silverado99
Posts: 17 +0
Help Please?
Recently installed Eset and it found this in "operating memory".: win32/olmarik.TDL4trojan. I have also can't access Google unless I use their IP address NOR can I access any sites through a Google link. I am also experiencing occasionally complete computer shutdowns. I thought maybe the computer was shutting down because of overheating. Now I don't think so.
A HUGE "THANK YOU" in advance for any help you can provide!
Here are the three logs requested:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.03.31.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
User :: XPGP1027 [administrator]
3/31/2013 11:49:49 AM
mbam-log-2013-03-31 (11-49-49).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 221259
Time elapsed: 5 minute(s), 6 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
==============================================================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.17.2
Run by User at 12:09:19 on 2013-03-31
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1357 [GMT 3:00]
.
AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\VueSoft\VueMinder\VueMinder.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: WsftpBrowserHelper Class: {601ED020-FB6C-11D3-87D8-0050DA59922B} - c:\program files\ipswitch\ws_ftp pro\wsbho2k0.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Freemake.YoutubeButton: {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -
uRun: [VueMinder] "c:\program files\vuesoft\vueminder\VueMinder.exe" 1
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] nwiz.exe /installquiet /nodetect
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1319779248296
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{33C21BC6-FD54-46E3-BF37-B60DD10ADE64} : DHCPNameServer = 192.168.1.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\74m3kp41.default\
FF - prefs.js: browser.search.selectedEngine - FreemakeTB Customized Web Search
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3214568&SearchSource=2&q=
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\user\application data\mozilla\firefox\profiles\74m3kp41.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: c:\documents and settings\user\application data\mozilla\firefox\profiles\74m3kp41.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-03-16 03:01; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2011-8-4 118104]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2011-8-4 103112]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-12 116608]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-8-9 974944]
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\freemake\capturelib\CaptureLibService.exe [2012-9-19 8704]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-1-31 3289208]
S0 cerc6;cerc6; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys --> c:\windows\system32\drivers\NPF.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-03-29 19:23:43 -------- d-----w- C:\- amove
2013-03-29 13:46:26 -------- d-----w- c:\program files\ESET
2013-03-16 01:01:46 -------- d-----w- c:\documents and settings\user\application data\RealNetworks
2013-03-16 01:01:15 -------- d-----w- c:\program files\RealNetworks
2013-03-16 01:01:12 -------- d-----w- c:\documents and settings\all users\application data\RealNetworks
2013-03-16 01:00:59 -------- d-----w- c:\program files\common files\xing shared
2013-03-16 00:26:02 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-16 00:25:53 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-14 01:32:14 -------- d-----w- c:\windows\system32\wbem\repository\FS
2013-03-14 01:32:14 -------- d-----w- c:\windows\system32\wbem\Repository
2013-03-14 00:44:36 -------- d-----w- c:\documents and settings\all users\application data\Avira(3)
2013-03-09 20:05:47 -------- d-----w- c:\windows\system32\NtmsData
2013-03-08 19:21:59 59288 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2013-03-04 18:31:16 266240 ----a-w- c:\windows\system32\wddx_com.dll
2013-03-04 18:31:15 612864 ----a-w- c:\windows\system32\cfvalidator.dll
2013-03-04 18:31:15 480768 ----a-w- c:\windows\system32\cfssvradmin.dll
2013-03-04 18:31:14 81920 ----a-w- c:\windows\system32\CFSourceControl.ocx
2013-03-04 18:31:13 96768 ----a-w- c:\windows\system32\CFFileProxy.dll
2013-03-04 18:31:13 109568 ----a-w- c:\windows\system32\CFRegExp.dll
2013-03-04 18:31:12 297472 ----a-w- c:\windows\system32\cfproject.dll
2013-03-04 18:31:11 84480 ----a-w- c:\windows\system32\CFFtp.dll
2013-03-04 18:31:11 131072 ----a-w- c:\windows\system32\CFFPTree.dll
2013-03-04 18:31:03 61440 ----a-w- c:\windows\system32\xmltok.dll
2013-03-04 18:31:03 48128 ----a-w- c:\windows\system32\xmlparse.dll
2013-03-04 18:31:03 38400 ----a-w- c:\windows\system32\cfmsg.dll
2013-03-04 18:30:12 -------- d-----w- c:\program files\Allaire
2013-03-01 23:19:26 -------- d-----w- C:\Canon mx310
.
==================== Find3M ====================
.
2013-03-16 01:00:40 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-03-16 01:00:40 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-03-16 00:25:38 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-16 00:25:38 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-01-25 18:27:27 361600 ----a-w- c:\windows\system32\drivers\TCPIP.SYS
2013-01-21 13:57:25 361600 ----a-w- c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
.
============= FINISH: 12:10:11.18 ===============
====================================================================
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/7/2006 5:59:02 AM
System Uptime: 3/31/2013 6:12:15 AM (6 hours ago)
.
Motherboard: Quanta | | 30BD
Processor: Intel(R) Core(TM)2 CPU T5300 @ 1.73GHz | U2E1 | 1729/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 46.16 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_109A&SUBSYS_30BB103C&REV_00\4&2803E7C1&0&00E2
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_109A&SUBSYS_30BB103C&REV_00\4&2803E7C1&0&00E2
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\HPQ0006\4&38462492&0
Manufacturer:
Name:
PNP Device ID: ACPI\HPQ0006\4&38462492&0
Service:
.
==== System Restore Points ===================
.
RP412: 1/27/2013 5:58:12 AM - System Checkpoint
RP413: 1/28/2013 6:13:27 AM - System Checkpoint
RP414: 1/29/2013 9:12:11 AM - System Checkpoint
RP415: 1/30/2013 10:01:18 AM - System Checkpoint
RP416: 1/31/2013 12:29:01 PM - System Checkpoint
RP417: 2/1/2013 12:51:37 PM - System Checkpoint
RP418: 2/2/2013 4:36:53 PM - System Checkpoint
RP419: 2/4/2013 6:35:21 AM - System Checkpoint
RP420: 2/5/2013 6:36:46 AM - System Checkpoint
RP421: 2/6/2013 7:23:53 AM - System Checkpoint
RP422: 2/7/2013 7:26:59 AM - System Checkpoint
RP423: 2/8/2013 10:33:08 AM - System Checkpoint
RP424: 2/9/2013 6:35:56 PM - System Checkpoint
RP425: 2/11/2013 2:13:43 PM - System Checkpoint
RP426: 2/12/2013 5:28:27 PM - System Checkpoint
RP427: 2/13/2013 10:41:09 PM - System Checkpoint
RP428: 2/15/2013 11:12:12 AM - System Checkpoint
RP429: 2/16/2013 1:31:07 PM - System Checkpoint
RP430: 2/16/2013 11:54:50 PM - DNS Registry Change
RP431: 2/18/2013 11:47:50 AM - System Checkpoint
RP432: 2/19/2013 1:22:32 PM - System Checkpoint
RP433: 2/20/2013 4:28:20 PM - System Checkpoint
RP434: 2/21/2013 5:08:31 PM - System Checkpoint
RP435: 2/22/2013 9:13:30 PM - System Checkpoint
RP436: 2/24/2013 10:40:47 AM - System Checkpoint
RP437: 2/25/2013 8:05:43 PM - System Checkpoint
RP438: 2/26/2013 8:07:42 PM - System Checkpoint
RP439: 2/28/2013 9:54:03 AM - System Checkpoint
RP440: 3/1/2013 10:37:40 AM - System Checkpoint
RP441: 3/2/2013 11:07:44 AM - System Checkpoint
RP442: 3/3/2013 11:11:47 AM - System Checkpoint
RP443: 3/4/2013 11:31:28 AM - System Checkpoint
RP444: 3/5/2013 12:35:19 PM - System Checkpoint
RP445: 3/6/2013 6:28:42 PM - System Checkpoint
RP446: 3/8/2013 5:01:58 AM - System Checkpoint
RP447: 3/9/2013 12:08:58 PM - System Checkpoint
RP448: 3/9/2013 8:21:40 PM - avast! Free Antivirus Setup
RP449: 3/11/2013 3:10:45 AM - System Checkpoint
RP450: 3/12/2013 3:31:34 AM - System Checkpoint
RP451: 3/13/2013 4:30:53 AM - System Checkpoint
RP452: 3/14/2013 2:43:40 AM - Restore Operation
RP453: 3/14/2013 3:31:29 AM - Restore Operation
RP454: 3/15/2013 4:06:33 AM - System Checkpoint
RP455: 3/16/2013 2:25:31 AM - Installed Java 7 Update 17
RP456: 3/16/2013 2:29:31 AM - Removed Java(TM) 6 Update 30
RP457: 3/17/2013 2:35:09 AM - System Checkpoint
RP458: 3/19/2013 10:55:30 AM - System Checkpoint
RP459: 3/20/2013 12:30:56 PM - System Checkpoint
RP460: 3/22/2013 8:56:30 PM - System Checkpoint
RP461: 3/24/2013 4:46:39 AM - System Checkpoint
RP462: 3/25/2013 1:34:31 PM - System Checkpoint
RP463: 3/26/2013 2:39:57 PM - System Checkpoint
RP464: 3/27/2013 4:21:26 PM - System Checkpoint
RP465: 3/29/2013 2:58:09 AM - System Checkpoint
RP466: 3/29/2013 4:46:19 PM - Installed ESET NOD32 Antivirus
.
==== Installed Programs ======================
.
µTorrent
ACID Pro 7.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader X (10.1.5)
Adobe SVG Viewer
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Belarc Advisor 7.2
Beyond Compare Version 3.1.11
BHODemon 2.0.0.23
Bit Che
CCleaner
CodeStuff Starter
Conexant HD Audio
Cool Edit 2000
ESET NOD32 Antivirus
Free Studio version 5.7.3.903
Free YouTube Download version 3.1.32.819
Freemake Video Downloader
HomeSite 4.0
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Ipswitch WS_FTP Pro
IrfanView (remove only)
Java 7 Update 17
Java Auto Updater
LightScribe System Software
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 19.0.2 (x86 en-US)
MSVCRT Redists
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
NetWaiting
Noise Reduction Plug-in 2.0i
NVIDIA Drivers
PowerISO
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2586448)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Skype Click to Call
Skype™ 6.1
SmartDraw 2010
SnagIt 7
Soft Data Fax Modem with SmartCP
Sound Forge Pro 10.0
SUPERAntiSpyware
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VLC media player 2.0.5
VueMinder Calendar Pro
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
WinRAR 4.00 (32-bit)
Yuvutu Video Downloader 3.24
.
==== Event Viewer Messages From Past Week ========
.
3/29/2013 4:54:33 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BANTExt ehdrv epfwtdir Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SCDEmu Tcpip
3/29/2013 4:54:33 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
3/29/2013 4:54:33 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/29/2013 4:54:33 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/29/2013 4:54:33 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
3/29/2013 4:54:07 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
3/29/2013 4:53:22 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
3/29/2013 4:53:20 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/25/2013 9:40:40 AM, error: Service Control Manager [7000] - The WinPcap Packet Driver (NPF) service failed to start due to the following error: The system cannot find the file specified.
3/24/2013 7:49:29 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
3/24/2013 10:38:37 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
.
==== End Of File ===========================
Recently installed Eset and it found this in "operating memory".: win32/olmarik.TDL4trojan. I have also can't access Google unless I use their IP address NOR can I access any sites through a Google link. I am also experiencing occasionally complete computer shutdowns. I thought maybe the computer was shutting down because of overheating. Now I don't think so.
A HUGE "THANK YOU" in advance for any help you can provide!
Here are the three logs requested:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.03.31.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
User :: XPGP1027 [administrator]
3/31/2013 11:49:49 AM
mbam-log-2013-03-31 (11-49-49).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 221259
Time elapsed: 5 minute(s), 6 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
==============================================================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.17.2
Run by User at 12:09:19 on 2013-03-31
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1357 [GMT 3:00]
.
AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\VueSoft\VueMinder\VueMinder.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: WsftpBrowserHelper Class: {601ED020-FB6C-11D3-87D8-0050DA59922B} - c:\program files\ipswitch\ws_ftp pro\wsbho2k0.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Freemake.YoutubeButton: {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -
uRun: [VueMinder] "c:\program files\vuesoft\vueminder\VueMinder.exe" 1
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] nwiz.exe /installquiet /nodetect
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1319779248296
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{33C21BC6-FD54-46E3-BF37-B60DD10ADE64} : DHCPNameServer = 192.168.1.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\74m3kp41.default\
FF - prefs.js: browser.search.selectedEngine - FreemakeTB Customized Web Search
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3214568&SearchSource=2&q=
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\user\application data\mozilla\firefox\profiles\74m3kp41.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: c:\documents and settings\user\application data\mozilla\firefox\profiles\74m3kp41.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-03-16 03:01; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2011-8-4 118104]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2011-8-4 103112]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-12 116608]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-8-9 974944]
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\freemake\capturelib\CaptureLibService.exe [2012-9-19 8704]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-1-31 3289208]
S0 cerc6;cerc6; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys --> c:\windows\system32\drivers\NPF.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-03-29 19:23:43 -------- d-----w- C:\- amove
2013-03-29 13:46:26 -------- d-----w- c:\program files\ESET
2013-03-16 01:01:46 -------- d-----w- c:\documents and settings\user\application data\RealNetworks
2013-03-16 01:01:15 -------- d-----w- c:\program files\RealNetworks
2013-03-16 01:01:12 -------- d-----w- c:\documents and settings\all users\application data\RealNetworks
2013-03-16 01:00:59 -------- d-----w- c:\program files\common files\xing shared
2013-03-16 00:26:02 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-16 00:25:53 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-14 01:32:14 -------- d-----w- c:\windows\system32\wbem\repository\FS
2013-03-14 01:32:14 -------- d-----w- c:\windows\system32\wbem\Repository
2013-03-14 00:44:36 -------- d-----w- c:\documents and settings\all users\application data\Avira(3)
2013-03-09 20:05:47 -------- d-----w- c:\windows\system32\NtmsData
2013-03-08 19:21:59 59288 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2013-03-04 18:31:16 266240 ----a-w- c:\windows\system32\wddx_com.dll
2013-03-04 18:31:15 612864 ----a-w- c:\windows\system32\cfvalidator.dll
2013-03-04 18:31:15 480768 ----a-w- c:\windows\system32\cfssvradmin.dll
2013-03-04 18:31:14 81920 ----a-w- c:\windows\system32\CFSourceControl.ocx
2013-03-04 18:31:13 96768 ----a-w- c:\windows\system32\CFFileProxy.dll
2013-03-04 18:31:13 109568 ----a-w- c:\windows\system32\CFRegExp.dll
2013-03-04 18:31:12 297472 ----a-w- c:\windows\system32\cfproject.dll
2013-03-04 18:31:11 84480 ----a-w- c:\windows\system32\CFFtp.dll
2013-03-04 18:31:11 131072 ----a-w- c:\windows\system32\CFFPTree.dll
2013-03-04 18:31:03 61440 ----a-w- c:\windows\system32\xmltok.dll
2013-03-04 18:31:03 48128 ----a-w- c:\windows\system32\xmlparse.dll
2013-03-04 18:31:03 38400 ----a-w- c:\windows\system32\cfmsg.dll
2013-03-04 18:30:12 -------- d-----w- c:\program files\Allaire
2013-03-01 23:19:26 -------- d-----w- C:\Canon mx310
.
==================== Find3M ====================
.
2013-03-16 01:00:40 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-03-16 01:00:40 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-03-16 00:25:38 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-16 00:25:38 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-01-25 18:27:27 361600 ----a-w- c:\windows\system32\drivers\TCPIP.SYS
2013-01-21 13:57:25 361600 ----a-w- c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
.
============= FINISH: 12:10:11.18 ===============
====================================================================
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/7/2006 5:59:02 AM
System Uptime: 3/31/2013 6:12:15 AM (6 hours ago)
.
Motherboard: Quanta | | 30BD
Processor: Intel(R) Core(TM)2 CPU T5300 @ 1.73GHz | U2E1 | 1729/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 46.16 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_109A&SUBSYS_30BB103C&REV_00\4&2803E7C1&0&00E2
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_109A&SUBSYS_30BB103C&REV_00\4&2803E7C1&0&00E2
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\HPQ0006\4&38462492&0
Manufacturer:
Name:
PNP Device ID: ACPI\HPQ0006\4&38462492&0
Service:
.
==== System Restore Points ===================
.
RP412: 1/27/2013 5:58:12 AM - System Checkpoint
RP413: 1/28/2013 6:13:27 AM - System Checkpoint
RP414: 1/29/2013 9:12:11 AM - System Checkpoint
RP415: 1/30/2013 10:01:18 AM - System Checkpoint
RP416: 1/31/2013 12:29:01 PM - System Checkpoint
RP417: 2/1/2013 12:51:37 PM - System Checkpoint
RP418: 2/2/2013 4:36:53 PM - System Checkpoint
RP419: 2/4/2013 6:35:21 AM - System Checkpoint
RP420: 2/5/2013 6:36:46 AM - System Checkpoint
RP421: 2/6/2013 7:23:53 AM - System Checkpoint
RP422: 2/7/2013 7:26:59 AM - System Checkpoint
RP423: 2/8/2013 10:33:08 AM - System Checkpoint
RP424: 2/9/2013 6:35:56 PM - System Checkpoint
RP425: 2/11/2013 2:13:43 PM - System Checkpoint
RP426: 2/12/2013 5:28:27 PM - System Checkpoint
RP427: 2/13/2013 10:41:09 PM - System Checkpoint
RP428: 2/15/2013 11:12:12 AM - System Checkpoint
RP429: 2/16/2013 1:31:07 PM - System Checkpoint
RP430: 2/16/2013 11:54:50 PM - DNS Registry Change
RP431: 2/18/2013 11:47:50 AM - System Checkpoint
RP432: 2/19/2013 1:22:32 PM - System Checkpoint
RP433: 2/20/2013 4:28:20 PM - System Checkpoint
RP434: 2/21/2013 5:08:31 PM - System Checkpoint
RP435: 2/22/2013 9:13:30 PM - System Checkpoint
RP436: 2/24/2013 10:40:47 AM - System Checkpoint
RP437: 2/25/2013 8:05:43 PM - System Checkpoint
RP438: 2/26/2013 8:07:42 PM - System Checkpoint
RP439: 2/28/2013 9:54:03 AM - System Checkpoint
RP440: 3/1/2013 10:37:40 AM - System Checkpoint
RP441: 3/2/2013 11:07:44 AM - System Checkpoint
RP442: 3/3/2013 11:11:47 AM - System Checkpoint
RP443: 3/4/2013 11:31:28 AM - System Checkpoint
RP444: 3/5/2013 12:35:19 PM - System Checkpoint
RP445: 3/6/2013 6:28:42 PM - System Checkpoint
RP446: 3/8/2013 5:01:58 AM - System Checkpoint
RP447: 3/9/2013 12:08:58 PM - System Checkpoint
RP448: 3/9/2013 8:21:40 PM - avast! Free Antivirus Setup
RP449: 3/11/2013 3:10:45 AM - System Checkpoint
RP450: 3/12/2013 3:31:34 AM - System Checkpoint
RP451: 3/13/2013 4:30:53 AM - System Checkpoint
RP452: 3/14/2013 2:43:40 AM - Restore Operation
RP453: 3/14/2013 3:31:29 AM - Restore Operation
RP454: 3/15/2013 4:06:33 AM - System Checkpoint
RP455: 3/16/2013 2:25:31 AM - Installed Java 7 Update 17
RP456: 3/16/2013 2:29:31 AM - Removed Java(TM) 6 Update 30
RP457: 3/17/2013 2:35:09 AM - System Checkpoint
RP458: 3/19/2013 10:55:30 AM - System Checkpoint
RP459: 3/20/2013 12:30:56 PM - System Checkpoint
RP460: 3/22/2013 8:56:30 PM - System Checkpoint
RP461: 3/24/2013 4:46:39 AM - System Checkpoint
RP462: 3/25/2013 1:34:31 PM - System Checkpoint
RP463: 3/26/2013 2:39:57 PM - System Checkpoint
RP464: 3/27/2013 4:21:26 PM - System Checkpoint
RP465: 3/29/2013 2:58:09 AM - System Checkpoint
RP466: 3/29/2013 4:46:19 PM - Installed ESET NOD32 Antivirus
.
==== Installed Programs ======================
.
µTorrent
ACID Pro 7.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader X (10.1.5)
Adobe SVG Viewer
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Belarc Advisor 7.2
Beyond Compare Version 3.1.11
BHODemon 2.0.0.23
Bit Che
CCleaner
CodeStuff Starter
Conexant HD Audio
Cool Edit 2000
ESET NOD32 Antivirus
Free Studio version 5.7.3.903
Free YouTube Download version 3.1.32.819
Freemake Video Downloader
HomeSite 4.0
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Ipswitch WS_FTP Pro
IrfanView (remove only)
Java 7 Update 17
Java Auto Updater
LightScribe System Software
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 19.0.2 (x86 en-US)
MSVCRT Redists
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
NetWaiting
Noise Reduction Plug-in 2.0i
NVIDIA Drivers
PowerISO
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2586448)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Skype Click to Call
Skype™ 6.1
SmartDraw 2010
SnagIt 7
Soft Data Fax Modem with SmartCP
Sound Forge Pro 10.0
SUPERAntiSpyware
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VLC media player 2.0.5
VueMinder Calendar Pro
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
WinRAR 4.00 (32-bit)
Yuvutu Video Downloader 3.24
.
==== Event Viewer Messages From Past Week ========
.
3/29/2013 4:54:33 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BANTExt ehdrv epfwtdir Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SCDEmu Tcpip
3/29/2013 4:54:33 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
3/29/2013 4:54:33 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/29/2013 4:54:33 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/29/2013 4:54:33 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
3/29/2013 4:54:07 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
3/29/2013 4:53:22 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
3/29/2013 4:53:20 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/25/2013 9:40:40 AM, error: Service Control Manager [7000] - The WinPcap Packet Driver (NPF) service failed to start due to the following error: The system cannot find the file specified.
3/24/2013 7:49:29 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
3/24/2013 10:38:37 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
.
==== End Of File ===========================