[RESOLVED] XP Security Virus
Page 1 of 3 123 LastLast
Results 1 to 15 of 36

Thread: [RESOLVED] XP Security Virus

  1. #1
    Join Date
    Jun 2000
    Location
    tampa fl usa
    Posts
    627

    Resolved [RESOLVED] XP Security Virus

    My office computer is unfected with the rogue XP Security virus. I tried to run malwarebytes, but it shut it down half way thru the scan. I went into safemode as admin and it will not run. I saved Malwarebytes to my USB drive and tried to run it from there, it will not open and say "a device attached to this computer is not working". However, it will run Gmer and the other two programs listed in the sticky instructions that I had svaed to the same USB drive. No program will open and run on that computer. I get the error message " XP Security has blocked this program because it is infected with XXXX whatever name they have given it".

    My question is - how can I start to clean this computer when it will not let me run MWB?

    This computer is at my office and has XP, DSL connection, Kaspersky for the AV and we have a firewall. I am posting from my home computer.

    Thanks.
    Running WIN 7 Home, DSL, IE, AV & Firewall installed.
    Intel i3 - 3220
    Asus P8Z77-V LX MoBo
    Kingston 16 GB DDR3
    Seagate Barracuda Sata 6G
    XFX Radeon HD 7750 2G


    ** Toshiba Laptop has Win 8, DSL, AV & Firewall installed

  2. #2
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    20,970
    Start with following these instructions: http://www.bleepingcomputer.com/viru...-security-2012
    When done, post MBAM and other logs.

  3. #3
    Join Date
    Jun 2000
    Location
    tampa fl usa
    Posts
    627
    Thank you Broni. I will start to work on it tomorrow and get as much as I can done, but it may be Monday before I can finish up due to the office closing early tomorrow.
    Running WIN 7 Home, DSL, IE, AV & Firewall installed.
    Intel i3 - 3220
    Asus P8Z77-V LX MoBo
    Kingston 16 GB DDR3
    Seagate Barracuda Sata 6G
    XFX Radeon HD 7750 2G


    ** Toshiba Laptop has Win 8, DSL, AV & Firewall installed

  4. #4
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    20,970
    No problem

  5. #5
    Join Date
    Jun 2000
    Location
    tampa fl usa
    Posts
    627
    Malwarebytes Anti-Malware 1.60.0.1800
    www.malwarebytes.org

    Database version: v2012.01.02.02

    Windows XP Service Pack 2 x86 NTFS (Safe Mode/Networking)
    Internet Explorer 8.0.6001.18702
    ainvestm2 :: AINVESTM [administrator]

    1/2/2012 9:13:07 AM
    mbam-log-2012-01-02 (09-13-07).txt

    Scan type: Full scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 268839
    Time elapsed: 30 minute(s), 42 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 2
    C:\Documents and Settings\ainvestm2\My Documents\i4Vh7.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP1575\A0125647.exe (Trojan.FakeAV) -> Quarantined and deleted successfully.

    (end)
    Running WIN 7 Home, DSL, IE, AV & Firewall installed.
    Intel i3 - 3220
    Asus P8Z77-V LX MoBo
    Kingston 16 GB DDR3
    Seagate Barracuda Sata 6G
    XFX Radeon HD 7750 2G


    ** Toshiba Laptop has Win 8, DSL, AV & Firewall installed

  6. #6
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    20,970
    Very well.

    Please, complete all steps listed here: http://discussions.virtualdr.com/sho...d.php?t=167915
    Skip MBAM.

  7. #7
    Join Date
    Jun 2000
    Location
    tampa fl usa
    Posts
    627
    Thanks Broni.

    GMER

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-01-02 11:38:56
    Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 WDC_WD800JD-75MSA3 rev.10.01E04
    Running: 94870cn4.exe; Driver: C:\DOCUME~1\AINVES~1\LOCALS~1\Temp\uwlcrpob.sys


    ---- Kernel code sections - GMER 1.0.15 ----

    ? yghlea.sys The system cannot find the file specified. !
    ? xhwkeip.sys The system cannot find the file specified. !

    ---- Files - GMER 1.0.15 ----

    File C:\WINDOWS\$NtUninstallKB13047$\3315136367 0 bytes
    File C:\WINDOWS\$NtUninstallKB13047$\331729846 0 bytes

    ---- EOF - GMER 1.0.15 ----
    Running WIN 7 Home, DSL, IE, AV & Firewall installed.
    Intel i3 - 3220
    Asus P8Z77-V LX MoBo
    Kingston 16 GB DDR3
    Seagate Barracuda Sata 6G
    XFX Radeon HD 7750 2G


    ** Toshiba Laptop has Win 8, DSL, AV & Firewall installed

  8. #8
    Join Date
    Jun 2000
    Location
    tampa fl usa
    Posts
    627
    aswMBR version 0.9.9.1124 Copyright(c) 2011 AVAST Software
    Run date: 2012-01-02 11:43:25
    -----------------------------
    11:43:25.437 OS Version: Windows 5.1.2600 Service Pack 2
    11:43:25.437 Number of processors: 2 586 0xF0D
    11:43:25.437 ComputerName: AINVESTM UserName:
    11:43:26.328 Initialize success
    11:44:38.359 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
    11:44:38.375 Disk 0 Vendor: WDC_WD800JD-75MSA3 10.01E04 Size: 76293MB BusType: 3
    11:44:38.406 Disk 0 MBR read successfully
    11:44:38.421 Disk 0 MBR scan
    11:44:38.437 Disk 0 Windows XP default MBR code
    11:44:38.453 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
    11:44:38.468 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76245 MB offset 80325
    11:44:38.484 Disk 0 scanning sectors +156232125
    11:44:38.593 Disk 0 scanning C:\WINDOWS\system32\drivers
    11:44:48.562 Service scanning
    11:44:51.765 Modules scanning
    11:45:01.343 Disk 0 trace - called modules:
    11:45:01.375 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll atiide.sys PCIIDEX.SYS
    11:45:01.390 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b7fab8]
    11:45:01.390 3 CLASSPNP.SYS[f785805b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x86b61b00]
    11:45:01.468 Scan finished successfully
    11:45:15.640 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\ainvestm2\Desktop\MBR.dat"
    11:45:15.656 The log file has been saved successfully to "C:\Documents and Settings\ainvestm2\Desktop\aswMBR.txt"
    Running WIN 7 Home, DSL, IE, AV & Firewall installed.
    Intel i3 - 3220
    Asus P8Z77-V LX MoBo
    Kingston 16 GB DDR3
    Seagate Barracuda Sata 6G
    XFX Radeon HD 7750 2G


    ** Toshiba Laptop has Win 8, DSL, AV & Firewall installed

  9. #9
    Join Date
    Jun 2000
    Location
    tampa fl usa
    Posts
    627
    .
    DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
    Run by ainvestm2 at 11:49:01 on 2012-01-02
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.990.725 [GMT -5:00]
    .
    AV: Kaspersky Anti-Virus *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.yahoo.com/
    uSearch Bar =
    uInternet Connection Wizard,ShellNext = iexplore
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\ievkbd.dll
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe"
    mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\documents and settings\all users\application data\malwarebytes\malwarebytes' anti-malware\cleanup.dll",ProcessCleanupScript
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
    DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/luxr/default/mjolauncher.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} - hxxp://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
    DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} - hxxp://mail.lycos.com/hanmail-ax/AttachMail.cab
    DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/popcaploader_v10.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5648/mcfscan.cab
    TCP: DhcpNameServer = 65.32.1.65 65.32.1.70
    TCP: Interfaces\{8969A712-16CE-4DCC-865B-C7A883765ED3} : DhcpNameServer = 65.32.1.65 65.32.1.70
    Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2007\HelpAsyncPluggableProtocol.dll
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    Notify: klogon - c:\windows\system32\klogon.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    LSA: Notification Packages = :\windows\system32\srrst
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\ainvestm2\application data\mozilla\firefox\profiles\uz5pee5z.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2007-5-2 3456]
    R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2010-6-9 132184]
    R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2010-5-7 32856]
    S1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2011-6-7 475736]
    S2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe [2010-11-2 365336]
    S2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
    S2 REY Install NT Service;REY Install NT Service;c:\rey\bin\UcsInSvc.exe [2010-9-10 98304]
    S2 REY PSCVersionService;REY PSCVersionService;c:\rey\bin\PSCVersionService.exe [2011-1-20 61440]
    S2 UCS Install NT Service;UCS Install NT Service;c:\ucc\services\ucsinsvc.exe --> c:\ucc\services\UcsInSvc.exe [?]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19472]
    .
    =============== Created Last 30 ================
    .
    2012-01-02 13:51:40 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2012-01-02 13:51:40 -------- d-----w- c:\windows\system32\wbem\Repository
    .
    ==================== Find3M ====================
    .
    2011-12-10 20:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-09-23 14:53:26 267940236 ----a-w- c:\program files\UBCD4WinV350.exe
    .
    ============= FINISH: 11:49:20.71 ===============
    Running WIN 7 Home, DSL, IE, AV & Firewall installed.
    Intel i3 - 3220
    Asus P8Z77-V LX MoBo
    Kingston 16 GB DDR3
    Seagate Barracuda Sata 6G
    XFX Radeon HD 7750 2G


    ** Toshiba Laptop has Win 8, DSL, AV & Firewall installed

  10. #10
    Join Date
    Jun 2000
    Location
    tampa fl usa
    Posts
    627
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 5/16/2007 5:19:28 PM
    System Uptime: 1/2/2012 9:45:16 AM (2 hours ago)
    .
    Motherboard: Dell Inc. | | 0TY915
    Processor: Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz | Microprocessor | 1600/800mhz
    Processor: Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz | Microprocessor | 1600/800mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 74 GiB total, 53.215 GiB free.
    D: is CDROM ()
    E: is Removable
    F: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
    Description: HP LaserJet 4000 Series
    Device ID: ROOT\MULTIFUNCTION\0000
    Manufacturer: Hewlett-Packard
    Name: HP LaserJet 4000 Series
    PNP Device ID: ROOT\MULTIFUNCTION\0000
    Service:
    .
    ==== System Restore Points ===================
    .
    RP1492: 9/29/2011 4:41:43 PM - System Checkpoint
    RP1493: 9/30/2011 4:56:22 PM - System Checkpoint
    RP1494: 10/1/2011 5:56:12 PM - System Checkpoint
    RP1495: 10/2/2011 6:56:12 PM - System Checkpoint
    RP1496: 10/3/2011 7:56:16 PM - System Checkpoint
    RP1497: 10/4/2011 8:08:18 PM - System Checkpoint
    RP1498: 10/5/2011 8:56:12 PM - System Checkpoint
    RP1499: 10/6/2011 9:56:13 PM - System Checkpoint
    RP1500: 10/7/2011 10:56:14 PM - System Checkpoint
    RP1501: 10/8/2011 11:56:12 PM - System Checkpoint
    RP1502: 10/10/2011 1:08:12 AM - System Checkpoint
    RP1503: 10/11/2011 1:56:15 AM - System Checkpoint
    RP1504: 10/12/2011 2:56:13 AM - System Checkpoint
    RP1505: 10/13/2011 3:56:13 AM - System Checkpoint
    RP1506: 10/13/2011 10:02:57 AM - Software Distribution Service 3.0
    RP1507: 10/14/2011 10:19:12 AM - System Checkpoint
    RP1508: 10/15/2011 11:18:05 AM - System Checkpoint
    RP1509: 10/16/2011 12:18:05 PM - System Checkpoint
    RP1510: 10/17/2011 4:18:29 PM - System Checkpoint
    RP1511: 10/18/2011 4:21:02 PM - System Checkpoint
    RP1512: 10/19/2011 5:04:16 PM - System Checkpoint
    RP1513: 10/20/2011 6:03:57 PM - System Checkpoint
    RP1514: 10/21/2011 6:15:57 PM - System Checkpoint
    RP1515: 10/22/2011 7:15:53 PM - System Checkpoint
    RP1516: 10/23/2011 8:03:53 PM - System Checkpoint
    RP1517: 10/24/2011 9:03:57 PM - System Checkpoint
    RP1518: 10/25/2011 9:15:56 PM - System Checkpoint
    RP1519: 10/26/2011 10:03:56 PM - System Checkpoint
    RP1520: 10/27/2011 11:03:57 PM - System Checkpoint
    RP1521: 10/28/2011 11:15:58 PM - System Checkpoint
    RP1522: 10/30/2011 12:15:54 AM - System Checkpoint
    RP1523: 10/31/2011 12:27:54 AM - System Checkpoint
    RP1524: 11/1/2011 1:03:55 AM - System Checkpoint
    RP1525: 11/2/2011 2:03:57 AM - System Checkpoint
    RP1526: 11/3/2011 3:03:57 AM - System Checkpoint
    RP1527: 11/4/2011 4:00:37 AM - System Checkpoint
    RP1528: 11/5/2011 5:00:37 AM - System Checkpoint
    RP1529: 11/6/2011 5:00:34 AM - System Checkpoint
    RP1530: 11/7/2011 5:12:34 AM - System Checkpoint
    RP1531: 11/8/2011 6:00:37 AM - System Checkpoint
    RP1532: 11/9/2011 7:00:38 AM - System Checkpoint
    RP1533: 11/10/2011 8:00:38 AM - System Checkpoint
    RP1534: 11/11/2011 8:01:11 AM - System Checkpoint
    RP1535: 11/12/2011 9:01:09 AM - System Checkpoint
    RP1536: 11/13/2011 10:01:07 AM - System Checkpoint
    RP1537: 11/14/2011 10:36:25 AM - Software Distribution Service 3.0
    RP1538: 11/15/2011 11:44:07 AM - System Checkpoint
    RP1539: 11/16/2011 12:30:35 PM - System Checkpoint
    RP1540: 11/17/2011 4:15:05 PM - System Checkpoint
    RP1541: 11/18/2011 4:16:37 PM - System Checkpoint
    RP1542: 11/19/2011 5:00:56 PM - System Checkpoint
    RP1543: 11/20/2011 6:00:56 PM - System Checkpoint
    RP1544: 11/21/2011 7:01:01 PM - System Checkpoint
    RP1545: 11/22/2011 8:01:00 PM - System Checkpoint
    RP1546: 11/23/2011 9:01:01 PM - System Checkpoint
    RP1547: 11/24/2011 10:00:46 PM - System Checkpoint
    RP1548: 11/25/2011 11:00:46 PM - System Checkpoint
    RP1549: 11/27/2011 12:15:16 AM - System Checkpoint
    RP1550: 11/28/2011 1:12:46 AM - System Checkpoint
    RP1551: 11/29/2011 2:00:51 AM - System Checkpoint
    RP1552: 11/30/2011 2:12:54 AM - System Checkpoint
    RP1553: 12/1/2011 3:05:10 AM - System Checkpoint
    RP1554: 12/2/2011 4:05:09 AM - System Checkpoint
    RP1555: 12/3/2011 4:17:12 AM - System Checkpoint
    RP1556: 12/4/2011 5:05:09 AM - System Checkpoint
    RP1557: 12/5/2011 6:05:09 AM - System Checkpoint
    RP1558: 12/6/2011 7:05:12 AM - System Checkpoint
    RP1559: 12/7/2011 8:05:09 AM - System Checkpoint
    RP1560: 12/8/2011 8:14:35 AM - System Checkpoint
    RP1561: 12/9/2011 9:32:22 AM - System Checkpoint
    RP1562: 12/10/2011 10:14:35 AM - System Checkpoint
    RP1563: 12/11/2011 11:02:31 AM - System Checkpoint
    RP1564: 12/12/2011 12:09:51 PM - System Checkpoint
    RP1565: 12/13/2011 12:13:09 PM - System Checkpoint
    RP1566: 12/14/2011 4:14:29 PM - System Checkpoint
    RP1567: 12/15/2011 4:15:50 PM - System Checkpoint
    RP1568: 12/16/2011 10:40:55 AM - Software Distribution Service 3.0
    RP1569: 12/17/2011 11:06:04 AM - System Checkpoint
    RP1570: 12/18/2011 12:06:01 PM - System Checkpoint
    RP1571: 12/19/2011 12:17:43 PM - System Checkpoint
    RP1572: 12/20/2011 4:13:23 PM - System Checkpoint
    RP1573: 12/21/2011 4:14:10 PM - System Checkpoint
    RP1574: 12/27/2011 4:18:57 PM - System Checkpoint
    RP1575: 1/2/2012 8:50:02 AM - Restore Operation
    .
    ==== Installed Programs ======================
    .
    2007 Microsoft Office Suite Service Pack 1 (SP1)
    32 Bit HP CIO Components Installer
    8500A909_eDocs
    8500A909_Help
    8500A909n
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.4.6
    Adobe Shockwave Player
    ATI Catalyst Control Center
    ATI Display Driver
    BPD_DSWizards
    bpd_scan
    BPDSoftware
    BPDSoftware_Ini
    Broadcom Management Programs
    BufferChm
    Compatibility Pack for the 2007 Office system
    Critical Update for Windows Media Player 11 (KB959772)
    Destination Component
    DeviceDiscovery
    DocMgr
    DocProc
    Fax
    GPBaseService2
    High Definition Audio Driver Package - KB835221
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB896256)
    Hotfix for Windows XP (KB908673)
    Hotfix for Windows XP (KB909095)
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB923232)
    Hotfix for Windows XP (KB926239)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP Document Manager 2.0
    HP Imaging Device Functions 12.0
    HP Photosmart Essential 3.5
    HP Product Detection
    HP Smart Web Printing 4.60
    HP Solution Center 13.0
    HP Update
    HPPhotoSmartDiscLabelContent1
    HPPhotosmartEssential
    HPProductAssistant
    HPSSupply
    J2SE Runtime Environment 5.0 Update 6
    Java Auto Updater
    Java(TM) 6 Update 20
    Kaspersky Anti-Virus 2011
    Malwarebytes Anti-Malware version 1.60.0.1800
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2007 Primary Interop Assemblies
    Microsoft Office Basic 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office Professional Edition 2003
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual Studio 2005 Tools for Office Runtime
    Mozilla Firefox (3.6.24)
    MPM
    MSVCSetup
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    Network
    OCR Software by I.R.I.S. 12.0
    Officejet Pro 8500 A909 Series
    PowerDVD 5.7
    ProductContext
    QuickBooks
    QuickBooks Pro 2009
    Readiris Pro 11
    Roxio DLA
    Roxio RecordNow Audio
    Roxio RecordNow Copy
    Roxio RecordNow Data
    Scan
    Security Update for 2007 Microsoft Office System (KB951550)
    Security Update for 2007 Microsoft Office System (KB951944)
    Security Update for 2007 Microsoft Office System (KB960003)
    Security Update for Microsoft Office Excel 2007 (KB959997)
    Security Update for Microsoft Office system 2007 (KB954326)
    Security Update for Microsoft Office Word 2007 (KB956358)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Visio 2007 (KB947590)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 7 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB917734)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921503)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928090)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB929969)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931768)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933566)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB937143)
    Security Update for Windows XP (KB937894)
    Security Update for Windows XP (KB938127)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB939653)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB941568)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB941644)
    Security Update for Windows XP (KB941693)
    Security Update for Windows XP (KB942615)
    Security Update for Windows XP (KB943055)
    Security Update for Windows XP (KB943460)
    Security Update for Windows XP (KB943485)
    Security Update for Windows XP (KB944338)
    Security Update for Windows XP (KB944533)
    Security Update for Windows XP (KB944653)
    Security Update for Windows XP (KB945553)
    Security Update for Windows XP (KB946026)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB947864)
    Security Update for Windows XP (KB948590)
    Security Update for Windows XP (KB948881)
    Security Update for Windows XP (KB950749)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953838)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958470)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971032)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Shop for HP Supplies
    SmartWebPrinting
    SolutionCenter
    Sonic Update Manager
    Status
    SupportSoft Assisted Service
    Toolbox
    TrayApp
    UnloadSupport
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office Outlook 2007 (KB952142)
    Update for Office 2007 (KB946691)
    Update for Outlook 2007 Junk Email Filter (kb962871)
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB978506)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB912945)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB925720)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB932823-v3)
    Update for Windows XP (KB933360)
    Update for Windows XP (KB936357)
    Update for Windows XP (KB938828)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB942840)
    Update for Windows XP (KB946627)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    Visual Studio 2005 Tools for Office Second Edition Runtime
    WebFldrs XP
    WebReg
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB889673
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/29/2011 8:51:11 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.
    12/29/2011 8:42:11 AM, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: A socket operation encountered a dead network.
    12/29/2011 8:41:16 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
    12/28/2011 3:02:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    12/28/2011 2:58:59 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm KLIF
    12/28/2011 2:58:04 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    12/27/2011 9:08:57 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Kaspersky Anti-Virus Service service to connect.
    12/27/2011 9:08:57 AM, error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends on the following nonexistent service: MfeFire
    12/27/2011 9:08:57 AM, error: Service Control Manager [7000] - The Upload Manager service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.
    12/27/2011 9:08:57 AM, error: Service Control Manager [7000] - The UCS Install NT Service service failed to start due to the following error: The system cannot find the path specified.
    12/27/2011 9:08:57 AM, error: Service Control Manager [7000] - The Kaspersky Anti-Virus Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    12/27/2011 9:08:23 AM, error: ati2mtag [44044] - I2c return failed
    12/27/2011 1:02:05 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service QBFCService with arguments "" in order to run the server: {E2F551B5-D7E4-351C-A975-2E8EEE4D1917}
    1/2/2012 8:32:13 AM, error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error 2147952450 (0x80072742).
    .
    ==== End Of File ===========================
    Running WIN 7 Home, DSL, IE, AV & Firewall installed.
    Intel i3 - 3220
    Asus P8Z77-V LX MoBo
    Kingston 16 GB DDR3
    Seagate Barracuda Sata 6G
    XFX Radeon HD 7750 2G


    ** Toshiba Laptop has Win 8, DSL, AV & Firewall installed

  11. #11
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    20,970
    Any particular reason why you ran DDS from safe mode?

  12. #12
    Join Date
    Jun 2000
    Location
    tampa fl usa
    Posts
    627
    It would not log on except in safe mode. I can try again and see then re-run DDS.
    Running WIN 7 Home, DSL, IE, AV & Firewall installed.
    Intel i3 - 3220
    Asus P8Z77-V LX MoBo
    Kingston 16 GB DDR3
    Seagate Barracuda Sata 6G
    XFX Radeon HD 7750 2G


    ** Toshiba Laptop has Win 8, DSL, AV & Firewall installed

  13. #13
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    20,970
    Let me know....

  14. #14
    Join Date
    Jun 2000
    Location
    tampa fl usa
    Posts
    627
    Ok I am online in regular mode. Seems my AV had it blocked, so I updated and re-activated. I will rescan with DDS and post.
    Running WIN 7 Home, DSL, IE, AV & Firewall installed.
    Intel i3 - 3220
    Asus P8Z77-V LX MoBo
    Kingston 16 GB DDR3
    Seagate Barracuda Sata 6G
    XFX Radeon HD 7750 2G


    ** Toshiba Laptop has Win 8, DSL, AV & Firewall installed

  15. #15
    Join Date
    Jun 2000
    Location
    tampa fl usa
    Posts
    627
    New DDS

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
    Run by ainvestm2 at 12:27:10 on 2012-01-02
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.990.525 [GMT -5:00]
    .
    AV: Kaspersky Anti-Virus *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    svchost.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
    C:\WINDOWS\system32\svchost.exe -k HPService
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\Rey\Bin\Ucsinsvc.exe
    C:\rey\bin\PscVersionService.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.yahoo.com/
    uSearch Bar =
    uInternet Connection Wizard,ShellNext = iexplore
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\ievkbd.dll
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe"
    mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
    DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/luxr/default/mjolauncher.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} - hxxp://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
    DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} - hxxp://mail.lycos.com/hanmail-ax/AttachMail.cab
    DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/popcaploader_v10.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5648/mcfscan.cab
    TCP: DhcpNameServer = 65.32.1.65 65.32.1.70
    TCP: Interfaces\{8969A712-16CE-4DCC-865B-C7A883765ED3} : DhcpNameServer = 65.32.1.65 65.32.1.70
    Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2007\HelpAsyncPluggableProtocol.dll
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    Notify: klogon - c:\windows\system32\klogon.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    LSA: Notification Packages = :\windows\system32\srrst
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\ainvestm2\application data\mozilla\firefox\profiles\uz5pee5z.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2007-5-2 3456]
    R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2010-6-9 132184]
    R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
    R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2011-6-7 475736]
    R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe [2010-11-2 365336]
    R2 REY Install NT Service;REY Install NT Service;c:\rey\bin\UcsInSvc.exe [2010-9-10 98304]
    R2 REY PSCVersionService;REY PSCVersionService;c:\rey\bin\PSCVersionService.exe [2011-1-20 61440]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2010-5-7 32856]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19472]
    S2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
    S2 UCS Install NT Service;UCS Install NT Service;c:\ucc\services\ucsinsvc.exe --> c:\ucc\services\UcsInSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2012-01-02 13:51:40 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2012-01-02 13:51:40 -------- d-----w- c:\windows\system32\wbem\Repository
    .
    ==================== Find3M ====================
    .
    2011-12-10 20:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-09-23 14:53:26 267940236 ----a-w- c:\program files\UBCD4WinV350.exe
    .
    ============= FINISH: 12:29:11.87 ===============
    Running WIN 7 Home, DSL, IE, AV & Firewall installed.
    Intel i3 - 3220
    Asus P8Z77-V LX MoBo
    Kingston 16 GB DDR3
    Seagate Barracuda Sata 6G
    XFX Radeon HD 7750 2G


    ** Toshiba Laptop has Win 8, DSL, AV & Firewall installed

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •