I have tried numerous times to remove the redirect virus. I'm hoping someone can help me.
Thanking you in advance,
Applesister
Here are my logs:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz, x86 Family 15 Model 2 Stepping 9
Processor Count: 1
RAM: 1021 Mb
Graphics Card: Intel(R) 82865G Graphics Controller, 96 Mb
Hard Drives: C: Total - 76285 MB, Free - 30263 MB;
Motherboard: Dell Computer Corp., 0F4491
Antivirus: AVG Internet Security 2013, Updated: Yes, On-Demand Scanner: Enabled
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:50:34 PM, on 11/18/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\Program Files\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\afasrv32.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Linksicle\Service\lssvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\MYSCRA~2\bar\1.bin\12brmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MyTomTom 3\MyTomTomSA.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
R3 - URLSearchHook: (no name) - {b3b5c47e-61f7-4d81-af06-461fc86686ce} - C:\Program Files\MyScrapNook_12\bar\1.bin\12SrcAs.dll
O2 - BHO: Toolbar BHO - {0214754e-4e7d-4589-829d-e2523e6a3085} - C:\PROGRA~1\MYSCRA~2\bar\1.bin\12bar.dll
O2 - BHO: Linksicle - {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - C:\Program Files\Linksicle\IE\LinksicleClientIE.dll
O2 - BHO: Search Assistant BHO - {65f159fb-5f5e-46f4-b45d-ccfa236d2073} - C:\Program Files\MyScrapNook_12\bar\1.bin\12SrcAs.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - (no file)
O3 - Toolbar: My Scrap Nook - {fe6f06fb-0fc0-4499-828f-ee48088f504f} - C:\Program Files\MyScrapNook_12\bar\1.bin\12bar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [My Scrap Nook Search Scope Monitor] "C:\PROGRA~1\MYSCRA~2\bar\1.bin\12srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyScrapNook_12 Browser Plugin Loader] C:\PROGRA~1\MYSCRA~2\bar\1.bin\12brmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files\MyTomTom 3\MyTomTomSA.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: &Search - http://buttons.myscrapnook.com/one-t...013111813&cv=2
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.att.net
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/CSMWeb/Cu...ataManager.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/...?1326505044875
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1293728936609
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1357688697265
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} (WebBrowserType Class) - https://pattcw.att.motive.com/wizlet...tInstaller.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - C:\WINDOWS\system32\afasrv32.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Linksicle Client Service (lssvc) - Linksicle - C:\Program Files\Linksicle\Service\lssvc.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: My Scrap NookService (MyScrapNook_12Service) - COMPANYVERS_NAME - C:\PROGRA~1\MYSCRA~2\bar\1.bin\12barsvc.exe
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Quebles Updater - Techno Design IP - C:\Program Files\Techno Design IP\Quebles Toolbar\QueblesAutoUpdate.exe
--
End of file - 8278 bytes
Run by MK at 19:53:28 on 2013-11-18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.341 [GMT -5:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Webroot AntiVirus with Spy Sweeper *Enabled/Updated* {77E10C7F-2CCA-4187-9394-BDBC267AD597}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Internet Security 2013 *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\afasrv32.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Linksicle\Service\lssvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\MYSCRA~2\bar\1.bin\12brmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MyTomTom 3\MyTomTomSA.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
uURLSearchHooks: <No Name>: {b3b5c47e-61f7-4d81-af06-461fc86686ce} - c:\program files\myscrapnook_12\bar\1.bin\12SrcAs.dll
BHO: Toolbar BHO: {0214754e-4e7d-4589-829d-e2523e6a3085} - c:\program files\myscrapnook_12\bar\1.bin\12bar.dll
BHO: Linksicle: {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - c:\program files\linksicle\ie\LinksicleClientIE.dll
BHO: Search Assistant BHO: {65f159fb-5f5e-46f4-b45d-ccfa236d2073} - c:\program files\myscrapnook_12\bar\1.bin\12SrcAs.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: My Scrap Nook: {FE6F06FB-0FC0-4499-828F-EE48088F504F} - c:\program files\myscrapnook_12\bar\1.bin\12bar.dll
TB: My Scrap Nook: {fe6f06fb-0fc0-4499-828f-ee48088f504f} - c:\program files\myscrapnook_12\bar\1.bin\12bar.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: &Research: {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program files\microsoft office\office12\REFIEBAR.DLL
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [NBJ] "c:\program files\ahead\nero backitup\nbj.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MyTomTomSA.exe] "c:\program files\mytomtom 3\MyTomTomSA.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [My Scrap Nook Search Scope Monitor] "c:\progra~1\myscra~2\bar\1.bin\12srchmn.exe" /m=2 /w /h
mRun: [MyScrapNook_12 Browser Plugin Loader] c:\progra~1\myscra~2\bar\1.bin\12brmon.exe
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
uPolicies-Explorer: NoDriveTypeAutoRun = dword:144
uPolicies-Explorer: NoDriveAutoRun = dword:-1
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Search - http://buttons.myscrapnook.com/one-t...013111813&cv=2
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: $talisma_url$
Trusted Zone: att.net
Trusted Zone: att.net
Trusted Zone: sbcglobal.net
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1326505044875
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1293728936609
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1357688697265
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/NAP/static/installer/ATTInternetInstaller.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{5A2BC020-8C7B-47E1-AAE7-5868E6BE1BC8} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-12-2 20624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-2-26 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-2-14 182072]
R1 lsnfd;lsnfd;c:\windows\system32\drivers\lsnfd.sys [2013-10-2 52688]
R2 AfaService;Afa Card Reader Service;c:\windows\system32\afasrv32.exe [2011-8-8 65536]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2013-9-4 1432080]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 FlashNT;FlashNT;c:\windows\system32\drivers\FLASHNT.SYS [2011-7-26 72784]
R2 lssvc;Linksicle Client Service;c:\program files\linksicle\service\lssvc.exe [2013-10-2 272936]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2012-7-13 769432]
R2 Sdselect;Sdselect;c:\windows\system32\drivers\sdselect.sys [2011-7-26 73296]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
S1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\mpfilter.sys --> c:\windows\system32\drivers\MpFilter.sys [?]
S1 MpKsl3b9accf3;MpKsl3b9accf3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{27e7cf6a-3e26-4897-a549-7c2b05b88ce1}\mpksl3b9accf3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{27e7cf6a-3e26-4897-a549-7c2b05b88ce1}\MpKsl3b9accf3.sys [?]
S1 MpKsl8e50dc00;MpKsl8e50dc00;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{27e7cf6a-3e26-4897-a549-7c2b05b88ce1}\mpksl8e50dc00.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{27e7cf6a-3e26-4897-a549-7c2b05b88ce1}\MpKsl8e50dc00.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MyScrapNook_12Service;My Scrap NookService;c:\progra~1\myscra~2\bar\1.bin\12barsvc.exe [2013-11-18 44752]
S2 SSFMONM;Spy Sweeper File System Filter Driver;c:\windows\system32\drivers\ssfmonm.sys --> c:\windows\system32\drivers\SSFMONM.SYS [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
S3 MHIKEY10;MHIKEY10;c:\windows\system32\drivers\MHIKEY10.sys [2011-2-10 51968]
S3 OlCamudp;OLYMPUS Digital Camera;c:\windows\system32\drivers\olcamudp.sys [2011-7-14 10379]
S3 Quebles Updater;Quebles Updater;c:\program files\techno design ip\quebles toolbar\QueblesAutoUpdate.exe [2013-2-14 21696]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2010-12-30 554784]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys --> c:\windows\system32\drivers\wdcsam.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v040 0.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-10-27 21:16:03 868264 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-10-27 21:16:03 790440 ----a-w- c:\windows\system32\deployJava1.dll
2013-10-27 21:16:03 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-16 21:35:02 465280 ----a-r- c:\windows\system32\cpnprt2win32.cid
2013-10-13 07:25:38 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:25:08 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-13 07:25:02 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:24:17 18944 ------w- c:\windows\system32\corpol.dll
2013-10-13 06:57:59 385024 ------w- c:\windows\system32\html.iec
2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-08 22:49:23 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-08 22:49:23 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-08 22:49:18 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-07 10:59:21 603136 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:14:01 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-02 21:14:50 52688 ----a-w- c:\windows\system32\drivers\lsnfd.sys
2013-09-10 05:34:48 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-09-05 05:43:42 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-08-29 01:31:44 1878656 ----a-w- c:\windows\system32\win32k.sys
2012-10-04 17:23:28 2906520 ----a-w- c:\program files\ytb_8.4.4.65_2.4.8_bts_pub_us_setup_Xpi-drop_2012.06.20.01.exe
2012-09-30 19:12:37 3941312 ----a-w- c:\program files\ccsetup323.exe
2012-08-22 19:28:21 1001264 ----a-w- c:\program files\install_flashplayer11x32ax_gtbp_chrd_au_aih.exe
2012-02-02 03:14:16 4649472 ----a-w- c:\program files\wllogin_32.msi
2012-01-31 02:04:10 2101864 ----a-w- c:\program files\HPPDU.exe
2011-03-19 14:54:29 5193608 ----a-w- c:\program files\ParetoLogic PC Health Advisor.exe
2011-01-19 01:35:06 20382576 ----a-w- c:\program files\TomTomHOME2winlatest.exe
2011-01-17 19:20:02 2146264 ----a-w- c:\program files\WRInstallSetup_1.exe
.
============= FINISH: 19:54:29.98 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/30/2010 11:54:17 AM
System Uptime: 11/18/2013 2:40:42 PM (5 hours ago)
.
Motherboard: Dell Computer Corp. | | 0F4491
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz | Microprocessor | 2660/533mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 29.661 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Description: BCM V.92 56K Modem
Device ID: PCI\VEN_14E4&DEV_4212&SUBSYS_00011028&REV_02\4&1C660DD6&0&08F0
Manufacturer: Broadcom Corporation
Name: BCM V.92 56K Modem
PNP Device ID: PCI\VEN_14E4&DEV_4212&SUBSYS_00011028&REV_02\4&1C660DD6&0&08F0
Service: Modem
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Photosmart C309a series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C309a series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP216: 9/11/2013 9:51:47 PM - Software Distribution Service 3.0
RP217: 9/14/2013 3:18:16 PM - System Checkpoint
RP218: 9/15/2013 3:45:04 PM - System Checkpoint
RP219: 9/17/2013 10:08:09 AM - System Checkpoint
RP220: 9/18/2013 11:16:14 AM - System Checkpoint
RP221: 9/19/2013 4:27:16 PM - System Checkpoint
RP222: 9/20/2013 5:08:15 PM - System Checkpoint
RP223: 9/21/2013 6:56:41 PM - System Checkpoint
RP224: 9/22/2013 7:37:53 PM - System Checkpoint
RP225: 9/22/2013 8:50:21 PM - Installed HP Product Detection
RP226: 9/26/2013 2:45:03 PM - System Checkpoint
RP227: 9/27/2013 4:14:01 PM - System Checkpoint
RP228: 9/28/2013 4:20:34 PM - System Checkpoint
RP229: 9/29/2013 8:41:06 PM - System Checkpoint
RP230: 10/1/2013 10:20:14 PM - System Checkpoint
RP231: 10/2/2013 10:38:31 PM - System Checkpoint
RP232: 10/4/2013 10:22:20 PM - System Checkpoint
RP233: 10/7/2013 5:21:09 PM - System Checkpoint
RP234: 10/8/2013 5:31:57 PM - System Checkpoint
RP235: 10/9/2013 5:37:46 PM - System Checkpoint
RP236: 10/9/2013 9:53:12 PM - Software Distribution Service 3.0
RP237: 10/10/2013 10:16:15 PM - System Checkpoint
RP238: 10/11/2013 1:53:52 PM - Installed PVR Plus
RP239: 10/11/2013 3:07:33 PM - Removed PVR Plus
RP240: 10/11/2013 11:17:33 PM - Software Distribution Service 3.0
RP241: 10/13/2013 11:36:09 AM - System Checkpoint
RP242: 10/14/2013 12:28:58 AM - Software Distribution Service 3.0
RP243: 10/14/2013 6:56:15 PM - Restore Operation
RP244: 10/14/2013 7:01:06 PM - Restore Operation
RP245: 10/14/2013 7:50:13 PM - Restore Operation
RP246: 10/14/2013 8:04:26 PM - Restore Operation
RP247: 10/14/2013 9:43:35 PM - Software Distribution Service 3.0
RP248: 10/16/2013 3:18:19 PM - System Checkpoint
RP249: 10/17/2013 3:52:13 PM - System Checkpoint
RP250: 10/18/2013 4:18:54 PM - System Checkpoint
RP251: 10/19/2013 4:43:27 PM - System Checkpoint
RP252: 10/20/2013 5:34:52 PM - System Checkpoint
RP253: 10/22/2013 3:07:15 PM - System Checkpoint
RP254: 10/23/2013 3:58:16 PM - System Checkpoint
RP255: 10/26/2013 10:44:08 AM - System Checkpoint
RP256: 10/27/2013 5:15:32 PM - Installed Java 7 Update 40
RP257: 10/29/2013 9:29:42 AM - System Checkpoint
RP258: 10/30/2013 11:46:29 AM - System Checkpoint
RP259: 11/1/2013 11:03:00 AM - System Checkpoint
RP260: 11/2/2013 1:04:08 PM - System Checkpoint
RP261: 11/2/2013 2:35:15 PM - Removed Apple Mobile Device Support
RP262: 11/3/2013 1:05:02 PM - Installed Windows Internet Explorer 8.
RP263: 11/3/2013 1:06:41 PM - Software Distribution Service 3.0
RP264: 11/3/2013 6:31:27 PM - Restore Point before Corrupt Patch Registry keys
RP265: 11/3/2013 7:36:33 PM - Restore Operation
RP266: 11/3/2013 9:19:49 PM - Software Distribution Service 3.0
RP267: 11/3/2013 9:55:44 PM - Software Distribution Service 3.0
RP268: 11/4/2013 8:59:21 PM - Restore Operation
RP269: 11/4/2013 9:25:00 PM - Restore Operation
RP270: 11/4/2013 9:49:40 PM - Restore Operation
RP271: 11/4/2013 11:31:50 PM - Software Distribution Service 3.0
RP272: 11/5/2013 2:53:26 PM - Software Distribution Service 3.0
RP273: 11/6/2013 11:14:19 PM - Restore Operation
RP274: 11/6/2013 11:50:37 PM - Software Distribution Service 3.0
RP275: 11/8/2013 6:22:20 PM - System Checkpoint
RP276: 11/10/2013 8:08:01 PM - System Checkpoint
RP277: 11/12/2013 5:51:37 PM - System Checkpoint
RP278: 11/12/2013 9:37:37 PM - Removed SpyHunter
RP279: 11/14/2013 2:01:17 AM - Software Distribution Service 3.0
RP280: 11/14/2013 12:31:25 PM - Norton_Power_Eraser_20131114123115015
RP281: 11/15/2013 4:19:45 PM - System Checkpoint
RP282: 11/18/2013 4:15:31 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Auslogics Disk Defrag
AVG 2013
BCM V.92 56K Modem
Belarc Advisor 7.2
CCleaner
Coupon Printer for Windows
Dell Driver Download Manager
Dell ResourceCD
EZ-DUB
Family Tree Maker 2006
FlashPath
Hewlett-Packard ACLM.NET v1.1.0.0
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB959765)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB969084)
Hotfix for Windows XP (KB981793)
HP Photosmart C309a All-In-One Driver 14.0 Rel. 5
HP Product Detection
HPDiagnosticAlert
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Connections Drivers
Java 7 Update 40
Java Auto Updater
Linksicle
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Fix it Center
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Web Publishing Wizard 1.52
MSN Toolbar Platform
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Scrap Nook Internet Explorer Toolbar
MyTomTom 3.2.0.1116
Nero Audio Pack 1
Nero Blu-ray Player
Nero Blu-ray Player Help (CHM)
Nero Core Components
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Kwik Themes Basic
Nero SharedVideoCodecs
Nero Suite
Nero Update
Network
OLYMPUS CAMEDIA Master 2.0
OpenOffice.org 3.4.1
OverDrive Media Console
PDF-Viewer
Prerequisite installer
PrintMaster
PS_AIO_05_C309_Software_Min
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2483614)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813347)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB975254)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Segoe UI
Shockwave
Toolbox
Tweak UI
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB961503)
Update for Windows XP (KB973687)
USB Storage Driver
USIM Editor 1.0.33.70
Visual Studio C++ 10.0 Runtime
WebFldrs XP
Windows Backup Utility
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Messenger
Windows Live Photo Gallery
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
WinZip 12.0
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
11/17/2013 7:53:15 PM, error: DCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {BA126AD1-2166-11D1-B1D0-00805FC1270E} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.
11/17/2013 10:40:05 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver AVGIDSShim Avgldx86 Avgtdix BANTExt Fips intelppm IPSec lsnfd MpFilter MRxSmb NetBIOS NetBT OMCI RasAcd Rdbss SSIDRV Tcpip
11/17/2013 10:40:05 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/17/2013 10:40:05 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
11/14/2013 12:58:53 AM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 000CF192C1B8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
11/14/2013 12:35:05 AM, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/14/2013 12:35:03 AM, error: Service Control Manager [7001] - The Windows Search service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/14/2013 11:43:09 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: MpFilter PCIIde SSIDRV
11/13/2013 10:15:13 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: MpFilter SSIDRV
11/13/2013 10:14:59 AM, error: Service Control Manager [7000] - The Spy Sweeper File System Filter Driver service failed to start due to the following error: The system cannot find the file specified.
11/11/2013 8:52:55 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/11/2013 7:56:06 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver AVGIDSShim Avgldx86 BANTExt Fips intelppm MpFilter OMCI SSIDRV
11/11/2013 7:56:06 PM, error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.
.
==== End Of File ===========================
.
GMER 2.1.19163 - http://www.gmer.net
Rootkit quick scan 2013-11-18 20:53:26
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 IC35L090AVV207-0 rev.V23OA66A 74.51GB
Running: 05vseml8.exe; Driver: C:\DOCUME~1\MK\LOCALS~1\Temp\pwtyypow.sys
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys
AttachedDevice \Driver\Tcpip \Device\Ip lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\Tcp lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\Udp lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\RawIp lsnfd.sys
---- EOF - GMER 2.1 ----
GMER 2.1.19163 - http://www.gmer.net
Rootkit quick scan 2013-11-18 20:09:51
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 IC35L090AVV207-0 rev.V23OA66A 74.51GB
Running: 05vseml8.exe; Driver: C:\DOCUME~1\MK\LOCALS~1\Temp\pwtyypog.sys
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys
AttachedDevice \Driver\Tcpip \Device\Ip lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\Tcp lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\Udp lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\RawIp lsnfd.sys
---- EOF - GMER 2.1 ----
Thanking you in advance,
Applesister
Here are my logs:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz, x86 Family 15 Model 2 Stepping 9
Processor Count: 1
RAM: 1021 Mb
Graphics Card: Intel(R) 82865G Graphics Controller, 96 Mb
Hard Drives: C: Total - 76285 MB, Free - 30263 MB;
Motherboard: Dell Computer Corp., 0F4491
Antivirus: AVG Internet Security 2013, Updated: Yes, On-Demand Scanner: Enabled
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:50:34 PM, on 11/18/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\Program Files\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\afasrv32.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Linksicle\Service\lssvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\MYSCRA~2\bar\1.bin\12brmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MyTomTom 3\MyTomTomSA.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
R3 - URLSearchHook: (no name) - {b3b5c47e-61f7-4d81-af06-461fc86686ce} - C:\Program Files\MyScrapNook_12\bar\1.bin\12SrcAs.dll
O2 - BHO: Toolbar BHO - {0214754e-4e7d-4589-829d-e2523e6a3085} - C:\PROGRA~1\MYSCRA~2\bar\1.bin\12bar.dll
O2 - BHO: Linksicle - {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - C:\Program Files\Linksicle\IE\LinksicleClientIE.dll
O2 - BHO: Search Assistant BHO - {65f159fb-5f5e-46f4-b45d-ccfa236d2073} - C:\Program Files\MyScrapNook_12\bar\1.bin\12SrcAs.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - (no file)
O3 - Toolbar: My Scrap Nook - {fe6f06fb-0fc0-4499-828f-ee48088f504f} - C:\Program Files\MyScrapNook_12\bar\1.bin\12bar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [My Scrap Nook Search Scope Monitor] "C:\PROGRA~1\MYSCRA~2\bar\1.bin\12srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyScrapNook_12 Browser Plugin Loader] C:\PROGRA~1\MYSCRA~2\bar\1.bin\12brmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files\MyTomTom 3\MyTomTomSA.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: &Search - http://buttons.myscrapnook.com/one-t...013111813&cv=2
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.att.net
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/CSMWeb/Cu...ataManager.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/...?1326505044875
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1293728936609
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1357688697265
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} (WebBrowserType Class) - https://pattcw.att.motive.com/wizlet...tInstaller.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - C:\WINDOWS\system32\afasrv32.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Linksicle Client Service (lssvc) - Linksicle - C:\Program Files\Linksicle\Service\lssvc.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: My Scrap NookService (MyScrapNook_12Service) - COMPANYVERS_NAME - C:\PROGRA~1\MYSCRA~2\bar\1.bin\12barsvc.exe
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Quebles Updater - Techno Design IP - C:\Program Files\Techno Design IP\Quebles Toolbar\QueblesAutoUpdate.exe
--
End of file - 8278 bytes
Run by MK at 19:53:28 on 2013-11-18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.341 [GMT -5:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Webroot AntiVirus with Spy Sweeper *Enabled/Updated* {77E10C7F-2CCA-4187-9394-BDBC267AD597}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Internet Security 2013 *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\afasrv32.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Linksicle\Service\lssvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\MYSCRA~2\bar\1.bin\12brmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MyTomTom 3\MyTomTomSA.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
uURLSearchHooks: <No Name>: {b3b5c47e-61f7-4d81-af06-461fc86686ce} - c:\program files\myscrapnook_12\bar\1.bin\12SrcAs.dll
BHO: Toolbar BHO: {0214754e-4e7d-4589-829d-e2523e6a3085} - c:\program files\myscrapnook_12\bar\1.bin\12bar.dll
BHO: Linksicle: {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - c:\program files\linksicle\ie\LinksicleClientIE.dll
BHO: Search Assistant BHO: {65f159fb-5f5e-46f4-b45d-ccfa236d2073} - c:\program files\myscrapnook_12\bar\1.bin\12SrcAs.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: My Scrap Nook: {FE6F06FB-0FC0-4499-828F-EE48088F504F} - c:\program files\myscrapnook_12\bar\1.bin\12bar.dll
TB: My Scrap Nook: {fe6f06fb-0fc0-4499-828f-ee48088f504f} - c:\program files\myscrapnook_12\bar\1.bin\12bar.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: &Research: {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program files\microsoft office\office12\REFIEBAR.DLL
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [NBJ] "c:\program files\ahead\nero backitup\nbj.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MyTomTomSA.exe] "c:\program files\mytomtom 3\MyTomTomSA.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [My Scrap Nook Search Scope Monitor] "c:\progra~1\myscra~2\bar\1.bin\12srchmn.exe" /m=2 /w /h
mRun: [MyScrapNook_12 Browser Plugin Loader] c:\progra~1\myscra~2\bar\1.bin\12brmon.exe
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
uPolicies-Explorer: NoDriveTypeAutoRun = dword:144
uPolicies-Explorer: NoDriveAutoRun = dword:-1
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Search - http://buttons.myscrapnook.com/one-t...013111813&cv=2
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: $talisma_url$
Trusted Zone: att.net
Trusted Zone: att.net
Trusted Zone: sbcglobal.net
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1326505044875
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1293728936609
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1357688697265
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/NAP/static/installer/ATTInternetInstaller.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{5A2BC020-8C7B-47E1-AAE7-5868E6BE1BC8} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-12-2 20624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-2-26 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-2-14 182072]
R1 lsnfd;lsnfd;c:\windows\system32\drivers\lsnfd.sys [2013-10-2 52688]
R2 AfaService;Afa Card Reader Service;c:\windows\system32\afasrv32.exe [2011-8-8 65536]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2013-9-4 1432080]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 FlashNT;FlashNT;c:\windows\system32\drivers\FLASHNT.SYS [2011-7-26 72784]
R2 lssvc;Linksicle Client Service;c:\program files\linksicle\service\lssvc.exe [2013-10-2 272936]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2012-7-13 769432]
R2 Sdselect;Sdselect;c:\windows\system32\drivers\sdselect.sys [2011-7-26 73296]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
S1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\mpfilter.sys --> c:\windows\system32\drivers\MpFilter.sys [?]
S1 MpKsl3b9accf3;MpKsl3b9accf3;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{27e7cf6a-3e26-4897-a549-7c2b05b88ce1}\mpksl3b9accf3.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{27e7cf6a-3e26-4897-a549-7c2b05b88ce1}\MpKsl3b9accf3.sys [?]
S1 MpKsl8e50dc00;MpKsl8e50dc00;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{27e7cf6a-3e26-4897-a549-7c2b05b88ce1}\mpksl8e50dc00.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{27e7cf6a-3e26-4897-a549-7c2b05b88ce1}\MpKsl8e50dc00.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MyScrapNook_12Service;My Scrap NookService;c:\progra~1\myscra~2\bar\1.bin\12barsvc.exe [2013-11-18 44752]
S2 SSFMONM;Spy Sweeper File System Filter Driver;c:\windows\system32\drivers\ssfmonm.sys --> c:\windows\system32\drivers\SSFMONM.SYS [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
S3 MHIKEY10;MHIKEY10;c:\windows\system32\drivers\MHIKEY10.sys [2011-2-10 51968]
S3 OlCamudp;OLYMPUS Digital Camera;c:\windows\system32\drivers\olcamudp.sys [2011-7-14 10379]
S3 Quebles Updater;Quebles Updater;c:\program files\techno design ip\quebles toolbar\QueblesAutoUpdate.exe [2013-2-14 21696]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2010-12-30 554784]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys --> c:\windows\system32\drivers\wdcsam.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v040 0.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-10-27 21:16:03 868264 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-10-27 21:16:03 790440 ----a-w- c:\windows\system32\deployJava1.dll
2013-10-27 21:16:03 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-16 21:35:02 465280 ----a-r- c:\windows\system32\cpnprt2win32.cid
2013-10-13 07:25:38 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:25:08 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-13 07:25:02 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:24:17 18944 ------w- c:\windows\system32\corpol.dll
2013-10-13 06:57:59 385024 ------w- c:\windows\system32\html.iec
2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-08 22:49:23 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-08 22:49:23 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-08 22:49:18 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-07 10:59:21 603136 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:14:01 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-02 21:14:50 52688 ----a-w- c:\windows\system32\drivers\lsnfd.sys
2013-09-10 05:34:48 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-09-05 05:43:42 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-08-29 01:31:44 1878656 ----a-w- c:\windows\system32\win32k.sys
2012-10-04 17:23:28 2906520 ----a-w- c:\program files\ytb_8.4.4.65_2.4.8_bts_pub_us_setup_Xpi-drop_2012.06.20.01.exe
2012-09-30 19:12:37 3941312 ----a-w- c:\program files\ccsetup323.exe
2012-08-22 19:28:21 1001264 ----a-w- c:\program files\install_flashplayer11x32ax_gtbp_chrd_au_aih.exe
2012-02-02 03:14:16 4649472 ----a-w- c:\program files\wllogin_32.msi
2012-01-31 02:04:10 2101864 ----a-w- c:\program files\HPPDU.exe
2011-03-19 14:54:29 5193608 ----a-w- c:\program files\ParetoLogic PC Health Advisor.exe
2011-01-19 01:35:06 20382576 ----a-w- c:\program files\TomTomHOME2winlatest.exe
2011-01-17 19:20:02 2146264 ----a-w- c:\program files\WRInstallSetup_1.exe
.
============= FINISH: 19:54:29.98 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/30/2010 11:54:17 AM
System Uptime: 11/18/2013 2:40:42 PM (5 hours ago)
.
Motherboard: Dell Computer Corp. | | 0F4491
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz | Microprocessor | 2660/533mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 29.661 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Description: BCM V.92 56K Modem
Device ID: PCI\VEN_14E4&DEV_4212&SUBSYS_00011028&REV_02\4&1C660DD6&0&08F0
Manufacturer: Broadcom Corporation
Name: BCM V.92 56K Modem
PNP Device ID: PCI\VEN_14E4&DEV_4212&SUBSYS_00011028&REV_02\4&1C660DD6&0&08F0
Service: Modem
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Photosmart C309a series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C309a series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP216: 9/11/2013 9:51:47 PM - Software Distribution Service 3.0
RP217: 9/14/2013 3:18:16 PM - System Checkpoint
RP218: 9/15/2013 3:45:04 PM - System Checkpoint
RP219: 9/17/2013 10:08:09 AM - System Checkpoint
RP220: 9/18/2013 11:16:14 AM - System Checkpoint
RP221: 9/19/2013 4:27:16 PM - System Checkpoint
RP222: 9/20/2013 5:08:15 PM - System Checkpoint
RP223: 9/21/2013 6:56:41 PM - System Checkpoint
RP224: 9/22/2013 7:37:53 PM - System Checkpoint
RP225: 9/22/2013 8:50:21 PM - Installed HP Product Detection
RP226: 9/26/2013 2:45:03 PM - System Checkpoint
RP227: 9/27/2013 4:14:01 PM - System Checkpoint
RP228: 9/28/2013 4:20:34 PM - System Checkpoint
RP229: 9/29/2013 8:41:06 PM - System Checkpoint
RP230: 10/1/2013 10:20:14 PM - System Checkpoint
RP231: 10/2/2013 10:38:31 PM - System Checkpoint
RP232: 10/4/2013 10:22:20 PM - System Checkpoint
RP233: 10/7/2013 5:21:09 PM - System Checkpoint
RP234: 10/8/2013 5:31:57 PM - System Checkpoint
RP235: 10/9/2013 5:37:46 PM - System Checkpoint
RP236: 10/9/2013 9:53:12 PM - Software Distribution Service 3.0
RP237: 10/10/2013 10:16:15 PM - System Checkpoint
RP238: 10/11/2013 1:53:52 PM - Installed PVR Plus
RP239: 10/11/2013 3:07:33 PM - Removed PVR Plus
RP240: 10/11/2013 11:17:33 PM - Software Distribution Service 3.0
RP241: 10/13/2013 11:36:09 AM - System Checkpoint
RP242: 10/14/2013 12:28:58 AM - Software Distribution Service 3.0
RP243: 10/14/2013 6:56:15 PM - Restore Operation
RP244: 10/14/2013 7:01:06 PM - Restore Operation
RP245: 10/14/2013 7:50:13 PM - Restore Operation
RP246: 10/14/2013 8:04:26 PM - Restore Operation
RP247: 10/14/2013 9:43:35 PM - Software Distribution Service 3.0
RP248: 10/16/2013 3:18:19 PM - System Checkpoint
RP249: 10/17/2013 3:52:13 PM - System Checkpoint
RP250: 10/18/2013 4:18:54 PM - System Checkpoint
RP251: 10/19/2013 4:43:27 PM - System Checkpoint
RP252: 10/20/2013 5:34:52 PM - System Checkpoint
RP253: 10/22/2013 3:07:15 PM - System Checkpoint
RP254: 10/23/2013 3:58:16 PM - System Checkpoint
RP255: 10/26/2013 10:44:08 AM - System Checkpoint
RP256: 10/27/2013 5:15:32 PM - Installed Java 7 Update 40
RP257: 10/29/2013 9:29:42 AM - System Checkpoint
RP258: 10/30/2013 11:46:29 AM - System Checkpoint
RP259: 11/1/2013 11:03:00 AM - System Checkpoint
RP260: 11/2/2013 1:04:08 PM - System Checkpoint
RP261: 11/2/2013 2:35:15 PM - Removed Apple Mobile Device Support
RP262: 11/3/2013 1:05:02 PM - Installed Windows Internet Explorer 8.
RP263: 11/3/2013 1:06:41 PM - Software Distribution Service 3.0
RP264: 11/3/2013 6:31:27 PM - Restore Point before Corrupt Patch Registry keys
RP265: 11/3/2013 7:36:33 PM - Restore Operation
RP266: 11/3/2013 9:19:49 PM - Software Distribution Service 3.0
RP267: 11/3/2013 9:55:44 PM - Software Distribution Service 3.0
RP268: 11/4/2013 8:59:21 PM - Restore Operation
RP269: 11/4/2013 9:25:00 PM - Restore Operation
RP270: 11/4/2013 9:49:40 PM - Restore Operation
RP271: 11/4/2013 11:31:50 PM - Software Distribution Service 3.0
RP272: 11/5/2013 2:53:26 PM - Software Distribution Service 3.0
RP273: 11/6/2013 11:14:19 PM - Restore Operation
RP274: 11/6/2013 11:50:37 PM - Software Distribution Service 3.0
RP275: 11/8/2013 6:22:20 PM - System Checkpoint
RP276: 11/10/2013 8:08:01 PM - System Checkpoint
RP277: 11/12/2013 5:51:37 PM - System Checkpoint
RP278: 11/12/2013 9:37:37 PM - Removed SpyHunter
RP279: 11/14/2013 2:01:17 AM - Software Distribution Service 3.0
RP280: 11/14/2013 12:31:25 PM - Norton_Power_Eraser_20131114123115015
RP281: 11/15/2013 4:19:45 PM - System Checkpoint
RP282: 11/18/2013 4:15:31 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Auslogics Disk Defrag
AVG 2013
BCM V.92 56K Modem
Belarc Advisor 7.2
CCleaner
Coupon Printer for Windows
Dell Driver Download Manager
Dell ResourceCD
EZ-DUB
Family Tree Maker 2006
FlashPath
Hewlett-Packard ACLM.NET v1.1.0.0
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB959765)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB969084)
Hotfix for Windows XP (KB981793)
HP Photosmart C309a All-In-One Driver 14.0 Rel. 5
HP Product Detection
HPDiagnosticAlert
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Connections Drivers
Java 7 Update 40
Java Auto Updater
Linksicle
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Fix it Center
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Web Publishing Wizard 1.52
MSN Toolbar Platform
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Scrap Nook Internet Explorer Toolbar
MyTomTom 3.2.0.1116
Nero Audio Pack 1
Nero Blu-ray Player
Nero Blu-ray Player Help (CHM)
Nero Core Components
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Kwik Themes Basic
Nero SharedVideoCodecs
Nero Suite
Nero Update
Network
OLYMPUS CAMEDIA Master 2.0
OpenOffice.org 3.4.1
OverDrive Media Console
PDF-Viewer
Prerequisite installer
PrintMaster
PS_AIO_05_C309_Software_Min
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2483614)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813347)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB975254)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Segoe UI
Shockwave
Toolbox
Tweak UI
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB961503)
Update for Windows XP (KB973687)
USB Storage Driver
USIM Editor 1.0.33.70
Visual Studio C++ 10.0 Runtime
WebFldrs XP
Windows Backup Utility
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Messenger
Windows Live Photo Gallery
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
WinZip 12.0
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
11/17/2013 7:53:15 PM, error: DCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {BA126AD1-2166-11D1-B1D0-00805FC1270E} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.
11/17/2013 10:40:05 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver AVGIDSShim Avgldx86 Avgtdix BANTExt Fips intelppm IPSec lsnfd MpFilter MRxSmb NetBIOS NetBT OMCI RasAcd Rdbss SSIDRV Tcpip
11/17/2013 10:40:05 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/17/2013 10:40:05 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
11/14/2013 12:58:53 AM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 000CF192C1B8 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
11/14/2013 12:35:05 AM, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/14/2013 12:35:03 AM, error: Service Control Manager [7001] - The Windows Search service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/14/2013 11:43:09 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: MpFilter PCIIde SSIDRV
11/13/2013 10:15:13 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: MpFilter SSIDRV
11/13/2013 10:14:59 AM, error: Service Control Manager [7000] - The Spy Sweeper File System Filter Driver service failed to start due to the following error: The system cannot find the file specified.
11/11/2013 8:52:55 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/11/2013 7:56:06 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver AVGIDSShim Avgldx86 BANTExt Fips intelppm MpFilter OMCI SSIDRV
11/11/2013 7:56:06 PM, error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.
.
==== End Of File ===========================
.
GMER 2.1.19163 - http://www.gmer.net
Rootkit quick scan 2013-11-18 20:53:26
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 IC35L090AVV207-0 rev.V23OA66A 74.51GB
Running: 05vseml8.exe; Driver: C:\DOCUME~1\MK\LOCALS~1\Temp\pwtyypow.sys
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys
AttachedDevice \Driver\Tcpip \Device\Ip lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\Tcp lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\Udp lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\RawIp lsnfd.sys
---- EOF - GMER 2.1 ----
GMER 2.1.19163 - http://www.gmer.net
Rootkit quick scan 2013-11-18 20:09:51
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 IC35L090AVV207-0 rev.V23OA66A 74.51GB
Running: 05vseml8.exe; Driver: C:\DOCUME~1\MK\LOCALS~1\Temp\pwtyypog.sys
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys
AttachedDevice \Driver\Tcpip \Device\Ip lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\Tcp lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\Udp lsnfd.sys
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys
AttachedDevice \Driver\Tcpip \Device\RawIp lsnfd.sys
---- EOF - GMER 2.1 ----