-
December 29th, 2011, 06:13 PM
#1
[RESOLVED] XP Security Virus
My office computer is unfected with the rogue XP Security virus. I tried to run malwarebytes, but it shut it down half way thru the scan. I went into safemode as admin and it will not run. I saved Malwarebytes to my USB drive and tried to run it from there, it will not open and say "a device attached to this computer is not working". However, it will run Gmer and the other two programs listed in the sticky instructions that I had svaed to the same USB drive. No program will open and run on that computer. I get the error message " XP Security has blocked this program because it is infected with XXXX whatever name they have given it".
My question is - how can I start to clean this computer when it will not let me run MWB?
This computer is at my office and has XP, DSL connection, Kaspersky for the AV and we have a firewall. I am posting from my home computer.
Thanks.
Running WIN 7 Home, DSL, IE, AV & Firewall installed.
Intel i3 - 3220
Asus P8Z77-V LX MoBo
Kingston 16 GB DDR3
Seagate Barracuda Sata 6G
XFX Radeon HD 7750 2G
** Toshiba Laptop has Win 8, DSL, AV & Firewall installed
-
December 29th, 2011, 07:43 PM
#2
Start with following these instructions: http://www.bleepingcomputer.com/viru...-security-2012
When done, post MBAM and other logs.
-
December 29th, 2011, 08:53 PM
#3
Thank you Broni. I will start to work on it tomorrow and get as much as I can done, but it may be Monday before I can finish up due to the office closing early tomorrow.
Running WIN 7 Home, DSL, IE, AV & Firewall installed.
Intel i3 - 3220
Asus P8Z77-V LX MoBo
Kingston 16 GB DDR3
Seagate Barracuda Sata 6G
XFX Radeon HD 7750 2G
** Toshiba Laptop has Win 8, DSL, AV & Firewall installed
-
December 29th, 2011, 08:58 PM
#4
No problem
-
January 2nd, 2012, 10:49 AM
#5
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.02.02
Windows XP Service Pack 2 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
ainvestm2 :: AINVESTM [administrator]
1/2/2012 9:13:07 AM
mbam-log-2012-01-02 (09-13-07).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 268839
Time elapsed: 30 minute(s), 42 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Documents and Settings\ainvestm2\My Documents\i4Vh7.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP1575\A0125647.exe (Trojan.FakeAV) -> Quarantined and deleted successfully.
(end)
Running WIN 7 Home, DSL, IE, AV & Firewall installed.
Intel i3 - 3220
Asus P8Z77-V LX MoBo
Kingston 16 GB DDR3
Seagate Barracuda Sata 6G
XFX Radeon HD 7750 2G
** Toshiba Laptop has Win 8, DSL, AV & Firewall installed
-
January 2nd, 2012, 12:31 PM
#6
Very well.
Please, complete all steps listed here: http://discussions.virtualdr.com/sho...d.php?t=167915
Skip MBAM.
-
January 2nd, 2012, 12:42 PM
#7
Thanks Broni.
GMER
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-02 11:38:56
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 WDC_WD800JD-75MSA3 rev.10.01E04
Running: 94870cn4.exe; Driver: C:\DOCUME~1\AINVES~1\LOCALS~1\Temp\uwlcrpob.sys
---- Kernel code sections - GMER 1.0.15 ----
? yghlea.sys The system cannot find the file specified. !
? xhwkeip.sys The system cannot find the file specified. !
---- Files - GMER 1.0.15 ----
File C:\WINDOWS\$NtUninstallKB13047$\3315136367 0 bytes
File C:\WINDOWS\$NtUninstallKB13047$\331729846 0 bytes
---- EOF - GMER 1.0.15 ----
Running WIN 7 Home, DSL, IE, AV & Firewall installed.
Intel i3 - 3220
Asus P8Z77-V LX MoBo
Kingston 16 GB DDR3
Seagate Barracuda Sata 6G
XFX Radeon HD 7750 2G
** Toshiba Laptop has Win 8, DSL, AV & Firewall installed
-
January 2nd, 2012, 12:47 PM
#8
aswMBR version 0.9.9.1124 Copyright(c) 2011 AVAST Software
Run date: 2012-01-02 11:43:25
-----------------------------
11:43:25.437 OS Version: Windows 5.1.2600 Service Pack 2
11:43:25.437 Number of processors: 2 586 0xF0D
11:43:25.437 ComputerName: AINVESTM UserName:
11:43:26.328 Initialize success
11:44:38.359 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
11:44:38.375 Disk 0 Vendor: WDC_WD800JD-75MSA3 10.01E04 Size: 76293MB BusType: 3
11:44:38.406 Disk 0 MBR read successfully
11:44:38.421 Disk 0 MBR scan
11:44:38.437 Disk 0 Windows XP default MBR code
11:44:38.453 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
11:44:38.468 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76245 MB offset 80325
11:44:38.484 Disk 0 scanning sectors +156232125
11:44:38.593 Disk 0 scanning C:\WINDOWS\system32\drivers
11:44:48.562 Service scanning
11:44:51.765 Modules scanning
11:45:01.343 Disk 0 trace - called modules:
11:45:01.375 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll atiide.sys PCIIDEX.SYS
11:45:01.390 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b7fab8]
11:45:01.390 3 CLASSPNP.SYS[f785805b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x86b61b00]
11:45:01.468 Scan finished successfully
11:45:15.640 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\ainvestm2\Desktop\MBR.dat"
11:45:15.656 The log file has been saved successfully to "C:\Documents and Settings\ainvestm2\Desktop\aswMBR.txt"
Running WIN 7 Home, DSL, IE, AV & Firewall installed.
Intel i3 - 3220
Asus P8Z77-V LX MoBo
Kingston 16 GB DDR3
Seagate Barracuda Sata 6G
XFX Radeon HD 7750 2G
** Toshiba Laptop has Win 8, DSL, AV & Firewall installed
-
January 2nd, 2012, 12:50 PM
#9
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Run by ainvestm2 at 11:49:01 on 2012-01-02
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.990.725 [GMT -5:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uSearch Bar =
uInternet Connection Wizard,ShellNext = iexplore
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\ievkbd.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe"
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\documents and settings\all users\application data\malwarebytes\malwarebytes' anti-malware\cleanup.dll",ProcessCleanupScript
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/luxr/default/mjolauncher.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} - hxxp://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} - hxxp://mail.lycos.com/hanmail-ax/AttachMail.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/popcaploader_v10.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5648/mcfscan.cab
TCP: DhcpNameServer = 65.32.1.65 65.32.1.70
TCP: Interfaces\{8969A712-16CE-4DCC-865B-C7A883765ED3} : DhcpNameServer = 65.32.1.65 65.32.1.70
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2007\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: klogon - c:\windows\system32\klogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = :\windows\system32\srrst
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\ainvestm2\application data\mozilla\firefox\profiles\uz5pee5z.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
============= SERVICES / DRIVERS ===============
.
R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2007-5-2 3456]
R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2010-6-9 132184]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2010-5-7 32856]
S1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2011-6-7 475736]
S2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe [2010-11-2 365336]
S2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
S2 REY Install NT Service;REY Install NT Service;c:\rey\bin\UcsInSvc.exe [2010-9-10 98304]
S2 REY PSCVersionService;REY PSCVersionService;c:\rey\bin\PSCVersionService.exe [2011-1-20 61440]
S2 UCS Install NT Service;UCS Install NT Service;c:\ucc\services\ucsinsvc.exe --> c:\ucc\services\UcsInSvc.exe [?]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19472]
.
=============== Created Last 30 ================
.
2012-01-02 13:51:40 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-01-02 13:51:40 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2011-12-10 20:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-23 14:53:26 267940236 ----a-w- c:\program files\UBCD4WinV350.exe
.
============= FINISH: 11:49:20.71 ===============
Running WIN 7 Home, DSL, IE, AV & Firewall installed.
Intel i3 - 3220
Asus P8Z77-V LX MoBo
Kingston 16 GB DDR3
Seagate Barracuda Sata 6G
XFX Radeon HD 7750 2G
** Toshiba Laptop has Win 8, DSL, AV & Firewall installed
-
January 2nd, 2012, 12:51 PM
#10
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 5/16/2007 5:19:28 PM
System Uptime: 1/2/2012 9:45:16 AM (2 hours ago)
.
Motherboard: Dell Inc. | | 0TY915
Processor: Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz | Microprocessor | 1600/800mhz
Processor: Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz | Microprocessor | 1600/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 53.215 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: HP LaserJet 4000 Series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: Hewlett-Packard
Name: HP LaserJet 4000 Series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP1492: 9/29/2011 4:41:43 PM - System Checkpoint
RP1493: 9/30/2011 4:56:22 PM - System Checkpoint
RP1494: 10/1/2011 5:56:12 PM - System Checkpoint
RP1495: 10/2/2011 6:56:12 PM - System Checkpoint
RP1496: 10/3/2011 7:56:16 PM - System Checkpoint
RP1497: 10/4/2011 8:08:18 PM - System Checkpoint
RP1498: 10/5/2011 8:56:12 PM - System Checkpoint
RP1499: 10/6/2011 9:56:13 PM - System Checkpoint
RP1500: 10/7/2011 10:56:14 PM - System Checkpoint
RP1501: 10/8/2011 11:56:12 PM - System Checkpoint
RP1502: 10/10/2011 1:08:12 AM - System Checkpoint
RP1503: 10/11/2011 1:56:15 AM - System Checkpoint
RP1504: 10/12/2011 2:56:13 AM - System Checkpoint
RP1505: 10/13/2011 3:56:13 AM - System Checkpoint
RP1506: 10/13/2011 10:02:57 AM - Software Distribution Service 3.0
RP1507: 10/14/2011 10:19:12 AM - System Checkpoint
RP1508: 10/15/2011 11:18:05 AM - System Checkpoint
RP1509: 10/16/2011 12:18:05 PM - System Checkpoint
RP1510: 10/17/2011 4:18:29 PM - System Checkpoint
RP1511: 10/18/2011 4:21:02 PM - System Checkpoint
RP1512: 10/19/2011 5:04:16 PM - System Checkpoint
RP1513: 10/20/2011 6:03:57 PM - System Checkpoint
RP1514: 10/21/2011 6:15:57 PM - System Checkpoint
RP1515: 10/22/2011 7:15:53 PM - System Checkpoint
RP1516: 10/23/2011 8:03:53 PM - System Checkpoint
RP1517: 10/24/2011 9:03:57 PM - System Checkpoint
RP1518: 10/25/2011 9:15:56 PM - System Checkpoint
RP1519: 10/26/2011 10:03:56 PM - System Checkpoint
RP1520: 10/27/2011 11:03:57 PM - System Checkpoint
RP1521: 10/28/2011 11:15:58 PM - System Checkpoint
RP1522: 10/30/2011 12:15:54 AM - System Checkpoint
RP1523: 10/31/2011 12:27:54 AM - System Checkpoint
RP1524: 11/1/2011 1:03:55 AM - System Checkpoint
RP1525: 11/2/2011 2:03:57 AM - System Checkpoint
RP1526: 11/3/2011 3:03:57 AM - System Checkpoint
RP1527: 11/4/2011 4:00:37 AM - System Checkpoint
RP1528: 11/5/2011 5:00:37 AM - System Checkpoint
RP1529: 11/6/2011 5:00:34 AM - System Checkpoint
RP1530: 11/7/2011 5:12:34 AM - System Checkpoint
RP1531: 11/8/2011 6:00:37 AM - System Checkpoint
RP1532: 11/9/2011 7:00:38 AM - System Checkpoint
RP1533: 11/10/2011 8:00:38 AM - System Checkpoint
RP1534: 11/11/2011 8:01:11 AM - System Checkpoint
RP1535: 11/12/2011 9:01:09 AM - System Checkpoint
RP1536: 11/13/2011 10:01:07 AM - System Checkpoint
RP1537: 11/14/2011 10:36:25 AM - Software Distribution Service 3.0
RP1538: 11/15/2011 11:44:07 AM - System Checkpoint
RP1539: 11/16/2011 12:30:35 PM - System Checkpoint
RP1540: 11/17/2011 4:15:05 PM - System Checkpoint
RP1541: 11/18/2011 4:16:37 PM - System Checkpoint
RP1542: 11/19/2011 5:00:56 PM - System Checkpoint
RP1543: 11/20/2011 6:00:56 PM - System Checkpoint
RP1544: 11/21/2011 7:01:01 PM - System Checkpoint
RP1545: 11/22/2011 8:01:00 PM - System Checkpoint
RP1546: 11/23/2011 9:01:01 PM - System Checkpoint
RP1547: 11/24/2011 10:00:46 PM - System Checkpoint
RP1548: 11/25/2011 11:00:46 PM - System Checkpoint
RP1549: 11/27/2011 12:15:16 AM - System Checkpoint
RP1550: 11/28/2011 1:12:46 AM - System Checkpoint
RP1551: 11/29/2011 2:00:51 AM - System Checkpoint
RP1552: 11/30/2011 2:12:54 AM - System Checkpoint
RP1553: 12/1/2011 3:05:10 AM - System Checkpoint
RP1554: 12/2/2011 4:05:09 AM - System Checkpoint
RP1555: 12/3/2011 4:17:12 AM - System Checkpoint
RP1556: 12/4/2011 5:05:09 AM - System Checkpoint
RP1557: 12/5/2011 6:05:09 AM - System Checkpoint
RP1558: 12/6/2011 7:05:12 AM - System Checkpoint
RP1559: 12/7/2011 8:05:09 AM - System Checkpoint
RP1560: 12/8/2011 8:14:35 AM - System Checkpoint
RP1561: 12/9/2011 9:32:22 AM - System Checkpoint
RP1562: 12/10/2011 10:14:35 AM - System Checkpoint
RP1563: 12/11/2011 11:02:31 AM - System Checkpoint
RP1564: 12/12/2011 12:09:51 PM - System Checkpoint
RP1565: 12/13/2011 12:13:09 PM - System Checkpoint
RP1566: 12/14/2011 4:14:29 PM - System Checkpoint
RP1567: 12/15/2011 4:15:50 PM - System Checkpoint
RP1568: 12/16/2011 10:40:55 AM - Software Distribution Service 3.0
RP1569: 12/17/2011 11:06:04 AM - System Checkpoint
RP1570: 12/18/2011 12:06:01 PM - System Checkpoint
RP1571: 12/19/2011 12:17:43 PM - System Checkpoint
RP1572: 12/20/2011 4:13:23 PM - System Checkpoint
RP1573: 12/21/2011 4:14:10 PM - System Checkpoint
RP1574: 12/27/2011 4:18:57 PM - System Checkpoint
RP1575: 1/2/2012 8:50:02 AM - Restore Operation
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 1 (SP1)
32 Bit HP CIO Components Installer
8500A909_eDocs
8500A909_Help
8500A909n
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.6
Adobe Shockwave Player
ATI Catalyst Control Center
ATI Display Driver
BPD_DSWizards
bpd_scan
BPDSoftware
BPDSoftware_Ini
Broadcom Management Programs
BufferChm
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Destination Component
DeviceDiscovery
DocMgr
DocProc
Fax
GPBaseService2
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB908673)
Hotfix for Windows XP (KB909095)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB923232)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Document Manager 2.0
HP Imaging Device Functions 12.0
HP Photosmart Essential 3.5
HP Product Detection
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 20
Kaspersky Anti-Virus 2011
Malwarebytes Anti-Malware version 1.60.0.1800
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Basic 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio 2005 Tools for Office Runtime
Mozilla Firefox (3.6.24)
MPM
MSVCSetup
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Network
OCR Software by I.R.I.S. 12.0
Officejet Pro 8500 A909 Series
PowerDVD 5.7
ProductContext
QuickBooks
QuickBooks Pro 2009
Readiris Pro 11
Roxio DLA
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Scan
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Visio 2007 (KB947590)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Sonic Update Manager
Status
SupportSoft Assisted Service
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb962871)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio 2005 Tools for Office Second Edition Runtime
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
12/29/2011 8:51:11 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.
12/29/2011 8:42:11 AM, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: A socket operation encountered a dead network.
12/29/2011 8:41:16 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
12/28/2011 3:02:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12/28/2011 2:58:59 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm KLIF
12/28/2011 2:58:04 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/27/2011 9:08:57 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Kaspersky Anti-Virus Service service to connect.
12/27/2011 9:08:57 AM, error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends on the following nonexistent service: MfeFire
12/27/2011 9:08:57 AM, error: Service Control Manager [7000] - The Upload Manager service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.
12/27/2011 9:08:57 AM, error: Service Control Manager [7000] - The UCS Install NT Service service failed to start due to the following error: The system cannot find the path specified.
12/27/2011 9:08:57 AM, error: Service Control Manager [7000] - The Kaspersky Anti-Virus Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/27/2011 9:08:23 AM, error: ati2mtag [44044] - I2c return failed
12/27/2011 1:02:05 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service QBFCService with arguments "" in order to run the server: {E2F551B5-D7E4-351C-A975-2E8EEE4D1917}
1/2/2012 8:32:13 AM, error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error 2147952450 (0x80072742).
.
==== End Of File ===========================
Running WIN 7 Home, DSL, IE, AV & Firewall installed.
Intel i3 - 3220
Asus P8Z77-V LX MoBo
Kingston 16 GB DDR3
Seagate Barracuda Sata 6G
XFX Radeon HD 7750 2G
** Toshiba Laptop has Win 8, DSL, AV & Firewall installed
-
January 2nd, 2012, 12:55 PM
#11
Any particular reason why you ran DDS from safe mode?
-
January 2nd, 2012, 01:07 PM
#12
It would not log on except in safe mode. I can try again and see then re-run DDS.
Running WIN 7 Home, DSL, IE, AV & Firewall installed.
Intel i3 - 3220
Asus P8Z77-V LX MoBo
Kingston 16 GB DDR3
Seagate Barracuda Sata 6G
XFX Radeon HD 7750 2G
** Toshiba Laptop has Win 8, DSL, AV & Firewall installed
-
January 2nd, 2012, 01:08 PM
#13
-
January 2nd, 2012, 01:26 PM
#14
Ok I am online in regular mode. Seems my AV had it blocked, so I updated and re-activated. I will rescan with DDS and post.
Running WIN 7 Home, DSL, IE, AV & Firewall installed.
Intel i3 - 3220
Asus P8Z77-V LX MoBo
Kingston 16 GB DDR3
Seagate Barracuda Sata 6G
XFX Radeon HD 7750 2G
** Toshiba Laptop has Win 8, DSL, AV & Firewall installed
-
January 2nd, 2012, 01:30 PM
#15
New DDS
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Run by ainvestm2 at 12:27:10 on 2012-01-02
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.990.525 [GMT -5:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Rey\Bin\Ucsinsvc.exe
C:\rey\bin\PscVersionService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uSearch Bar =
uInternet Connection Wizard,ShellNext = iexplore
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\ievkbd.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe"
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/luxr/default/mjolauncher.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} - hxxp://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} - hxxp://mail.lycos.com/hanmail-ax/AttachMail.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/popcaploader_v10.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5648/mcfscan.cab
TCP: DhcpNameServer = 65.32.1.65 65.32.1.70
TCP: Interfaces\{8969A712-16CE-4DCC-865B-C7A883765ED3} : DhcpNameServer = 65.32.1.65 65.32.1.70
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2007\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: klogon - c:\windows\system32\klogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = :\windows\system32\srrst
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\ainvestm2\application data\mozilla\firefox\profiles\uz5pee5z.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
============= SERVICES / DRIVERS ===============
.
R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2007-5-2 3456]
R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2010-6-9 132184]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2011-6-7 475736]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky anti-virus 2011\avp.exe [2010-11-2 365336]
R2 REY Install NT Service;REY Install NT Service;c:\rey\bin\UcsInSvc.exe [2010-9-10 98304]
R2 REY PSCVersionService;REY PSCVersionService;c:\rey\bin\PSCVersionService.exe [2011-1-20 61440]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2010-5-7 32856]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19472]
S2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
S2 UCS Install NT Service;UCS Install NT Service;c:\ucc\services\ucsinsvc.exe --> c:\ucc\services\UcsInSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-02 13:51:40 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-01-02 13:51:40 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2011-12-10 20:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-23 14:53:26 267940236 ----a-w- c:\program files\UBCD4WinV350.exe
.
============= FINISH: 12:29:11.87 ===============
Running WIN 7 Home, DSL, IE, AV & Firewall installed.
Intel i3 - 3220
Asus P8Z77-V LX MoBo
Kingston 16 GB DDR3
Seagate Barracuda Sata 6G
XFX Radeon HD 7750 2G
** Toshiba Laptop has Win 8, DSL, AV & Firewall installed
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|