Hello, I have a computer that was acting strange, started to give me a BSOD on boot in normal mode (ok in safe mode). I ran TFC and was then able to boot into normal mode.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Patricia at 23:49:02 on 2012-09-27
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2303.1575 [GMT -4:00]
.
AV: COMODO Antivirus *Enabled/Updated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
.
============== Running Processes ===============
.
C:\Program Files\Common Files\Comodo\launcher_service.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\java.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Comodo\tvnserver.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Common Files\Comodo\tvnserver.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\COMODO\GeekBuddy\unit.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.msn.com
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Shop to Win: {8e51683a-ea9d-4127-ae14-a13294ff6f7c} - c:\program files\shop to win 19\Shop to Win 19.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No File
EB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [StorageGuard] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [diagent] "c:\program files\creative\sblive\diagnostics\diagent.exe" startup
mRun: [BCMSMMSG] BCMSMMSG.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [tvncontrol] "c:\program files\common files\comodo\tvnserver.exe" -controlservice -slave
c:\windows\temp\nsl1c.tmp\temp00
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\startg~1.lnk - c:\program files\comodo\geekbuddy\launcher.exe
mPolicies-explorer: <NO NAME> =
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: microsoft.com\oas.support
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://a.download.toontown.com/sv1.0.38.38/ttinst.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} - hxxp://update.hpphoto.com/download/HPSWUpdate.ocx
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{84A02C4F-B5CC-4ED7-8B63-83BC40A4A065} : DhcpNameServer = 192.168.1.1
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2012-8-3 36112]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2012-3-11 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-3-11 494968]
R2 CLPSLauncher;COMODO LPS Launcher;c:\program files\common files\comodo\launcher_service.exe [2012-8-23 70352]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2012-3-11 1983232]
R2 LinksysUpdater;Linksys Updater;c:\program files\linksys\linksys updater\bin\LinksysUpdater.exe [2008-11-13 204800]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-26 399432]
R2 tvnserver;TightVNC Server;c:\program files\common files\comodo\tvnserver.exe [2012-1-27 828944]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-26 676936]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-12 250288]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-26 22856]
.
=============== Created Last 30 ================
.
2012-09-28 02:13:19 -------- d-----w- c:\program files\common files\Comodo
2012-09-28 02:08:47 -------- d-----w- c:\documents and settings\all users\application data\CPA_VA
2012-09-28 02:06:11 68577 ----a-w- c:\windows\system32\drivers\sfi.dat
2012-09-28 02:01:42 -------- d-----w- c:\documents and settings\all users\application data\Comodo
2012-09-28 02:01:31 -------- d-----w- c:\program files\COMODO
2012-09-27 05:09:41 -------- d-----w- C:\FRST
2012-09-26 21:28:11 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-26 18:31:15 -------- d-----w- c:\documents and settings\patricia\application data\Malwarebytes
2012-09-26 16:55:39 -------- d-sha-r- C:\cmdcons
2012-09-26 16:48:13 98816 ----a-w- c:\windows\sed.exe
2012-09-26 16:48:13 518144 ----a-w- c:\windows\SWREG.exe
2012-09-26 16:48:13 256000 ----a-w- c:\windows\PEV.exe
2012-09-26 16:48:13 208896 ----a-w- c:\windows\MBR.exe
2012-09-26 05:56:49 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-09-26 05:56:47 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-26 05:56:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-26 00:32:37 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-09-23 19:47:41 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-09-23 19:47:41 -------- d-----w- c:\windows\system32\wbem\Repository
2012-09-15 20:51:01 4096000 ----a-w- c:\program files\GUT2928.tmp
2012-09-15 20:51:01 -------- d-----w- c:\program files\GUM2927.tmp
2012-09-15 02:44:12 -------- d-----w- c:\documents and settings\patricia\local settings\application data\AOL Toolbar
2012-09-15 02:43:28 -------- d-----w- c:\program files\common files\Software Update Utility
2012-09-14 18:33:26 4096000 ----a-w- c:\program files\GUT641C.tmp
2012-09-14 18:33:26 -------- d-----w- c:\program files\GUM641B.tmp
2012-09-09 23:47:50 -------- d-----w- c:\documents and settings\patricia\local settings\application data\StartNow
.
==================== Find3M ====================
.
2012-09-21 23:04:34 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-21 23:04:30 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec
2012-08-03 14:23:28 36112 ----a-w- c:\windows\system32\drivers\CFRMD.sys
2012-08-03 14:23:28 36112 ----a-w- c:\windows\inf\lps-ca\cfrmd.sys
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet(3).dll
2012-07-02 17:49:33 1212416 ----a-w- c:\windows\system32\urlmon(3).dll
2012-07-02 17:49:33 105984 ----a-w- c:\windows\system32\url(3).dll
.
============= FINISH: 23:54:13.60 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 12/15/2007 12:38:42 AM
System Uptime: 9/27/2012 11:29:12 PM (0 hours ago)
.
Motherboard: Dell Computer Corp. | | 0W2562
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 45.016 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1: 9/27/2012 4:24:50 PM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acrobat.com
Action Replay DSi Code Manager
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9.4.7
Adobe Shockwave Player 11.5
AiO_Scan
AIOMinimal
AiOSoftware
AOL Toolbar
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BCM V.92 56K Modem
BlackBerry Desktop Software 6.0.1
Bob the Builder - Bob's Castle Adventure
Bob the Builder - Bob Builds a Park
Bonjour
BufferChm
Business Cards
C7200
C7200_doccd
c7200_Help
Cards_Calendar_OrderGift_DoMorePlugout
Cars - Radiator Springs Adventures
COMODO Internet Security
Copy
CreativeProjects
CustomerResearchQFolder
Dell Digital Jukebox Driver
Dell ResourceCD
Destination Component
DeviceDiscovery
DeviceManagementQFolder
Disney's Toontown Online
Disney Toontown Online
DocProc
DocProcQFolder
Download Updater (AOL Inc.)
eSupportQFolder
Fax
GameSpy Arcade
GeekBuddy
Google Earth
Google Update Helper
GoToAssist 8.0.0.514
Hex Workshop v6.6
Hot Wheels Stunt Track Challenge
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 9.0
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photo & Imaging 3.1
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.5
HP Photosmart Essential 3.5
HP PSC & OfficeJet 3.0
HP Smart Web Printing 4.60
HP Software Update
HP Solution Center 9.0
HP Update
hpmdtab
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
HPSystemDiagnostics
HxD Hex Editor version 1.7.7.0
iLivid
Imaginext(TM) Battle Castle
InstantShare
InstantShareAlert
Intel(R) PRO Network Adapters and Drivers
iTunes
Java(TM) 6 Update 26
Java(TM) 6 Update 3
JumpStart Learning Games ABC's
Kool Kart Racers
Linksys EasyLink Advisor
Little Bear Rainy Day Activities
Malwarebytes Anti-Malware version 1.65.0.1400
MarketResearch
Memories Disc Creator 2.0
Mickey Mouse Toddler
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MobileMe Control Panel
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MUSICMATCH® Jukebox
NetJet 2.0
NickToons Racing
NVIDIA Windows 2000/XP Display Drivers
OLYMPUS Master 2
Overland
PanoStandAlone
PhotoGallery
PowerDVD
PrintScreen
ProVenture Invoices
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_min
PSSWCORE
Pure Networks Platform
QuickProjects
QuickTime
Readme
Rescue Heroes Meteor Madness
Rescue Heroes Mission Select
Safari
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 8 (KB917734)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SkinsHP1
SkinsHP2
SmartWebPrinting
SolutionCenter
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Sound Blaster Live!
SoundMAX
Spider-man
Spybot - Search & Destroy
Status
Stella 2.6.1
Tonka Construction 2
Tonka Power Tools
TONKA Search & Rescue 2
Tonka® On the Job
Toolbox
Transformers Battle Universe
TrayApp
Uninstall TONKA Monster Trucks
Unload
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoToolkit01
WebFldrs XP
WebReg
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Format Runtime
Windows XP Service Pack 3
WinRAR 4.11 (32-bit)
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
9/27/2012 9:56:56 PM, error: Service Control Manager [7034] - The WMDM PMSP Service service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:21 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:16 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:16 PM, error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:15 PM, error: Service Control Manager [7034] - The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:15 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:15 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/27/2012 4:28:03 PM, error: Service Control Manager [7034] - The Linksys Updater service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 11:12:39 AM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
9/27/2012 11:09:44 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
9/26/2012 5:16:15 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 f74ca71d, parameter3 ae645580, parameter4 00000000.
9/26/2012 2:11:51 PM, error: Service Control Manager [7034] - The Updater Service for AMZN service terminated unexpectedly. It has done this 1 time(s).
9/26/2012 2:11:35 PM, error: Service Control Manager [7034] - The NVIDIA Driver Helper Service service terminated unexpectedly. It has done this 1 time(s).
9/26/2012 12:43:32 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm OMCI
9/26/2012 12:10:50 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
9/26/2012 12:10:18 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
9/26/2012 12:10:13 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
9/26/2012 12:07:40 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccHP eeCtrl Fips intelppm OMCI SRTSPX SymIRON SYMTDI
9/26/2012 12:06:41 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/26/2012 12:03:28 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.
9/26/2012 12:03:28 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the wlidsvc service.
9/26/2012 12:03:27 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
9/26/2012 11:59:16 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
9/26/2012 10:38:54 PM, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: The system cannot find the file specified.
9/26/2012 10:38:52 PM, error: SRService [104] - The System Restore initialization process failed.
9/24/2012 10:12:57 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Wireless Zero Configuration service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The System Restore Service service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/24/2012 10:12:09 PM, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
9/23/2012 4:15:45 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/23/2012 4:14:56 PM, error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
9/23/2012 4:13:53 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
9/23/2012 4:13:29 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 ccHP eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT OMCI RasAcd Rdbss SRTSPX SymIRON SYMTDI Tcpip
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBT service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 1:12:55 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
9/23/2012 1:12:55 PM, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/23/2012 1:10:58 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/23/2012 1:10:57 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
9/23/2012 1:10:40 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
9/22/2012 12:58:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
9/22/2012 12:58:23 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/22/2012 12:57:49 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
9/22/2012 12:57:49 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/21/2012 10:46:57 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NIS service.
.
==== End Of File ===========================
Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org
Database version: v2012.09.27.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Patricia :: DADS [administrator]
Protection: Disabled
9/27/2012 4:45:00 PM
mbam-log-2012-09-27 (16-45-00).txt
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 364985
Time elapsed: 4 hour(s), 36 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:5555 -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\TDSSKiller_Quarantine\26.09.2012_17.25.12\mbr0000\tdlfs0000\tsk0003.dta (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.
(end)
TDDSKIller was also used to take care of a rootkit
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Patricia at 23:49:02 on 2012-09-27
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2303.1575 [GMT -4:00]
.
AV: COMODO Antivirus *Enabled/Updated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
.
============== Running Processes ===============
.
C:\Program Files\Common Files\Comodo\launcher_service.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\java.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Comodo\tvnserver.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Common Files\Comodo\tvnserver.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\COMODO\GeekBuddy\unit.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.msn.com
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Shop to Win: {8e51683a-ea9d-4127-ae14-a13294ff6f7c} - c:\program files\shop to win 19\Shop to Win 19.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No File
EB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [StorageGuard] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [diagent] "c:\program files\creative\sblive\diagnostics\diagent.exe" startup
mRun: [BCMSMMSG] BCMSMMSG.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [tvncontrol] "c:\program files\common files\comodo\tvnserver.exe" -controlservice -slave
c:\windows\temp\nsl1c.tmp\temp00
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\startg~1.lnk - c:\program files\comodo\geekbuddy\launcher.exe
mPolicies-explorer: <NO NAME> =
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: microsoft.com\oas.support
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://a.download.toontown.com/sv1.0.38.38/ttinst.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} - hxxp://update.hpphoto.com/download/HPSWUpdate.ocx
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{84A02C4F-B5CC-4ED7-8B63-83BC40A4A065} : DhcpNameServer = 192.168.1.1
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2012-8-3 36112]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2012-3-11 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-3-11 494968]
R2 CLPSLauncher;COMODO LPS Launcher;c:\program files\common files\comodo\launcher_service.exe [2012-8-23 70352]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2012-3-11 1983232]
R2 LinksysUpdater;Linksys Updater;c:\program files\linksys\linksys updater\bin\LinksysUpdater.exe [2008-11-13 204800]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-26 399432]
R2 tvnserver;TightVNC Server;c:\program files\common files\comodo\tvnserver.exe [2012-1-27 828944]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-26 676936]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-12 250288]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-26 22856]
.
=============== Created Last 30 ================
.
2012-09-28 02:13:19 -------- d-----w- c:\program files\common files\Comodo
2012-09-28 02:08:47 -------- d-----w- c:\documents and settings\all users\application data\CPA_VA
2012-09-28 02:06:11 68577 ----a-w- c:\windows\system32\drivers\sfi.dat
2012-09-28 02:01:42 -------- d-----w- c:\documents and settings\all users\application data\Comodo
2012-09-28 02:01:31 -------- d-----w- c:\program files\COMODO
2012-09-27 05:09:41 -------- d-----w- C:\FRST
2012-09-26 21:28:11 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-26 18:31:15 -------- d-----w- c:\documents and settings\patricia\application data\Malwarebytes
2012-09-26 16:55:39 -------- d-sha-r- C:\cmdcons
2012-09-26 16:48:13 98816 ----a-w- c:\windows\sed.exe
2012-09-26 16:48:13 518144 ----a-w- c:\windows\SWREG.exe
2012-09-26 16:48:13 256000 ----a-w- c:\windows\PEV.exe
2012-09-26 16:48:13 208896 ----a-w- c:\windows\MBR.exe
2012-09-26 05:56:49 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-09-26 05:56:47 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-26 05:56:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-26 00:32:37 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-09-23 19:47:41 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-09-23 19:47:41 -------- d-----w- c:\windows\system32\wbem\Repository
2012-09-15 20:51:01 4096000 ----a-w- c:\program files\GUT2928.tmp
2012-09-15 20:51:01 -------- d-----w- c:\program files\GUM2927.tmp
2012-09-15 02:44:12 -------- d-----w- c:\documents and settings\patricia\local settings\application data\AOL Toolbar
2012-09-15 02:43:28 -------- d-----w- c:\program files\common files\Software Update Utility
2012-09-14 18:33:26 4096000 ----a-w- c:\program files\GUT641C.tmp
2012-09-14 18:33:26 -------- d-----w- c:\program files\GUM641B.tmp
2012-09-09 23:47:50 -------- d-----w- c:\documents and settings\patricia\local settings\application data\StartNow
.
==================== Find3M ====================
.
2012-09-21 23:04:34 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-21 23:04:30 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec
2012-08-03 14:23:28 36112 ----a-w- c:\windows\system32\drivers\CFRMD.sys
2012-08-03 14:23:28 36112 ----a-w- c:\windows\inf\lps-ca\cfrmd.sys
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet(3).dll
2012-07-02 17:49:33 1212416 ----a-w- c:\windows\system32\urlmon(3).dll
2012-07-02 17:49:33 105984 ----a-w- c:\windows\system32\url(3).dll
.
============= FINISH: 23:54:13.60 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 12/15/2007 12:38:42 AM
System Uptime: 9/27/2012 11:29:12 PM (0 hours ago)
.
Motherboard: Dell Computer Corp. | | 0W2562
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 45.016 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1: 9/27/2012 4:24:50 PM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acrobat.com
Action Replay DSi Code Manager
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9.4.7
Adobe Shockwave Player 11.5
AiO_Scan
AIOMinimal
AiOSoftware
AOL Toolbar
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BCM V.92 56K Modem
BlackBerry Desktop Software 6.0.1
Bob the Builder - Bob's Castle Adventure
Bob the Builder - Bob Builds a Park
Bonjour
BufferChm
Business Cards
C7200
C7200_doccd
c7200_Help
Cards_Calendar_OrderGift_DoMorePlugout
Cars - Radiator Springs Adventures
COMODO Internet Security
Copy
CreativeProjects
CustomerResearchQFolder
Dell Digital Jukebox Driver
Dell ResourceCD
Destination Component
DeviceDiscovery
DeviceManagementQFolder
Disney's Toontown Online
Disney Toontown Online
DocProc
DocProcQFolder
Download Updater (AOL Inc.)
eSupportQFolder
Fax
GameSpy Arcade
GeekBuddy
Google Earth
Google Update Helper
GoToAssist 8.0.0.514
Hex Workshop v6.6
Hot Wheels Stunt Track Challenge
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 9.0
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photo & Imaging 3.1
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.5
HP Photosmart Essential 3.5
HP PSC & OfficeJet 3.0
HP Smart Web Printing 4.60
HP Software Update
HP Solution Center 9.0
HP Update
hpmdtab
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
HPSystemDiagnostics
HxD Hex Editor version 1.7.7.0
iLivid
Imaginext(TM) Battle Castle
InstantShare
InstantShareAlert
Intel(R) PRO Network Adapters and Drivers
iTunes
Java(TM) 6 Update 26
Java(TM) 6 Update 3
JumpStart Learning Games ABC's
Kool Kart Racers
Linksys EasyLink Advisor
Little Bear Rainy Day Activities
Malwarebytes Anti-Malware version 1.65.0.1400
MarketResearch
Memories Disc Creator 2.0
Mickey Mouse Toddler
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MobileMe Control Panel
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MUSICMATCH® Jukebox
NetJet 2.0
NickToons Racing
NVIDIA Windows 2000/XP Display Drivers
OLYMPUS Master 2
Overland
PanoStandAlone
PhotoGallery
PowerDVD
PrintScreen
ProVenture Invoices
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_min
PSSWCORE
Pure Networks Platform
QuickProjects
QuickTime
Readme
Rescue Heroes Meteor Madness
Rescue Heroes Mission Select
Safari
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 8 (KB917734)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SkinsHP1
SkinsHP2
SmartWebPrinting
SolutionCenter
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Sound Blaster Live!
SoundMAX
Spider-man
Spybot - Search & Destroy
Status
Stella 2.6.1
Tonka Construction 2
Tonka Power Tools
TONKA Search & Rescue 2
Tonka® On the Job
Toolbox
Transformers Battle Universe
TrayApp
Uninstall TONKA Monster Trucks
Unload
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoToolkit01
WebFldrs XP
WebReg
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Format Runtime
Windows XP Service Pack 3
WinRAR 4.11 (32-bit)
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
9/27/2012 9:56:56 PM, error: Service Control Manager [7034] - The WMDM PMSP Service service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:21 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:16 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:16 PM, error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:15 PM, error: Service Control Manager [7034] - The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:15 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 9:31:15 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/27/2012 4:28:03 PM, error: Service Control Manager [7034] - The Linksys Updater service terminated unexpectedly. It has done this 1 time(s).
9/27/2012 11:12:39 AM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
9/27/2012 11:09:44 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
9/26/2012 5:16:15 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 f74ca71d, parameter3 ae645580, parameter4 00000000.
9/26/2012 2:11:51 PM, error: Service Control Manager [7034] - The Updater Service for AMZN service terminated unexpectedly. It has done this 1 time(s).
9/26/2012 2:11:35 PM, error: Service Control Manager [7034] - The NVIDIA Driver Helper Service service terminated unexpectedly. It has done this 1 time(s).
9/26/2012 12:43:32 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm OMCI
9/26/2012 12:10:50 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
9/26/2012 12:10:18 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
9/26/2012 12:10:13 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
9/26/2012 12:07:40 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccHP eeCtrl Fips intelppm OMCI SRTSPX SymIRON SYMTDI
9/26/2012 12:06:41 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/26/2012 12:03:28 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.
9/26/2012 12:03:28 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the wlidsvc service.
9/26/2012 12:03:27 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
9/26/2012 11:59:16 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
9/26/2012 10:38:54 PM, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: The system cannot find the file specified.
9/26/2012 10:38:52 PM, error: SRService [104] - The System Restore initialization process failed.
9/24/2012 10:12:57 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Wireless Zero Configuration service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The System Restore Service service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7034] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s).
9/24/2012 10:12:09 PM, error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/24/2012 10:12:09 PM, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
9/23/2012 4:15:45 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/23/2012 4:14:56 PM, error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
9/23/2012 4:13:53 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
9/23/2012 4:13:29 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 ccHP eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT OMCI RasAcd Rdbss SRTSPX SymIRON SYMTDI Tcpip
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBT service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 4:13:29 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/23/2012 1:12:55 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
9/23/2012 1:12:55 PM, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/23/2012 1:10:58 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/23/2012 1:10:57 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
9/23/2012 1:10:40 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
9/22/2012 12:58:23 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
9/22/2012 12:58:23 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/22/2012 12:57:49 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
9/22/2012 12:57:49 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/21/2012 10:46:57 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NIS service.
.
==== End Of File ===========================
Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org
Database version: v2012.09.27.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Patricia :: DADS [administrator]
Protection: Disabled
9/27/2012 4:45:00 PM
mbam-log-2012-09-27 (16-45-00).txt
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 364985
Time elapsed: 4 hour(s), 36 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:5555 -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\TDSSKiller_Quarantine\26.09.2012_17.25.12\mbr0000\tdlfs0000\tsk0003.dta (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.
(end)
TDDSKIller was also used to take care of a rootkit