Hello, my programs and internet not responding even after Malwarebytes was updated and ran a scan. Performed forum recommended 4 step process. Any assistance and help would be greatly appreciated.
Inactive Laptop infected with virus or malware & programs inactive!
- Thread starter robert lee
- Start date
- Status
Broni
Posts: 56,041 +516
Welcome aboard
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Please, observe following rules:
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Please, observe following rules:
- Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
- If you're stuck, or you're not sure about certain step, always ask before doing anything else.
- Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
- Never run more than one scan at a time.
- Keep updating me regarding your computer behavior, good, or bad.
- The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
- If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
- I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
Malwarebytes Anti-Malware (PRO) 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.24.11
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Robert :: PREPRODUCTION [administrator]
Protection: Enabled
11/24/2012 4:27:23 PM
mbam-log-2012-11-24 (16-27-23).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211121
Time elapsed: 7 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 4/3/2007 11:01:34 AM
System Uptime: 11/24/2012 1:47:58 PM (3 hours ago)
.
Motherboard: Hewlett-Packard | | 09BC
Processor: Intel(R) Pentium(R) M processor 1.73GHz | U1 | 1729/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 93 GiB total, 54.005 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_3081103C&REV_04\3&B1BFB68&0&F3
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_3081103C&REV_04\3&B1BFB68&0&F3
Service:
.
==== System Restore Points ===================
.
RP1483: 8/24/2012 6:48:53 PM - System Checkpoint
RP1484: 8/25/2012 10:34:20 PM - System Checkpoint
RP1485: 8/27/2012 11:42:13 AM - System Checkpoint
RP1486: 8/28/2012 8:17:38 PM - System Checkpoint
RP1487: 8/30/2012 12:10:41 AM - System Checkpoint
RP1488: 8/31/2012 7:25:06 AM - System Checkpoint
RP1489: 9/2/2012 10:24:26 AM - System Checkpoint
RP1490: 9/4/2012 10:52:13 AM - System Checkpoint
RP1491: 9/6/2012 8:33:45 PM - System Checkpoint
RP1492: 9/7/2012 10:15:54 PM - System Checkpoint
RP1493: 9/8/2012 3:08:01 AM - Removed Java(TM) 7 Update 5
RP1494: 9/8/2012 3:09:04 AM - Installed Java 7 Update 7
RP1495: 9/9/2012 3:14:59 AM - System Checkpoint
RP1496: 9/12/2012 3:00:23 AM - Software Distribution Service 3.0
RP1497: 9/14/2012 2:01:12 AM - System Checkpoint
RP1498: 9/16/2012 2:55:00 AM - System Checkpoint
RP1499: 9/17/2012 4:16:07 AM - System Checkpoint
RP1500: 9/18/2012 4:26:16 AM - System Checkpoint
RP1501: 9/19/2012 10:56:34 PM - System Checkpoint
RP1502: 9/21/2012 12:59:29 AM - System Checkpoint
RP1503: 9/22/2012 8:11:09 AM - Software Distribution Service 3.0
RP1504: 9/23/2012 8:35:39 AM - System Checkpoint
RP1505: 9/24/2012 9:05:24 AM - System Checkpoint
RP1506: 9/25/2012 11:37:06 AM - System Checkpoint
RP1507: 9/27/2012 12:38:46 AM - System Checkpoint
RP1508: 10/3/2012 2:41:35 AM - System Checkpoint
RP1509: 10/5/2012 1:22:02 PM - System Checkpoint
RP1510: 10/6/2012 11:08:55 PM - System Checkpoint
RP1511: 10/8/2012 12:21:38 AM - System Checkpoint
RP1512: 10/9/2012 7:37:17 AM - System Checkpoint
RP1513: 10/10/2012 3:00:44 AM - Software Distribution Service 3.0
RP1514: 10/12/2012 3:47:15 PM - System Checkpoint
RP1515: 10/13/2012 3:51:44 PM - System Checkpoint
RP1516: 10/15/2012 7:26:36 PM - System Checkpoint
RP1517: 10/17/2012 7:02:04 PM - System Checkpoint
RP1518: 10/18/2012 7:53:00 PM - System Checkpoint
RP1519: 10/19/2012 8:53:01 PM - System Checkpoint
RP1520: 10/20/2012 9:52:00 PM - System Checkpoint
RP1521: 10/22/2012 8:38:28 AM - System Checkpoint
RP1522: 10/23/2012 10:16:04 AM - Installed Java 7 Update 9
RP1523: 10/23/2012 11:59:01 AM - Removed Java 7 Update 7
RP1524: 10/23/2012 12:00:03 PM - Installed Java 7 Update 9
RP1525: 10/24/2012 12:43:49 PM - Revo Uninstaller Pro's restore point - McAfee Security Scan Plus
RP1526: 10/25/2012 1:15:29 PM - System Checkpoint
RP1527: 10/26/2012 2:05:45 AM - Revo Uninstaller Pro's restore point - Dasher
RP1528: 10/27/2012 2:11:11 AM - System Checkpoint
RP1529: 10/28/2012 10:42:11 PM - System Checkpoint
RP1530: 10/29/2012 11:34:55 PM - System Checkpoint
RP1531: 10/31/2012 5:14:38 PM - System Checkpoint
RP1532: 11/1/2012 5:31:51 PM - System Checkpoint
RP1533: 11/2/2012 11:08:03 PM - System Checkpoint
RP1534: 11/4/2012 1:20:42 AM - System Checkpoint
RP1535: 11/5/2012 11:08:51 AM - System Checkpoint
RP1536: 11/6/2012 12:06:29 PM - System Checkpoint
RP1537: 11/7/2012 12:30:25 PM - System Checkpoint
RP1538: 11/8/2012 12:34:58 PM - System Checkpoint
RP1539: 11/9/2012 12:54:01 PM - System Checkpoint
RP1540: 11/13/2012 1:50:00 AM - System Checkpoint
RP1541: 11/15/2012 3:01:20 AM - Software Distribution Service 3.0
RP1542: 11/16/2012 3:54:07 AM - System Checkpoint
RP1543: 11/18/2012 10:54:37 AM - Revo Uninstaller Pro's restore point - SpeedItup Free 7.85
RP1544: 11/18/2012 11:00:30 AM - Revo Uninstaller Pro's restore point - PC Optimizer Pro
RP1545: 11/18/2012 11:04:06 AM - Revo Uninstaller Pro's restore point - 7-zip v9.20
RP1546: 11/18/2012 11:22:32 AM - Software Distribution Service 3.0
RP1547: 11/18/2012 10:59:17 PM - Revo Uninstaller Pro's restore point - PC Cleaner v3.1
RP1548: 11/18/2012 11:07:31 PM - Revo Uninstaller Pro's restore point - Fast Search
RP1549: 11/19/2012 3:43:31 AM - Revo Uninstaller Pro's restore point - DefaultTab
RP1550: 11/19/2012 3:44:43 AM - Revo Uninstaller Pro's restore point - DefaultTab Chrome
RP1551: 11/21/2012 12:35:45 PM - System Checkpoint
RP1552: 11/23/2012 1:57:14 AM - ComboFix created restore point
.
==== Installed Programs ======================
.
"Nero SoundTrax Help
AC3Filter 1.63b
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe Acrobat 8 Professional
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe After Effects CS3 Third Party Content
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Contribute CS3
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Encore CS3
Adobe Encore CS3 Codecs
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Flash CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Reader 8.1.4
Adobe Setup
Adobe SING CS3
Adobe Soundbooth CS3
Adobe Soundbooth CS3 Codecs
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server {ko_KR}
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
Advertising Center
AHV content for Acrobat and Flash
Allok 3GP PSP MP4 iPod Video Converter 4.8.0310
AnyDVD
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auslogics BoostSpeed
BeatPack (0.9)
Bonjour
Broadcom 802.11 Driver
Business Plan Pro 2007
Canon iP90
Dasher
DivX Version Checker
DolbyFiles
DVDFab Platinum 3.1.1.6 Ghosthunter release
Easy GIF Animator 4.6 Pro
Exterminate It!
Free YouTube Downloader 3.5.124
Google Chrome
Handbrake 0.9.4
Hewlett-Packard ACLM.NET v1.1.0.0
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
HP Product Detection
HP Wireless Assistant 1.01 C1
ImagXpress
Intel(R) Graphics Media Accelerator Driver for Mobile
iolo Memory Mechanic
iTunes
Java 7 Update 9
Java Auto Updater
JavaFX 2.1.1
Malwarebytes Anti-Malware version 1.65.1.1000
Memory Washer 4.7.1
Menu Templates - Starter Kit
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Sounds
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mixing & Mastering - Know It All! (V1.2) Version 1.2
MobileMe Control Panel
Movie Templates - Starter Kit
Mozilla Firefox 10.0.1 (x86 en-US)
MSVC80_x86
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Nero 9
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero Installer
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero RescueAgent Help
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
neroxml
Nokia Multimedia Factory
PC Connectivity Solution
PDF Settings
Playchess
PlayChess
PowerISO
QuickBooks Premier: Accountant Edition 2007
QuickBooks Product Listing Service
QuickTime
QwiklinxForChrome
REALTEK Gigabit and Fast Ethernet NIC Driver
Revo Uninstaller 1.93
Revo Uninstaller Pro 2.5.9
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Sharpener Pro 3.0
SoundTrax
SupportSoft Assisted Service
Texas Instruments PCIxx21/x515 drivers.
TIxx21
ToonIt!
Ultra Video Joiner 5.2.0220
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
URGE
VLC media player 2.0.1
WebFldrs XP
Webroot SecureAnywhere
WinAVI Video Converter 9.0
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
11/24/2012 9:09:22 AM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0012F047DBA5. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
11/24/2012 4:25:34 PM, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/23/2012 12:29:41 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ElbyCDIO Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SCDEmu Tcpip WS2IFSL
11/23/2012 1:26:46 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11/23/2012 1:26:11 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ElbyCDIO Fips intelppm SCDEmu
11/22/2012 2:35:43 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the WRSVC service, but this action failed with the following error: An instance of the service is already running.
11/22/2012 2:35:34 PM, error: Service Control Manager [7031] - The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
11/22/2012 10:16:13 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
11/22/2012 10:16:09 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ElbyCDIO Fips intelppm IPSec MRxSmb NetBIOS NetBT ohci1394 PCIIde RasAcd Rdbss SCDEmu Tcpip
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The IP Traffic Filter Driver service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:15:36 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/19/2012 4:50:43 AM, error: Service Control Manager [7034] - The DefaultTabUpdate service terminated unexpectedly. It has done this 1 time(s).
11/19/2012 2:28:18 AM, error: Service Control Manager [7001] - The Windows Search service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/18/2012 12:02:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by Robert at 16:41:11 on 2012-11-24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1124 [GMT -8:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {D486329C-1488-4CEB-9CC8-D662B732D904}
.
============== Running Processes ================
.
C:\Program Files\Webroot\WRSA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Webroot\WRSA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://att.my.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
BHO: AutorunsDisabled - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [WRSVC] "c:\program files\webroot\WRSA.exe" -ul
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{AD4B3C5C-F304-4F2D-B8B9-77824F44C421} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R0 93208652;93208652;c:\windows\system32\drivers\93208652.sys [2012-11-22 133208]
R0 WRkrn;WRkrn;c:\windows\system32\drivers\WRkrn.sys [2012-2-7 112656]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-18 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-27 676936]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [2010-4-6 66944]
R2 WRSVC;WRSVC;c:\program files\webroot\WRSA.exe [2012-2-7 729544]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-27 22856]
S3 ExterminateIt;ExterminateIt;c:\windows\system32\drivers\extit.sys [2012-11-19 39936]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2009-11-7 23096]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2009-6-19 18432]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-2-6 27064]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-11-23 07:33:57--------d-sha-r-C:\cmdcons
2012-11-23 07:31:4298816----a-w-c:\windows\sed.exe
2012-11-23 07:31:42256000----a-w-c:\windows\PEV.exe
2012-11-23 07:31:42208896----a-w-c:\windows\MBR.exe
2012-11-23 03:57:58--------d-----w-c:\documents and settings\robert\local settings\application data\NPE
2012-11-23 03:50:26133208----a-w-c:\windows\system32\drivers\93208652.sys
2012-11-19 10:54:1939936----a-w-c:\windows\system32\drivers\extit.sys
2012-11-19 09:28:49--------d-----w-c:\documents and settings\robert\application data\Curiolab
2012-11-19 09:27:10--------d-----w-c:\program files\Exterminate It!
2012-11-18 18:53:38--------d-----w-c:\documents and settings\all users\application data\PC Optimizer Pro
2012-11-18 18:44:40--------d-----w-c:\documents and settings\robert\application data\Shop to Win 28
2012-11-18 18:44:13--------d-----w-c:\program files\QwiklinxForChrome
2012-11-18 18:44:13--------d-----w-c:\documents and settings\robert\application data\QwiklinxForChrome
2012-11-18 18:43:40--------d-----w-c:\program files\STW Installer
2012-11-18 18:43:40--------d-----w-c:\documents and settings\robert\application data\DefaultTab
.
==================== Find3M ====================
.
2012-11-11 20:48:06112656----a-w-c:\windows\system32\drivers\WRkrn.sys
2012-11-11 20:48:05150712----a-w-c:\windows\system32\WRusr.dll
2012-10-25 11:12:2694208----a-w-c:\windows\system32\QuickTimeVR.qtx
2012-10-25 11:12:2669632----a-w-c:\windows\system32\QuickTime.qts
2012-10-23 19:00:1693672----a-w-c:\windows\system32\WindowsAccessBridge.dll
2012-10-23 19:00:13143872----a-w-c:\windows\system32\javacpl.cpl
2012-10-23 19:00:12821736-c--a-w-c:\windows\system32\npDeployJava1.dll
2012-10-23 19:00:12746984-c--a-w-c:\windows\system32\deployJava1.dll
2012-10-22 08:37:311866368----a-w-c:\windows\system32\win32k.sys
2012-10-02 18:04:2158368----a-w-c:\windows\system32\synceng.dll
2012-09-30 03:54:2622856----a-w-c:\windows\system32\drivers\mbam.sys
2012-08-28 15:14:53916992----a-w-c:\windows\system32\wininet.dll
2012-08-28 15:14:5343520----a-w-c:\windows\system32\licmgr10.dll
2012-08-28 15:14:521469440----a-w-c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15385024----a-w-c:\windows\system32\html.iec
.
============= FINISH: 16:42:25.03 ===============
www.malwarebytes.org
Database version: v2012.11.24.11
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Robert :: PREPRODUCTION [administrator]
Protection: Enabled
11/24/2012 4:27:23 PM
mbam-log-2012-11-24 (16-27-23).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211121
Time elapsed: 7 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 4/3/2007 11:01:34 AM
System Uptime: 11/24/2012 1:47:58 PM (3 hours ago)
.
Motherboard: Hewlett-Packard | | 09BC
Processor: Intel(R) Pentium(R) M processor 1.73GHz | U1 | 1729/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 93 GiB total, 54.005 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_3081103C&REV_04\3&B1BFB68&0&F3
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_3081103C&REV_04\3&B1BFB68&0&F3
Service:
.
==== System Restore Points ===================
.
RP1483: 8/24/2012 6:48:53 PM - System Checkpoint
RP1484: 8/25/2012 10:34:20 PM - System Checkpoint
RP1485: 8/27/2012 11:42:13 AM - System Checkpoint
RP1486: 8/28/2012 8:17:38 PM - System Checkpoint
RP1487: 8/30/2012 12:10:41 AM - System Checkpoint
RP1488: 8/31/2012 7:25:06 AM - System Checkpoint
RP1489: 9/2/2012 10:24:26 AM - System Checkpoint
RP1490: 9/4/2012 10:52:13 AM - System Checkpoint
RP1491: 9/6/2012 8:33:45 PM - System Checkpoint
RP1492: 9/7/2012 10:15:54 PM - System Checkpoint
RP1493: 9/8/2012 3:08:01 AM - Removed Java(TM) 7 Update 5
RP1494: 9/8/2012 3:09:04 AM - Installed Java 7 Update 7
RP1495: 9/9/2012 3:14:59 AM - System Checkpoint
RP1496: 9/12/2012 3:00:23 AM - Software Distribution Service 3.0
RP1497: 9/14/2012 2:01:12 AM - System Checkpoint
RP1498: 9/16/2012 2:55:00 AM - System Checkpoint
RP1499: 9/17/2012 4:16:07 AM - System Checkpoint
RP1500: 9/18/2012 4:26:16 AM - System Checkpoint
RP1501: 9/19/2012 10:56:34 PM - System Checkpoint
RP1502: 9/21/2012 12:59:29 AM - System Checkpoint
RP1503: 9/22/2012 8:11:09 AM - Software Distribution Service 3.0
RP1504: 9/23/2012 8:35:39 AM - System Checkpoint
RP1505: 9/24/2012 9:05:24 AM - System Checkpoint
RP1506: 9/25/2012 11:37:06 AM - System Checkpoint
RP1507: 9/27/2012 12:38:46 AM - System Checkpoint
RP1508: 10/3/2012 2:41:35 AM - System Checkpoint
RP1509: 10/5/2012 1:22:02 PM - System Checkpoint
RP1510: 10/6/2012 11:08:55 PM - System Checkpoint
RP1511: 10/8/2012 12:21:38 AM - System Checkpoint
RP1512: 10/9/2012 7:37:17 AM - System Checkpoint
RP1513: 10/10/2012 3:00:44 AM - Software Distribution Service 3.0
RP1514: 10/12/2012 3:47:15 PM - System Checkpoint
RP1515: 10/13/2012 3:51:44 PM - System Checkpoint
RP1516: 10/15/2012 7:26:36 PM - System Checkpoint
RP1517: 10/17/2012 7:02:04 PM - System Checkpoint
RP1518: 10/18/2012 7:53:00 PM - System Checkpoint
RP1519: 10/19/2012 8:53:01 PM - System Checkpoint
RP1520: 10/20/2012 9:52:00 PM - System Checkpoint
RP1521: 10/22/2012 8:38:28 AM - System Checkpoint
RP1522: 10/23/2012 10:16:04 AM - Installed Java 7 Update 9
RP1523: 10/23/2012 11:59:01 AM - Removed Java 7 Update 7
RP1524: 10/23/2012 12:00:03 PM - Installed Java 7 Update 9
RP1525: 10/24/2012 12:43:49 PM - Revo Uninstaller Pro's restore point - McAfee Security Scan Plus
RP1526: 10/25/2012 1:15:29 PM - System Checkpoint
RP1527: 10/26/2012 2:05:45 AM - Revo Uninstaller Pro's restore point - Dasher
RP1528: 10/27/2012 2:11:11 AM - System Checkpoint
RP1529: 10/28/2012 10:42:11 PM - System Checkpoint
RP1530: 10/29/2012 11:34:55 PM - System Checkpoint
RP1531: 10/31/2012 5:14:38 PM - System Checkpoint
RP1532: 11/1/2012 5:31:51 PM - System Checkpoint
RP1533: 11/2/2012 11:08:03 PM - System Checkpoint
RP1534: 11/4/2012 1:20:42 AM - System Checkpoint
RP1535: 11/5/2012 11:08:51 AM - System Checkpoint
RP1536: 11/6/2012 12:06:29 PM - System Checkpoint
RP1537: 11/7/2012 12:30:25 PM - System Checkpoint
RP1538: 11/8/2012 12:34:58 PM - System Checkpoint
RP1539: 11/9/2012 12:54:01 PM - System Checkpoint
RP1540: 11/13/2012 1:50:00 AM - System Checkpoint
RP1541: 11/15/2012 3:01:20 AM - Software Distribution Service 3.0
RP1542: 11/16/2012 3:54:07 AM - System Checkpoint
RP1543: 11/18/2012 10:54:37 AM - Revo Uninstaller Pro's restore point - SpeedItup Free 7.85
RP1544: 11/18/2012 11:00:30 AM - Revo Uninstaller Pro's restore point - PC Optimizer Pro
RP1545: 11/18/2012 11:04:06 AM - Revo Uninstaller Pro's restore point - 7-zip v9.20
RP1546: 11/18/2012 11:22:32 AM - Software Distribution Service 3.0
RP1547: 11/18/2012 10:59:17 PM - Revo Uninstaller Pro's restore point - PC Cleaner v3.1
RP1548: 11/18/2012 11:07:31 PM - Revo Uninstaller Pro's restore point - Fast Search
RP1549: 11/19/2012 3:43:31 AM - Revo Uninstaller Pro's restore point - DefaultTab
RP1550: 11/19/2012 3:44:43 AM - Revo Uninstaller Pro's restore point - DefaultTab Chrome
RP1551: 11/21/2012 12:35:45 PM - System Checkpoint
RP1552: 11/23/2012 1:57:14 AM - ComboFix created restore point
.
==== Installed Programs ======================
.
"Nero SoundTrax Help
AC3Filter 1.63b
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe Acrobat 8 Professional
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe After Effects CS3 Third Party Content
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Contribute CS3
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Encore CS3
Adobe Encore CS3 Codecs
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Flash CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Reader 8.1.4
Adobe Setup
Adobe SING CS3
Adobe Soundbooth CS3
Adobe Soundbooth CS3 Codecs
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server {ko_KR}
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
Advertising Center
AHV content for Acrobat and Flash
Allok 3GP PSP MP4 iPod Video Converter 4.8.0310
AnyDVD
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auslogics BoostSpeed
BeatPack (0.9)
Bonjour
Broadcom 802.11 Driver
Business Plan Pro 2007
Canon iP90
Dasher
DivX Version Checker
DolbyFiles
DVDFab Platinum 3.1.1.6 Ghosthunter release
Easy GIF Animator 4.6 Pro
Exterminate It!
Free YouTube Downloader 3.5.124
Google Chrome
Handbrake 0.9.4
Hewlett-Packard ACLM.NET v1.1.0.0
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
HP Product Detection
HP Wireless Assistant 1.01 C1
ImagXpress
Intel(R) Graphics Media Accelerator Driver for Mobile
iolo Memory Mechanic
iTunes
Java 7 Update 9
Java Auto Updater
JavaFX 2.1.1
Malwarebytes Anti-Malware version 1.65.1.1000
Memory Washer 4.7.1
Menu Templates - Starter Kit
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Sounds
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mixing & Mastering - Know It All! (V1.2) Version 1.2
MobileMe Control Panel
Movie Templates - Starter Kit
Mozilla Firefox 10.0.1 (x86 en-US)
MSVC80_x86
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Nero 9
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero Installer
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero RescueAgent Help
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
neroxml
Nokia Multimedia Factory
PC Connectivity Solution
PDF Settings
Playchess
PlayChess
PowerISO
QuickBooks Premier: Accountant Edition 2007
QuickBooks Product Listing Service
QuickTime
QwiklinxForChrome
REALTEK Gigabit and Fast Ethernet NIC Driver
Revo Uninstaller 1.93
Revo Uninstaller Pro 2.5.9
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Sharpener Pro 3.0
SoundTrax
SupportSoft Assisted Service
Texas Instruments PCIxx21/x515 drivers.
TIxx21
ToonIt!
Ultra Video Joiner 5.2.0220
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
URGE
VLC media player 2.0.1
WebFldrs XP
Webroot SecureAnywhere
WinAVI Video Converter 9.0
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
11/24/2012 9:09:22 AM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0012F047DBA5. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
11/24/2012 4:25:34 PM, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/23/2012 12:29:41 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ElbyCDIO Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SCDEmu Tcpip WS2IFSL
11/23/2012 1:26:46 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11/23/2012 1:26:11 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ElbyCDIO Fips intelppm SCDEmu
11/22/2012 2:35:43 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the WRSVC service, but this action failed with the following error: An instance of the service is already running.
11/22/2012 2:35:34 PM, error: Service Control Manager [7031] - The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
11/22/2012 10:16:13 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
11/22/2012 10:16:09 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ElbyCDIO Fips intelppm IPSec MRxSmb NetBIOS NetBT ohci1394 PCIIde RasAcd Rdbss SCDEmu Tcpip
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The IP Traffic Filter Driver service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:16:09 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/22/2012 10:15:36 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/19/2012 4:50:43 AM, error: Service Control Manager [7034] - The DefaultTabUpdate service terminated unexpectedly. It has done this 1 time(s).
11/19/2012 2:28:18 AM, error: Service Control Manager [7001] - The Windows Search service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/18/2012 12:02:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by Robert at 16:41:11 on 2012-11-24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1124 [GMT -8:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {D486329C-1488-4CEB-9CC8-D662B732D904}
.
============== Running Processes ================
.
C:\Program Files\Webroot\WRSA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Webroot\WRSA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://att.my.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
BHO: AutorunsDisabled - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [WRSVC] "c:\program files\webroot\WRSA.exe" -ul
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{AD4B3C5C-F304-4F2D-B8B9-77824F44C421} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R0 93208652;93208652;c:\windows\system32\drivers\93208652.sys [2012-11-22 133208]
R0 WRkrn;WRkrn;c:\windows\system32\drivers\WRkrn.sys [2012-2-7 112656]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-18 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-27 676936]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [2010-4-6 66944]
R2 WRSVC;WRSVC;c:\program files\webroot\WRSA.exe [2012-2-7 729544]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-27 22856]
S3 ExterminateIt;ExterminateIt;c:\windows\system32\drivers\extit.sys [2012-11-19 39936]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2009-11-7 23096]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2009-6-19 18432]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-2-6 27064]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-11-23 07:33:57--------d-sha-r-C:\cmdcons
2012-11-23 07:31:4298816----a-w-c:\windows\sed.exe
2012-11-23 07:31:42256000----a-w-c:\windows\PEV.exe
2012-11-23 07:31:42208896----a-w-c:\windows\MBR.exe
2012-11-23 03:57:58--------d-----w-c:\documents and settings\robert\local settings\application data\NPE
2012-11-23 03:50:26133208----a-w-c:\windows\system32\drivers\93208652.sys
2012-11-19 10:54:1939936----a-w-c:\windows\system32\drivers\extit.sys
2012-11-19 09:28:49--------d-----w-c:\documents and settings\robert\application data\Curiolab
2012-11-19 09:27:10--------d-----w-c:\program files\Exterminate It!
2012-11-18 18:53:38--------d-----w-c:\documents and settings\all users\application data\PC Optimizer Pro
2012-11-18 18:44:40--------d-----w-c:\documents and settings\robert\application data\Shop to Win 28
2012-11-18 18:44:13--------d-----w-c:\program files\QwiklinxForChrome
2012-11-18 18:44:13--------d-----w-c:\documents and settings\robert\application data\QwiklinxForChrome
2012-11-18 18:43:40--------d-----w-c:\program files\STW Installer
2012-11-18 18:43:40--------d-----w-c:\documents and settings\robert\application data\DefaultTab
.
==================== Find3M ====================
.
2012-11-11 20:48:06112656----a-w-c:\windows\system32\drivers\WRkrn.sys
2012-11-11 20:48:05150712----a-w-c:\windows\system32\WRusr.dll
2012-10-25 11:12:2694208----a-w-c:\windows\system32\QuickTimeVR.qtx
2012-10-25 11:12:2669632----a-w-c:\windows\system32\QuickTime.qts
2012-10-23 19:00:1693672----a-w-c:\windows\system32\WindowsAccessBridge.dll
2012-10-23 19:00:13143872----a-w-c:\windows\system32\javacpl.cpl
2012-10-23 19:00:12821736-c--a-w-c:\windows\system32\npDeployJava1.dll
2012-10-23 19:00:12746984-c--a-w-c:\windows\system32\deployJava1.dll
2012-10-22 08:37:311866368----a-w-c:\windows\system32\win32k.sys
2012-10-02 18:04:2158368----a-w-c:\windows\system32\synceng.dll
2012-09-30 03:54:2622856----a-w-c:\windows\system32\drivers\mbam.sys
2012-08-28 15:14:53916992----a-w-c:\windows\system32\wininet.dll
2012-08-28 15:14:5343520----a-w-c:\windows\system32\licmgr10.dll
2012-08-28 15:14:521469440----a-w-c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15385024----a-w-c:\windows\system32\html.iec
.
============= FINISH: 16:42:25.03 ===============
Broni
Posts: 56,041 +516
- Download RogueKiller on the desktop
- Close all the running programs
- Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
- Otherwise just double-click on RogueKiller.exe
- Pre-scan will start. Let it finish.
- Click on SCAN button.
- Wait until the Status box shows Scan Finished
- Click on Delete.
- Wait until the Status box shows Deleting Finished.
- Click on Report and copy/paste the content of the Notepad into your next reply.
- RKreport.txt could also be found on your desktop.
- If more than one log is produced post all logs.
- If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
==============================
Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.
NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
- Status
Latest posts
-
How to play PS1 Doom on PC (and why you might want to)- amghwk replied
-
Modder builds a Nintendo Wii the size of a deck of cards- WhiteLeaff replied
-
PlayStation 5 Pro will be bigger, faster, and better using the same CPU- Squid Surprise replied
-
Apple is rolling out AirPlay support for TVs in hotel rooms- RudyBob replied
