AArrowwood
Posts: 24 +0
My laptop has incrementally gotten worse with various issues. At some point, it was having severe pop-up issues and disabling iexplorer and switching to firefox stopped most. Blue screens became common a couple years ago - hard restarts made it so things worked again. In the last year, I had an issue with explorer.exe not working and a fix I found by renaming it to explorer1.exe in the windows directory and in regedit solved that particular problem. This last week, I was having more issues with not being able to open files (it wanted to use onenote) and found this 4-step malware removal. I ran mbam and it took away explorer1.exe and now I have no start menu and desktop. It took a while, but I finally found the right program to get internet working again and so here's my mbam and ddt logs:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 8/27/2014
Scan Time: 1:12:12 PM
Logfile: mbam-log_082714-1312.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.08.27.05
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Annika Arrowwood
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 368430
Time Elapsed: 2 hr, 12 min, 38 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 4
Spyware.Zbot.VXGen, C:\WINDOWS\system32\ymvekok.exe, 2068, Delete-on-Reboot, [048d6d5ee09b1b1bedabe98d7c8540c0]
Trojan.Zbot, C:\WINDOWS\system32\qoubifip.exe, 2856, Delete-on-Reboot, [c3cef3d84c2f92a4291b46612dd42fd1]
Trojan.Agent.ED, C:\WINDOWS\system32\fyilc.exe, 2920, Delete-on-Reboot, [f49dd1fae79494a28dbfca77ec14ec14]
Trojan.Agent, C:\WINDOWS\explorer1.exe, 1028, Delete-on-Reboot, [c7ca85464239db5b8d5ffc7f4db6a25e]
Modules: 0
(No malicious items detected)
Registry Keys: 10
Spyware.Zbot.VXGen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SecurityCenterServer1440202716, Quarantined, [048d6d5ee09b1b1bedabe98d7c8540c0],
Trojan.Zbot, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SecurityCenterServer1475603368, Quarantined, [c3cef3d84c2f92a4291b46612dd42fd1],
Trojan.Agent.ED, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SecurityCenterServer1614020457, Quarantined, [f49dd1fae79494a28dbfca77ec14ec14],
Trojan.Agent.ED, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SecurityCenterServer122944234, Quarantined, [2170c902e398a59191bb52ef2fd1837d],
PUP.Optional.WeCare.A, HKLM\SOFTWARE\CLASSES\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [fb96d5f6b9c22a0c43ba9b114db5748c],
PUP.Optional.WeCare.A, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [fb96d5f6b9c22a0c43ba9b114db5748c],
PUP.Optional.WeCare.A, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [fb96d5f6b9c22a0c43ba9b114db5748c],
PUP.Optional.WeCare, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wecarereminder, Quarantined, [6d24a526047759dd754ef5fab64c1ee2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, Quarantined, [6130ca010477a98d3be6bb7610f4ca36],
Adware.GamePlayLab, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, Quarantined, [6d24ae1daad1cd69e0f206e119ea1ae6],
Registry Values: 5
Trojan.Agent.ED, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Efdeigqahyirnot, "C:\Documents and Settings\Annika Arrowwood\Application Data\Wycufaqo\afaci.exe", Quarantined, [b9d813b81665a98d2e1e2f12a45c3cc4]
Trojan.Zbot, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Mosiibcoaxyt, "C:\Documents and Settings\Annika Arrowwood\Application Data\Soygef\viany.exe", Quarantined, [f39e765566157cba5aea0e99936e6d93]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, a48ca20460fb2e93afab5370e31de429, Quarantined, [6130ca010477a98d3be6bb7610f4ca36]
Adware.GamePlayLab, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|215AppVerifier, 25b1a63d049673dda20d1a6066e3dbea, Quarantined, [6d24ae1daad1cd69e0f206e119ea1ae6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\NEW WINDOWS\ALLOW|*.crossrider.com, CrossriderApp0004639, Quarantined, [177a725979029b9be387163b8f75cc34]
Registry Data: 2
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Shell, explorer1.exe, Good: (), Bad: (explorer1.exe),Replaced,[c7ca85464239db5b8d5ffc7f4db6a25e]
Hijack.SearchPage, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://www.mirarsearch.com/?useie5=1&q=, Good: (http://www.google.com), Bad: (http://www.mirarsearch.com/?useie5=1&q=),Replaced,[e9a89437a1da77bfb411fce1d4300000]
Folders: 0
(No malicious items detected)
Files: 41
Spyware.Zbot.VXGen, C:\WINDOWS\system32\ymvekok.exe, Delete-on-Reboot, [048d6d5ee09b1b1bedabe98d7c8540c0],
Trojan.Zbot, C:\WINDOWS\system32\qoubifip.exe, Delete-on-Reboot, [c3cef3d84c2f92a4291b46612dd42fd1],
Trojan.Agent.ED, C:\WINDOWS\system32\fyilc.exe, Delete-on-Reboot, [f49dd1fae79494a28dbfca77ec14ec14],
Trojan.Agent.ED, C:\Documents and Settings\Annika Arrowwood\Application Data\Wycufaqo\afaci.exe, Quarantined, [b9d813b81665a98d2e1e2f12a45c3cc4],
Trojan.Zbot, C:\Documents and Settings\Annika Arrowwood\Application Data\Soygef\viany.exe, Quarantined, [f39e765566157cba5aea0e99936e6d93],
Trojan.Agent.ED, C:\WINDOWS\system32\ybofiwy.exe, Quarantined, [2170c902e398a59191bb52ef2fd1837d],
Trojan.Agent.ED, C:\Documents and Settings\Annika Arrowwood\Application Data\Ohanoc\suexd.exe, Quarantined, [0988c209304b092ddc702f12748c0bf5],
PUP.Optional.NextUp, C:\Documents and Settings\Annika Arrowwood\My Documents\Downloads\GimpInstaller.exe, Quarantined, [ace51ead2e4dd85eb5b99b33689cc13f],
PUP.Optional.InstallIQ.A, C:\Documents and Settings\Annika Arrowwood\My Documents\Downloads\playalotgames_1347.exe, Quarantined, [c1d024a745367cba947976adf40de11f],
Trojan.Agent.ED, C:\Documents and Settings\Annika Arrowwood\Local Settings\Temp\UpdateFlashPlayer_ef43925f.exe, Quarantined, [afe2c00b176400364705c37e827e8779],
Spyware.Zbot.VXGen, C:\Documents and Settings\Annika Arrowwood\Local Settings\Temp\UpdateFlashPlayer_eff21de0.exe, Quarantined, [f899b516d9a2ea4c24744135b74af50b],
Trojan.Agent.ED, C:\Documents and Settings\Annika Arrowwood\Local Settings\Temp\UpdateFlashPlayer_f08d7791.exe, Quarantined, [365b04c7fa81c5719cb060e11ce4cc34],
PUP.Optional.OutBrowse, C:\Documents and Settings\Annika Arrowwood\Local Settings\Temp\V2y4r5Vd.exe.part, Quarantined, [444d21aa86f5072f32aee6ba9071758b],
Trojan.Downloader.UPT, C:\Documents and Settings\Annika Arrowwood\Local Settings\Application Data\hmrmbsfp.exe, Quarantined, [d1c0ae1da6d53600cc85933b7094ae52],
Trojan.Downloader, C:\Documents and Settings\Annika Arrowwood\Local Settings\Application Data\idhqmoil.exe, Quarantined, [e0b18546bdbe0a2cda93b4ec4cb5b64a],
Trojan.Downloader, C:\Documents and Settings\Annika Arrowwood\Local Settings\Application Data\udxsaxxv.exe, Quarantined, [236ea02b5d1eca6ca3ca7a2646bb8d73],
Spyware.Zbot.ED, C:\Documents and Settings\Annika Arrowwood\Local Settings\Application Data\xpeklqqn.exe, Quarantined, [c4cdb813a7d44de92a11138610f12dd3],
Adware.Agent, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\upgrade[1].cab, Quarantined, [038e07c4c0bbea4cbe2e12a09470d52b],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\upgrade[2].cab, Quarantined, [cbc68b40abd08aac85a36c05d42cf30d],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\upgrade[5].cab, Quarantined, [fd94d3f84c2f181e024b8bf49f612bd5],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\upgrade[6].cab, Quarantined, [ff925675186353e380cdc3bc03fd34cc],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IVQ34BCD\upgrade[2].cab, Quarantined, [652cb91262193501ed3ba1d0e917d030],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IVQ34BCD\upgrade[4].cab, Quarantined, [6829d0fbd8a3b38301275d1423dd49b7],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IVQ34BCD\upgrade[5].cab, Quarantined, [ccc527a4235866d082cb4a352cd43ec2],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IVQ34BCD\upgrade[6].cab, Quarantined, [7e1328a37efd3df93f0eb5cadf21f709],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U7WXA5I7\upgrade[2].cab, Quarantined, [f1a048832e4dc67017112b46857b4fb1],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U7WXA5I7\upgrade[4].cab, Quarantined, [1f72d7f4710aef47d7519ed330d0ff01],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W3YZIJ2F\upgrade[1].cab, Quarantined, [01904586007b22140a1e9bd6ae52c43c],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W3YZIJ2F\upgrade[2].cab, Quarantined, [276aca0106752610ed3b88e940c0dd23],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W3YZIJ2F\upgrade[3].cab, Quarantined, [870a34971c5f4ee8df49373a936d916f],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W3YZIJ2F\upgrade[4].cab, Quarantined, [b2df24a77ffc41f5d355c6ab7d83da26],
Adware.Agent, C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\R123DEO3\upgrade[1].cab, Quarantined, [cac7c5068feca88e6a822a8823e1926e],
Adware.Agent.ZGen, C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\R123DEO3\upgrade[2].cab, Quarantined, [7e13765532496dc91c0c8ee350b0c63a],
Adware.Agent.ZGen, C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YZ9AK3D5\upgrade[1].cab, Quarantined, [8110f7d428537db9d7766d12c23ef808],
Adware.Agent.ZGen, C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YZ9AK3D5\upgrade[2].cab, Quarantined, [94fd6665f982e74f2627116e69977e82],
Adware.Agent.ZGen, C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZRJBUMWO\upgrade[1].cab, Quarantined, [2f625972d0abb680c2669ed3a15f09f7],
Trojan.Agent, C:\WINDOWS\explorer1.exe, Delete-on-Reboot, [c7ca85464239db5b8d5ffc7f4db6a25e],
Trojan.Agent.RvGen, C:\WINDOWS\Tasks\Security Center Update - 122944234.job, Quarantined, [bfd2efdc4c2f2115c07efe1e19eb2ed2],
Trojan.Agent.RvGen, C:\WINDOWS\Tasks\Security Center Update - 1475603368.job, Quarantined, [2c655873413a63d347f78498d82c47b9],
Trojan.Agent.RvGen, C:\WINDOWS\Tasks\Security Center Update - 1614020457.job, Quarantined, [6829319a96e575c1da6463b96e961ee2],
Heuristics.Reserved.Word.Exploit, C:\Documents and Settings\Annika Arrowwood\My Documents\Downloads\explorer.exe, Quarantined, [741db01b7efd61d531a219caaa5ab24e],
Physical Sectors: 0
(No malicious items detected)
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.60.2
Run by Annika Arrowwood at 9:32:40 on 2014-08-31
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1041 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\WINDOWS\system32\ptumlcmsvc.exe
C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4071012
mSearch Bar = hxxp://www.google.com
uProxyServer = 0.0.0.0:80
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [SpySweeper] "c:\program files\webroot\spy sweeper\SpySweeper.exe" /0
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Umeklius] "c:\documents and settings\annika arrowwood\application data\vugypa\ewkyafs.exe"
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_13_0_0_214_Plugin.exe -update plugin
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] "c:\documents and settings\all users\application data\malwarebytes\malwarebytes anti-malware\mbamdor.exe" "c:\documents and settings\all users\application data\malwarebytes\Malwarebytes Anti-Malware"
mRunOnce: [*Restore] c:\windows\system32\restore\rstrui.exe -I
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {C9D7D239-B502-48B3-BA25-9DF8C7264073} - hxxps://10.0.61.10/auth/CCALogin.CAB
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 209.81.96.49 209.81.96.130 192.168.1.1
TCP: Interfaces\{BCD7DC6B-729A-496D-846C-9E35B6A50528} : DHCPNameServer = 209.81.96.49 209.81.96.130 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\windows\downloaded program files\mimectl.dll
Notify: ackpbsc - c:\program files\actividentity\activclient\ackpbsc.dll
Notify: acunlock - c:\program files\actividentity\activclient\acunlock.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= wxvault.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 wvauth
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\37.0.2062.102\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\annika arrowwood\application data\mozilla\firefox\profiles\yb0318m7.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\annika arrowwood\application data\mozilla\firefox\profiles\yb0318m7.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
FF - plugin: c:\documents and settings\annika arrowwood\application data\mozilla\firefox\profiles\yb0318m7.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2_x64.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_214.dll
FF - ExtSQL: !HIDDEN! 2009-08-07 21:05; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-8-27 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-8-27 192352]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-8-27 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-8-27 414520]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2013-2-18 188328]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2013-2-18 94632]
R2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\common files\actividentity\ac.sharedstore.exe [2009-6-3 207400]
R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2006-12-19 79432]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-8-27 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-8-27 67824]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-8-27 50344]
R2 Motorola Device Manager;Motorola Device Manager Service;c:\program files\motorola mobility\motorola device manager\MotoHelperService.exe [2013-7-31 137528]
R2 ptumlcmsvc;PTUML290 Connection Manager Service;c:\windows\system32\ptumlcmsvc.exe [2011-3-31 106496]
R2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files\rosettastoneltdservices\RosettaStoneDaemon.exe [2009-9-3 444224]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-3-19 24652]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [2004-8-11 5120]
R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [2006-11-2 97536]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-8-27 110296]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [2013-10-10 6616816]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2012-12-19 104872]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2012-12-19 116136]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2013-9-24 6272]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2013-9-24 21376]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2013-9-24 23936]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2013-9-24 11264]
S3 PTUMLBUS;PTUML USB Composite Device Driver;c:\windows\system32\drivers\PTUMLBUS.sys [2011-5-29 59664]
S3 PTUMLCVsp;PANTECH UML290 Connection Manager Port;c:\windows\system32\drivers\PTUMLCVsp.sys [2011-5-29 168208]
S3 PTUMLMdm;PANTECH UML290;c:\windows\system32\drivers\PTUMLMdm.sys [2011-5-29 168208]
S3 PTUMLNET;PANTECH UML290 WWAN;c:\windows\system32\drivers\PTUMLNET.sys [2011-5-29 80912]
S3 PTUMLNVsp;PANTECH UML290 NMEA Port;c:\windows\system32\drivers\PTUMLNVsp.sys [2011-5-29 168848]
S3 PTUMLRMNET;PANTECH UML290 RMNET Service;c:\windows\system32\drivers\PTUMLRMNET.sys [2011-5-29 59920]
S3 PTUMLVsp;PANTECH UML290 Diagnostic Port;c:\windows\system32\drivers\PTUMLVsp.sys [2011-5-29 168208]
S3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\drivers\SCR3XX2K.sys [2009-5-21 56448]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~1\SMSIVZAM5.SYS [2010-4-14 32408]
S3 STCFUx32;STC DFU Driver;c:\windows\system32\drivers\STCFUx32.sys [2007-1-24 7680]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
.
============= FINISH: 9:34:49.67 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 10/18/2007 9:38:41 PM
System Uptime: 8/31/2014 8:56:45 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0KU184
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz | Microprocessor | 1995/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 70.333 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1325: 6/6/2014 10:53:03 AM - Unsigned driver install
RP1326: 6/16/2014 11:53:39 PM - System Checkpoint
RP1327: 6/20/2014 8:30:21 PM - System Checkpoint
RP1328: 6/22/2014 5:36:21 PM - System Checkpoint
RP1329: 6/23/2014 6:45:52 PM - System Checkpoint
RP1330: 6/26/2014 7:37:17 PM - System Checkpoint
RP1331: 6/30/2014 6:28:05 PM - Software Distribution Service 3.0
RP1332: 8/7/2014 9:02:45 AM - System Checkpoint
RP1333: 8/20/2014 9:01:14 PM - Software Distribution Service 3.0
RP1334: 8/27/2014 12:22:18 PM - avast! antivirus system restore point
RP1335: 8/29/2014 6:09:55 PM - System Checkpoint
RP1336: 8/29/2014 11:08:06 PM - Software Distribution Service 3.0
RP1337: 8/30/2014 6:46:21 PM - Update to an unsigned driver
RP1338: 8/30/2014 7:55:25 PM - Restore Operation
RP1339: 8/30/2014 8:39:34 PM - Restore Operation
.
==== Installed Programs ======================
.
ActivClient CAC x86
ADDS Flight Path Tool
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.08)
Adobe Shockwave Player 11.6
AIM 7
AiO_Scan
Amazon Kindle
Amazon MP3 Downloader 1.0.12
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
biolsp patch
Bonjour
Bonjour Core for Windows
Broadcom ASF Management Applications
Broadcom Management Programs
Broadcom TPM Driver Installer
CCleaner
Conexant HDA D330 MDC V.92 Modem
CSO Student CD
Dell Embassy Trust Suite by Wave Systems
Dell Touchpad
Digital Line Detect
Document Manager Lite
Download Updater (AOL LLC)
Drug Lord 2
EMBASSY Security Center
EMBASSY Security Setup
EMBASSY Trust Suite by Wave Systems
EPSON Printer Software
ESC Home Page Plugin
ETS Upgrade
Google Chrome
Google Earth
Google Update Helper
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
HP Image Zone 4.2
HP Officejet 6100 Basic Device Software
HP PSC & OfficeJet 4.2
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless Software
IntelliSonic Speech Enhancement
iTunes
J2SE Runtime Environment 5.0 Update 6
Java 7 Update 60
Java Auto Updater
Java(TM) 6 Update 31
Jays Snipping Tool
Malwarebytes Anti-Malware version 2.0.2.1012
mCore
mDrWiFi
Memories Disc Creator 2.0
Messenger Plus!
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Outlook Web Access S/MIME
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
mIWA
mLogView
mMHouse
Modem Diagnostic Tool
MotoConnect
Motorola Device Manager
Motorola Device Software Update
Motorola Mobile Drivers Installation 6.2.0
Mozilla Firefox 31.0 (x86 en-US)
Mozilla Maintenance Service
mPfMgr
mPfWiz
mProSafe
mSCfg
MSN
mSSO
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 6.0 Parser (KB933579)
mWlsSafe
mWMI
mZConfig
NetWaiting
NTRU TCG Software Stack
O2Micro USB Smart Card Reader
Oracle VM VirtualBox 4.2.6
PANTECH UML290
PowerDVD
Preboot Manager
Private Information Manager
PureEdge Viewer 6.5
QFolder
QuickSet
QuickTime
RitzPix E-Z Print & Share
Rosetta Stone Ltd Services
Safari
Scan
SCR3xxx Smart Card Reader
Secure Update
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB2909921)
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows Internet Explorer 8 (KB2964358)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Wizards
Segoe UI
SigmaTel Audio
Skype™ 6.16
Spy Sweeper
swMSM
System Requirements Lab for Intel
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845)
upekmsi
Verizon Wireless UML290 Firmware Updates
Viewpoint Media Player
VZAccess Manager
Wave Infrastructure Installer
Wave Support Software
WebFldrs XP
Winamp
Windows Driver Package - Dell Inc. PBADRV System (09/25/2006 6.0.0.0)
Windows Driver Package - O2Micro (guardian2) SmartCardReader (02/05/2007 1.1.3.7)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Detect
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
8/29/2014 6:54:40 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-c.timefreq.bldrdoc.gov,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/29/2014 5:54:37 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-c.timefreq.bldrdoc.gov,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/29/2014 5:24:36 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-c.timefreq.bldrdoc.gov,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/29/2014 5:09:33 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-c.timefreq.bldrdoc.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/27/2014 8:28:09 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Security Center Server - 122944234 service to connect.
8/27/2014 8:28:09 AM, error: Service Control Manager [7000] - The Security Center Server - 122944234 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/27/2014 8:23:42 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/27/2014 8:23:16 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
8/27/2014 7:58:47 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
.
==== End Of File ===========================
I've tried to restore and update and I've had no luck. Any help is greatly appreciated.
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 8/27/2014
Scan Time: 1:12:12 PM
Logfile: mbam-log_082714-1312.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.08.27.05
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Annika Arrowwood
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 368430
Time Elapsed: 2 hr, 12 min, 38 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 4
Spyware.Zbot.VXGen, C:\WINDOWS\system32\ymvekok.exe, 2068, Delete-on-Reboot, [048d6d5ee09b1b1bedabe98d7c8540c0]
Trojan.Zbot, C:\WINDOWS\system32\qoubifip.exe, 2856, Delete-on-Reboot, [c3cef3d84c2f92a4291b46612dd42fd1]
Trojan.Agent.ED, C:\WINDOWS\system32\fyilc.exe, 2920, Delete-on-Reboot, [f49dd1fae79494a28dbfca77ec14ec14]
Trojan.Agent, C:\WINDOWS\explorer1.exe, 1028, Delete-on-Reboot, [c7ca85464239db5b8d5ffc7f4db6a25e]
Modules: 0
(No malicious items detected)
Registry Keys: 10
Spyware.Zbot.VXGen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SecurityCenterServer1440202716, Quarantined, [048d6d5ee09b1b1bedabe98d7c8540c0],
Trojan.Zbot, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SecurityCenterServer1475603368, Quarantined, [c3cef3d84c2f92a4291b46612dd42fd1],
Trojan.Agent.ED, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SecurityCenterServer1614020457, Quarantined, [f49dd1fae79494a28dbfca77ec14ec14],
Trojan.Agent.ED, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SecurityCenterServer122944234, Quarantined, [2170c902e398a59191bb52ef2fd1837d],
PUP.Optional.WeCare.A, HKLM\SOFTWARE\CLASSES\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [fb96d5f6b9c22a0c43ba9b114db5748c],
PUP.Optional.WeCare.A, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [fb96d5f6b9c22a0c43ba9b114db5748c],
PUP.Optional.WeCare.A, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [fb96d5f6b9c22a0c43ba9b114db5748c],
PUP.Optional.WeCare, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wecarereminder, Quarantined, [6d24a526047759dd754ef5fab64c1ee2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, Quarantined, [6130ca010477a98d3be6bb7610f4ca36],
Adware.GamePlayLab, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, Quarantined, [6d24ae1daad1cd69e0f206e119ea1ae6],
Registry Values: 5
Trojan.Agent.ED, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Efdeigqahyirnot, "C:\Documents and Settings\Annika Arrowwood\Application Data\Wycufaqo\afaci.exe", Quarantined, [b9d813b81665a98d2e1e2f12a45c3cc4]
Trojan.Zbot, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Mosiibcoaxyt, "C:\Documents and Settings\Annika Arrowwood\Application Data\Soygef\viany.exe", Quarantined, [f39e765566157cba5aea0e99936e6d93]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, a48ca20460fb2e93afab5370e31de429, Quarantined, [6130ca010477a98d3be6bb7610f4ca36]
Adware.GamePlayLab, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|215AppVerifier, 25b1a63d049673dda20d1a6066e3dbea, Quarantined, [6d24ae1daad1cd69e0f206e119ea1ae6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-167287416-2326391770-3767794300-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\NEW WINDOWS\ALLOW|*.crossrider.com, CrossriderApp0004639, Quarantined, [177a725979029b9be387163b8f75cc34]
Registry Data: 2
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Shell, explorer1.exe, Good: (), Bad: (explorer1.exe),Replaced,[c7ca85464239db5b8d5ffc7f4db6a25e]
Hijack.SearchPage, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://www.mirarsearch.com/?useie5=1&q=, Good: (http://www.google.com), Bad: (http://www.mirarsearch.com/?useie5=1&q=),Replaced,[e9a89437a1da77bfb411fce1d4300000]
Folders: 0
(No malicious items detected)
Files: 41
Spyware.Zbot.VXGen, C:\WINDOWS\system32\ymvekok.exe, Delete-on-Reboot, [048d6d5ee09b1b1bedabe98d7c8540c0],
Trojan.Zbot, C:\WINDOWS\system32\qoubifip.exe, Delete-on-Reboot, [c3cef3d84c2f92a4291b46612dd42fd1],
Trojan.Agent.ED, C:\WINDOWS\system32\fyilc.exe, Delete-on-Reboot, [f49dd1fae79494a28dbfca77ec14ec14],
Trojan.Agent.ED, C:\Documents and Settings\Annika Arrowwood\Application Data\Wycufaqo\afaci.exe, Quarantined, [b9d813b81665a98d2e1e2f12a45c3cc4],
Trojan.Zbot, C:\Documents and Settings\Annika Arrowwood\Application Data\Soygef\viany.exe, Quarantined, [f39e765566157cba5aea0e99936e6d93],
Trojan.Agent.ED, C:\WINDOWS\system32\ybofiwy.exe, Quarantined, [2170c902e398a59191bb52ef2fd1837d],
Trojan.Agent.ED, C:\Documents and Settings\Annika Arrowwood\Application Data\Ohanoc\suexd.exe, Quarantined, [0988c209304b092ddc702f12748c0bf5],
PUP.Optional.NextUp, C:\Documents and Settings\Annika Arrowwood\My Documents\Downloads\GimpInstaller.exe, Quarantined, [ace51ead2e4dd85eb5b99b33689cc13f],
PUP.Optional.InstallIQ.A, C:\Documents and Settings\Annika Arrowwood\My Documents\Downloads\playalotgames_1347.exe, Quarantined, [c1d024a745367cba947976adf40de11f],
Trojan.Agent.ED, C:\Documents and Settings\Annika Arrowwood\Local Settings\Temp\UpdateFlashPlayer_ef43925f.exe, Quarantined, [afe2c00b176400364705c37e827e8779],
Spyware.Zbot.VXGen, C:\Documents and Settings\Annika Arrowwood\Local Settings\Temp\UpdateFlashPlayer_eff21de0.exe, Quarantined, [f899b516d9a2ea4c24744135b74af50b],
Trojan.Agent.ED, C:\Documents and Settings\Annika Arrowwood\Local Settings\Temp\UpdateFlashPlayer_f08d7791.exe, Quarantined, [365b04c7fa81c5719cb060e11ce4cc34],
PUP.Optional.OutBrowse, C:\Documents and Settings\Annika Arrowwood\Local Settings\Temp\V2y4r5Vd.exe.part, Quarantined, [444d21aa86f5072f32aee6ba9071758b],
Trojan.Downloader.UPT, C:\Documents and Settings\Annika Arrowwood\Local Settings\Application Data\hmrmbsfp.exe, Quarantined, [d1c0ae1da6d53600cc85933b7094ae52],
Trojan.Downloader, C:\Documents and Settings\Annika Arrowwood\Local Settings\Application Data\idhqmoil.exe, Quarantined, [e0b18546bdbe0a2cda93b4ec4cb5b64a],
Trojan.Downloader, C:\Documents and Settings\Annika Arrowwood\Local Settings\Application Data\udxsaxxv.exe, Quarantined, [236ea02b5d1eca6ca3ca7a2646bb8d73],
Spyware.Zbot.ED, C:\Documents and Settings\Annika Arrowwood\Local Settings\Application Data\xpeklqqn.exe, Quarantined, [c4cdb813a7d44de92a11138610f12dd3],
Adware.Agent, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\upgrade[1].cab, Quarantined, [038e07c4c0bbea4cbe2e12a09470d52b],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\upgrade[2].cab, Quarantined, [cbc68b40abd08aac85a36c05d42cf30d],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\upgrade[5].cab, Quarantined, [fd94d3f84c2f181e024b8bf49f612bd5],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\456V83GB\upgrade[6].cab, Quarantined, [ff925675186353e380cdc3bc03fd34cc],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IVQ34BCD\upgrade[2].cab, Quarantined, [652cb91262193501ed3ba1d0e917d030],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IVQ34BCD\upgrade[4].cab, Quarantined, [6829d0fbd8a3b38301275d1423dd49b7],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IVQ34BCD\upgrade[5].cab, Quarantined, [ccc527a4235866d082cb4a352cd43ec2],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IVQ34BCD\upgrade[6].cab, Quarantined, [7e1328a37efd3df93f0eb5cadf21f709],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U7WXA5I7\upgrade[2].cab, Quarantined, [f1a048832e4dc67017112b46857b4fb1],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U7WXA5I7\upgrade[4].cab, Quarantined, [1f72d7f4710aef47d7519ed330d0ff01],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W3YZIJ2F\upgrade[1].cab, Quarantined, [01904586007b22140a1e9bd6ae52c43c],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W3YZIJ2F\upgrade[2].cab, Quarantined, [276aca0106752610ed3b88e940c0dd23],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W3YZIJ2F\upgrade[3].cab, Quarantined, [870a34971c5f4ee8df49373a936d916f],
Adware.Agent.ZGen, C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W3YZIJ2F\upgrade[4].cab, Quarantined, [b2df24a77ffc41f5d355c6ab7d83da26],
Adware.Agent, C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\R123DEO3\upgrade[1].cab, Quarantined, [cac7c5068feca88e6a822a8823e1926e],
Adware.Agent.ZGen, C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\R123DEO3\upgrade[2].cab, Quarantined, [7e13765532496dc91c0c8ee350b0c63a],
Adware.Agent.ZGen, C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YZ9AK3D5\upgrade[1].cab, Quarantined, [8110f7d428537db9d7766d12c23ef808],
Adware.Agent.ZGen, C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YZ9AK3D5\upgrade[2].cab, Quarantined, [94fd6665f982e74f2627116e69977e82],
Adware.Agent.ZGen, C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZRJBUMWO\upgrade[1].cab, Quarantined, [2f625972d0abb680c2669ed3a15f09f7],
Trojan.Agent, C:\WINDOWS\explorer1.exe, Delete-on-Reboot, [c7ca85464239db5b8d5ffc7f4db6a25e],
Trojan.Agent.RvGen, C:\WINDOWS\Tasks\Security Center Update - 122944234.job, Quarantined, [bfd2efdc4c2f2115c07efe1e19eb2ed2],
Trojan.Agent.RvGen, C:\WINDOWS\Tasks\Security Center Update - 1475603368.job, Quarantined, [2c655873413a63d347f78498d82c47b9],
Trojan.Agent.RvGen, C:\WINDOWS\Tasks\Security Center Update - 1614020457.job, Quarantined, [6829319a96e575c1da6463b96e961ee2],
Heuristics.Reserved.Word.Exploit, C:\Documents and Settings\Annika Arrowwood\My Documents\Downloads\explorer.exe, Quarantined, [741db01b7efd61d531a219caaa5ab24e],
Physical Sectors: 0
(No malicious items detected)
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.60.2
Run by Annika Arrowwood at 9:32:40 on 2014-08-31
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1041 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\WINDOWS\system32\ptumlcmsvc.exe
C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4071012
mSearch Bar = hxxp://www.google.com
uProxyServer = 0.0.0.0:80
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [SpySweeper] "c:\program files\webroot\spy sweeper\SpySweeper.exe" /0
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Umeklius] "c:\documents and settings\annika arrowwood\application data\vugypa\ewkyafs.exe"
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_13_0_0_214_Plugin.exe -update plugin
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] "c:\documents and settings\all users\application data\malwarebytes\malwarebytes anti-malware\mbamdor.exe" "c:\documents and settings\all users\application data\malwarebytes\Malwarebytes Anti-Malware"
mRunOnce: [*Restore] c:\windows\system32\restore\rstrui.exe -I
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {C9D7D239-B502-48B3-BA25-9DF8C7264073} - hxxps://10.0.61.10/auth/CCALogin.CAB
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 209.81.96.49 209.81.96.130 192.168.1.1
TCP: Interfaces\{BCD7DC6B-729A-496D-846C-9E35B6A50528} : DHCPNameServer = 209.81.96.49 209.81.96.130 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\windows\downloaded program files\mimectl.dll
Notify: ackpbsc - c:\program files\actividentity\activclient\ackpbsc.dll
Notify: acunlock - c:\program files\actividentity\activclient\acunlock.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= wxvault.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 wvauth
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\37.0.2062.102\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\annika arrowwood\application data\mozilla\firefox\profiles\yb0318m7.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\annika arrowwood\application data\mozilla\firefox\profiles\yb0318m7.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
FF - plugin: c:\documents and settings\annika arrowwood\application data\mozilla\firefox\profiles\yb0318m7.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2_x64.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_214.dll
FF - ExtSQL: !HIDDEN! 2009-08-07 21:05; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-8-27 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-8-27 192352]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-8-27 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-8-27 414520]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2013-2-18 188328]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2013-2-18 94632]
R2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\common files\actividentity\ac.sharedstore.exe [2009-6-3 207400]
R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2006-12-19 79432]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-8-27 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-8-27 67824]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-8-27 50344]
R2 Motorola Device Manager;Motorola Device Manager Service;c:\program files\motorola mobility\motorola device manager\MotoHelperService.exe [2013-7-31 137528]
R2 ptumlcmsvc;PTUML290 Connection Manager Service;c:\windows\system32\ptumlcmsvc.exe [2011-3-31 106496]
R2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files\rosettastoneltdservices\RosettaStoneDaemon.exe [2009-9-3 444224]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-3-19 24652]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [2004-8-11 5120]
R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [2006-11-2 97536]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-8-27 110296]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [2013-10-10 6616816]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2012-12-19 104872]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2012-12-19 116136]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2013-9-24 6272]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2013-9-24 21376]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2013-9-24 23936]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2013-9-24 11264]
S3 PTUMLBUS;PTUML USB Composite Device Driver;c:\windows\system32\drivers\PTUMLBUS.sys [2011-5-29 59664]
S3 PTUMLCVsp;PANTECH UML290 Connection Manager Port;c:\windows\system32\drivers\PTUMLCVsp.sys [2011-5-29 168208]
S3 PTUMLMdm;PANTECH UML290;c:\windows\system32\drivers\PTUMLMdm.sys [2011-5-29 168208]
S3 PTUMLNET;PANTECH UML290 WWAN;c:\windows\system32\drivers\PTUMLNET.sys [2011-5-29 80912]
S3 PTUMLNVsp;PANTECH UML290 NMEA Port;c:\windows\system32\drivers\PTUMLNVsp.sys [2011-5-29 168848]
S3 PTUMLRMNET;PANTECH UML290 RMNET Service;c:\windows\system32\drivers\PTUMLRMNET.sys [2011-5-29 59920]
S3 PTUMLVsp;PANTECH UML290 Diagnostic Port;c:\windows\system32\drivers\PTUMLVsp.sys [2011-5-29 168208]
S3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\drivers\SCR3XX2K.sys [2009-5-21 56448]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~1\SMSIVZAM5.SYS [2010-4-14 32408]
S3 STCFUx32;STC DFU Driver;c:\windows\system32\drivers\STCFUx32.sys [2007-1-24 7680]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
.
============= FINISH: 9:34:49.67 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 10/18/2007 9:38:41 PM
System Uptime: 8/31/2014 8:56:45 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0KU184
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz | Microprocessor | 1995/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 70.333 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1325: 6/6/2014 10:53:03 AM - Unsigned driver install
RP1326: 6/16/2014 11:53:39 PM - System Checkpoint
RP1327: 6/20/2014 8:30:21 PM - System Checkpoint
RP1328: 6/22/2014 5:36:21 PM - System Checkpoint
RP1329: 6/23/2014 6:45:52 PM - System Checkpoint
RP1330: 6/26/2014 7:37:17 PM - System Checkpoint
RP1331: 6/30/2014 6:28:05 PM - Software Distribution Service 3.0
RP1332: 8/7/2014 9:02:45 AM - System Checkpoint
RP1333: 8/20/2014 9:01:14 PM - Software Distribution Service 3.0
RP1334: 8/27/2014 12:22:18 PM - avast! antivirus system restore point
RP1335: 8/29/2014 6:09:55 PM - System Checkpoint
RP1336: 8/29/2014 11:08:06 PM - Software Distribution Service 3.0
RP1337: 8/30/2014 6:46:21 PM - Update to an unsigned driver
RP1338: 8/30/2014 7:55:25 PM - Restore Operation
RP1339: 8/30/2014 8:39:34 PM - Restore Operation
.
==== Installed Programs ======================
.
ActivClient CAC x86
ADDS Flight Path Tool
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.08)
Adobe Shockwave Player 11.6
AIM 7
AiO_Scan
Amazon Kindle
Amazon MP3 Downloader 1.0.12
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
biolsp patch
Bonjour
Bonjour Core for Windows
Broadcom ASF Management Applications
Broadcom Management Programs
Broadcom TPM Driver Installer
CCleaner
Conexant HDA D330 MDC V.92 Modem
CSO Student CD
Dell Embassy Trust Suite by Wave Systems
Dell Touchpad
Digital Line Detect
Document Manager Lite
Download Updater (AOL LLC)
Drug Lord 2
EMBASSY Security Center
EMBASSY Security Setup
EMBASSY Trust Suite by Wave Systems
EPSON Printer Software
ESC Home Page Plugin
ETS Upgrade
Google Chrome
Google Earth
Google Update Helper
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
HP Image Zone 4.2
HP Officejet 6100 Basic Device Software
HP PSC & OfficeJet 4.2
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless Software
IntelliSonic Speech Enhancement
iTunes
J2SE Runtime Environment 5.0 Update 6
Java 7 Update 60
Java Auto Updater
Java(TM) 6 Update 31
Jays Snipping Tool
Malwarebytes Anti-Malware version 2.0.2.1012
mCore
mDrWiFi
Memories Disc Creator 2.0
Messenger Plus!
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Outlook Web Access S/MIME
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
mIWA
mLogView
mMHouse
Modem Diagnostic Tool
MotoConnect
Motorola Device Manager
Motorola Device Software Update
Motorola Mobile Drivers Installation 6.2.0
Mozilla Firefox 31.0 (x86 en-US)
Mozilla Maintenance Service
mPfMgr
mPfWiz
mProSafe
mSCfg
MSN
mSSO
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 6.0 Parser (KB933579)
mWlsSafe
mWMI
mZConfig
NetWaiting
NTRU TCG Software Stack
O2Micro USB Smart Card Reader
Oracle VM VirtualBox 4.2.6
PANTECH UML290
PowerDVD
Preboot Manager
Private Information Manager
PureEdge Viewer 6.5
QFolder
QuickSet
QuickTime
RitzPix E-Z Print & Share
Rosetta Stone Ltd Services
Safari
Scan
SCR3xxx Smart Card Reader
Secure Update
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB2909921)
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows Internet Explorer 8 (KB2964358)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Wizards
Segoe UI
SigmaTel Audio
Skype™ 6.16
Spy Sweeper
swMSM
System Requirements Lab for Intel
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845)
upekmsi
Verizon Wireless UML290 Firmware Updates
Viewpoint Media Player
VZAccess Manager
Wave Infrastructure Installer
Wave Support Software
WebFldrs XP
Winamp
Windows Driver Package - Dell Inc. PBADRV System (09/25/2006 6.0.0.0)
Windows Driver Package - O2Micro (guardian2) SmartCardReader (02/05/2007 1.1.3.7)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Detect
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
8/29/2014 6:54:40 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-c.timefreq.bldrdoc.gov,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/29/2014 5:54:37 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-c.timefreq.bldrdoc.gov,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/29/2014 5:24:36 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-c.timefreq.bldrdoc.gov,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/29/2014 5:09:33 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-c.timefreq.bldrdoc.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
8/27/2014 8:28:09 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Security Center Server - 122944234 service to connect.
8/27/2014 8:28:09 AM, error: Service Control Manager [7000] - The Security Center Server - 122944234 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/27/2014 8:23:42 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/27/2014 8:23:16 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
8/27/2014 7:58:47 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
.
==== End Of File ===========================
I've tried to restore and update and I've had no luck. Any help is greatly appreciated.
(end)