orphaned>
    uURLSearchHooks: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - <orphaned>
    BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - <orphaned>
    BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
    BHO: {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - <orphaned>
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Desktop Calendar] c:\program files\desktop calendar\Desktop Calendar.exe
    uRunOnce: [blekkotb] reg.exe delete "HKCU\Software\AppDataLow\Software\blekkotb" /f
    uRunOnce: [blekkotb_XP] reg.exe delete "HKCU\Software\blekkotb" /f
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
    mRun: [kmw_run.exe] kmw_run.exe
    mRun: [MSWheel] <no file>
    mRunOnce: [lxcfUninstallerRan] <no file>
    StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\administrator\application data\dropbox\bin\Dropbox.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wna3100\WNA3100.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} - hxxp://svr1/ConnectComputer/nshelp.dll
    DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
    DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 129.59.1.7 129.59.2.7
    TCP: Interfaces\{A35C5A4A-EE59-44E6-A8C0-1B7743F8C54C} : DHCPNameServer = 129.59.1.7 129.59.2.7
    Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    Hosts: 17.250.248.77 idisk0.mac.com idisk1.mac.com idisk2.mac.com idisk3.mac.com idisk4.mac.com idisk5.mac.com idisk6.mac.com idisk7.mac.com idisk8.mac.com idisk9.mac.com idisk10.mac.com idisk11.mac.com idisk12.mac.com idisk13.mac.com idisk14.mac.com idisk15.mac.com idisk16.mac.com idisk17.mac.com idisk18.mac.com idisk19.mac.com idisk20.mac.com idisk21.mac.com idisk22.mac.com idisk23.mac.com idisk24.mac.com idisk25.mac.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R3 NgVpn;Aventail VPN Adapter;c:\windows\system32\drivers\NgVpn.sys [2005-10-21 67584]
    S1 mferkdk;VSCore mferkdk;\??\c:\program files\mcafee\virusscan enterprise\mferkdk.sys --> c:\program files\mcafee\virusscan enterprise\mferkdk.sys [?]
    S2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [2006-2-21 34916]
    S2 NgVpnMgr;Aventail VPN Client;c:\windows\system32\ngvpnmgr.exe [2005-10-21 307265]
    S2 WSWNA3100;WSWNA3100;c:\program files\netgear\wna3100\WifiSvc.exe [2012-3-7 285152]
    S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2012-3-7 642432]
    S3 NgFilter;Aventail VPN Filter;c:\windows\system32\drivers\ngfilter.sys [2005-10-21 15360]
    S3 NgLog;Aventail VPN Logging;c:\windows\system32\drivers\nglog.sys [2005-10-21 18432]
    S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2012-3-7 50704]
    .
    =============== Created Last 30 ================
    .
    2013-05-31 14:59:13 -------- d-----w- c:\program files\CCleaner
    2013-05-30 18:55:53 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
    2013-05-30 18:55:25 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-05-30 18:55:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    .
    ==================== Find3M ====================
    .
    2006-04-04 13:20:50 444840 -c--a-w- c:\program files\wpsetup.exe
    2006-03-30 15:34:15 25017695 -c--a-w- c:\program files\pb51r003.exe
    2006-02-21 15:27:13 44836016 -c--a-w- c:\program files\QW06BAS.exe
    .
    ============= FINISH: 14:14:11.73 ===============
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 2/16/2006 11:27:48 AM
    System Uptime: 5/31/2013 1:57:25 PM (1 hours ago)
    .
    Motherboard: Dell Inc. | | 0XG309
    Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 74 GiB total, 51.961 GiB free.
    D: is CDROM (CDFS)
    F: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP1438: 11/18/2012 8:54:05 AM - Software Distribution Service 3.0
    RP1439: 11/25/2012 10:32:30 AM - Software Distribution Service 3.0
    RP1440: 1/20/2013 9:34:37 AM - Software Distribution Service 3.0
    RP1441: 2/10/2013 9:39:47 AM - Software Distribution Service 3.0
    RP1442: 2/10/2013 10:06:41 AM - Software Distribution Service 3.0
    RP1443: 3/27/2013 6:07:30 PM - Software Distribution Service 3.0
    RP1444: 4/3/2013 6:06:22 PM - Software Distribution Service 3.0
    RP1445: 4/29/2013 5:13:38 PM - Software Distribution Service 3.0
    RP1446: 4/29/2013 5:32:40 PM - Removed Broadcom Advanced Control Suite
    RP1447: 4/29/2013 5:33:43 PM - Removed HP Photo and Imaging 2.0 - Deskjet Series
    RP1448: 4/29/2013 5:35:06 PM - Removed iTunes
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 8.1.4
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Aventail Connect
    CCleaner
    Compatibility Pack for the 2007 Office system
    Critical Update for Windows Media Player 11 (KB959772)
    DAO 3.5
    Desktop Calendar
    Dropbox
    Google Update Helper
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB2779562)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    hp deskjet 3600
    HP Memories Disc
    Intel(R) Graphics Media Accelerator Driver
    Internet Explorer Default Page
    J2SE Runtime Environment 5.0 Update 5
    J2SE Runtime Environment 5.0 Update 6
    Java 2 Runtime Environment, SE v1.4.2_03
    Java Auto Updater
    Java(TM) 6 Update 26
    Kensington MouseWorks
    Malwarebytes Anti-Malware version 1.75.0.1300
    MCU
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB2742597)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6.0 Parser (KB933579)
    NETGEAR WNA3100 wireless USB 2.0 adapter
    OGA Notifier 2.0.0048.0
    PowerDVD 5.5
    QuickTime
    RealPlayer
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB2183461)
    Security Update for Windows Internet Explorer 7 (KB2360131)
    Security Update for Windows Internet Explorer 7 (KB2416400)
    Security Update for Windows Internet Explorer 7 (KB2482017)
    Security Update for Windows Internet Explorer 7 (KB2497640)
    Security Update for Windows Internet Explorer 7 (KB2530548)
    Security Update for Windows Internet Explorer 7 (KB2544521)
    Security Update for Windows Internet Explorer 7 (KB2647516)
    Security Update for Windows Internet Explorer 7 (KB2675157)
    Security Update for Windows Internet Explorer 7 (KB2699988)
    Security Update for Windows Internet Explorer 7 (KB2722913)
    Security Update for Windows Internet Explorer 7 (KB2744842)
    Security Update for Windows Internet Explorer 7 (KB2761465)
    Security Update for Windows Internet Explorer 7 (KB2797052)
    Security Update for Windows Internet Explorer 7 (KB2799329)
    Security Update for Windows Internet Explorer 7 (KB2809289)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 7 (KB978207)
    Security Update for Windows Internet Explorer 7 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2491683)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2753842-v2)
    Security Update for Windows XP (KB2757638)
    Security Update for Windows XP (KB2758857)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB2770660)
    Security Update for Windows XP (KB2778344)
    Security Update for Windows XP (KB2779030)
    Security Update for Windows XP (KB2780091)
    Security Update for Windows XP (KB2799494)
    Security Update for Windows XP (KB2802968)
    Security Update for Windows XP (KB2807986)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Shadow Copy Client
    Time Zone Data Update Tool for Microsoft Office Outlook
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 7 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    WebFldrs XP
    Windows Easy Transfer for Windows 7
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    WinZip
    .
    ==== Event Viewer Messages From Past Week ========
    .
    5/31/2013 2:12:42 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    5/31/2013 1:59:25 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm
    5/30/2013 3:57:57 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
    5/30/2013 12:24:35 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    5/30/2013 12:24:07 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
    5/30/2013 12:24:07 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
    5/30/2013 12:24:07 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    5/30/2013 12:24:07 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    5/30/2013 12:24:07 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    5/30/2013 12:24:07 PM, error: Service Control Manager [7001] - The Canon Driver Information Assist Service service depends on the TCP/IP NetBIOS Helper service which failed to start because of the following error: The dependency service or group failed to start.
    5/30/2013 12:24:07 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    5/30/2013 1:55:35 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    5/30/2013 1:54:59 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    5/26/2013 9:22:40 AM, error: DCOM [10005] - DCOM got error "%123" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
    .
    ==== End Of File ===========================
     
  2. Broni

    Broni Malware Annihilator Posts: 47,594   +267

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ====================================

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.[/*]
    • Press Scan button.[/*]
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.[/*]
    • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.[/*]
     
  3. JJ Street

    JJ Street TS Rookie Topic Starter

    Hi Broni. Thanks for your help. The infected pc is at my office, so I'll jump on that Monday morning and post the results. Have a great weekend.

    JJ
     
  4. Broni

    Broni Malware Annihilator Posts: 47,594   +267

  5. JJ Street

    JJ Street TS Rookie Topic Starter

    Good morning. Here are the reports from FRST.

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-05-2013
    Ran by Administrator (administrator) on 03-06-2013 10:21:36
    Running from C:\Documents and Settings\Administrator\Desktop
    Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
    Internet Explorer Version 7
    Boot Mode: Safe Mode (minimal)

    ==================== Processes (Whitelisted) ===================

    (Microsoft Corporation) C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.)
    HKLM\...\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [53248 2005-02-23] (CyberLink Corp.)
    HKLM\...\Run: [kmw_run.exe] kmw_run.exe [x]
    HKLM\...\Run: [MSWheel] [x]
    HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [39792 2008-10-15] (Adobe Systems Incorporated)
    HKLM\...\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [198160 2009-09-10] (RealNetworks, Inc.)
    HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2011-04-08] (Sun Microsystems, Inc.)
    HKLM\...\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [49152 2003-06-25] (Hewlett-Packard)
    HKLM\...\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [233472 2003-10-23] (Hewlett-Packard Company)
    HKLM\...\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [176128 2003-09-01] (HP)
    HKLM\...\Runonce: [lxcfUninstallerRan] [x]
    HKLM\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
    HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
    HKLM\...\Winlogon: [System]
    Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
    HKCU\...\Run: [Desktop Calendar] C:\Program Files\Desktop Calendar\Desktop Calendar.exe [442368 2010-03-15] (Tinnes Software)
    HKCU\...\Runonce: [blekkotb] reg.exe delete "HKCU\Software\AppDataLow\Software\blekkotb" /f [x]
    HKCU\...\Runonce: [blekkotb_XP] reg.exe delete "HKCU\Software\blekkotb" /f [x]
    MountPoints2: D - D:\autorun.exe
    HKU\administrator.NETWORK\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [ 2010-11-29] (Apple Inc.)
    Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk
    ShortcutTarget: NETGEAR WNA3100 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    URLSearchHook: (No Name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - No File
    URLSearchHook: (No Name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File
    HKLM SearchScopes: DefaultScope {56256A51-B582-467e-B8D4-7786EDA79AE0} URL =
    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    HKCU SearchScopes: DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://blekko.com/?source=c3348dd4&...20422825A4D59A9AF1DA1AFE4E516&q={searchTerms}
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://blekko.com/?source=c3348dd4&...20422825A4D59A9AF1DA1AFE4E516&q={searchTerms}
    BHO: No Name - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll (RealPlayer)
    BHO: No Name - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No File
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
    Toolbar: HKLM - No Name - {BA52B914-B692-46c4-B683-905236F6F655} - No File
    PDF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    PDF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} http://svr1/ConnectComputer/nshelp.dll
    PDF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab
    PDF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    PDF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    PDF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
    PDF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    PDF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    PDF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    PDF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 129.59.1.7 129.59.2.7

    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\p63zvzd9.default
    FF NetworkProxy: "autoconfig_url", "antiochumc.net"
    FF NetworkProxy: "type", 2
    FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @real.com/nppl3260;version=6.0.12.448 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprjplug;version=1.0.3.448 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

    ========================== Services (Whitelisted) =================

    S2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [3889064 2010-08-04] (CANON INC.)
    S2 NgVpnMgr; C:\WINDOWS\system32\ngvpnmgr.exe [307265 2005-10-21] (Aventail Corporation)
    S2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()
    S2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

    ==================== Drivers (Whitelisted) ====================

    R1 AFS2K; C:\Windows\System32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
    S3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [132608 2005-04-01] (Broadcom Corporation)
    S3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh5.sys [642432 2009-11-06] (Broadcom Corporation)
    S3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [830684 2005-04-06] (Intel Corporation)
    R3 KMW_KBD; C:\Windows\System32\DRIVERS\KMW_KBD.sys [5248 2004-01-27] (Kensington Technology Group)
    S3 KMW_SYS; C:\Windows\System32\DRIVERS\KMW_SYS.sys [90752 2004-01-27] (Kensington Technology Group)
    S3 KMW_USB; C:\Windows\System32\DRIVERS\KMW_USB.sys [9984 2004-01-27] (Kensington Technology Group)
    S2 mrtRate; C:\Windows\System32\Drivers\mrtRate.sys [34916 1999-08-10] (Marimba, Inc.)
    S3 NgFilter; C:\Windows\System32\DRIVERS\ngfilter.sys [15360 2005-10-21] (Aventail Corporation)
    S3 NgLog; C:\Windows\System32\DRIVERS\nglog.sys [18432 2005-10-21] (Aventail Corporation)
    S3 NgVpn; C:\Windows\System32\DRIVERS\ngvpn.sys [67584 2005-10-21] (Aventail Corporation)
    S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
    S3 senfilt; C:\Windows\System32\drivers\senfilt.sys [732928 2004-09-17] (Creative Technology Ltd.)
    S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
    S4 Abiosdsk; No ImagePath
    S4 Atdisk; No ImagePath
    S1 Changer; No ImagePath
    S1 lbrtfdc; No ImagePath
    S1 mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys [x]
    S1 PCIDump; No ImagePath
    S3 PDCOMP; No ImagePath
    S3 PDFRAME; No ImagePath
    S3 PDRELI; No ImagePath
    S3 PDRFRAME; No ImagePath
    S4 Simbad; No ImagePath
    S3 WDICA; No ImagePath
    U1 WS2IFSL;

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-06-03 10:21 - 2013-06-03 10:21 - 00000000 ____D C:\FRST
    2013-05-31 14:14 - 2013-05-31 14:14 - 00022847 ____A C:\Documents and Settings\Administrator\Desktop\attach.txt
    2013-05-31 14:14 - 2013-05-31 14:14 - 00006920 ____A C:\Documents and Settings\Administrator\Desktop\dds.txt
    2013-05-31 14:07 - 2013-05-31 10:37 - 00688992 ____R (Swearware) C:\Documents and Settings\Administrator\Desktop\dds.scr
    2013-05-31 14:07 - 2013-05-31 10:34 - 01355557 ____A (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
    2013-05-31 14:07 - 2013-05-31 10:07 - 05076038 ____A (Swearware) C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
    2013-05-31 14:00 - 2013-05-31 14:00 - 11091432 ____A (Microsoft Corporation) C:\Documents and Settings\Administrator\Desktop\mseinstall.exe
    2013-05-31 14:00 - 2013-05-31 14:00 - 00001919 ____A C:\Windows\epplauncher.mif
    2013-05-31 10:06 - 2013-05-31 10:30 - 00002264 ____A C:\Windows\setupapi.log
    2013-05-31 10:03 - 2013-05-31 14:22 - 00002323 ____A C:\Windows\WindowsUpdate.log
    2013-05-31 10:03 - 2013-05-31 10:03 - 00000236 ____A C:\Windows\SchedLgU.Txt
    2013-05-31 10:02 - 2013-05-31 10:02 - 00237130 ____A C:\Documents and Settings\Administrator\My Documents\Registry Backup 130531.reg
    2013-05-31 09:59 - 2013-05-31 09:59 - 00000682 ____A C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
    2013-05-31 09:59 - 2013-05-31 09:59 - 00000000 ____D C:\Program Files\CCleaner
    2013-05-31 09:58 - 2013-05-31 09:32 - 04378864 ____A (Piriform Ltd) C:\Documents and Settings\Administrator\Desktop\ccsetup402.exe
    2013-05-30 13:55 - 2013-05-30 13:55 - 00000784 ____A C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    2013-05-30 13:55 - 2013-05-30 13:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
    2013-05-30 13:55 - 2013-05-30 13:55 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Malwarebytes
    2013-05-30 13:55 - 2013-05-30 13:53 - 10285040 ____A (Malwarebytes Corporation ) C:\Documents and Settings\Administrator\Desktop\mbam-setup-1.75.0.1300.exe
    2013-05-30 13:55 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

    ==================== One Month Modified Files and Folders ========

    2013-06-03 10:21 - 2013-06-03 10:21 - 00000000 ____D C:\FRST
    2013-06-03 10:20 - 2004-08-11 18:20 - 00000062 _ASHC C:\Documents and Settings\Administrator\Local Settings\desktop.ini
    2013-06-03 10:20 - 2004-08-11 18:20 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
    2013-06-03 10:20 - 2004-08-11 18:00 - 00002206 ____A C:\Windows\System32\wpa.dbl
    2013-05-31 14:22 - 2013-05-31 10:03 - 00002323 ____A C:\Windows\WindowsUpdate.log
    2013-05-31 14:22 - 2004-08-11 18:20 - 00000178 __SHC C:\Documents and Settings\Administrator\ntuser.ini
    2013-05-31 14:14 - 2013-05-31 14:14 - 00022847 ____A C:\Documents and Settings\Administrator\Desktop\attach.txt
    2013-05-31 14:14 - 2013-05-31 14:14 - 00006920 ____A C:\Documents and Settings\Administrator\Desktop\dds.txt
    2013-05-31 14:01 - 2004-08-11 18:07 - 00528976 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-05-31 14:00 - 2013-05-31 14:00 - 11091432 ____A (Microsoft Corporation) C:\Documents and Settings\Administrator\Desktop\mseinstall.exe
    2013-05-31 14:00 - 2013-05-31 14:00 - 00001919 ____A C:\Windows\epplauncher.mif
    2013-05-31 13:57 - 2006-02-17 12:39 - 00000000 __SHD C:\Windows\CSC
    2013-05-31 13:57 - 2004-08-11 18:20 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini
    2013-05-31 10:37 - 2013-05-31 14:07 - 00688992 ____R (Swearware) C:\Documents and Settings\Administrator\Desktop\dds.scr
    2013-05-31 10:34 - 2013-05-31 14:07 - 01355557 ____A (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
    2013-05-31 10:33 - 2004-08-11 18:21 - 00000000 ____D C:\Windows\Microsoft.NET
    2013-05-31 10:30 - 2013-05-31 10:06 - 00002264 ____A C:\Windows\setupapi.log
    2013-05-31 10:07 - 2013-05-31 14:07 - 05076038 ____A (Swearware) C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
    2013-05-31 10:03 - 2013-05-31 10:03 - 00000236 ____A C:\Windows\SchedLgU.Txt
    2013-05-31 10:03 - 2004-08-11 18:20 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-05-31 10:02 - 2013-05-31 10:02 - 00237130 ____A C:\Documents and Settings\Administrator\My Documents\Registry Backup 130531.reg
    2013-05-31 09:59 - 2013-05-31 09:59 - 00000682 ____A C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
    2013-05-31 09:59 - 2013-05-31 09:59 - 00000000 ____D C:\Program Files\CCleaner
    2013-05-31 09:32 - 2013-05-31 09:58 - 04378864 ____A (Piriform Ltd) C:\Documents and Settings\Administrator\Desktop\ccsetup402.exe
    2013-05-30 15:57 - 2008-09-10 11:24 - 00000000 __HDC C:\Windows\$NtUninstallKB938464_0$
    2013-05-30 13:55 - 2013-05-30 13:55 - 00000784 ____A C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    2013-05-30 13:55 - 2013-05-30 13:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
    2013-05-30 13:55 - 2013-05-30 13:55 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Malwarebytes
    2013-05-30 13:53 - 2013-05-30 13:55 - 10285040 ____A (Malwarebytes Corporation ) C:\Documents and Settings\Administrator\Desktop\mbam-setup-1.75.0.1300.exe
    2013-05-08 17:59 - 2010-02-05 10:12 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-05-08 17:58 - 2010-02-05 10:12 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== End Of Log ============================

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-05-2013
    Ran by Administrator at 2013-06-03 10:22:34 Run:
    Running from C:\Documents and Settings\Administrator\Desktop
    Boot Mode: Safe Mode (minimal)
    ==========================================================


    ==================== Installed Programs =======================

    Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
    Adobe Flash Player 10 Plugin (Version: 10.3.181.26)
    Adobe Reader 8.1.4 (Version: 8.1.4)
    Apple Application Support (Version: 1.4.1)
    Apple Mobile Device Support (Version: 3.3.1.3)
    Apple Software Update (Version: 2.1.2.120)
    Aventail Connect (Version: 8.60.255)
    CCleaner (Version: 4.02)
    Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
    Critical Update for Windows Media Player 11 (KB959772)
    DAO 3.5
    Desktop Calendar (Version: 0.44)
    Dropbox (Version: 1.6.18)
    Google Update Helper (Version: 1.3.21.135)
    hp deskjet 3600 (Version: 1.03.0000)
    HP Memories Disc (Version: 1.0.4.805)
    Intel(R) Graphics Media Accelerator Driver (Version: 6.14.10.4299)
    Internet Explorer Default Page (Version: 1.00.03)
    J2SE Runtime Environment 5.0 Update 5 (Version: 1.5.0.50)
    J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
    Java 2 Runtime Environment, SE v1.4.2_03 (Version: 1.4.2_03)
    Java Auto Updater (Version: 2.0.5.1)
    Java(TM) 6 Update 26 (Version: 6.0.260)
    Kensington MouseWorks
    Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
    MCU (Version: 1.00.0000)
    Microsoft .NET Framework 1.1 (Version: 1.1.4322)
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB2742597)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
    Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
    Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
    Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
    Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Silverlight (Version: 5.1.20125.0)
    Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
    MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
    MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
    MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
    MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
    MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
    NETGEAR WNA3100 wireless USB 2.0 adapter (Version: 1.01.206)
    OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
    PowerDVD 5.5
    QuickTime (Version: 7.69.80.9)
    RealPlayer
    Shadow Copy Client (Version: 5.2.01)
    Time Zone Data Update Tool for Microsoft Office Outlook (Version: 12.0.4518.1029)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
    Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
    Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
    Update for Windows XP (KB2141007) (Version: 1)
    Update for Windows XP (KB2345886) (Version: 1)
    Update for Windows XP (KB2467659) (Version: 1)
    Update for Windows XP (KB2541763) (Version: 1)
    Update for Windows XP (KB2641690) (Version: 1)
    Update for Windows XP (KB2661254-v2) (Version: 2)
    Update for Windows XP (KB2718704) (Version: 1)
    Update for Windows XP (KB2736233) (Version: 1)
    Update for Windows XP (KB2749655) (Version: 1)
    Update for Windows XP (KB951072-v2) (Version: 2)
    Update for Windows XP (KB951978) (Version: 1)
    Update for Windows XP (KB955759) (Version: 1)
    Update for Windows XP (KB955839) (Version: 1)
    Update for Windows XP (KB967715) (Version: 1)
    Update for Windows XP (KB968389) (Version: 1)
    Update for Windows XP (KB971029) (Version: 1)
    Update for Windows XP (KB971737) (Version: 1)
    Update for Windows XP (KB973687) (Version: 1)
    Update for Windows XP (KB973815) (Version: 1)
    WebFldrs XP (Version: 9.50.7523)
    Windows Easy Transfer for Windows 7
    Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
    Windows Internet Explorer 7 (Version: 20061027.150806)
    Windows Media Format 11 runtime
    Windows XP Service Pack 3 (Version: 20080414.031525)
    WinZip (Version: 10.0 (6685))

    ==================== Restore Points =========================

    18-11-2012 14:54:05 Software Distribution Service 3.0
    25-11-2012 16:32:30 Software Distribution Service 3.0
    20-01-2013 15:34:37 Software Distribution Service 3.0
    10-02-2013 15:39:47 Software Distribution Service 3.0
    10-02-2013 16:06:41 Software Distribution Service 3.0
    27-03-2013 23:07:30 Software Distribution Service 3.0
    03-04-2013 23:06:22 Software Distribution Service 3.0
    29-04-2013 22:13:38 Software Distribution Service 3.0
    29-04-2013 22:32:40 Removed Broadcom Advanced Control Suite
    29-04-2013 22:33:43 Removed HP Photo and Imaging 2.0 - Deskjet Series
    29-04-2013 22:35:06 Removed iTunes

    ==================== Hosts content: ==========================


    17.250.248.77 idisk0.mac.com idisk1.mac.com idisk2.mac.com idisk3.mac.com idisk4.mac.com idisk5.mac.com idisk6.mac.com idisk7.mac.com idisk8.mac.com idisk9.mac.com idisk10.mac.com idisk11.mac.com idisk12.mac.com idisk13.mac.com idisk14.mac.com idisk15.mac.com idisk16.mac.com idisk17.mac.com idisk18.mac.com idisk19.mac.com idisk20.mac.com idisk21.mac.com idisk22.mac.com idisk23.mac.com idisk24.mac.com idisk25.mac.com

    127.0.0.1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 www.10sek.com
    127.0.0.1 10sek.com

    There are 1000 more lines starting with "127.0.0.1"


    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/31/2013 02:00:31 PM) (Source: Microsoft Security Client Setup) (User: )
    Description: HRESULT:0x8004FF11
    Description:. 0x8004FF11.

    Error: (05/31/2013 10:30:31 AM) (Source: WmiAdapter) (User: BUILTIN)
    Description: Open of service failed.

    Error: (05/31/2013 10:09:41 AM) (Source: PerfNet) (User: )
    Description: Unable to open the Server service. Server performance data
    will not be returned. Error code returned is in data DWORD 0.

    Error: (05/08/2013 05:19:19 PM) (Source: Userenv) (User: NT AUTHORITY)
    Description: Windows cannot determine the associated site for this computer. (The RPC server is too busy to complete this operation. ). Group Policy processing aborted.

    Error: (05/08/2013 04:53:11 PM) (Source: .NET Runtime Optimization Service) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80004004.

    Error: (04/29/2013 09:05:09 PM) (Source: Userenv) (User: NT AUTHORITY)
    Description: Windows cannot determine the associated site for this computer. (The RPC server is too busy to complete this operation. ). Group Policy processing aborted.

    Error: (04/29/2013 07:29:20 PM) (Source: Userenv) (User: NT AUTHORITY)
    Description: Windows cannot determine the associated site for this computer. (The RPC server is too busy to complete this operation. ). Group Policy processing aborted.

    Error: (04/29/2013 06:42:37 PM) (Source: .NET Runtime Optimization Service) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80004004.

    Error: (04/21/2013 10:43:34 AM) (Source: WmiAdapter) (User: BUILTIN)
    Description: Open of service failed.

    Error: (04/21/2013 10:40:02 AM) (Source: WmiAdapter) (User: BUILTIN)
    Description: Open of service failed.


    System errors:
    =============
    Error: (06/03/2013 10:21:39 AM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    AFD
    Fips
    intelppm
    IPSec
    MRxSmb
    NetBIOS
    NetBT
    RasAcd
    Rdbss
    Tcpip

    Error: (06/03/2013 10:21:39 AM) (Source: Service Control Manager) (User: )
    Description: The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
    %%31

    Error: (06/03/2013 10:21:39 AM) (Source: Service Control Manager) (User: )
    Description: The Canon Driver Information Assist Service service depends on the TCP/IP NetBIOS Helper service which failed to start because of the following error:
    %%1068

    Error: (06/03/2013 10:21:39 AM) (Source: Service Control Manager) (User: )
    Description: The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
    %%31

    Error: (06/03/2013 10:21:39 AM) (Source: Service Control Manager) (User: )
    Description: The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
    %%31

    Error: (06/03/2013 10:21:39 AM) (Source: Service Control Manager) (User: )
    Description: The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
    %%31

    Error: (06/03/2013 10:21:39 AM) (Source: Service Control Manager) (User: )
    Description: The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:
    %%31

    Error: (06/03/2013 10:20:56 AM) (Source: DCOM) (User: WS4)
    Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
    in order to run the server:
    {BA126AE5-2166-11D1-B1D0-00805FC1270E}

    Error: (06/03/2013 10:20:49 AM) (Source: DCOM) (User: NT AUTHORITY)
    Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error: (05/31/2013 02:22:49 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}


    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Percentage of memory in use: 21%
    Total physical RAM: 1014.07 MB
    Available physical RAM: 793.88 MB
    Total Pagefile: 2444.48 MB
    Available Pagefile: 2366.93 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1962.77 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:74.46 GB) (Free:51.92 GB) NTFS ==>[Drive with boot components (Windows XP)]
    Drive d: (HPPP) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: 41AB2316)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=74 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  6. Broni

    Broni Malware Annihilator Posts: 47,594   +267

  7. JJ Street

    JJ Street TS Rookie Topic Starter

    I found one virus on my first sweep and thought there must be more dug in deeper. I'll switch gears to look at Windows. Thanks again for your help!

    JJ
     
  8. Broni

    Broni Malware Annihilator Posts: 47,594   +267

    Let me know...
     
  9. JJ Street

    JJ Street TS Rookie Topic Starter

    After a number of crashes and failures, I ran chkdsk and found some disk errors. That seems to have helped. I was able to boot normally and ran some sweeps to make sure it's clean. I'll let it simmer overnight and check again tomorrow. But barring another crash I think it's back up and running. Thanks Broni.
     
  10. Broni

    Broni Malware Annihilator Posts: 47,594   +267



Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.