Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop-uppalooza On my puter - HELP!


  • This topic is locked This topic is locked
2 replies to this topic

#1 mbmmm

mbmmm

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 16 August 2009 - 04:57 PM

DDS (Ver_09-07-30.01) - NTFSx86
Run by Owner at 16:19:11.00 on Sun 08/16/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.111 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\bwgo0001b3da.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\NFWB4CQR\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://dsl.sbc.yahoo.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {de0f2d9f-d9f3-423f-825e-d62b644c4998} - c:\windows\system32\atiicdx.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No File
TB: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: hp view: {8f4902b6-6c04-4ade-8052-aa58578a21bd} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\BackWeb-8876480.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
uRun: [A00F3DDF1E7.exe] c:\docume~1\owner\locals~1\temp\_A00F3DDF1E7.exe
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {44226DFF-747E-4edc-B30C-78752E50CD0C} - {44226DFF-747E-4edc-B30C-78752E50CD0C} - c:\program files\ati multimedia\tv\EXPLBAR.DLL
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\program files\common files\is3\anti-spyware\iS3lsp.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180467969718
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1180563579156
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://toro.webex.com/client/T26L/training/ieatgpc.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: __c00CFFB0 - c:\windows\system32\__c00CFFB0.dat
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-4-23 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-8-8 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-8-8 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-8-8 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-8-8 297752]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 1029456]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-10 24652]
RUnknown szkg5;szkg5; [x]
S2 ATIXBAR;ATI TV Wonder WDM Audio Crossbar;c:\windows\system32\drivers\ativxstw.sys [2007-5-29 28416]
S2 BT848;ATI TV Wonder BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.sys [2007-5-29 208720]
S2 BTTUNER;ATI TV Wonder TVTuner, WDM TvTuner;c:\windows\system32\drivers\ativtutw.sys [2007-5-29 17664]
S2 BTXBAR;ATI TV Wonder WDM Video Crossbar;c:\windows\system32\drivers\btxbar.sys [2007-5-29 10512]
S2 NAVAPEL;NAVAPEL;\??\c:\progra~1\symant~1\symant~1\navapel.sys --> c:\progra~1\symant~1\symant~1\NAVAPEL.SYS [?]
S2 Norton AntiVirus Server;Symantec AntiVirus Client;"c:\program files\symantec_client_security\symantec antivirus\rtvscan.exe" --> c:\program files\symantec_client_security\symantec antivirus\Rtvscan.exe [?]
S2 TTDec;ATI WDM Teletext Decoder;c:\windows\system32\drivers\atinttxx.sys [2007-5-29 13824]
S3 NAVAP;NAVAP;\??\c:\program files\symantec_client_security\symantec antivirus\navap.sys --> c:\program files\symantec_client_security\symantec antivirus\NAVAP.sys [?]

=============== Created Last 30 ================

2009-08-16 13:51 112 a------- c:\windows\system32\drivers\kgpfr2.cfg
2009-08-16 13:50 1,376 a------- c:\windows\system32\drivers\kgpcpy.cfg
2009-08-16 13:50 25,600 a------- c:\windows\system32\__c00CFFB0.dat
2009-08-16 13:47 <DIR> --d----- c:\docume~1\owner\applic~1\AVG8
2009-08-16 13:47 <DIR> --d----- c:\program files\DrWeb
2009-08-16 13:46 <DIR> --d----- c:\program files\AskBarDis
2009-08-16 13:25 123,904 a------- c:\windows\system32\atiicdx.dll
2009-08-16 13:25 151,552 a------- c:\windows\system32\__c00FA550.exe
2009-08-15 19:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SITEguard
2009-08-15 19:18 <DIR> --d----- c:\program files\common files\iS3
2009-08-15 19:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\STOPzilla!
2009-08-15 16:09 0 a------- c:\windows\system32\GroupPolicy000.dat
2009-08-14 19:13 0 a------- c:\windows\system32\4A.tmp
2009-08-13 23:13 0 a------- c:\windows\system32\37.tmp
2009-08-13 03:14 <DIR> --dsh--- c:\windows\system32\SystemX86
2009-08-13 00:03 0 a------- c:\windows\system32\12E.tmp
2009-08-12 20:13 128,512 -c------ c:\windows\system32\dllcache\dhtmled.ocx
2009-08-12 20:13 1,315,328 -c------ c:\windows\system32\dllcache\msoe.dll
2009-08-10 13:50 110 a------- C:\xcrashdump.dat
2009-08-10 12:03 0 a------- c:\windows\system32\35.tmp
2009-08-09 14:19 <DIR> --d----- c:\program files\Exterminate It!
2009-08-08 18:41 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-08-08 18:41 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-08-08 18:40 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-08-08 18:38 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-08-07 14:28 518,144 a--sh--- c:\windows\system32\3F5.tmp
2009-08-05 04:01 204,800 -c------ c:\windows\system32\dllcache\mswebdvd.dll

==================== Find3M ====================

2009-08-13 16:31 34 a------- c:\documents and settings\owner\jagex_runescape_preferences.dat
2009-08-05 04:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll
2009-07-17 14:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
2009-06-29 11:12 827,392 a------- c:\windows\system32\wininet.dll
2009-06-29 11:12 78,336 a------- c:\windows\system32\ieencode.dll
2009-06-29 11:12 17,408 a------- c:\windows\system32\corpol.dll
2009-06-25 03:25 730,112 a------- c:\windows\system32\lsasrv.dll
2009-06-25 03:25 301,568 a------- c:\windows\system32\kerberos.dll
2009-06-25 03:25 147,456 a------- c:\windows\system32\schannel.dll
2009-06-25 03:25 136,192 a------- c:\windows\system32\msv1_0.dll
2009-06-25 03:25 56,832 a------- c:\windows\system32\secur32.dll
2009-06-25 03:25 54,272 a------- c:\windows\system32\wdigest.dll
2009-06-24 06:18 92,928 a------- c:\windows\system32\drivers\ksecdd.sys
2009-06-22 11:02 323,584 a------- c:\windows\system32\AUDIOGENIE2.DLL
2009-06-16 09:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 09:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-12 07:31 76,288 a------- c:\windows\system32\telnet.exe
2009-06-10 09:19 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-06-10 09:13 84,992 a------- c:\windows\system32\avifil32.dll
2009-06-10 01:14 132,096 a------- c:\windows\system32\wkssvc.dll
2009-06-03 14:09 1,291,264 a------- c:\windows\system32\quartz.dll
2009-05-28 06:52 15,688 a------- c:\windows\system32\lsdelete.exe
2009-01-26 10:24 87,608 a------- c:\docume~1\owner\applic~1\inst.exe
2009-01-26 10:24 47,360 a------- c:\docume~1\owner\applic~1\pcouffin.sys
2007-03-21 14:48 87,608 a------- c:\docume~1\owner\applic~1\ezpinst.exe
2006-05-20 06:42 73,728 a------- c:\program files\common files\IsLicense.dll
2006-07-17 14:33 0 a--sh--- c:\windows\sminst\HPCD.sys
2008-06-16 18:40 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008061620080617\index.dat

============= FINISH: 16:20:18.28 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 5/29/2007 2:33:37 PM
System Uptime: 8/16/2009 1:48:24 PM (3 hours ago)

Motherboard: ASUSTeK Computer INC. | | Diablo
Processor: AMD Athlon™ 64 Processor 3200+ | Socket 754 | 1995/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 182 GiB total, 121.929 GiB free.
D: is FIXED (FAT32) - 4 GiB total, 0.766 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP943: 5/19/2009 10:14:43 AM - System Checkpoint
RP944: 5/20/2009 10:48:06 AM - System Checkpoint
RP945: 5/21/2009 11:43:31 AM - System Checkpoint
RP946: 5/22/2009 12:03:25 PM - System Checkpoint
RP947: 5/23/2009 1:26:06 PM - System Checkpoint
RP948: 5/24/2009 1:44:17 PM - System Checkpoint
RP949: 5/25/2009 1:48:07 PM - System Checkpoint
RP950: 5/26/2009 2:46:47 PM - System Checkpoint
RP951: 5/27/2009 2:50:10 PM - System Checkpoint
RP952: 5/28/2009 3:25:35 PM - System Checkpoint
RP953: 5/29/2009 3:46:47 PM - System Checkpoint
RP954: 5/30/2009 3:47:52 PM - System Checkpoint
RP955: 5/31/2009 5:10:48 PM - System Checkpoint
RP956: 6/1/2009 12:22:45 PM - Software Distribution Service 3.0
RP957: 6/1/2009 12:44:47 PM - Printer Driver Microsoft XPS Document Writer Installed
RP958: 6/2/2009 8:36:18 AM - Software Distribution Service 3.0
RP959: 6/3/2009 9:05:21 AM - System Checkpoint
RP960: 6/4/2009 9:43:56 AM - System Checkpoint
RP961: 6/5/2009 9:44:37 AM - System Checkpoint
RP962: 6/6/2009 10:44:37 AM - System Checkpoint
RP963: 6/7/2009 12:32:26 PM - System Checkpoint
RP964: 6/8/2009 12:54:27 PM - System Checkpoint
RP965: 6/9/2009 1:30:04 PM - System Checkpoint
RP966: 6/9/2009 5:14:44 PM - Installed Java™ 6 Update 14
RP967: 6/9/2009 5:16:56 PM - Removed DING!
RP968: 6/10/2009 6:10:21 PM - System Checkpoint
RP969: 6/11/2009 3:01:06 AM - Software Distribution Service 3.0
RP970: 6/12/2009 3:26:25 AM - System Checkpoint
RP971: 6/15/2009 12:53:29 PM - System Checkpoint
RP972: 6/16/2009 1:27:08 PM - System Checkpoint
RP973: 6/17/2009 2:19:25 PM - System Checkpoint
RP974: 6/17/2009 11:22:33 PM - Software Distribution Service 3.0
RP975: 6/18/2009 11:28:13 PM - System Checkpoint
RP976: 6/20/2009 12:26:52 AM - System Checkpoint
RP977: 6/21/2009 12:27:57 AM - System Checkpoint
RP978: 6/22/2009 1:26:52 AM - System Checkpoint
RP979: 6/22/2009 4:23:05 PM - Installed McAfee VirusScan Enterprise
RP980: 6/23/2009 4:23:14 PM - System Checkpoint
RP981: 6/24/2009 5:07:28 PM - System Checkpoint
RP982: 6/25/2009 6:32:36 PM - System Checkpoint
RP983: 6/26/2009 7:31:14 PM - System Checkpoint
RP984: 6/27/2009 8:07:31 PM - System Checkpoint
RP985: 6/28/2009 8:08:37 PM - System Checkpoint
RP986: 6/29/2009 9:08:37 PM - System Checkpoint
RP987: 6/30/2009 8:41:22 AM - Avg8 Update
RP988: 6/30/2009 8:42:17 AM - Avg8 Update
RP989: 7/1/2009 9:07:07 AM - System Checkpoint
RP990: 7/1/2009 10:05:31 AM - Software Distribution Service 3.0
RP991: 7/2/2009 10:07:08 AM - System Checkpoint
RP992: 7/3/2009 11:11:54 AM - System Checkpoint
RP993: 7/4/2009 12:18:50 PM - System Checkpoint
RP994: 7/5/2009 1:32:48 PM - System Checkpoint
RP995: 7/6/2009 1:32:57 PM - System Checkpoint
RP996: 7/7/2009 1:55:14 PM - System Checkpoint
RP997: 7/8/2009 1:56:21 PM - System Checkpoint
RP998: 7/9/2009 3:58:05 PM - System Checkpoint
RP999: 7/10/2009 8:22:48 PM - System Checkpoint
RP1000: 7/11/2009 8:54:37 PM - System Checkpoint
RP1001: 7/12/2009 9:54:37 PM - System Checkpoint
RP1002: 7/13/2009 9:03:40 AM - Avg8 Update
RP1003: 7/13/2009 9:04:26 AM - Avg8 Update
RP1004: 7/14/2009 9:54:36 AM - System Checkpoint
RP1005: 7/15/2009 3:01:17 AM - Software Distribution Service 3.0
RP1006: 7/16/2009 3:54:35 AM - System Checkpoint
RP1007: 7/17/2009 4:54:22 AM - System Checkpoint
RP1008: 7/18/2009 5:54:34 AM - System Checkpoint
RP1009: 7/19/2009 6:54:20 AM - System Checkpoint
RP1010: 7/20/2009 7:54:20 AM - System Checkpoint
RP1011: 7/21/2009 8:54:18 AM - System Checkpoint
RP1012: 7/22/2009 3:00:35 AM - Software Distribution Service 3.0
RP1013: 7/23/2009 3:54:17 AM - System Checkpoint
RP1014: 7/24/2009 4:14:53 AM - System Checkpoint
RP1015: 7/25/2009 5:14:58 AM - System Checkpoint
RP1016: 7/25/2009 9:06:01 AM - Avg8 Update
RP1017: 7/26/2009 9:14:51 AM - System Checkpoint
RP1018: 7/27/2009 10:14:51 AM - System Checkpoint
RP1019: 7/28/2009 11:15:57 AM - System Checkpoint
RP1020: 7/29/2009 3:00:36 AM - Software Distribution Service 3.0
RP1021: 7/30/2009 3:38:42 AM - System Checkpoint
RP1022: 7/31/2009 3:00:26 AM - Software Distribution Service 3.0
RP1023: 8/1/2009 3:38:42 AM - System Checkpoint
RP1024: 8/2/2009 4:23:38 AM - System Checkpoint
RP1025: 8/3/2009 4:38:42 AM - System Checkpoint
RP1026: 8/4/2009 5:38:43 AM - System Checkpoint
RP1027: 8/4/2009 10:26:53 PM - Installed Java™ 6 Update 15
RP1028: 8/5/2009 10:38:44 PM - System Checkpoint
RP1029: 8/6/2009 10:39:43 PM - System Checkpoint
RP1030: 8/8/2009 10:43:15 AM - System Checkpoint
RP1031: 8/8/2009 12:01:39 PM - Installed Dr.Web anti-virus for Windows 5.0.
RP1032: 8/8/2009 4:35:06 PM - Removed AVG 8.5
RP1033: 8/8/2009 4:42:57 PM - Installed AVG 8.5
RP1034: 8/8/2009 6:36:50 PM - Installed AVG Free 8.5
RP1035: 8/9/2009 12:02:57 PM - Removed McAfee VirusScan Enterprise
RP1036: 8/9/2009 12:03:57 PM - Removed McAfee Agent.
RP1037: 8/10/2009 12:47:51 PM - System Checkpoint
RP1038: 8/11/2009 1:08:25 PM - System Checkpoint
RP1039: 8/12/2009 2:15:42 PM - System Checkpoint
RP1040: 8/13/2009 3:00:30 AM - Software Distribution Service 3.0
RP1041: 8/14/2009 5:34:30 AM - System Checkpoint
RP1042: 8/15/2009 6:25:07 AM - System Checkpoint
RP1043: 8/15/2009 3:43:01 PM - Software Distribution Service 3.0
RP1044: 8/15/2009 7:08:33 PM - Installed Google Toolbar for Internet Explorer
RP1045: 8/15/2009 7:18:33 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
RP1046: 8/16/2009 1:37:59 PM - Restore Operation
RP1047: 8/16/2009 1:49:45 PM - Restore Operation
RP1048: 8/16/2009 1:53:14 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP1049: 8/16/2009 2:00:38 PM - ADVANCED REGISTRY OPTIMIZER - FIRST RUN
RP1050: 8/16/2009 2:04:15 PM - Advanced Registry Optimizer Sun, Aug 16, 09 14:04
RP1051: 8/16/2009 2:24:07 PM - Configured AVG Free 8.5

==== Installed Programs ======================


1Click DVD Copy 4.1
1Click DVD Copy 5.4.9.1
1Click DVD Copy Pro 3.3.3.0
AAC Decoder
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Media Player
Adobe Photoshop 7.0
Adobe Reader 7.1.0
Adobe Reader Chinese Simplified Fonts
Adobe Reader Chinese Traditional Fonts
Adobe Shockwave Player 11.5
AIM 6
AOL Instant Messenger
Apple Mobile Device Support
Apple Software Update
AT&T Self Support Tool
ATI Multimedia Center 7.9.0.0
AutoUpdate
Avanquest update
AVG Free 8.5
BiAdmin
BitTorrent
Bonjour
Compatibility Pack for the 2007 Office system
CopyToDVD
Critical Update for Windows Media Player 11 (KB959772)
DAO
Dassault Systemes Software Prerequisites x86
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVD43 v4.4.0
FirstClass® Client
Google Toolbar for Internet Explorer
H.264 Decoder
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HP Image Zone Plus 3.5
HP Instant Support
HpSdpAppCoreApp
InterActual Player
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
iTunes
Java™ 6 Update 15
Java™ 6 Update 7
Juniper Networks Cache Cleaner 6.3.0
Juniper Networks Host Checker
Juniper Networks Network Connect 6.3.0
Juniper Networks Setup Client Activex Control
KODAK EASYSHARE Gallery Upload ActiveX Control
LiveReg (Symantec Corporation)
Logitech Desktop Messenger
Logitech iTouch Software
Logitech MouseWare 9.78
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components
Microsoft Office Live Meeting 2005
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Professional Edition 2003
Microsoft Office Sounds
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
MKV Splitter
MobileMe Control Panel
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Multimedia Card Reader
Nero Suite
NVIDIA Display Driver
NVIDIA Ethernet Driver
NVIDIA GART Driver
Photo Story 3 for Windows
Print Server Driver
Python 2.2 combined Win32 extensions
Python 2.2.1
QFolder
QuickTime
Replay Music
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile Composite Device Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Sony Ericsson PC Suite 4.006.00
Spybot - Search & Destroy
Symantec AntiVirus Client
Toolkit View(HP)
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Updates from HP
V3780s Digital Camera Driver
VC80CRTRedist - 8.0.50727.762
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Virtual Earth - 3DVIA (Beta)
Virtual Earth 3D (Beta)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebEx
WebFldrs XP
WIDCOMM Bluetooth Software
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
Yahoo! Install Manager

==== Event Viewer Messages From Past Week ========

8/9/2009 4:05:33 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVG Free8 WatchDog service to connect.
8/9/2009 4:05:33 PM, error: Service Control Manager [7000] - The AVG Free8 WatchDog service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/9/2009 3:26:51 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Bonjour Service service to connect.
8/9/2009 3:26:51 PM, error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/9/2009 3:18:53 PM, error: Service Control Manager [7034] - The Viewpoint Manager Service service terminated unexpectedly. It has done this 1 time(s).
8/9/2009 3:18:26 PM, error: Service Control Manager [7031] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
8/9/2009 3:18:07 PM, error: Service Control Manager [7034] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 3 time(s).
8/9/2009 3:17:57 PM, error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).
8/9/2009 3:17:38 PM, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/9/2009 3:17:22 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
8/9/2009 3:16:55 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2009 3:14:12 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
8/9/2009 3:13:53 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
8/9/2009 3:13:18 PM, error: Service Control Manager [7034] - The BrSplService service terminated unexpectedly. It has done this 1 time(s).
8/9/2009 3:13:14 PM, error: Service Control Manager [7031] - The Juniper Network Connect Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
8/9/2009 3:12:52 PM, error: Service Control Manager [7031] - The Bluetooth Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2009 3:11:50 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2009 3:11:47 PM, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/9/2009 3:11:35 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
8/9/2009 12:04:19 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
8/9/2009 1:03:04 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
8/9/2009 1:03:04 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/9/2009 1:02:27 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Bluetooth Service service to connect.
8/9/2009 1:02:27 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
8/9/2009 1:02:27 AM, error: Service Control Manager [7000] - The NVIDIA Display Driver Service service failed to start due to the following error: The system cannot find the file specified.
8/9/2009 1:02:27 AM, error: Service Control Manager [7000] - The NAVAPEL service failed to start due to the following error: The system cannot find the path specified.
8/9/2009 1:02:27 AM, error: Service Control Manager [7000] - The Bluetooth Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/9/2009 1:02:27 AM, error: Service Control Manager [7000] - The ATI WDM Teletext Decoder service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
8/9/2009 1:02:27 AM, error: Service Control Manager [7000] - The ATI TV Wonder WDM Video Crossbar service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
8/9/2009 1:02:27 AM, error: Service Control Manager [7000] - The ATI TV Wonder WDM Audio Crossbar service failed to start due to the following error: The system cannot find the file specified.
8/9/2009 1:02:27 AM, error: Service Control Manager [7000] - The ATI TV Wonder TVTuner, WDM TvTuner service failed to start due to the following error: The system cannot find the file specified.
8/9/2009 1:02:27 AM, error: Service Control Manager [7000] - The ATI TV Wonder BtCap, WDM Video Capture service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
8/9/2009 1:02:27 AM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/16/2009 4:19:14 PM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
8/16/2009 1:37:48 PM, error: Service Control Manager [7024] - The AVG Free8 WatchDog service terminated with service-specific error 3758161981 (0xE001003D).
8/15/2009 7:25:55 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: fasttx2k SISAGP viaagp1
8/15/2009 4:08:58 PM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\D.
8/15/2009 3:22:22 PM, error: Print [6161] - The document 081309_FriendsAndFamily.pdf owned by Owner failed to print on printer Brother MFC4800. Data type: NT EMF 1.008. Size of the spool file in bytes: 20685740. Number of bytes printed: 20685644. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\BETSY. Win32 error code returned by the print processor: 0 (0x0).
8/12/2009 11:21:08 AM, error: Print [6161] - The document Fenton ParkMap.pdf owned by Owner failed to print on printer Brother MFC4800. Data type: NT EMF 1.008. Size of the spool file in bytes: 65536. Number of bytes printed: 244. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\BETSY. Win32 error code returned by the print processor: 0 (0x0).

==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 pwgib

pwgib

  • Malware Response Team
  • 2,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:God's Country
  • Local time:10:54 AM

Posted 29 August 2009 - 05:04 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
PW

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,995 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:54 AM

Posted 05 September 2009 - 05:09 PM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please send me a Private message to reopen this topic within the next 5 days. Beyond that point, please start a new topic.

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users