Hey all, looks like I have the System Check virus. I have done the Malwarebytes scan, and avast, and it now looks like I have limited access (web browsing, etc) so I'm able to paste these logs. Thanx so much for all your help!
Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.09.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Mikey :: BLACK-ROCK [administrator]
Protection: Enabled
1/10/2012 1:18:45 AM
mbam-log-2012-01-10 (01-18-45).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 350064
Time elapsed: 6 hour(s), 26 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Privacy Protection (Rogue.PrvacyProtect) -> Data: C:\Documents and Settings\All Users\Application Data\privacy.exe -> Quarantined and deleted successfully.
Registry Data Items Detected: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowControlPanel (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRun (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoDesktop (PUM.Hidden.Desktop) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 21
C:\Documents and Settings\Mikey\My Documents\My Pictures\New Folder\Torrent Downloadz\ConvertXToDVD 3.1.3.40d\ConvertXToDVD 3.1.3.40d\keYgeN\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\Documents and Settings\Mikey\My Documents\My Pictures\New Folder\Torrent Downloadz\WinRAR Torrent\WinRAR 3.71 Corporate Edition.exe (Trojan.Dropper) -> No action taken.
C:\Documents and Settings\Mikey\My Documents\My Pictures\New Folder\Torrent Downloadz\Xingtone.Ringtone.Maker.v4.2.16-TE\Crack\XingtoneRingtoneMaker4x_GOLD_Crack_b3.exe (RiskWare.Tool.CK) -> No action taken.
C:\Documents and Settings\Mikey\My Documents\My Pictures\New Folder\Torrent Downloadz\quick time keygen\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\GAMES\iPhone\Sonic.The.Hedgehog.v1.0.iPhone.iPod.Touch-COREPDA\cr-son10\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
C:\GAMES\iPhone\The.Secret.Of.Monkey.Island.Special.Edition.v1.0.iPhone.iPod.Touch-COREPDA\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
C:\GAMES\On E Drive\Games\Empire Earth II\rld-ee2kg.exe (Trojan.Downloader) -> No action taken.
C:\GAMES\On E Drive\Games\Hitman - Codename 47\Hitman.Exe (Trojan.FakeAlert) -> No action taken.
C:\GAMES\On E Drive\Games\Hitman - Codename 47\BACKUP\Hitman.exe (Trojan.FakeAlert) -> No action taken.
C:\GAMES\On E Drive\Games\LucasArts\Star Wars Battlefront II\GameData\pztrain.exe (Malware.Gen) -> No action taken.
C:\GAMES\On E Drive\Games\LucasArts\Star Wars Battlefront II\TRAINERS\StarWarsBattlefront2PLUS9Trainer\pztrain.exe (Malware.Gen) -> No action taken.
C:\GAMES\On E Drive\Games\LucasArts\SWKotOR2\BACKUP\StarWarsKnightsOfTheOldRepublic2SithLordsPLUS18Trainer\agskttrn.exe (Malware.Packer.as) -> No action taken.
C:\GAMES\On E Drive\Games\Rockstar Games\GrandTheftAutoSanAndreasPLUS27Trainer\pztrain.exe (Malware.Gen) -> No action taken.
C:\Torrentz\Torrent Downloadz\ConvertXToDVD 3.1.3.40d\ConvertXToDVD 3.1.3.40d\keYgeN\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\Torrentz\Torrent Downloadz\WinRAR Torrent\WinRAR 3.71 Corporate Edition.exe (Trojan.Dropper) -> No action taken.
C:\Torrentz\Torrent Downloadz\Xingtone.Ringtone.Maker.v4.2.16-TE\Crack\XingtoneRingtoneMaker4x_GOLD_Crack_b3.exe (RiskWare.Tool.CK) -> No action taken.
C:\Torrentz\Torrent Downloadz\quick time keygen\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\Torrentz\Torrent Downloadz\Nero 8.3.2.1 + Keygen - HeartBug\Keygen\keygen.exe (Trojan.Agent) -> No action taken.
C:\Torrentz\WinRAR 4.01 + Keygen Forever\keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\System Volume Information\_restore{76FA9A9F-899F-444A-A40D-6C3EF9E95007}\RP167\A0037804.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{76FA9A9F-899F-444A-A40D-6C3EF9E95007}\RP167\A0037805.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-01-10 11:46:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD20EARS-07MVWB0 rev.51.0AB51
Running: l7jtmsjv.exe; Driver: C:\DOCUME~1\Mikey\LOCALS~1\Temp\ugryiaog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xA6EDABDA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xA6EDAA45]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA6F577A2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_27
Run by Mikey at 11:48:58 on 2012-01-10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2077 [GMT -8:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common
files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - c:\program
files\somototoolbar\vmntemplateX.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast
software\avast\aswWebRepIE.dll
BHO: Video Download Toolbar Intercept: {b29002a0-87a1-4dc4-ac55-5982034eb61e} -
c:\progra~1\videod~1\VIDEOD~1.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program
files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program
files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - c:\program
files\somototoolbar\vmntemplateX.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast
software\avast\aswWebRepIE.dll
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Google Update] "c:\documents and settings\mikey\local settings\application
data\google\update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dPolicies-explorer: NoDesktop = 1 (0x1)
dPolicies-system: DisableTaskMgr = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - c:\program
files\bonjour\ExplorerPlugin.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{D5C0433E-FD51-46E2-A801-BFB0C915C7C8} : DhcpNameServer = 192.168.1.254
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mikey\application
data\mozilla\firefox\profiles\wozqpz80.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - component: c:\documents and settings\mikey\application
data\mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com\components\PlayS
ushiFF.dll
FF - plugin: c:\documents and settings\mikey\local settings\application
data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\mikey\local settings\application
data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-9 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-1-9 314456]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-11-22
239168]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18
165648]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-1-9 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-1-9
44768]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-8
652872]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-8 20464]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-1-10 40776]
S1 MpKsl40c1afd9;MpKsl40c1afd9;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpksl40c1afd9.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKsl40c1afd9.sys [?]
S1 MpKsl472e53ba;MpKsl472e53ba;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpksl472e53ba.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKsl472e53ba.sys [?]
S1 MpKsl6a88b5d0;MpKsl6a88b5d0;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpksl6a88b5d0.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKsl6a88b5d0.sys [?]
S1 MpKsl71a10131;MpKsl71a10131;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpksl71a10131.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKsl71a10131.sys [?]
S1 MpKsl8accf6df;MpKsl8accf6df;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpksl8accf6df.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKsl8accf6df.sys [?]
S1 MpKslc4309008;MpKslc4309008;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpkslc4309008.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKslc4309008.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
UnknownUnknown mcpxrbar;mcpxrbar; [x]
.
=============== Created Last 30 ================
.
2012-01-10 19:47:52 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-10 19:00:54 56200 ----a-w- c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{9efcc7d4-9608-4754-b544-a9b791528f83}\offreg.dll
2012-01-10 08:35:52 6823496 ----a-w- c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{9efcc7d4-9608-4754-b544-a9b791528f83}\mpengine.dll
2012-01-09 21:06:27 -------- d-----w- c:\documents and settings\mikey\application
data\Malwarebytes
2012-01-09 08:33:46 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-09 08:33:23 41184 ----a-w- c:\windows\avastSS.scr
2012-01-09 08:33:06 -------- d-----w- c:\program files\AVAST Software
2012-01-09 08:33:06 -------- d-----w- c:\documents and settings\all users\application
data\AVAST Software
2012-01-09 07:43:24 -------- d-----w- c:\documents and settings\all users\application
data\Malwarebytes
2012-01-09 07:43:21 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-09 07:43:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-09 06:02:22 522766 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-01-02 06:13:03 548864 ---ha-w- c:\program files\mozilla firefox\msvcp80.dll
2012-01-02 06:13:03 479232 ---ha-w- c:\program files\mozilla firefox\msvcm80.dll
2012-01-02 06:13:03 43992 ---ha-w- c:\program files\mozilla firefox\mozutils.dll
2012-01-02 06:13:02 626688 ---ha-w- c:\program files\mozilla firefox\msvcr80.dll
2011-12-15 07:52:35 -------- d--h--w- c:\program files\Elder Scrolls III - Morrowind
2011-12-15 07:52:20 -------- d--h--w- c:\program files\Morrowind
2011-12-15 00:02:07 -------- d--h--w- c:\program files\Risk Factions
.
==================== Find3M ====================
.
2011-11-23 13:25:32 1859584 ---ha-w- c:\windows\system32\win32k.sys
2011-11-22 18:42:52 239168 ---ha-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-11-06 14:12:26 28 ---ha-w- c:\windows\system32\vfw_32.reg
2011-11-04 19:20:51 916992 ---ha-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ---ha-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ---h--w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ---ha-w- c:\windows\system32\html.iec
2011-11-01 16:07:10 1288704 ---ha-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ---ha-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ---ha-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ---ha-w- c:\windows\system32\ntkrnlpa.exe
2011-10-22 23:06:18 414368 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-18 11:13:22 186880 ---ha-w- c:\windows\system32\encdec.dll
.
============= FINISH: 11:50:49.79 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 9/23/2011 10:35:08 PM
System Uptime: 1/10/2012 11:00:16 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0GX297
Processor: Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz | Microprocessor | 1794/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 1863 GiB total, 801.006 GiB free.
D: is CDROM ()
I: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP64: 10/11/2011 12:50:23 PM - System Checkpoint
RP65: 10/12/2011 4:12:10 AM - Installed Jordy Video Downloader 1.03.
RP66: 10/13/2011 6:00:29 AM - System Checkpoint
RP67: 10/14/2011 3:00:17 AM - Software Distribution Service 3.0
RP68: 10/15/2011 3:52:08 AM - System Checkpoint
RP69: 10/15/2011 7:30:48 PM - Installed Adobe Reader X (10.1.1).
RP70: 10/16/2011 8:13:24 PM - System Checkpoint
RP71: 10/17/2011 8:33:17 PM - System Checkpoint
RP72: 10/18/2011 8:45:17 PM - System Checkpoint
RP73: 10/19/2011 9:33:17 PM - System Checkpoint
RP74: 10/21/2011 12:12:26 AM - System Checkpoint
RP75: 10/22/2011 7:12:45 AM - System Checkpoint
RP76: 10/23/2011 7:34:33 AM - System Checkpoint
RP77: 10/24/2011 3:00:16 AM - Software Distribution Service 3.0
RP78: 10/25/2011 4:10:44 AM - System Checkpoint
RP79: 10/26/2011 9:09:03 AM - System Checkpoint
RP80: 10/27/2011 10:06:17 PM - System Checkpoint
RP81: 10/28/2011 10:42:49 PM - System Checkpoint
RP82: 10/30/2011 5:19:12 AM - System Checkpoint
RP83: 10/31/2011 5:50:59 AM - System Checkpoint
RP84: 11/1/2011 5:59:43 AM - System Checkpoint
RP85: 11/2/2011 8:19:40 AM - System Checkpoint
RP86: 11/3/2011 8:33:39 AM - System Checkpoint
RP87: 11/4/2011 11:18:57 AM - System Checkpoint
RP88: 11/4/2011 10:41:55 PM - Installed Bonjour
RP89: 11/5/2011 9:51:01 PM - System Checkpoint
RP90: 11/6/2011 6:08:30 AM - Installed Xingtone Ringtone Maker
RP91: 11/7/2011 10:16:55 AM - System Checkpoint
RP92: 11/8/2011 1:55:41 PM - System Checkpoint
RP93: 11/9/2011 3:00:15 AM - Software Distribution Service 3.0
RP94: 11/10/2011 7:34:29 AM - System Checkpoint
RP95: 11/11/2011 7:57:41 AM - System Checkpoint
RP96: 11/11/2011 2:09:30 PM - Installed ISO Recorder
RP97: 11/12/2011 3:00:16 AM - Software Distribution Service 3.0
RP98: 11/13/2011 4:04:12 AM - System Checkpoint
RP99: 11/14/2011 4:34:55 AM - System Checkpoint
RP100: 11/15/2011 4:57:52 AM - System Checkpoint
RP101: 11/16/2011 5:08:08 AM - System Checkpoint
RP102: 11/17/2011 5:57:43 AM - System Checkpoint
RP103: 11/17/2011 6:17:58 PM - Removed Jordy Video Downloader 1.03.
RP104: 11/18/2011 6:26:56 PM - System Checkpoint
RP105: 11/19/2011 6:27:28 PM - System Checkpoint
RP106: 11/20/2011 9:22:18 PM - System Checkpoint
RP107: 11/21/2011 9:25:50 PM - System Checkpoint
RP108: 11/22/2011 10:52:09 AM - Installed DirectX
RP109: 11/23/2011 3:00:14 AM - Software Distribution Service 3.0
RP110: 11/24/2011 5:12:04 AM - System Checkpoint
RP111: 11/25/2011 5:39:51 AM - System Checkpoint
RP112: 11/25/2011 10:28:05 PM - Restore Operation
RP113: 11/27/2011 12:52:04 AM - System Checkpoint
RP114: 11/28/2011 5:08:55 AM - System Checkpoint
RP115: 11/29/2011 8:02:46 AM - System Checkpoint
RP116: 11/30/2011 2:07:23 PM - System Checkpoint
RP117: 11/30/2011 11:09:23 PM - Software Distribution Service 3.0
RP118: 11/30/2011 11:15:41 PM - Installed AVG 2012
RP119: 11/30/2011 11:17:02 PM - Installed AVG 2012
RP120: 12/2/2011 6:08:49 PM - Software Distribution Service 3.0
RP121: 12/4/2011 8:02:38 PM - Removed AVG 2012
RP122: 12/4/2011 8:06:44 PM - Removed AVG 2012
RP123: 12/5/2011 3:00:17 AM - Software Distribution Service 3.0
RP124: 12/5/2011 12:40:33 PM - Software Distribution Service 3.0
RP125: 12/6/2011 12:33:10 PM - Software Distribution Service 3.0
RP126: 12/7/2011 12:41:00 PM - Software Distribution Service 3.0
RP127: 12/8/2011 12:35:43 PM - Software Distribution Service 3.0
RP128: 12/9/2011 12:30:11 PM - Software Distribution Service 3.0
RP129: 12/10/2011 6:07:23 PM - Software Distribution Service 3.0
RP130: 12/11/2011 2:04:37 AM - Software Distribution Service 3.0
RP131: 12/12/2011 2:09:10 AM - System Checkpoint
RP132: 12/12/2011 9:11:14 AM - Software Distribution Service 3.0
RP133: 12/13/2011 9:10:22 AM - Software Distribution Service 3.0
RP134: 12/14/2011 9:11:29 AM - Software Distribution Service 3.0
RP135: 12/14/2011 11:52:47 PM - Installed Morrowind
RP136: 12/15/2011 12:20:30 AM - Installed Bloodmoon
RP137: 12/15/2011 12:36:20 AM - Installed Tribunal
RP138: 12/15/2011 3:00:16 AM - Software Distribution Service 3.0
RP139: 12/15/2011 12:26:47 PM - Software Distribution Service 3.0
RP140: 12/16/2011 12:08:49 PM - Software Distribution Service 3.0
RP141: 12/17/2011 12:08:50 PM - Software Distribution Service 3.0
RP142: 12/18/2011 1:43:12 AM - Software Distribution Service 3.0
RP143: 12/18/2011 12:08:50 PM - Software Distribution Service 3.0
RP144: 12/19/2011 12:08:47 PM - Software Distribution Service 3.0
RP145: 12/20/2011 12:08:48 PM - Software Distribution Service 3.0
RP146: 12/21/2011 12:08:49 PM - Software Distribution Service 3.0
RP147: 12/22/2011 12:08:56 PM - Software Distribution Service 3.0
RP148: 12/23/2011 12:08:50 PM - Software Distribution Service 3.0
RP149: 12/24/2011 12:40:52 PM - System Checkpoint
RP150: 12/25/2011 2:07:34 AM - Software Distribution Service 3.0
RP151: 12/25/2011 6:35:05 AM - Software Distribution Service 3.0
RP152: 12/26/2011 6:35:03 AM - Software Distribution Service 3.0
RP153: 12/27/2011 6:35:02 AM - Software Distribution Service 3.0
RP154: 12/28/2011 6:35:05 AM - Software Distribution Service 3.0
RP155: 12/29/2011 6:36:48 AM - Software Distribution Service 3.0
RP156: 12/30/2011 6:34:59 AM - Software Distribution Service 3.0
RP157: 12/31/2011 6:34:56 AM - Software Distribution Service 3.0
RP158: 1/1/2012 1:38:46 AM - Software Distribution Service 3.0
RP159: 1/1/2012 4:17:46 PM - Software Distribution Service 3.0
RP160: 1/2/2012 4:17:41 PM - Software Distribution Service 3.0
RP161: 1/3/2012 4:17:41 PM - Software Distribution Service 3.0
RP162: 1/4/2012 4:17:44 PM - Software Distribution Service 3.0
RP163: 1/5/2012 4:17:50 PM - Software Distribution Service 3.0
RP164: 1/6/2012 4:18:05 PM - Software Distribution Service 3.0
RP165: 1/7/2012 3:00:16 AM - Software Distribution Service 3.0
RP166: 1/8/2012 3:39:37 AM - System Checkpoint
RP167: 1/8/2012 5:43:26 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
µTorrent
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
avast! Free Antivirus
Bonjour
Broadcom Gigabit Integrated Controller
clrmamepro
DAEMON Tools Lite
Dell Resource CD
Google Chrome
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
ISO Recorder
iTunes
Java Auto Updater
Java(TM) 6 Update 27
K-Lite Codec Pack 7.7.0 (Standard)
Malwarebytes Anti-Malware version 1.60.0.1800
Metroid Other M Screensaver
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Web Platform Installer 3.0
Morrowind
Mozilla Firefox 9.0.1 (x86 en-US)
MP3 Splitter & Joiner 3.27
MP3 To Ringtone Gold 3.18
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
QuickTime
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
SoundMAX
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Video Download FileBulldog Toolbar
Video Download Toolbar 2.1.0.0
VLC media player 1.1.11
WBFS Manager 3.0
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows XP Service Pack 3
WinRAR 4.01 (32-bit)
Xingtone Ringtone Maker
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
1/9/2012, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc
with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
1/9/2012 12:33:35 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the
service MSIServer with arguments "" in order to run the server:
{000C101C-0000-0000-C000-000000000046}
1/8/2012 7:07:29 PM, information: Windows File Protection [64002] - File replacement was
attempted on the protected system file c:\windows\system32\spoolsv.exe. This file was restored
to the original version to maintain system stability. The file version of the system file is
5.1.2600.6024.
1/8/2012 2:12:16 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has
encountered an error trying to update signatures. New Signature Version:
Previous Signature Version: 1.117.2398.0 Update Source: Microsoft Update Server Update
Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update
Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine
Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem
occurred while checking for updates. For information on installing or troubleshooting updates,
see Help and Support.
1/8/2012 11:39:10 PM, error: Service Control Manager [7026] - The following boot-start or
system-start driver(s) failed to load: Fips intelppm MpFilter
1/8/2012 11:39:10 PM, error: Service Control Manager [7024] - The Workstation service
terminated with service-specific error 2250 (0x8CA).
1/8/2012 11:39:10 PM, error: Service Control Manager [7023] - The System Restore Service
service terminated with the following error: Access is denied.
1/8/2012 11:39:10 PM, error: Service Control Manager [7001] - The Computer Browser service
depends on the Workstation service which failed to start because of the following error: The
service has returned a service-specific error code.
1/8/2012 11:38:59 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the
service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
1/8/2012 11:38:31 PM, error: SRService [104] - The System Restore initialization process
failed.
1/8/2012 11:38:25 PM, error: Workstation [5727] - Could not load RDR device driver.
1/8/2012 10:58:17 PM, error: ipnathlp [32003] - The Network Address Translator (NAT) was
unable to request an operation of the kernel-mode translation module. This may indicate
misconfiguration, insufficient resources, or an internal error. The data is the error code.
1/8/2012 10:38:37 PM, error: Service Control Manager [7026] - The following boot-start or
system-start driver(s) failed to load: AFD Fips intelppm IPSec MpFilter NetBIOS NetBT RasAcd
Rdbss Tcpip
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper
service depends on the AFD service which failed to start because of the following error: A
device attached to the system is not functioning.
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The IPSEC Services service
depends on the IPSEC driver service which failed to start because of the following error: A
device attached to the system is not functioning.
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The DNS Client service depends
on the TCP/IP Protocol Driver service which failed to start because of the following error: A
device attached to the system is not functioning.
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The DHCP Client service depends
on the NetBios over Tcpip service which failed to start because of the following error: A
device attached to the system is not functioning.
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The Bonjour Service service
depends on the TCP/IP Protocol Driver service which failed to start because of the following
error: A device attached to the system is not functioning.
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The Apple Mobile Device service
depends on the TCP/IP Protocol Driver service which failed to start because of the following
error: A device attached to the system is not functioning.
1/7/2012 3:13:42 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during
DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS
lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
.
==== End Of File ===========================
My apologies if I forgot anything!
Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.09.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Mikey :: BLACK-ROCK [administrator]
Protection: Enabled
1/10/2012 1:18:45 AM
mbam-log-2012-01-10 (01-18-45).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 350064
Time elapsed: 6 hour(s), 26 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Privacy Protection (Rogue.PrvacyProtect) -> Data: C:\Documents and Settings\All Users\Application Data\privacy.exe -> Quarantined and deleted successfully.
Registry Data Items Detected: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowControlPanel (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRun (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoDesktop (PUM.Hidden.Desktop) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 21
C:\Documents and Settings\Mikey\My Documents\My Pictures\New Folder\Torrent Downloadz\ConvertXToDVD 3.1.3.40d\ConvertXToDVD 3.1.3.40d\keYgeN\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\Documents and Settings\Mikey\My Documents\My Pictures\New Folder\Torrent Downloadz\WinRAR Torrent\WinRAR 3.71 Corporate Edition.exe (Trojan.Dropper) -> No action taken.
C:\Documents and Settings\Mikey\My Documents\My Pictures\New Folder\Torrent Downloadz\Xingtone.Ringtone.Maker.v4.2.16-TE\Crack\XingtoneRingtoneMaker4x_GOLD_Crack_b3.exe (RiskWare.Tool.CK) -> No action taken.
C:\Documents and Settings\Mikey\My Documents\My Pictures\New Folder\Torrent Downloadz\quick time keygen\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\GAMES\iPhone\Sonic.The.Hedgehog.v1.0.iPhone.iPod.Touch-COREPDA\cr-son10\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
C:\GAMES\iPhone\The.Secret.Of.Monkey.Island.Special.Edition.v1.0.iPhone.iPod.Touch-COREPDA\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
C:\GAMES\On E Drive\Games\Empire Earth II\rld-ee2kg.exe (Trojan.Downloader) -> No action taken.
C:\GAMES\On E Drive\Games\Hitman - Codename 47\Hitman.Exe (Trojan.FakeAlert) -> No action taken.
C:\GAMES\On E Drive\Games\Hitman - Codename 47\BACKUP\Hitman.exe (Trojan.FakeAlert) -> No action taken.
C:\GAMES\On E Drive\Games\LucasArts\Star Wars Battlefront II\GameData\pztrain.exe (Malware.Gen) -> No action taken.
C:\GAMES\On E Drive\Games\LucasArts\Star Wars Battlefront II\TRAINERS\StarWarsBattlefront2PLUS9Trainer\pztrain.exe (Malware.Gen) -> No action taken.
C:\GAMES\On E Drive\Games\LucasArts\SWKotOR2\BACKUP\StarWarsKnightsOfTheOldRepublic2SithLordsPLUS18Trainer\agskttrn.exe (Malware.Packer.as) -> No action taken.
C:\GAMES\On E Drive\Games\Rockstar Games\GrandTheftAutoSanAndreasPLUS27Trainer\pztrain.exe (Malware.Gen) -> No action taken.
C:\Torrentz\Torrent Downloadz\ConvertXToDVD 3.1.3.40d\ConvertXToDVD 3.1.3.40d\keYgeN\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\Torrentz\Torrent Downloadz\WinRAR Torrent\WinRAR 3.71 Corporate Edition.exe (Trojan.Dropper) -> No action taken.
C:\Torrentz\Torrent Downloadz\Xingtone.Ringtone.Maker.v4.2.16-TE\Crack\XingtoneRingtoneMaker4x_GOLD_Crack_b3.exe (RiskWare.Tool.CK) -> No action taken.
C:\Torrentz\Torrent Downloadz\quick time keygen\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\Torrentz\Torrent Downloadz\Nero 8.3.2.1 + Keygen - HeartBug\Keygen\keygen.exe (Trojan.Agent) -> No action taken.
C:\Torrentz\WinRAR 4.01 + Keygen Forever\keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\System Volume Information\_restore{76FA9A9F-899F-444A-A40D-6C3EF9E95007}\RP167\A0037804.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{76FA9A9F-899F-444A-A40D-6C3EF9E95007}\RP167\A0037805.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-01-10 11:46:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD20EARS-07MVWB0 rev.51.0AB51
Running: l7jtmsjv.exe; Driver: C:\DOCUME~1\Mikey\LOCALS~1\Temp\ugryiaog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xA6EDABDA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xA6EDAA45]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA6F577A2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_27
Run by Mikey at 11:48:58 on 2012-01-10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2077 [GMT -8:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common
files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - c:\program
files\somototoolbar\vmntemplateX.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast
software\avast\aswWebRepIE.dll
BHO: Video Download Toolbar Intercept: {b29002a0-87a1-4dc4-ac55-5982034eb61e} -
c:\progra~1\videod~1\VIDEOD~1.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program
files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program
files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Somoto Toolbar: {652853ad-5592-4231-88c6-706613a52e61} - c:\program
files\somototoolbar\vmntemplateX.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast
software\avast\aswWebRepIE.dll
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Google Update] "c:\documents and settings\mikey\local settings\application
data\google\update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dPolicies-explorer: NoDesktop = 1 (0x1)
dPolicies-system: DisableTaskMgr = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - c:\program
files\bonjour\ExplorerPlugin.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{D5C0433E-FD51-46E2-A801-BFB0C915C7C8} : DhcpNameServer = 192.168.1.254
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mikey\application
data\mozilla\firefox\profiles\wozqpz80.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - component: c:\documents and settings\mikey\application
data\mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com\components\PlayS
ushiFF.dll
FF - plugin: c:\documents and settings\mikey\local settings\application
data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\mikey\local settings\application
data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-9 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-1-9 314456]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-11-22
239168]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18
165648]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-1-9 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-1-9
44768]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-8
652872]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-8 20464]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-1-10 40776]
S1 MpKsl40c1afd9;MpKsl40c1afd9;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpksl40c1afd9.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKsl40c1afd9.sys [?]
S1 MpKsl472e53ba;MpKsl472e53ba;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpksl472e53ba.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKsl472e53ba.sys [?]
S1 MpKsl6a88b5d0;MpKsl6a88b5d0;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpksl6a88b5d0.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKsl6a88b5d0.sys [?]
S1 MpKsl71a10131;MpKsl71a10131;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpksl71a10131.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKsl71a10131.sys [?]
S1 MpKsl8accf6df;MpKsl8accf6df;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpksl8accf6df.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKsl8accf6df.sys [?]
S1 MpKslc4309008;MpKslc4309008;\??\c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\mpkslc4309008.sys --> c:\documents and settings\all
users\application data\microsoft\microsoft antimalware\definition
updates\{00893bb8-6958-4a96-9c07-e8d0641b623a}\MpKslc4309008.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
UnknownUnknown mcpxrbar;mcpxrbar; [x]
.
=============== Created Last 30 ================
.
2012-01-10 19:47:52 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-10 19:00:54 56200 ----a-w- c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{9efcc7d4-9608-4754-b544-a9b791528f83}\offreg.dll
2012-01-10 08:35:52 6823496 ----a-w- c:\documents and settings\all users\application
data\microsoft\microsoft antimalware\definition
updates\{9efcc7d4-9608-4754-b544-a9b791528f83}\mpengine.dll
2012-01-09 21:06:27 -------- d-----w- c:\documents and settings\mikey\application
data\Malwarebytes
2012-01-09 08:33:46 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-09 08:33:23 41184 ----a-w- c:\windows\avastSS.scr
2012-01-09 08:33:06 -------- d-----w- c:\program files\AVAST Software
2012-01-09 08:33:06 -------- d-----w- c:\documents and settings\all users\application
data\AVAST Software
2012-01-09 07:43:24 -------- d-----w- c:\documents and settings\all users\application
data\Malwarebytes
2012-01-09 07:43:21 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-09 07:43:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-09 06:02:22 522766 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-01-02 06:13:03 548864 ---ha-w- c:\program files\mozilla firefox\msvcp80.dll
2012-01-02 06:13:03 479232 ---ha-w- c:\program files\mozilla firefox\msvcm80.dll
2012-01-02 06:13:03 43992 ---ha-w- c:\program files\mozilla firefox\mozutils.dll
2012-01-02 06:13:02 626688 ---ha-w- c:\program files\mozilla firefox\msvcr80.dll
2011-12-15 07:52:35 -------- d--h--w- c:\program files\Elder Scrolls III - Morrowind
2011-12-15 07:52:20 -------- d--h--w- c:\program files\Morrowind
2011-12-15 00:02:07 -------- d--h--w- c:\program files\Risk Factions
.
==================== Find3M ====================
.
2011-11-23 13:25:32 1859584 ---ha-w- c:\windows\system32\win32k.sys
2011-11-22 18:42:52 239168 ---ha-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-11-06 14:12:26 28 ---ha-w- c:\windows\system32\vfw_32.reg
2011-11-04 19:20:51 916992 ---ha-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ---ha-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ---h--w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ---ha-w- c:\windows\system32\html.iec
2011-11-01 16:07:10 1288704 ---ha-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ---ha-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ---ha-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ---ha-w- c:\windows\system32\ntkrnlpa.exe
2011-10-22 23:06:18 414368 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-18 11:13:22 186880 ---ha-w- c:\windows\system32\encdec.dll
.
============= FINISH: 11:50:49.79 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 9/23/2011 10:35:08 PM
System Uptime: 1/10/2012 11:00:16 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0GX297
Processor: Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz | Microprocessor | 1794/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 1863 GiB total, 801.006 GiB free.
D: is CDROM ()
I: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP64: 10/11/2011 12:50:23 PM - System Checkpoint
RP65: 10/12/2011 4:12:10 AM - Installed Jordy Video Downloader 1.03.
RP66: 10/13/2011 6:00:29 AM - System Checkpoint
RP67: 10/14/2011 3:00:17 AM - Software Distribution Service 3.0
RP68: 10/15/2011 3:52:08 AM - System Checkpoint
RP69: 10/15/2011 7:30:48 PM - Installed Adobe Reader X (10.1.1).
RP70: 10/16/2011 8:13:24 PM - System Checkpoint
RP71: 10/17/2011 8:33:17 PM - System Checkpoint
RP72: 10/18/2011 8:45:17 PM - System Checkpoint
RP73: 10/19/2011 9:33:17 PM - System Checkpoint
RP74: 10/21/2011 12:12:26 AM - System Checkpoint
RP75: 10/22/2011 7:12:45 AM - System Checkpoint
RP76: 10/23/2011 7:34:33 AM - System Checkpoint
RP77: 10/24/2011 3:00:16 AM - Software Distribution Service 3.0
RP78: 10/25/2011 4:10:44 AM - System Checkpoint
RP79: 10/26/2011 9:09:03 AM - System Checkpoint
RP80: 10/27/2011 10:06:17 PM - System Checkpoint
RP81: 10/28/2011 10:42:49 PM - System Checkpoint
RP82: 10/30/2011 5:19:12 AM - System Checkpoint
RP83: 10/31/2011 5:50:59 AM - System Checkpoint
RP84: 11/1/2011 5:59:43 AM - System Checkpoint
RP85: 11/2/2011 8:19:40 AM - System Checkpoint
RP86: 11/3/2011 8:33:39 AM - System Checkpoint
RP87: 11/4/2011 11:18:57 AM - System Checkpoint
RP88: 11/4/2011 10:41:55 PM - Installed Bonjour
RP89: 11/5/2011 9:51:01 PM - System Checkpoint
RP90: 11/6/2011 6:08:30 AM - Installed Xingtone Ringtone Maker
RP91: 11/7/2011 10:16:55 AM - System Checkpoint
RP92: 11/8/2011 1:55:41 PM - System Checkpoint
RP93: 11/9/2011 3:00:15 AM - Software Distribution Service 3.0
RP94: 11/10/2011 7:34:29 AM - System Checkpoint
RP95: 11/11/2011 7:57:41 AM - System Checkpoint
RP96: 11/11/2011 2:09:30 PM - Installed ISO Recorder
RP97: 11/12/2011 3:00:16 AM - Software Distribution Service 3.0
RP98: 11/13/2011 4:04:12 AM - System Checkpoint
RP99: 11/14/2011 4:34:55 AM - System Checkpoint
RP100: 11/15/2011 4:57:52 AM - System Checkpoint
RP101: 11/16/2011 5:08:08 AM - System Checkpoint
RP102: 11/17/2011 5:57:43 AM - System Checkpoint
RP103: 11/17/2011 6:17:58 PM - Removed Jordy Video Downloader 1.03.
RP104: 11/18/2011 6:26:56 PM - System Checkpoint
RP105: 11/19/2011 6:27:28 PM - System Checkpoint
RP106: 11/20/2011 9:22:18 PM - System Checkpoint
RP107: 11/21/2011 9:25:50 PM - System Checkpoint
RP108: 11/22/2011 10:52:09 AM - Installed DirectX
RP109: 11/23/2011 3:00:14 AM - Software Distribution Service 3.0
RP110: 11/24/2011 5:12:04 AM - System Checkpoint
RP111: 11/25/2011 5:39:51 AM - System Checkpoint
RP112: 11/25/2011 10:28:05 PM - Restore Operation
RP113: 11/27/2011 12:52:04 AM - System Checkpoint
RP114: 11/28/2011 5:08:55 AM - System Checkpoint
RP115: 11/29/2011 8:02:46 AM - System Checkpoint
RP116: 11/30/2011 2:07:23 PM - System Checkpoint
RP117: 11/30/2011 11:09:23 PM - Software Distribution Service 3.0
RP118: 11/30/2011 11:15:41 PM - Installed AVG 2012
RP119: 11/30/2011 11:17:02 PM - Installed AVG 2012
RP120: 12/2/2011 6:08:49 PM - Software Distribution Service 3.0
RP121: 12/4/2011 8:02:38 PM - Removed AVG 2012
RP122: 12/4/2011 8:06:44 PM - Removed AVG 2012
RP123: 12/5/2011 3:00:17 AM - Software Distribution Service 3.0
RP124: 12/5/2011 12:40:33 PM - Software Distribution Service 3.0
RP125: 12/6/2011 12:33:10 PM - Software Distribution Service 3.0
RP126: 12/7/2011 12:41:00 PM - Software Distribution Service 3.0
RP127: 12/8/2011 12:35:43 PM - Software Distribution Service 3.0
RP128: 12/9/2011 12:30:11 PM - Software Distribution Service 3.0
RP129: 12/10/2011 6:07:23 PM - Software Distribution Service 3.0
RP130: 12/11/2011 2:04:37 AM - Software Distribution Service 3.0
RP131: 12/12/2011 2:09:10 AM - System Checkpoint
RP132: 12/12/2011 9:11:14 AM - Software Distribution Service 3.0
RP133: 12/13/2011 9:10:22 AM - Software Distribution Service 3.0
RP134: 12/14/2011 9:11:29 AM - Software Distribution Service 3.0
RP135: 12/14/2011 11:52:47 PM - Installed Morrowind
RP136: 12/15/2011 12:20:30 AM - Installed Bloodmoon
RP137: 12/15/2011 12:36:20 AM - Installed Tribunal
RP138: 12/15/2011 3:00:16 AM - Software Distribution Service 3.0
RP139: 12/15/2011 12:26:47 PM - Software Distribution Service 3.0
RP140: 12/16/2011 12:08:49 PM - Software Distribution Service 3.0
RP141: 12/17/2011 12:08:50 PM - Software Distribution Service 3.0
RP142: 12/18/2011 1:43:12 AM - Software Distribution Service 3.0
RP143: 12/18/2011 12:08:50 PM - Software Distribution Service 3.0
RP144: 12/19/2011 12:08:47 PM - Software Distribution Service 3.0
RP145: 12/20/2011 12:08:48 PM - Software Distribution Service 3.0
RP146: 12/21/2011 12:08:49 PM - Software Distribution Service 3.0
RP147: 12/22/2011 12:08:56 PM - Software Distribution Service 3.0
RP148: 12/23/2011 12:08:50 PM - Software Distribution Service 3.0
RP149: 12/24/2011 12:40:52 PM - System Checkpoint
RP150: 12/25/2011 2:07:34 AM - Software Distribution Service 3.0
RP151: 12/25/2011 6:35:05 AM - Software Distribution Service 3.0
RP152: 12/26/2011 6:35:03 AM - Software Distribution Service 3.0
RP153: 12/27/2011 6:35:02 AM - Software Distribution Service 3.0
RP154: 12/28/2011 6:35:05 AM - Software Distribution Service 3.0
RP155: 12/29/2011 6:36:48 AM - Software Distribution Service 3.0
RP156: 12/30/2011 6:34:59 AM - Software Distribution Service 3.0
RP157: 12/31/2011 6:34:56 AM - Software Distribution Service 3.0
RP158: 1/1/2012 1:38:46 AM - Software Distribution Service 3.0
RP159: 1/1/2012 4:17:46 PM - Software Distribution Service 3.0
RP160: 1/2/2012 4:17:41 PM - Software Distribution Service 3.0
RP161: 1/3/2012 4:17:41 PM - Software Distribution Service 3.0
RP162: 1/4/2012 4:17:44 PM - Software Distribution Service 3.0
RP163: 1/5/2012 4:17:50 PM - Software Distribution Service 3.0
RP164: 1/6/2012 4:18:05 PM - Software Distribution Service 3.0
RP165: 1/7/2012 3:00:16 AM - Software Distribution Service 3.0
RP166: 1/8/2012 3:39:37 AM - System Checkpoint
RP167: 1/8/2012 5:43:26 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
µTorrent
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
avast! Free Antivirus
Bonjour
Broadcom Gigabit Integrated Controller
clrmamepro
DAEMON Tools Lite
Dell Resource CD
Google Chrome
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
ISO Recorder
iTunes
Java Auto Updater
Java(TM) 6 Update 27
K-Lite Codec Pack 7.7.0 (Standard)
Malwarebytes Anti-Malware version 1.60.0.1800
Metroid Other M Screensaver
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Web Platform Installer 3.0
Morrowind
Mozilla Firefox 9.0.1 (x86 en-US)
MP3 Splitter & Joiner 3.27
MP3 To Ringtone Gold 3.18
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
QuickTime
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
SoundMAX
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Video Download FileBulldog Toolbar
Video Download Toolbar 2.1.0.0
VLC media player 1.1.11
WBFS Manager 3.0
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows XP Service Pack 3
WinRAR 4.01 (32-bit)
Xingtone Ringtone Maker
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
1/9/2012, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc
with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
1/9/2012 12:33:35 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the
service MSIServer with arguments "" in order to run the server:
{000C101C-0000-0000-C000-000000000046}
1/8/2012 7:07:29 PM, information: Windows File Protection [64002] - File replacement was
attempted on the protected system file c:\windows\system32\spoolsv.exe. This file was restored
to the original version to maintain system stability. The file version of the system file is
5.1.2600.6024.
1/8/2012 2:12:16 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has
encountered an error trying to update signatures. New Signature Version:
Previous Signature Version: 1.117.2398.0 Update Source: Microsoft Update Server Update
Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update
Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine
Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem
occurred while checking for updates. For information on installing or troubleshooting updates,
see Help and Support.
1/8/2012 11:39:10 PM, error: Service Control Manager [7026] - The following boot-start or
system-start driver(s) failed to load: Fips intelppm MpFilter
1/8/2012 11:39:10 PM, error: Service Control Manager [7024] - The Workstation service
terminated with service-specific error 2250 (0x8CA).
1/8/2012 11:39:10 PM, error: Service Control Manager [7023] - The System Restore Service
service terminated with the following error: Access is denied.
1/8/2012 11:39:10 PM, error: Service Control Manager [7001] - The Computer Browser service
depends on the Workstation service which failed to start because of the following error: The
service has returned a service-specific error code.
1/8/2012 11:38:59 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the
service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
1/8/2012 11:38:31 PM, error: SRService [104] - The System Restore initialization process
failed.
1/8/2012 11:38:25 PM, error: Workstation [5727] - Could not load RDR device driver.
1/8/2012 10:58:17 PM, error: ipnathlp [32003] - The Network Address Translator (NAT) was
unable to request an operation of the kernel-mode translation module. This may indicate
misconfiguration, insufficient resources, or an internal error. The data is the error code.
1/8/2012 10:38:37 PM, error: Service Control Manager [7026] - The following boot-start or
system-start driver(s) failed to load: AFD Fips intelppm IPSec MpFilter NetBIOS NetBT RasAcd
Rdbss Tcpip
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper
service depends on the AFD service which failed to start because of the following error: A
device attached to the system is not functioning.
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The IPSEC Services service
depends on the IPSEC driver service which failed to start because of the following error: A
device attached to the system is not functioning.
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The DNS Client service depends
on the TCP/IP Protocol Driver service which failed to start because of the following error: A
device attached to the system is not functioning.
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The DHCP Client service depends
on the NetBios over Tcpip service which failed to start because of the following error: A
device attached to the system is not functioning.
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The Bonjour Service service
depends on the TCP/IP Protocol Driver service which failed to start because of the following
error: A device attached to the system is not functioning.
1/8/2012 10:38:37 PM, error: Service Control Manager [7001] - The Apple Mobile Device service
depends on the TCP/IP Protocol Driver service which failed to start because of the following
error: A device attached to the system is not functioning.
1/7/2012 3:13:42 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during
DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS
lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
.
==== End Of File ===========================
My apologies if I forgot anything!