tapersteve
Posts: 52 +0
Hi there and thank you in advance for the work that you do. I posted once a few weeks back, but I have been gone, but am now back and need to fix this problem.
I definitely have what appears to be a browser re-direct infection, as most, but not all of the time, my google searches are re-directed to either Bing or some other end page. No porn, just ads of different types. I have Norton running in the background, and use Spybot S&D from time to time to clean up anything else.
I have read the eight step instructions.
I have run TFC.
I have run the Malawarebytes and have attached the log below.
I have tried to run GMER at least a dozen times. I have tried it in regular mode, with and without the "devices" box checked. In either case, it froze up almost immediately after starting the scan. I then tried running it in safe mode, both with the "devices" box checked, and unchecked. The only progress that I ever got, was in safe mode, with the "devices" unchecked, and the scan ran for quite a while, started printing a lot of info in the box, and then went to the BSOD. The error message was uglcrfob.sys Page Fault In Non Paged Area. I have all the technical numbers, if it will be of any use. I uninstalled and re-downloaded GMER, and tried the safe mode again, and it did the same thing, program ran, then action, then BSOD. I have rebooted my computer more today than in the last year. I don't know what else to do.
So, I also ran DDS, and am attaching the logs below as well.
Your help is greatly appreciated. Steve
Malabytes Log:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 5077
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
12/4/2010 2:32:35 AM
mbam-log-2010-12-04 (02-32-35).txt
Scan type: Full scan (C:\|)
Objects scanned: 281270
Time elapsed: 4 hour(s), 53 minute(s), 31 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
**********************************************************
DDS Log:
DDS (Ver_10-11-09.01) - NTFSx86
Run by Steve Kwartin at 4:52:30.32 on Sat 12/04/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3317.2570 [GMT -5:00]
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DeltaIITray.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\Steve Kwartin\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.cnn.com/
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\4.3.0.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\4.3.0.5\IPSBHO.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\4.3.0.5\coIEPlg.dll
TB: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No File
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [M-Audio Taskbar Icon] c:\windows\system32\DeltaIITray.exe
mRun: [DeltaIITaskbarApp] c:\windows\system32\DeltaIITray.exe
mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/install-ie/alttiff.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1216653561431
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - c:\program files\sharp\sharpdesk\ExplorerExtensions.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\stevek~1\applic~1\mozilla\firefox\profiles\5l5wp0pq.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=ZUGO&form=ZGAADF&q=
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1908.5032\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
============= SERVICES / DRIVERS ===============
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-11-8 218592]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0403000.005\symds.sys [2010-11-10 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0403000.005\symefa.sys [2010-11-10 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20101123.003\BHDrvx86.sys [2010-11-22 691248]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys [2010-11-10 501888]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0403000.005\ironx86.sys [2010-11-10 116784]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\4.3.0.5\ccsvchst.exe [2010-11-10 126392]
R3 DELTAII;Service for M-Audio Delta Driver (WDM);c:\windows\system32\drivers\deltaII.sys [2008-11-23 302728]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-11-10 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20101130.001\IDSXpx86.sys [2010-10-19 341880]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20101203.032\NAVENG.SYS [2010-12-3 86064]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20101203.032\NAVEX15.SYS [2010-12-3 1371184]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-11 136176]
S3 EraserUtilDrv11010;EraserUtilDrv11010;\??\c:\program files\common files\symantec shared\eengine\eraserutildrv11010.sys --> c:\program files\common files\symantec shared\eengine\EraserUtilDrv11010.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-11-8 366840]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-11-8 1142224]
=============== Created Last 30 ================
2010-11-16 07:50:58 -------- d-----w- c:\docume~1\stevek~1\applic~1\SUPERAntiSpyware.com
2010-11-16 07:50:58 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-11-16 07:50:32 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-11-10 18:39:12 -------- d-----w- c:\windows\system32\XPSViewer
2010-11-10 18:38:01 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-11-10 18:37:24 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-11-10 18:37:24 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-11-10 18:37:24 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-11-10 18:37:24 117760 ------w- c:\windows\system32\prntvpt.dll
2010-11-10 18:37:23 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-11-10 18:37:23 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-11-10 18:37:22 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-11-10 18:37:22 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-11-10 18:37:18 -------- d-----w- C:\855d0ab8392c5309ac0ce3f70e9b
2010-11-10 10:16:45 339504 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symtdiv.sys
2010-11-10 10:16:44 361904 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symtdi.sys
2010-11-10 10:16:43 328752 ----a-r- c:\windows\system32\drivers\n360\0403000.005\symds.sys
2010-11-10 10:16:43 173104 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symefa.sys
2010-11-10 10:16:41 43696 ----a-w- c:\windows\system32\drivers\n360\0403000.005\srtspx.sys
2010-11-10 10:16:41 325680 ----a-w- c:\windows\system32\drivers\n360\0403000.005\srtsp.sys
2010-11-10 10:16:40 501888 ----a-w- c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys
2010-11-10 10:16:40 116784 ----a-w- c:\windows\system32\drivers\n360\0403000.005\ironx86.sys
2010-11-10 10:09:10 -------- d-----w- c:\windows\system32\drivers\n360\0403000.005
2010-11-10 08:30:38 -------- d-----w- c:\docume~1\stevek~1\applic~1\Tific
2010-11-10 05:29:22 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-11-10 05:29:22 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-11-10 05:29:08 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-11-10 05:29:08 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-11-10 05:29:07 -------- d-----w- c:\program files\Symantec
2010-11-10 05:28:02 -------- d-----w- c:\windows\system32\drivers\N360
2010-11-10 05:28:00 -------- d-----w- c:\program files\Norton Security Suite
2010-11-10 05:27:50 -------- d-----w- c:\program files\NortonInstaller
2010-11-10 05:02:15 -------- d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2010-11-10 04:59:51 -------- d-----w- c:\docume~1\alluse~1\applic~1\Norton
2010-11-08 20:09:13 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-11-08 20:09:09 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-11-08 20:09:09 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-11-08 20:09:05 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-11-08 20:08:41 -------- d-----w- c:\program files\Spyware Doctor
2010-11-08 20:08:41 -------- d-----w- c:\program files\common files\PC Tools
2010-11-08 20:08:41 -------- d-----w- c:\docume~1\stevek~1\applic~1\PC Tools
2010-11-08 20:08:41 -------- d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2010-11-08 18:49:27 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-11-08 18:49:27 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-11-08 18:49:14 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-11-08 18:48:08 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-11-08 18:40:58 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-11-06 23:17:58 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-11-06 23:17:58 -------- d-----w- c:\windows\system32\wbem\Repository
2010-11-06 23:11:11 -------- d-----w- c:\program files\Quick Web Player
2010-11-06 22:30:28 105984 --sha-r- c:\windows\system32\WMSPDMOEQ.dll
2010-11-05 23:46:45 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
==================== Find3M ====================
2010-09-18 17:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-15 08:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 06:29:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-09 13:38:01 832512 ----a-w- c:\windows\system32\wininet.dll
2010-09-09 13:38:01 1830912 ------w- c:\windows\system32\inetcpl.cpl
2010-09-09 13:38:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-09-09 13:38:00 17408 ----a-w- c:\windows\system32\corpol.dll
============= FINISH: 4:53:56.34 ===============
*********************************************************************************
Attach Log:
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-11-09.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/21/2008 9:35:28 AM
System Uptime: 12/4/2010 4:43:52 AM (0 hours ago)
Motherboard: Dell Inc. | | 0FM586
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2394/266mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 233 GiB total, 4.275 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 37 GiB total, 1.918 GiB free.
G: is FIXED (NTFS) - 699 GiB total, 607.38 GiB free.
==== Disabled Device Manager Items =============
Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_8086&DEV_29C1&SUBSYS_00000000&REV_02\3&2411E6FE&0&08
Manufacturer: (Standard system devices)
Name: PCI standard PCI-to-PCI bridge
PNP Device ID: PCI\VEN_8086&DEV_29C1&SUBSYS_00000000&REV_02\3&2411E6FE&0&08
Service: pci
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Realtek High Definition Audio
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_1028020D&REV_1000\4&18CA5B6A&0&0201
Manufacturer: Realtek
Name: Realtek High Definition Audio
PNP Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_1028020D&REV_1000\4&18CA5B6A&0&0201
Service: IntcAzAudAddService
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_020D1028&REV_02\3&2411E6FE&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_020D1028&REV_02\3&2411E6FE&0&FB
Service:
==== System Restore Points ===================
RP734: 11/10/2010 1:29:00 PM - Software Distribution Service 3.0
RP735: 11/16/2010 2:46:30 AM - Norton Security Suite Registry
RP736: 11/16/2010 3:41:21 AM - Installed Windows Media Player 11
RP737: 11/17/2010 3:52:36 AM - System Checkpoint
RP738: 11/18/2010 4:52:16 AM - System Checkpoint
RP739: 11/19/2010 5:52:15 AM - System Checkpoint
RP740: 11/20/2010 6:03:55 AM - System Checkpoint
RP741: 11/21/2010 6:52:14 AM - System Checkpoint
RP742: 11/22/2010 7:52:16 AM - System Checkpoint
RP743: 11/23/2010 2:29:05 AM - Norton Security Suite Registry
RP744: 11/24/2010 3:02:05 AM - System Checkpoint
RP745: 11/25/2010 4:02:07 AM - System Checkpoint
RP746: 11/26/2010 5:02:04 AM - System Checkpoint
RP747: 11/27/2010 6:02:03 AM - System Checkpoint
RP748: 11/28/2010 7:02:04 AM - System Checkpoint
RP749: 11/29/2010 8:02:08 AM - System Checkpoint
RP750: 11/30/2010 9:02:12 AM - System Checkpoint
RP751: 12/1/2010 10:02:13 AM - System Checkpoint
RP752: 12/2/2010 11:02:13 AM - System Checkpoint
RP753: 12/3/2010 12:02:13 PM - System Checkpoint
==== Installed Programs ======================
µTorrent
Acrobat.com
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.2
America Online (Choose which version to remove)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Spyware Protection
Audacity 1.3.12 (Unicode)
Audacity Recovery Utility
BTeasy 0.2.1.5
CD Wave Editor version 1.97
CKRename
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Critical Update for Windows Media Player 11 (KB959772)
CutePDF Writer 2.7
Delta
E-Transcript Bundle Viewer
Exact Audio Copy 0.99pb4
FLAC 1.2.1b (remove only)
foobar2000 v0.9.5.4
GIMP 2.6.6
Google Earth
Google Update Helper
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections 12.1.12.0
Java Auto Updater
Java(TM) 6 Update 22
Malwarebytes' Anti-Malware
Maxtor Manager
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.5.15)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton Security Suite
Octoshape add-in for Adobe Flash Player
PandoraRecovery (Remove Only)
Pure Networks Port Magic
QuickTime
r8brain 1.9
Realtek High Definition Audio Driver
Recuva
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
SHARP AM-900 Series MFP Driver
Sharpdesk
Sonic Activation Module
Sony Sound Forge 8.0d
Sound Forge Pro 10.0
Spybot - Search & Destroy
Spyware Doctor 7.0
SUPERAntiSpyware
Symantec Technical Support Web Controls
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
VLC media player 0.9.2
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows XP Service Pack 3
WinRAR archiver
==== Event Viewer Messages From Past Week ========
12/4/2010 4:47:29 AM, error: Dhcp [1002] - The IP address lease 192.168.100.2 for the Network Card with network address 001D097F523C has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
12/4/2010 4:47:07 AM, error: Dhcp [1002] - The IP address lease 65.34.193.123 for the Network Card with network address 001D097F523C has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
12/4/2010 4:24:37 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
12/4/2010 4:14:41 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12/4/2010 3:24:55 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 ccHP eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SRTSPX SymIRON SYMTDI Tcpip
12/4/2010 3:24:55 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/4/2010 3:24:55 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/4/2010 3:24:55 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/4/2010 3:24:55 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
12/4/2010 3:24:10 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/4/2010 3:02:21 AM, error: Service Control Manager [7000] - The PfModNT service failed to start due to the following error: The system cannot find the file specified.
12/4/2010 2:54:59 AM, error: Service Control Manager [7034] - The Maxtor Service service terminated unexpectedly. It has done this 1 time(s).
12/4/2010 2:54:59 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
==== End Of File ===========================
I will patiently await your response. Thank you again. Steve
I definitely have what appears to be a browser re-direct infection, as most, but not all of the time, my google searches are re-directed to either Bing or some other end page. No porn, just ads of different types. I have Norton running in the background, and use Spybot S&D from time to time to clean up anything else.
I have read the eight step instructions.
I have run TFC.
I have run the Malawarebytes and have attached the log below.
I have tried to run GMER at least a dozen times. I have tried it in regular mode, with and without the "devices" box checked. In either case, it froze up almost immediately after starting the scan. I then tried running it in safe mode, both with the "devices" box checked, and unchecked. The only progress that I ever got, was in safe mode, with the "devices" unchecked, and the scan ran for quite a while, started printing a lot of info in the box, and then went to the BSOD. The error message was uglcrfob.sys Page Fault In Non Paged Area. I have all the technical numbers, if it will be of any use. I uninstalled and re-downloaded GMER, and tried the safe mode again, and it did the same thing, program ran, then action, then BSOD. I have rebooted my computer more today than in the last year. I don't know what else to do.
So, I also ran DDS, and am attaching the logs below as well.
Your help is greatly appreciated. Steve
Malabytes Log:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 5077
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
12/4/2010 2:32:35 AM
mbam-log-2010-12-04 (02-32-35).txt
Scan type: Full scan (C:\|)
Objects scanned: 281270
Time elapsed: 4 hour(s), 53 minute(s), 31 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
**********************************************************
DDS Log:
DDS (Ver_10-11-09.01) - NTFSx86
Run by Steve Kwartin at 4:52:30.32 on Sat 12/04/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3317.2570 [GMT -5:00]
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DeltaIITray.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\Steve Kwartin\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.cnn.com/
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\4.3.0.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\4.3.0.5\IPSBHO.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\4.3.0.5\coIEPlg.dll
TB: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No File
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [M-Audio Taskbar Icon] c:\windows\system32\DeltaIITray.exe
mRun: [DeltaIITaskbarApp] c:\windows\system32\DeltaIITray.exe
mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/install-ie/alttiff.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1216653561431
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - c:\program files\sharp\sharpdesk\ExplorerExtensions.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\stevek~1\applic~1\mozilla\firefox\profiles\5l5wp0pq.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.cnn.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=ZUGO&form=ZGAADF&q=
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1908.5032\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
============= SERVICES / DRIVERS ===============
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-11-8 218592]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0403000.005\symds.sys [2010-11-10 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0403000.005\symefa.sys [2010-11-10 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20101123.003\BHDrvx86.sys [2010-11-22 691248]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys [2010-11-10 501888]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0403000.005\ironx86.sys [2010-11-10 116784]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\4.3.0.5\ccsvchst.exe [2010-11-10 126392]
R3 DELTAII;Service for M-Audio Delta Driver (WDM);c:\windows\system32\drivers\deltaII.sys [2008-11-23 302728]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-11-10 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20101130.001\IDSXpx86.sys [2010-10-19 341880]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20101203.032\NAVENG.SYS [2010-12-3 86064]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\virusdefs\20101203.032\NAVEX15.SYS [2010-12-3 1371184]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-11 136176]
S3 EraserUtilDrv11010;EraserUtilDrv11010;\??\c:\program files\common files\symantec shared\eengine\eraserutildrv11010.sys --> c:\program files\common files\symantec shared\eengine\EraserUtilDrv11010.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-11-8 366840]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-11-8 1142224]
=============== Created Last 30 ================
2010-11-16 07:50:58 -------- d-----w- c:\docume~1\stevek~1\applic~1\SUPERAntiSpyware.com
2010-11-16 07:50:58 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-11-16 07:50:32 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-11-10 18:39:12 -------- d-----w- c:\windows\system32\XPSViewer
2010-11-10 18:38:01 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-11-10 18:37:24 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-11-10 18:37:24 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-11-10 18:37:24 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-11-10 18:37:24 117760 ------w- c:\windows\system32\prntvpt.dll
2010-11-10 18:37:23 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-11-10 18:37:23 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-11-10 18:37:22 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-11-10 18:37:22 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-11-10 18:37:18 -------- d-----w- C:\855d0ab8392c5309ac0ce3f70e9b
2010-11-10 10:16:45 339504 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symtdiv.sys
2010-11-10 10:16:44 361904 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symtdi.sys
2010-11-10 10:16:43 328752 ----a-r- c:\windows\system32\drivers\n360\0403000.005\symds.sys
2010-11-10 10:16:43 173104 ----a-w- c:\windows\system32\drivers\n360\0403000.005\symefa.sys
2010-11-10 10:16:41 43696 ----a-w- c:\windows\system32\drivers\n360\0403000.005\srtspx.sys
2010-11-10 10:16:41 325680 ----a-w- c:\windows\system32\drivers\n360\0403000.005\srtsp.sys
2010-11-10 10:16:40 501888 ----a-w- c:\windows\system32\drivers\n360\0403000.005\cchpx86.sys
2010-11-10 10:16:40 116784 ----a-w- c:\windows\system32\drivers\n360\0403000.005\ironx86.sys
2010-11-10 10:09:10 -------- d-----w- c:\windows\system32\drivers\n360\0403000.005
2010-11-10 08:30:38 -------- d-----w- c:\docume~1\stevek~1\applic~1\Tific
2010-11-10 05:29:22 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-11-10 05:29:22 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-11-10 05:29:08 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-11-10 05:29:08 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-11-10 05:29:07 -------- d-----w- c:\program files\Symantec
2010-11-10 05:28:02 -------- d-----w- c:\windows\system32\drivers\N360
2010-11-10 05:28:00 -------- d-----w- c:\program files\Norton Security Suite
2010-11-10 05:27:50 -------- d-----w- c:\program files\NortonInstaller
2010-11-10 05:02:15 -------- d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2010-11-10 04:59:51 -------- d-----w- c:\docume~1\alluse~1\applic~1\Norton
2010-11-08 20:09:13 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-11-08 20:09:09 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-11-08 20:09:09 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-11-08 20:09:05 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-11-08 20:08:41 -------- d-----w- c:\program files\Spyware Doctor
2010-11-08 20:08:41 -------- d-----w- c:\program files\common files\PC Tools
2010-11-08 20:08:41 -------- d-----w- c:\docume~1\stevek~1\applic~1\PC Tools
2010-11-08 20:08:41 -------- d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2010-11-08 18:49:27 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-11-08 18:49:27 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-11-08 18:49:14 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-11-08 18:48:08 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-11-08 18:40:58 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-11-06 23:17:58 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-11-06 23:17:58 -------- d-----w- c:\windows\system32\wbem\Repository
2010-11-06 23:11:11 -------- d-----w- c:\program files\Quick Web Player
2010-11-06 22:30:28 105984 --sha-r- c:\windows\system32\WMSPDMOEQ.dll
2010-11-05 23:46:45 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
==================== Find3M ====================
2010-09-18 17:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-15 08:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 06:29:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-09 13:38:01 832512 ----a-w- c:\windows\system32\wininet.dll
2010-09-09 13:38:01 1830912 ------w- c:\windows\system32\inetcpl.cpl
2010-09-09 13:38:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-09-09 13:38:00 17408 ----a-w- c:\windows\system32\corpol.dll
============= FINISH: 4:53:56.34 ===============
*********************************************************************************
Attach Log:
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-11-09.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/21/2008 9:35:28 AM
System Uptime: 12/4/2010 4:43:52 AM (0 hours ago)
Motherboard: Dell Inc. | | 0FM586
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2394/266mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 233 GiB total, 4.275 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 37 GiB total, 1.918 GiB free.
G: is FIXED (NTFS) - 699 GiB total, 607.38 GiB free.
==== Disabled Device Manager Items =============
Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_8086&DEV_29C1&SUBSYS_00000000&REV_02\3&2411E6FE&0&08
Manufacturer: (Standard system devices)
Name: PCI standard PCI-to-PCI bridge
PNP Device ID: PCI\VEN_8086&DEV_29C1&SUBSYS_00000000&REV_02\3&2411E6FE&0&08
Service: pci
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Realtek High Definition Audio
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_1028020D&REV_1000\4&18CA5B6A&0&0201
Manufacturer: Realtek
Name: Realtek High Definition Audio
PNP Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_1028020D&REV_1000\4&18CA5B6A&0&0201
Service: IntcAzAudAddService
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_020D1028&REV_02\3&2411E6FE&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_020D1028&REV_02\3&2411E6FE&0&FB
Service:
==== System Restore Points ===================
RP734: 11/10/2010 1:29:00 PM - Software Distribution Service 3.0
RP735: 11/16/2010 2:46:30 AM - Norton Security Suite Registry
RP736: 11/16/2010 3:41:21 AM - Installed Windows Media Player 11
RP737: 11/17/2010 3:52:36 AM - System Checkpoint
RP738: 11/18/2010 4:52:16 AM - System Checkpoint
RP739: 11/19/2010 5:52:15 AM - System Checkpoint
RP740: 11/20/2010 6:03:55 AM - System Checkpoint
RP741: 11/21/2010 6:52:14 AM - System Checkpoint
RP742: 11/22/2010 7:52:16 AM - System Checkpoint
RP743: 11/23/2010 2:29:05 AM - Norton Security Suite Registry
RP744: 11/24/2010 3:02:05 AM - System Checkpoint
RP745: 11/25/2010 4:02:07 AM - System Checkpoint
RP746: 11/26/2010 5:02:04 AM - System Checkpoint
RP747: 11/27/2010 6:02:03 AM - System Checkpoint
RP748: 11/28/2010 7:02:04 AM - System Checkpoint
RP749: 11/29/2010 8:02:08 AM - System Checkpoint
RP750: 11/30/2010 9:02:12 AM - System Checkpoint
RP751: 12/1/2010 10:02:13 AM - System Checkpoint
RP752: 12/2/2010 11:02:13 AM - System Checkpoint
RP753: 12/3/2010 12:02:13 PM - System Checkpoint
==== Installed Programs ======================
µTorrent
Acrobat.com
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.2
America Online (Choose which version to remove)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Spyware Protection
Audacity 1.3.12 (Unicode)
Audacity Recovery Utility
BTeasy 0.2.1.5
CD Wave Editor version 1.97
CKRename
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Critical Update for Windows Media Player 11 (KB959772)
CutePDF Writer 2.7
Delta
E-Transcript Bundle Viewer
Exact Audio Copy 0.99pb4
FLAC 1.2.1b (remove only)
foobar2000 v0.9.5.4
GIMP 2.6.6
Google Earth
Google Update Helper
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections 12.1.12.0
Java Auto Updater
Java(TM) 6 Update 22
Malwarebytes' Anti-Malware
Maxtor Manager
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.5.15)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton Security Suite
Octoshape add-in for Adobe Flash Player
PandoraRecovery (Remove Only)
Pure Networks Port Magic
QuickTime
r8brain 1.9
Realtek High Definition Audio Driver
Recuva
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
SHARP AM-900 Series MFP Driver
Sharpdesk
Sonic Activation Module
Sony Sound Forge 8.0d
Sound Forge Pro 10.0
Spybot - Search & Destroy
Spyware Doctor 7.0
SUPERAntiSpyware
Symantec Technical Support Web Controls
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
VLC media player 0.9.2
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows XP Service Pack 3
WinRAR archiver
==== Event Viewer Messages From Past Week ========
12/4/2010 4:47:29 AM, error: Dhcp [1002] - The IP address lease 192.168.100.2 for the Network Card with network address 001D097F523C has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
12/4/2010 4:47:07 AM, error: Dhcp [1002] - The IP address lease 65.34.193.123 for the Network Card with network address 001D097F523C has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
12/4/2010 4:24:37 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
12/4/2010 4:14:41 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12/4/2010 3:24:55 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 ccHP eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SRTSPX SymIRON SYMTDI Tcpip
12/4/2010 3:24:55 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/4/2010 3:24:55 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/4/2010 3:24:55 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/4/2010 3:24:55 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
12/4/2010 3:24:10 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/4/2010 3:02:21 AM, error: Service Control Manager [7000] - The PfModNT service failed to start due to the following error: The system cannot find the file specified.
12/4/2010 2:54:59 AM, error: Service Control Manager [7034] - The Maxtor Service service terminated unexpectedly. It has done this 1 time(s).
12/4/2010 2:54:59 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
==== End Of File ===========================
I will patiently await your response. Thank you again. Steve