Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Newbie needs help!!!!


  • This topic is locked This topic is locked
2 replies to this topic

#1 piratemike

piratemike

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 19 April 2011 - 09:15 PM

Hello everyone,
Could someone PLEASE help me remove/fix this redirect problem with my computer? I use Internet Explorer and FireFox and both are affected. Whenever I click on a link from a yahoo, google, etc. search, I get redirected to ramdom sites. I have ran Rkill, spybot S&D, Malwarebytes, Superantispyware, Norton. None of these have been able to fix this problem. I have tried to run tdssKiller but, it will not run on my computer(I click RUN and it does nothing).
I have no computer experience so, if you reply, please be patient and very explicit in what you want and how to do that.

Thanks,

Mike

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.

Then post your DDS and GMER logs as a reply to this topic. Once you have done that I will remove my reply and consolidate the posts so that you retain your correct place in the queue.

If you can produce at least some of the logs, then please explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.


Thanks for responding. Attached are the logs you requested. Also, I get constant "Internet Explorer Script Errors" even when I.E. is not running.

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-20 21:48:04
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD800JB-00JJC0 rev.05.01C05
Running: gmer.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\aggyrfod.sys


---- System - GMER 1.0.15 ----

SSDT 82D4E418 ZwAlertResumeThread
SSDT 82E39D90 ZwAlertThread
SSDT 82DCF518 ZwAllocateVirtualMemory
SSDT 82E444E0 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xEF1A1020]
SSDT 82A81778 ZwCreateMutant
SSDT 82DCF670 ZwCreateThread
SSDT 82A81478 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xEF1A12A0]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xEF1A1800]
SSDT 82DCF378 ZwFreeVirtualMemory
SSDT 82A81848 ZwImpersonateAnonymousToken
SSDT 82A81908 ZwImpersonateThread
SSDT 82A81FB0 ZwMapViewOfSection
SSDT 82A816B8 ZwOpenEvent
SSDT 82BA6BB0 ZwOpenProcessToken
SSDT 82A81538 ZwOpenSection
SSDT 82A81D88 ZwOpenThreadToken
SSDT 82A85848 ZwResumeThread
SSDT 82E42920 ZwSetContextThread
SSDT 82A81E58 ZwSetInformationProcess
SSDT 82A81C30 ZwSetInformationThread
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xEF1A1A50]
SSDT 82A815F8 ZwSuspendProcess
SSDT 82E42278 ZwSuspendThread
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xEF05C620]
SSDT 82D788D0 ZwTerminateThread
SSDT 82E428E8 ZwUnmapViewOfSection
SSDT 82DCF448 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!_abnormal_termination + 478 804E2AE4 4 Bytes CALL 5AD10F11
INITc VolSnap.sys F86E2BD0 4 Bytes [36, 9A, 4D, 80]
INITc VolSnap.sys F86E2BF8 4 Bytes [94, 87, 4E, 80] {XCHG ESP, EAX; XCHG [ESI-0x80], ECX}
INITc VolSnap.sys F86E2C20 4 Bytes [A0, C1, 4D, 80]
INITc VolSnap.sys F86E2C48 4 Bytes [B0, C8, 4D, 80]
INITc VolSnap.sys F86E2C70 4 Bytes [09, BF, 4D, 80]
INITc ...

---- User code sections - GMER 1.0.15 ----

.text C:\program files\real\realplayer\update\realsched.exe[1976] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text C:\WINDOWS\Explorer.EXE[1984] WININET.dll!HttpAddRequestHeadersA 3D94CF4E 5 Bytes JMP 00BC164F
.text C:\WINDOWS\Explorer.EXE[1984] WININET.dll!HttpAddRequestHeadersW 3D94FE49 5 Bytes JMP 00BC1817
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154BD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9B01 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD125 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB5C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254664 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5117 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5049 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E50B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4F1A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4F7C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E517A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4FDE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBB8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E547F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 0059000A
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 0056000A
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 0055000A
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] WS2_32.dll!send 71AB4C27 5 Bytes JMP 0057000A
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 0058000A
.text C:\Program Files\Internet Explorer\iexplore.exe[7216] WS2_32.dll!recv 71AB676F 5 Bytes JMP 0054000A
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154BD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB5C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5117 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5049 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E50B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4F1A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4F7C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E517A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4FDE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 0055000A
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 0052000A
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 0051000A
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] WS2_32.dll!send 71AB4C27 5 Bytes JMP 0053000A
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 0054000A
.text C:\Program Files\Internet Explorer\iexplore.exe[7676] WS2_32.dll!recv 71AB676F 5 Bytes JMP 0050000A

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Threads - GMER 1.0.15 ----

Thread System [4:120] 82EEAE84
Thread System [4:124] 82EED084

---- EOF - GMER 1.0.15 ----

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 21:49:02.64 on Wed 04/20/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.168 [GMT -4:00]
.
AV: Norton AntiVirus *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
AV: Norton 360 *Enabled/Updated* {A5F1BC7C-EA33-4247-961C-0217208396C4}
FW: Norton AntiVirus *Enabled*
FW: Norton 360 *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\iTunes\iTunesHelper.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\dds.com
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://yahoo.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton antivirus\osCheck.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\program\Kodak Software Updater.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: cnet.com\download
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - hxxp://www.musicnotes.com/download/mnviewer.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203702281812
DPF: {6F714D46-E4EF-11D4-93EF-00D0D7032099} - hxxp://www.christianrock2.net/amp3dj.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
DPF: {BCBC9371-9827-11DA-A72B-0800200C9A66} - hxxp://merillat.view22.com/release_3_9_177/View22RTEv4.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxsrvc.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\5ywaiw5u.default\
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-1-25 149352]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-1-25 149352]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-1-25 149352]
R2 WV5Communication;WV5Communication;c:\program files\heavyweatherwv5\Backend.exe [2010-12-30 1843200]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-6-11 102448]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20110420.002\NAVENG.SYS [2011-4-20 86136]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20110420.002\NAVEX15.SYS [2011-4-20 1393144]
R3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-6-13 1245064]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [2008-2-22 20160]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-4 14336]
.
=============== Created Last 30 ================
.
2011-04-19 07:15:06 -------- d-----w- c:\windows\system32\XPSViewer
2011-04-19 07:14:17 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-04-19 07:12:25 117760 ------w- c:\windows\system32\prntvpt.dll
2011-04-19 07:12:24 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-04-19 07:12:24 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-04-19 07:12:24 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-04-19 07:12:23 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-04-19 07:12:23 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-04-19 07:12:22 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-04-19 07:12:22 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-04-19 07:12:19 -------- d-----w- C:\e32556c4d567e116e3c3f03d
2011-04-18 00:07:55 49152 ----a-w- c:\windows\system32\ChCfg.exe
2011-04-18 00:06:41 4122368 ----a-r- c:\windows\system32\drivers\alcxwdm.sys
2011-04-18 00:06:11 -------- d-----w- c:\program files\Realtek AC97
2011-04-18 00:06:09 10528768 ----a-w- c:\windows\system32\RTLCPL.exe
2011-04-18 00:06:06 577536 ----a-w- c:\windows\soundman.exe
2011-04-18 00:06:06 18804736 ----a-w- c:\windows\system32\alsndmgr.cpl
2011-04-18 00:06:04 147456 ----a-w- c:\windows\system32\RtlCPAPI.dll
2011-04-18 00:06:00 315392 ----a-w- c:\windows\alcupd.exe
2011-04-18 00:06:00 217088 ----a-w- c:\windows\Alcrmv.exe
2011-04-18 00:02:31 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2011-04-17 23:56:18 -------- d-----w- c:\docume~1\owner\applic~1\ElevatedDiagnostics
2011-04-17 03:11:46 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\NPE
2011-04-15 02:52:13 12872 ----a-w- c:\windows\system32\bootdelete.exe
2011-04-15 02:16:25 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-04-15 02:06:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\Hitman Pro
2011-04-14 02:17:07 -------- d-----w- c:\program files\Lavasoft
2011-04-13 01:32:45 -------- d-----w- c:\docume~1\owner\applic~1\SUPERAntiSpyware.com
2011-04-13 01:32:45 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-04-13 01:32:22 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-04-11 20:44:51 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-04-11 20:44:50 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-11 02:54:36 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-11 02:54:36 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-04-10 22:42:37 0 ----a-w- c:\documents and settings\owner\null0.8901410547320748.exe
2011-04-07 00:55:36 32592 ----a-w- c:\program files\mozilla firefox\plugins\np_gp.dll
.
==================== Find3M ====================
.
2011-04-21 01:31:15 1045 ----a-w- c:\docume~1\alluse~1\applic~1\currdat.lst.tmp
2011-04-11 20:43:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
.
============= FINISH: 21:50:39.90 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 2/21/2008 4:51:22 PM
System Uptime: 4/20/2011 3:50:50 AM (18 hours ago)
.
Motherboard: MICRO-STAR INC. | | MS-6580
Processor: Intel® Pentium® 4 CPU 1.80GHz | FC-478 | 1804/100mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 54.979 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: MP150
Device ID: USB\VID_04A9&PID_1709&MI_00\6&B734576&0&0000
Manufacturer:
Name: MP150
PNP Device ID: USB\VID_04A9&PID_1709&MI_00\6&B734576&0&0000
Service:
.
==== System Restore Points ===================
.
RP1185: 1/21/2011 10:25:01 AM - System Checkpoint
RP1186: 1/22/2011 11:26:06 AM - System Checkpoint
RP1187: 1/23/2011 11:33:03 AM - System Checkpoint
RP1188: 1/24/2011 12:33:05 PM - System Checkpoint
RP1189: 1/25/2011 1:33:03 PM - System Checkpoint
RP1190: 1/26/2011 3:22:49 PM - System Checkpoint
RP1191: 1/27/2011 3:33:04 PM - System Checkpoint
RP1192: 1/28/2011 4:12:09 PM - System Checkpoint
RP1193: 1/29/2011 5:12:08 PM - System Checkpoint
RP1194: 1/30/2011 8:48:29 PM - System Checkpoint
RP1195: 1/31/2011 9:18:11 PM - System Checkpoint
RP1196: 2/1/2011 9:35:53 PM - System Checkpoint
RP1197: 2/2/2011 11:19:43 PM - System Checkpoint
RP1198: 2/4/2011 12:12:08 AM - System Checkpoint
RP1199: 2/5/2011 1:11:50 AM - System Checkpoint
RP1200: 2/6/2011 2:11:50 AM - System Checkpoint
RP1201: 2/7/2011 3:11:52 AM - System Checkpoint
RP1202: 2/8/2011 4:11:51 AM - System Checkpoint
RP1203: 2/9/2011 5:11:50 AM - System Checkpoint
RP1204: 2/10/2011 3:00:19 AM - Software Distribution Service 3.0
RP1205: 2/11/2011 3:27:08 AM - System Checkpoint
RP1206: 2/12/2011 4:27:05 AM - System Checkpoint
RP1207: 2/13/2011 5:27:07 AM - System Checkpoint
RP1208: 2/14/2011 6:27:07 AM - System Checkpoint
RP1209: 2/15/2011 7:53:39 AM - System Checkpoint
RP1210: 2/16/2011 8:27:09 AM - System Checkpoint
RP1211: 2/17/2011 9:39:27 AM - System Checkpoint
RP1212: 2/18/2011 10:26:54 AM - System Checkpoint
RP1213: 2/19/2011 11:26:53 AM - System Checkpoint
RP1214: 2/20/2011 11:50:56 AM - System Checkpoint
RP1215: 2/21/2011 12:25:14 PM - System Checkpoint
RP1216: 2/22/2011 12:26:54 PM - System Checkpoint
RP1217: 2/23/2011 1:28:39 PM - System Checkpoint
RP1218: 2/24/2011 1:38:46 PM - System Checkpoint
RP1219: 2/25/2011 2:26:44 PM - System Checkpoint
RP1220: 2/26/2011 2:37:52 PM - System Checkpoint
RP1221: 2/27/2011 3:26:44 PM - System Checkpoint
RP1222: 2/28/2011 4:26:44 PM - System Checkpoint
RP1223: 3/1/2011 7:07:01 PM - System Checkpoint
RP1224: 3/2/2011 7:26:44 PM - System Checkpoint
RP1225: 3/3/2011 8:26:36 PM - System Checkpoint
RP1226: 3/4/2011 11:47:57 PM - System Checkpoint
RP1227: 3/5/2011 3:00:19 AM - Software Distribution Service 3.0
RP1228: 3/6/2011 3:22:40 AM - System Checkpoint
RP1229: 3/7/2011 3:43:02 AM - System Checkpoint
RP1230: 3/8/2011 4:43:03 AM - System Checkpoint
RP1231: 3/9/2011 3:00:20 AM - Software Distribution Service 3.0
RP1232: 3/10/2011 3:43:03 AM - System Checkpoint
RP1233: 3/11/2011 4:43:02 AM - System Checkpoint
RP1234: 3/12/2011 5:43:03 AM - System Checkpoint
RP1235: 3/13/2011 7:43:04 AM - System Checkpoint
RP1236: 3/14/2011 8:44:07 AM - System Checkpoint
RP1237: 3/15/2011 9:43:59 AM - System Checkpoint
RP1238: 3/16/2011 11:08:29 AM - System Checkpoint
RP1239: 3/17/2011 11:55:49 AM - System Checkpoint
RP1240: 3/18/2011 12:26:28 PM - System Checkpoint
RP1241: 3/19/2011 12:49:02 PM - System Checkpoint
RP1242: 3/20/2011 1:38:30 PM - System Checkpoint
RP1243: 3/21/2011 2:26:31 PM - System Checkpoint
RP1244: 3/22/2011 3:38:58 PM - System Checkpoint
RP1245: 3/23/2011 4:26:28 PM - System Checkpoint
RP1246: 3/24/2011 3:00:20 AM - Software Distribution Service 3.0
RP1247: 3/25/2011 3:26:21 AM - System Checkpoint
RP1248: 3/26/2011 4:26:22 AM - System Checkpoint
RP1249: 3/27/2011 5:26:22 AM - System Checkpoint
RP1250: 3/27/2011 3:54:48 PM - Removed Adobe Reader 8.2.4
RP1251: 3/27/2011 3:58:13 PM - Installed Adobe Reader X (10.0.1).
RP1252: 3/27/2011 5:34:37 PM - Removed Ask Toolbar.
RP1253: 3/28/2011 6:07:35 PM - System Checkpoint
RP1254: 3/29/2011 6:18:04 PM - System Checkpoint
RP1255: 3/30/2011 7:07:37 PM - System Checkpoint
RP1256: 3/31/2011 8:07:28 PM - System Checkpoint
RP1257: 4/1/2011 8:23:32 PM - System Checkpoint
RP1258: 4/2/2011 9:07:29 PM - System Checkpoint
RP1259: 4/3/2011 9:25:41 PM - System Checkpoint
RP1260: 4/4/2011 10:03:58 PM - System Checkpoint
RP1261: 4/5/2011 10:07:32 PM - System Checkpoint
RP1262: 4/6/2011 10:57:24 PM - System Checkpoint
RP1263: 4/7/2011 11:48:04 PM - System Checkpoint
RP1264: 4/9/2011 12:48:05 AM - System Checkpoint
RP1265: 4/10/2011 1:47:09 AM - System Checkpoint
RP1266: 4/10/2011 10:15:07 PM - Removed Bonjour
RP1267: 4/10/2011 10:16:32 PM - Removed Sibelius Scorch (ActiveX Only)
RP1268: 4/11/2011 4:42:50 PM - Installed Java™ 6 Update 24
RP1269: 4/12/2011 5:34:34 PM - System Checkpoint
RP1270: 4/12/2011 6:23:15 PM - Restore Operation
RP1271: 4/13/2011 6:44:48 PM - System Checkpoint
RP1272: 4/14/2011 3:00:25 AM - Software Distribution Service 3.0
RP1273: 4/15/2011 3:34:36 AM - System Checkpoint
RP1274: 4/16/2011 11:08:44 PM - Removed Realtek AC'97 Audio
RP1275: 4/17/2011 3:00:22 AM - Software Distribution Service 3.0
RP1276: 4/17/2011 7:23:03 PM - Restore Operation
RP1277: 4/17/2011 7:53:34 PM - Installed %1 %2.
RP1278: 4/17/2011 8:02:57 PM - Installed Driver Detective.
RP1279: 4/17/2011 8:05:56 PM - Installed Realtek AC'97 Audio
RP1280: 4/18/2011 8:24:43 PM - System Checkpoint
RP1281: 4/19/2011 3:00:26 AM - Software Distribution Service 3.0
RP1282: 4/20/2011 3:00:25 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
Adobe® Photoshop® Album Starter Edition 3.2
AppCore
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avery Wizard 4.0
Better Homes and Gardens HD Suite 7.0 Training Videos
Better Homes and Gardens Home Designer Suite 7.0
ccCommon
CCScore
Component Framework
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSSONIC
ESSTOOLS
essvatgt
Google Update Helper
Heavy Weather Pro WS 2800 US
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for MSXML 2 (KB887606)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel® Extreme Graphics Driver
Intel® PRO Ethernet Adapter and Software
iTunes
Java Auto Updater
Java™ 6 Update 24
Java™ 6 Update 5
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
KSU
LiveUpdate (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Office XP Professional with FrontPage
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox 4.0 (x86 en-US)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
netbrdg
Norton AntiVirus
Norton AntiVirus (Symantec Corporation)
Norton AntiVirus Help
Norton Protection Center
Notifier
OfotoXMI
PCDADDIN
PCDHELP
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek AC'97 Audio
RealUpgrade 1.1
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SFR
SHASTA
SKIN0001
SKINXSDK
Software Update for Web Folders
SPBBC 32bit
staticcr
SUPERAntiSpyware
Symantec Real Time Storage Protection Component
SymNet
tooltips
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VPRINTOL
Wal-Mart Digital Photo Manager
Windows Internet Explorer 8
Windows PowerShell™ 1.0
Windows XP Service Pack 3
WIRELESS
.
==== Event Viewer Messages From Past Week ========
.
4/19/2011 3:51:15 AM, error: System Error [1003] - Error code 10000050, parameter1 ff804000, parameter2 00000000, parameter3 804f3ccb, parameter4 00000000.
4/17/2011 7:56:12 PM, error: PlugPlayManager [11] - The device Root\LEGACY_SMR162\0000 disappeared from the system without first being prepared for removal.
4/16/2011 9:37:09 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/16/2011 9:37:08 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
4/16/2011 9:37:06 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
4/16/2011 11:17:59 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde
4/15/2011 6:09:31 PM, error: System Error [1003] - Error code 10000050, parameter1 fa9a8000, parameter2 00000000, parameter3 804f3ccb, parameter4 00000000.
4/15/2011 3:45:10 AM, error: System Error [1003] - Error code 10000050, parameter1 fdc2c000, parameter2 00000000, parameter3 804f3ccb, parameter4 00000000.
4/15/2011 3:40:19 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/15/2011 3:40:18 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
4/14/2011 9:47:44 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
4/14/2011 9:47:05 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
4/13/2011 6:31:00 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
4/13/2011 6:31:00 AM, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/13/2011 6:30:05 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
4/13/2011 6:30:05 AM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================


Thanks,

Mike

EDIT: Please be patient. There are over 380 unanswered topics in this forum at present and the current average wait time to receive help is 8 days. ~Budapest

Edited by Budapest, 23 April 2011 - 05:56 PM.


BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:01:45 PM

Posted 24 April 2011 - 10:35 AM

Hi,

Please do the following:

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

  • Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:01:45 PM

Posted 06 May 2011 - 05:56 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users