Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow computer


  • Please log in to reply
16 replies to this topic

#1 Tony Girgenti

Tony Girgenti

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 06 September 2011 - 10:31 AM

Hello,

I have Dell Dimension 9150 with four meg ram and Windows XP Pro SP3.

Sometimes my computer slows down to where it takes Word 2007 a couple of minutes to open and load a simple document or it takes minutes to go from one site to another in IE 8.0.

When it runs slow like that, i look at the running processes by right clicking on the task bar and going to Task Manager. The Processes tab shows that regedit.exe is using the most CPU and its usually over 50%. I right-click regedit.exe, select End Process Tree and OK. It comes back and i do it again and it stops after that.

After doing all that, my computer is back to normal until it happens again.

If i don't have regedit open, why would it show regedit using so much of the CPU?

I tried using Malwarebytes, Superantispyware, Microsoft Security Essentials, Mcafee, Norton. None of those things helped to get rid of this annoyance.

When i try to delete regedit.exe from the Windows folder, something puts it right back into the folder.

Any help that anybody can provide to get rid of this annoying malware would be gratefully appreciated.

Thanks,
Tony


--------------------------------------------------------------------------------

Stop The World, I want To Get Off!

Life Isn't About Waiting For The Storm To Pass ... It's About Learning To Dance In The Rain.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 AM

Posted 06 September 2011 - 11:41 AM

Hello, lets try another tool.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.5.9.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Tony Girgenti

Tony Girgenti
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 06 September 2011 - 01:28 PM

Hello boopme.

Thanks for your help.

I have downloaded and run the TDSSKiller from my desktop.

It did not find anything wrong, but you didn't say to upload the log file information only if there is an infection. So here it is anyway.

Thanks again for your help.

Tony


2011/09/06 14:24:33.0189 4860 TDSS rootkit removing tool 2.5.19.0 Sep 6 2011 19:23:56
2011/09/06 14:24:33.0439 4860 ================================================================================
2011/09/06 14:24:33.0439 4860 SystemInfo:
2011/09/06 14:24:33.0439 4860
2011/09/06 14:24:33.0439 4860 OS Version: 5.1.2600 ServicePack: 3.0
2011/09/06 14:24:33.0439 4860 Product type: Workstation
2011/09/06 14:24:33.0439 4860 ComputerName: DHJCR91
2011/09/06 14:24:33.0439 4860 UserName: administrator
2011/09/06 14:24:33.0439 4860 Windows directory: C:\WINDOWS
2011/09/06 14:24:33.0439 4860 System windows directory: C:\WINDOWS
2011/09/06 14:24:33.0439 4860 Processor architecture: Intel x86
2011/09/06 14:24:33.0439 4860 Number of processors: 2
2011/09/06 14:24:33.0439 4860 Page size: 0x1000
2011/09/06 14:24:33.0439 4860 Boot type: Normal boot
2011/09/06 14:24:33.0439 4860 ================================================================================
2011/09/06 14:24:34.0002 4860 Initialize success
2011/09/06 14:24:41.0111 4456 ================================================================================
2011/09/06 14:24:41.0111 4456 Scan started
2011/09/06 14:24:41.0111 4456 Mode: Manual;
2011/09/06 14:24:41.0111 4456 ================================================================================
2011/09/06 14:24:41.0939 4456 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/09/06 14:24:42.0002 4456 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/06 14:24:42.0049 4456 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/06 14:24:42.0080 4456 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/09/06 14:24:42.0127 4456 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/06 14:24:42.0174 4456 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/06 14:24:42.0205 4456 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys
2011/09/06 14:24:42.0252 4456 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/09/06 14:24:42.0314 4456 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/09/06 14:24:42.0330 4456 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/09/06 14:24:42.0361 4456 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/09/06 14:24:42.0377 4456 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/09/06 14:24:42.0408 4456 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/09/06 14:24:42.0424 4456 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/09/06 14:24:42.0486 4456 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/09/06 14:24:42.0517 4456 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/09/06 14:24:42.0549 4456 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/09/06 14:24:42.0674 4456 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/09/06 14:24:42.0736 4456 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/09/06 14:24:42.0814 4456 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/06 14:24:42.0861 4456 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/06 14:24:42.0908 4456 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/06 14:24:42.0955 4456 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/06 14:24:43.0017 4456 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/06 14:24:43.0064 4456 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/09/06 14:24:43.0080 4456 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/06 14:24:43.0111 4456 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/09/06 14:24:43.0158 4456 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/06 14:24:43.0189 4456 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/06 14:24:43.0205 4456 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/06 14:24:43.0252 4456 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/09/06 14:24:43.0283 4456 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/09/06 14:24:43.0330 4456 cpuz135 (6bada94085b6709694f8327c211d12e1) C:\WINDOWS\system32\drivers\cpuz135_x32.sys
2011/09/06 14:24:43.0377 4456 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/09/06 14:24:43.0408 4456 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/09/06 14:24:43.0439 4456 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/06 14:24:43.0502 4456 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/06 14:24:43.0549 4456 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\DRIVERS\dmio.sys
2011/09/06 14:24:43.0564 4456 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/06 14:24:43.0595 4456 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/06 14:24:43.0642 4456 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/09/06 14:24:43.0674 4456 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/06 14:24:43.0720 4456 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/09/06 14:24:43.0845 4456 e1express (5b75bbf89d8341f424171df7ad9dc465) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2011/09/06 14:24:43.0908 4456 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/06 14:24:43.0955 4456 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/09/06 14:24:44.0017 4456 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/06 14:24:44.0080 4456 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/09/06 14:24:44.0111 4456 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/06 14:24:44.0127 4456 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/06 14:24:44.0174 4456 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/06 14:24:44.0205 4456 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/06 14:24:44.0252 4456 hamachi_oem (c25c70fd4d49391091d9eb8c747f19e6) C:\WINDOWS\system32\DRIVERS\gan_adapter.sys
2011/09/06 14:24:44.0299 4456 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/06 14:24:44.0330 4456 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/06 14:24:44.0392 4456 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/09/06 14:24:44.0408 4456 HPZid412 (287a63bd8509bd78e7978823b38afa81) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/09/06 14:24:44.0424 4456 HPZipr12 (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/09/06 14:24:44.0455 4456 HPZius12 (29559db25258b60510a60c4e470fce32) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/09/06 14:24:44.0470 4456 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
2011/09/06 14:24:44.0533 4456 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2011/09/06 14:24:44.0580 4456 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/06 14:24:44.0611 4456 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/09/06 14:24:44.0642 4456 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/09/06 14:24:44.0658 4456 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/06 14:24:44.0705 4456 iastor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\drivers\iastor.sys
2011/09/06 14:24:44.0783 4456 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/06 14:24:44.0861 4456 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/09/06 14:24:44.0877 4456 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/09/06 14:24:44.0908 4456 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/06 14:24:44.0955 4456 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/06 14:24:45.0127 4456 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/06 14:24:45.0174 4456 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/06 14:24:45.0205 4456 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/06 14:24:45.0252 4456 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/06 14:24:45.0267 4456 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/06 14:24:45.0283 4456 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/06 14:24:45.0330 4456 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/06 14:24:45.0345 4456 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/06 14:24:45.0361 4456 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/06 14:24:45.0392 4456 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/06 14:24:45.0455 4456 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/09/06 14:24:45.0502 4456 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/06 14:24:45.0549 4456 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/06 14:24:45.0611 4456 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2011/09/06 14:24:45.0627 4456 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/06 14:24:45.0674 4456 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/06 14:24:45.0705 4456 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/06 14:24:45.0736 4456 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
2011/09/06 14:24:45.0939 4456 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/09/06 14:24:46.0064 4456 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
2011/09/06 14:24:46.0111 4456 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
2011/09/06 14:24:46.0173 4456 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/06 14:24:46.0220 4456 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/06 14:24:46.0252 4456 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/06 14:24:46.0298 4456 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/06 14:24:46.0314 4456 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/06 14:24:46.0345 4456 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/06 14:24:46.0502 4456 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/06 14:24:46.0564 4456 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/06 14:24:46.0595 4456 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/06 14:24:46.0627 4456 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/06 14:24:46.0642 4456 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/06 14:24:46.0658 4456 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/06 14:24:46.0689 4456 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/06 14:24:46.0705 4456 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/06 14:24:46.0736 4456 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/06 14:24:46.0814 4456 NetillaVPN (a84ae956ac7f9e493cac07ef98c1a3d1) C:\WINDOWS\system32\DRIVERS\Netva.sys
2011/09/06 14:24:46.0877 4456 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2011/09/06 14:24:46.0892 4456 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/06 14:24:46.0955 4456 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/06 14:24:47.0033 4456 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/06 14:24:47.0142 4456 nv (94c9962a2d51115be99dbed20801edae) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/09/06 14:24:47.0220 4456 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/06 14:24:47.0236 4456 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/06 14:24:47.0267 4456 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/06 14:24:47.0283 4456 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/06 14:24:47.0314 4456 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/06 14:24:47.0330 4456 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/06 14:24:47.0345 4456 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/06 14:24:47.0377 4456 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/06 14:24:47.0408 4456 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/09/06 14:24:47.0439 4456 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/09/06 14:24:47.0814 4456 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/06 14:24:47.0892 4456 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/06 14:24:47.0923 4456 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/06 14:24:47.0970 4456 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/09/06 14:24:47.0986 4456 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/09/06 14:24:48.0002 4456 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/09/06 14:24:48.0033 4456 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/09/06 14:24:48.0048 4456 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/09/06 14:24:48.0064 4456 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/06 14:24:48.0111 4456 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/06 14:24:48.0127 4456 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/06 14:24:48.0142 4456 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/06 14:24:48.0173 4456 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/06 14:24:48.0220 4456 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/06 14:24:48.0252 4456 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/06 14:24:48.0314 4456 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/06 14:24:48.0377 4456 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/06 14:24:48.0439 4456 RsFx0150 (a95840a95a9ff74b0009e5d848cddb39) C:\WINDOWS\system32\DRIVERS\RsFx0150.sys
2011/09/06 14:24:48.0580 4456 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/09/06 14:24:48.0595 4456 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/09/06 14:24:48.0658 4456 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/06 14:24:48.0689 4456 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/06 14:24:48.0720 4456 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/06 14:24:48.0798 4456 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/06 14:24:48.0986 4456 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/09/06 14:24:49.0033 4456 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/09/06 14:24:49.0080 4456 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/06 14:24:49.0142 4456 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/06 14:24:49.0189 4456 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/06 14:24:49.0267 4456 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
2011/09/06 14:24:49.0314 4456 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/06 14:24:49.0345 4456 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/06 14:24:49.0392 4456 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/09/06 14:24:49.0423 4456 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/09/06 14:24:49.0455 4456 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/09/06 14:24:49.0470 4456 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/09/06 14:24:49.0517 4456 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/06 14:24:49.0580 4456 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/06 14:24:49.0627 4456 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/06 14:24:49.0767 4456 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/06 14:24:49.0814 4456 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/06 14:24:49.0877 4456 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/09/06 14:24:49.0923 4456 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/06 14:24:49.0970 4456 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/09/06 14:24:50.0033 4456 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/06 14:24:50.0080 4456 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/06 14:24:50.0111 4456 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/06 14:24:50.0142 4456 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/06 14:24:50.0173 4456 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/06 14:24:50.0205 4456 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/06 14:24:50.0220 4456 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/06 14:24:50.0252 4456 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/06 14:24:50.0314 4456 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/09/06 14:24:50.0330 4456 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/09/06 14:24:50.0392 4456 vmm (e41fef9e3056fe88c71e411f705be41e) C:\WINDOWS\system32\Drivers\vmm.sys
2011/09/06 14:24:50.0423 4456 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/06 14:24:50.0470 4456 VPCNetS2 (f96a678debdccb0b4bb7f38cb2580589) C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
2011/09/06 14:24:50.0502 4456 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/06 14:24:50.0533 4456 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/06 14:24:50.0595 4456 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/09/06 14:24:50.0720 4456 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/06 14:24:50.0752 4456 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/06 14:24:50.0814 4456 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
2011/09/06 14:24:50.0814 4456 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR6
2011/09/06 14:24:51.0767 4456 Boot (0x1200) (ffb6dd972d96870ba95168f3d850963d) \Device\Harddisk0\DR0\Partition0
2011/09/06 14:24:51.0783 4456 Boot (0x1200) (0abddfad1606b848486ec23cb9651071) \Device\Harddisk2\DR6\Partition0
2011/09/06 14:24:51.0783 4456 ================================================================================
2011/09/06 14:24:51.0783 4456 Scan finished
2011/09/06 14:24:51.0783 4456 ================================================================================
2011/09/06 14:24:51.0798 4356 Detected object count: 0
2011/09/06 14:24:51.0798 4356 Actual detected object count: 0
2011/09/06 14:24:59.0080 5880 Deinitialize success
Stop The World, I want To Get Off!

Life Isn't About Waiting For The Storm To Pass ... It's About Learning To Dance In The Rain.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 AM

Posted 06 September 2011 - 01:41 PM

Ok, thanks.
Let's check for and confirm the MBR (Master Boot Record) rootkit.


Please download mbr.exe and save it to the root directory, usually C:\ <- (Important!).
  • Go to Start > Run and type: cmd.exe
  • press Ok.
  • At the command prompt type: c:\mbr.exe >>"C:\mbr.log"
  • press Enter.
  • The process is automatic...a black DOS window will open and quickly disappear. This is normal.
  • A log file named mbr.log will be created and saved to the root of the system drive (usually C:\).
  • Copy and paste the results of the mbr.log in your next reply.
If you have a problem using the command prompt, you can just double-click on mbr.exe to run the tool.



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Tony Girgenti

Tony Girgenti
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 06 September 2011 - 02:58 PM

I have run all of your downloads as requested. None of the programs found errors, but i have attached all of the log files as requested.

Thanks again for your help.

Tony

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD16 rev.10.0 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK



MiniToolBox by Farbar
Ran by administrator (administrator) on 06-09-2011 at 15:22:22
Microsoft Windows XP Service Pack 3 (X86)

***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is enabled.
ProxyServer: lakeside-pgh8jf:8080

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 LakesideOSDNN
127.0.0.1 localhost
127.0.0.1 LakesideOSDNN

========================= IP Configuration: ================================

# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "{B9F05A08-4666-4CEB-AF47-C63798213641}"

set address name="{B9F05A08-4666-4CEB-AF47-C63798213641}" source=dhcp
set dns name="{B9F05A08-4666-4CEB-AF47-C63798213641}" source=dhcp register=PRIMARY
set wins name="{B9F05A08-4666-4CEB-AF47-C63798213641}" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : DHJCR91

Primary Dns Suffix . . . . . . . : LakesideOfficeSystemsInc.local

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : LakesideOfficeSystemsInc.local

LakesideOfficeSystemsInc.local



Ethernet adapter {B9F05A08-4666-4CEB-AF47-C63798213641}:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : AEP VPN Adapter - Virtual Machine Network Services Driver

Physical Address. . . . . . . . . : 00-30-70-00-00-01



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : LakesideOfficeSystemsInc.local

Description . . . . . . . . . . . : Intel® PRO/1000 PL Network Connection

Physical Address. . . . . . . . . : 00-13-72-12-57-A8

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.16.10

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.16.2

DHCP Server . . . . . . . . . . . : 192.168.16.2

DNS Servers . . . . . . . . . . . : 192.168.16.2

Primary WINS Server . . . . . . . : 192.168.16.2

Lease Obtained. . . . . . . . . . : Saturday, September 03, 2011 8:39:50 AM

Lease Expires . . . . . . . . . . : Sunday, September 11, 2011 8:39:50 AM

Server: lakeside-pgh8jf.lakesideofficesystemsinc.local
Address: 192.168.16.2

Name: google.com
Addresses: 74.125.113.105, 74.125.113.103, 74.125.113.99, 74.125.113.104
74.125.113.106, 74.125.113.147



Pinging google.com [74.125.113.105] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 74.125.113.105:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Server: lakeside-pgh8jf.lakesideofficesystemsinc.local
Address: 192.168.16.2

Name: yahoo.com
Addresses: 72.30.2.43, 98.137.149.56, 209.191.122.70, 67.195.160.76
69.147.125.65



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 72.30.2.43:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 30 70 00 00 01 ...... AEP VPN Adapter - Virtual Machine Network Services Driver
0x10004 ...00 13 72 12 57 a8 ...... Intel® PRO/1000 PL Network Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.16.2 192.168.16.10 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.16.0 255.255.255.0 192.168.16.10 192.168.16.10 20
192.168.16.10 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.16.255 255.255.255.255 192.168.16.10 192.168.16.10 20
224.0.0.0 240.0.0.0 192.168.16.10 192.168.16.10 20
255.255.255.255 255.255.255.255 192.168.16.10 192.168.16.10 1
255.255.255.255 255.255.255.255 192.168.16.10 10003 1
Default Gateway: 192.168.16.2
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll [197440] (Microsoft ® Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [File Not found] ()
Catalog9 01 C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll [197440] (Microsoft ® Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll [197440] (Microsoft ® Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll [197440] (Microsoft ® Corporation)
Catalog9 07 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 08 C:\Program Files\Microsoft Firewall Client 2004\FwcWsp.dll [197440] (Microsoft ® Corporation)
Catalog9 09 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/06/2011 08:47:00 AM) (Source: MatSvc) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422
.

Error: (09/04/2011 03:54:31 PM) (Source: Microsoft Firewall Client 2004) (User: )
Description: Application [svchost.exe]. Authentication failed. The user credentials were not accepted by ISA Server. Verify that the user account running this application has the required permissions.

Error: (09/04/2011 03:54:31 PM) (Source: Microsoft Firewall Client 2004) (User: )
Description: Application [svchost.exe]. Authentication failed. The user credentials were not accepted by ISA Server. Verify that the user account running this application has the required permissions.

Error: (09/03/2011 07:53:38 PM) (Source: devenv) (User: )
Description: The data source '{130bada6-e128-423c-9d07-02e4734d45d4}' specifies no supporting providers or a set that are not registered.

Error: (09/03/2011 10:03:19 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/03/2011 09:58:45 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/03/2011 08:45:27 AM) (Source: MatSvc) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422
.

Error: (09/03/2011 08:40:40 AM) (Source: SQLSERVERAGENT) (User: )
Description: SQLServerAgent could not be started (reason: This installation of SQL Server Agent is disabled. The edition of SQL Server that installed this service does not support SQL Server Agent.).

Error: (09/03/2011 08:39:51 AM) (Source: MatSvc) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422
.

Error: (09/02/2011 08:45:44 AM) (Source: MatSvc) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422
.


System errors:
=============
Error: (09/06/2011 00:47:00 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{8843B4A2-A3CB-4CB9-9CCE-F443F641009F}

Error: (09/06/2011 08:47:00 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{8843B4A2-A3CB-4CB9-9CCE-F443F641009F}

Error: (09/06/2011 08:47:00 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{109DB0ED-7C89-416B-AC66-6D0323941464}

Error: (09/06/2011 08:38:45 AM) (Source: DCOM) (User: administrator)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/06/2011 04:47:00 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{8843B4A2-A3CB-4CB9-9CCE-F443F641009F}

Error: (09/06/2011 00:47:00 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{8843B4A2-A3CB-4CB9-9CCE-F443F641009F}

Error: (09/05/2011 08:47:00 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{8843B4A2-A3CB-4CB9-9CCE-F443F641009F}

Error: (09/05/2011 04:47:00 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{8843B4A2-A3CB-4CB9-9CCE-F443F641009F}

Error: (09/05/2011 00:47:02 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{8843B4A2-A3CB-4CB9-9CCE-F443F641009F}

Error: (09/05/2011 08:47:19 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{8843B4A2-A3CB-4CB9-9CCE-F443F641009F}


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

1&1 EasyLogin
ActiveFax
Add or Remove Adobe Creative Suite 3 Master Collection (Version: 1.0)
Adobe After Effects CS3 Presets (Version: 8)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe BridgeTalk Plugin CS3 (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0.1)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)
Adobe Flash Player 9 Plugin (Version: 9.0.45.0)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe InDesign CS3 Icon Handler (Version: 5.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe MotionPicture Color Files (Version: 1.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Reader 7.0.9 (Version: 7.0.9)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player 11.5 (Version: 11.5)
Adobe SING CS3 (Version: 0.1)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe Video Profiles (Version: 1.0)
Adobe WAS CS3 (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP DVA Panels CS3 (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
AdventureWorksDB (Version: 9.00.70430.00)
AEP SSL Tunnel Client 2.7.0.14
AHV content for Acrobat and Flash (Version: 1)
AnalogX TSDropCopy
API-Guide (remove only)
ASP.NET Reports (VBVS) (Version: 1.0.0)
ASP.NET Web Profile Generator Add-In (Version: 1.0.0)
Barcodes For Documents
Basic Design Template (Version: 1.0.0)
Bytescout BarCode SDK (Version: 2.20.303)
CCleaner (Version: 3.06)
CDBurnerXP (Version: 4.2.3.1110)
ClearImage 7 SDK
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conexant D850 56K V.9x DFVc Modem
CounterPoint 7.5
CPUID CPU-Z 1.57
Crystal Reports 2008 (Version: 12.0.0.683)
Crystal Reports Basic for Visual Studio 2008 (Version: 10.5.0.0)
Crystal Reports for Visual Studio (Version: 12.51.0.240)
CyberKit 3.0
Dell CinePlayer (Version: 3.0)
Dell Digital Jukebox Driver
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Support 3.1 (Version: 5.1.760)
Dell System Restore (Version: 2.00.0000)
Digital Content Portal (Version: 1.00.0000)
Digital Line Detect (Version: 1.10)
DigitImg (Version: 2.00.0000)
Dotfuscator Software Services - Community Edition (Version: 5.0.2500.0)
eFORMz (Version: 7.03.00)
Engine
ExamForce Engine Installation ES 7.7
GDR 1617 for SQL Server 2008 R2 (KB2494088) (Version: 10.50.1617.0)
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892) (Version: 9.3.4053)
GTK+ 2.10.13 runtime environment
hp instant support (Version: 5.0.2.4.asst_classic.asst_install)
HP Memories Disc (Version: 1.0.4.805)
HP Software Update (Version: 1.0.18.20030627)
HTML Help Workshop
IIS 7.5 Express (Version: 7.5.1070)
Informatik Command (Version: 1.35.0)
Informatik PDF Complete (Version: 2.52.0)
Intel Matrix Storage Manager
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections (Version: 9.30.0000)
Internet Explorer (Enable DEP)
Internet Explorer Developer Toolbar (Version: 1.0.2188)
IP*Works! V6 ADO.NET Provider (Version: 6.0)
IP*Works! V8 .NET Edition (Version: 8.1)
J2SE Runtime Environment 5.0 (Version: 1.5.0)
J2SE Runtime Environment 5.0 Update 3 (Version: 1.5.0.30)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java 2 Runtime Environment, SE v1.4.2_03 (Version: 1.4.2_03)
Java™ 6 Update 3 (Version: 1.6.0.30)
Learn2 Player (Uninstall Only)
Live Framework SDK CTP April 2009 (v0.91) (Version: 0.9.3904.1)
Live Framework Tools for Microsoft Visual Studio 1.0 CTP (03/19/2009) (Version: 1.0.20319.1)
Live Search Web Service SDK (Version: 1.01.02)
Malwarebytes' Anti-Malware
Media Share Library (Version: 1.0.0)
Microsoft .NET Compact Framework 1.0 SP3 Developer (Version: 1.0.4292)
Microsoft .NET Compact Framework 2.0 SP2 (Version: 2.0.7045)
Microsoft .NET Compact Framework 3.5 (Version: 3.5.7283)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft .NET Services Client Redist (March 2009 CTP) (Version: 0.15)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft ASP.NET 2.0 AJAX Extensions 1.0 (Version: 1.0.61025)
Microsoft ASP.NET 2.0 AJAX Templates for Visual Studio 2008 (Version: 2.0.0.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 3 - Visual Studio 2010 Tools Update (Version: 3.0.20406.0)
Microsoft ASP.NET MVC 3 - VWD Express 2010 Tools Update (Version: 3.0.20406.0)
Microsoft ASP.NET MVC 3 (Version: 3.0.20105.0)
Microsoft ASP.NET Web Pages - Visual Studio 2010 Tools (Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages - VWD Express 2010 Tools (Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages (Version: 1.0.20105.0)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Data Access Components 2.8 SDK (Version: 1.00.1425.0)
Microsoft Device Emulator version 3.0 - ENU (Version: 9.0.21022)
Microsoft Document Explorer 2005
Microsoft Document Explorer 2005 (Version: 8.0.50727.42)
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008 (Version: 9.0.21022)
Microsoft Easy Assist (Version: 1.0.2028.0)
Microsoft Easy Assist v2 (Version: 8.1.6416.0)
Microsoft Expression Blend 3 SDK (Version: 1.0.1343.0)
Microsoft Expression Blend 4 (Version: 4.0.20525.0)
Microsoft Expression Blend SDK for .NET 4 (Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Silverlight 4 (Version: 2.0.20525.0)
Microsoft Expression Design 4 (Version: 7.0.20516.0)
Microsoft Expression Encoder 4 (Version: 4.0.1639.0)
Microsoft Expression Encoder 4 Screen Capture Codec (Version: 4.0.1639.0)
Microsoft Expression Studio 4 (Version: 4.0.20525.0)
Microsoft Expression Web 4 (Version: 4.0.1303.0)
Microsoft Expression Web 4 Service Pack 2
Microsoft F# Runtime for Silverlight 4 (Version: 2.0.0.0)
Microsoft Firewall Client (Version: 4.0.3442)
Microsoft Fix it Center (Version: 1.0.0090)
Microsoft FrontPage Client - English (Version: 7.00.9209)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Network Monitor 3.4 (Version: 3.4.2350.0)
Microsoft Network Monitor: NetworkMonitor Parsers 3.4 (Version: 3.4.2350.0)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2003 Web Components (Version: 12.0.6213.1000)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Accounting 2008 (Version: 3.0.8627.1)
Microsoft Office Accounting 2008 Equifax Addin (Version: 3.0.8231.0)
Microsoft Office Accounting 2008 Fixed Asset Manager (Version: 3.0.8231.0)
Microsoft Office Accounting 2008 PayPal Addin (Version: 3.0.8231.0)
Microsoft Office Accounting ADP Payroll Addin (Version: 0.0.0.0)
Microsoft Office Accounting SDK (Version: 4.0.2305.0)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Live Meeting 2005 (Version: 7.9.2205.0)
Microsoft Office Live Meeting 2005 Replay Wrapper (Version: 7.0.dev.0000.0)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office SharePoint Designer 2007 (Version: 12.0.6425.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office SharePoint Designer MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6425.1000)
Microsoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066)
Microsoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft Silverlight 2 SDK (Version: 2.0.31005.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 3 Tools for Visual Studio 2008 SP1 - ENU (Version: 9.0.30730.126)
Microsoft Silverlight 3 Tools for Visual Web Developer Express 2008 SP1 - ENU (Version: 9.0.30730.126)
Microsoft Silverlight 4 SDK (Version: 4.0.50826.0)
Microsoft Silverlight Tools for Visual Studio 2010 (Version: 10.0.30319.400)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Backward compatibility (Version: 8.05.1054)
Microsoft SQL Server 2005 Tools (Version: 9.00.1399.06)
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Books Online (Version: 10.50.1452.4)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Policies (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1617.0)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (Version: 10.50.1750.9)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.2.4000.0)
Microsoft SQL Server 2008R2 Reporting Services RTM Samples (x86) (Version: 1.0.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 4.0 ENU (Version: 4.0.8482.1)
Microsoft SQL Server Compact 4.0 Web Tools ENU (Version: 4.0.8482.1)
Microsoft SQL Server Database Publishing Wizard 1.3 (Version: 10.0.1600.22)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server Migration Assistant 2008 for Access (Version: 1.0)
Microsoft SQL Server Native Client (Version: 9.00.4035.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.1399.06)
Microsoft SQL Server System CLR Types (Version: 10.51.2500.0)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x86) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.40219)
Microsoft Virtual PC 2007 (Version: 6.0.156.0)
Microsoft Visual C++ Compilers 2010 Standard - enu - x86 (Version: 10.0.40219)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual F# 2.0 Runtime (Version: 10.0.40219)
Microsoft Visual J# .NET Redistributable Package 1.1 (Version: 1.1.4322)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Microsoft Visual Studio .NET 2003 Bootstrapper Plug-in (Version: 1.0.7)
Microsoft Visual Studio .NET Enterprise Architect 2003 - English
Microsoft Visual Studio 2005 Professional Edition - ENU (Version: 8.0.50728)
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) (Version: 1)
Microsoft Visual Studio 2005 SDK February 2007 (Version: 8.0.61205.56)
Microsoft Visual Studio 2005 Team Suite - ENU (Version: 8.0.50728)
Microsoft Visual Studio 2005 Team Suite - ENU Service Pack 1 (KB926601) (Version: 1)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio 2008 Professional Edition - ENU (Version: 9.0.30729)
Microsoft Visual Studio 2008 Professional Edition - ENU Service Pack 1 (KB945140) (Version: 1)
Microsoft Visual Studio 2008 SDK 1.1 (Version: 9.0.30820)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x86) (Version: 10.0.40219)
Microsoft Visual Studio 2010 Professional - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 Professional - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.31007)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.31010)
Microsoft Visual Studio 6.0 Professional Edition
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191)
Microsoft Visual Studio Web Authoring Component (Version: 12.0.4518.1066)
Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU
Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU (Version: 9.0.30729)
Microsoft Visual Web Developer 2010 Express - ENU (Version: 10.0.40219)
Microsoft Web Deploy 2.0 (Version: 2.0.1070)
Microsoft Web Platform Installer 3.0 (Version: 3.0.5)
Microsoft Web Publishing Wizard 1.53
Microsoft WebMatrix (Version: 1.0.1042)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu (Version: 3.5.21022)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Web - enu (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Tools (Version: 6.1.5294.17011)
Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools (Version: 6.1.5294.17011)
Microsoft WSE 2.0 SP3 (Version: 2.0.5050.0)
Microsoft WSE 3.0 (Version: 3.0.5305.0)
Microsoft.com Web Services SDK Version 1.0 for Visual Studio 2003 (Version: 1.0.0)
Modem Helper (Version: 2.40)
MSDN Library - Visual Studio 6.0a
MSDN Library for Visual Studio .NET 2003 (Version: 7.38.3275)
MSDN Library for Visual Studio 2005 (Version: 8.0.50727.42)
MSDN Library for Visual Studio 2008 - ENU (Version: 9.0)
MSDN Library for Visual Studio 2008 - ENU (Version: 9.0.21022)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
Musicmatch® Jukebox (Version: 10.10.0097)
NetWaiting (Version: 2.5.12)
NuGet (Version: 1.2.103.0)
NVIDIA Drivers
oDesk Team 1.1.49
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenSSL 1.0.0b (32-bit)
PDF Settings (Version: 1.0)
Pervasive Data Provider For .NET (9.0) (Version: 9.00)
Pervasive System Analyzer
Pervasive.SQL V8 Client (v8.6) (Version: 8.60.192.033)
Photosmart 140,240,7200,7600,7700,7900 Series (Version: 2.0)
PowerCommands for Visual Studio 2008 (Version: 1.1.0.0)
Programming Microsoft ASP.NET (Version: 0.00.00033)
PS7900 (Version: 1.00.0000)
PSShortcuts (Version: 1.00.0000)
PSUsage (Version: 1.20.0000)
QODBC Driver
Qualxserve Service Agreement (Version: 1.11.0000)
Quick PDF Library 7.24 (Version: 7.24)
QuickBooks Pro 2005 (Version: )
QuickBooks SDK 5.0 (Version: 5.0.00203.0)
QuickBooks SDK 6.0 (Version: 6.0.0.00174)
QuickTime
Search Assist (Version: 1.00.0000)
Self Test Practice Test Engine
Self Test Software: Exam 70-282
Shadow Copy Client (Version: 5.2.01)
Sonic Activation Module (Version: 1.0)
SourceGear DiffMerge (Version: 3.0.0)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
SQL Server 2008 R2 Management Studio (Version: 10.50.1600.1)
SQL Server 2008 R2 Reporting Services (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
SSH Accession (Version: SSH Accession Non-commercial and Evaluation 1.1.47)
SSH Sentinel
SUPERAntiSpyware (Version: 4.50.1002)
TEC-IT TBarCode 10 (Version: 10.2.1.13536)
The Basic Website Template (Version: 1.0.0)
The Grid HTML Standards Based Template (Version: 1.0.0)
The Rounded HTML Standards Based Template (Version: 1.0.0)
The Simple HTML Standards Based Template (Version: 1.0.0)
TiffDLL50 ActiveX DLL
TortoiseHg 1.1.8 (x86) (Version: 1.1.8)
TripControl (Version: 03.01.5024.000)
TripControl 3.2 (Version: 03.02.0115.000)
TripControl 3.2.5 (Version: 03.02.5031.000)
TripControl 4.0 (Version: 04.50.0017.016)
Verizon Help and Support Tool
Virtual Earth 3D (Beta) (Version: 3.0.808.29001)
Visual C++ 2008 IA64 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 IA64 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ 2008 x64 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x64 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - (v9.0.30729.4148) (Version: 9.0.30729.4148)
Visual C++ 2008 x86 Runtime - (v9.0.30729.6161) (Version: 9.0.30729.6161)
Visual C++ 2008 x86 Runtime - KB2465361 - (v9.0.30729.5570) (Version: 9.0.30729.5570)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ 2008 x86 Runtime - v9.0.30729.4148 (Version: 9.0.30729.4148)
Visual C++ 2008 x86 Runtime - v9.0.30729.5570 (Version: 9.0.30729.5570)
Visual C++ 2008 x86 Runtime - v9.0.30729.6161 (Version: 9.0.30729.6161)
Visual Studio .NET Enterprise Architect 2003 - English (Version: 7.1.6030)
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio 2010 SP1 Tools for SQL Server Compact 4.0 ENU (Version: 4.0.8482.1)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1)
Visual Studio.NET Baseline - English (Version: 7.1.3088)
Vz In Home Agent (Version: 7.02.12)
WCF RIA Services V1.0 SP1 (Version: 4.1.60114.0)
Web Deployment Tool (Version: 1.1.0618)
Web Services Enhancements 3.0 Hands On Lab - Security (Version: 1.0.0)
WebFldrs XP (Version: 9.50.7523)
WebServicesAdminTool (Version: 1.00.0000)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live ID Client SDK (Version: 4.200.519.1)
Windows Live Tools for Microsoft Visual Studio CTP (Version: 0.1.0.0)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
Windows SharePoint Services Developer Resources 1.5 English (Version: 12.0.4518.1144)
Windows XP Service Pack 3 (Version: 20080414.031525)
WIPCapture
WIPConfig
WordPerfect Office 12 (Version: 12.01)
Working with Client-Side Script (Version: 1.0.0)
WPF Toolkit February 2010 (Version 3.5.50211.1) (Version: 3.5.50211.1)
Xata XML Core Services (Version: 03.00.0000.000)
XML Notepad 2007 (Version: 2.3.0.0)
XML Paper Specification Shared Components Pack 1.0

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3070.09 MB
Available physical RAM: 1808.56 MB
Total Pagefile: 4445.25 MB
Available Pagefile: 3277.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1994.98 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:145.96 GB) (Free:27.3 GB) NTFS
3 Drive d: (SQLDEV) (CDROM) (Total:2.68 GB) (Free:0 GB) CDFS
6 Drive g: (USB20FD) (Removable) (Total:7.45 GB) (Free:3.92 GB) FAT32
8 Drive k: (New Volume) (Network) (Total:416.92 GB) (Free:86.08 GB) NTFS
9 Drive m: () (Network) (Total:145.96 GB) (Free:27.3 GB) NTFS
10 Drive r: (New Volume) (Network) (Total:465.76 GB) (Free:433.58 GB) NTFS
11 Drive u: () (Network) (Total:145.96 GB) (Free:27.3 GB) NTFS
12 Drive v: () (Network) (Total:48.83 GB) (Free:16.59 GB) NTFS
13 Drive w: (New Volume) (Network) (Total:465.76 GB) (Free:433.58 GB) NTFS
14 Drive y: () (Network) (Total:48.83 GB) (Free:16.59 GB) NTFS
15 Drive z: (New Volume) (Network) (Total:465.76 GB) (Free:433.58 GB) NTFS

========================= Users: ========================================

User accounts for \\DHJCR91

Administrator ASPNET Guest
HelpAssistant IUSR_DHJC2R91 IWAM_DHJC2R91
SQLDebugger SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

**** End of log ****



Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7665

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9/6/2011 3:39:57 PM
mbam-log-2011-09-06 (15-39-57).txt

Scan type: Quick scan
Objects scanned: 294836
Time elapsed: 7 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Stop The World, I want To Get Off!

Life Isn't About Waiting For The Storm To Pass ... It's About Learning To Dance In The Rain.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 AM

Posted 06 September 2011 - 06:17 PM

Hello. you have a Doomjuice Backdoor infection.

Win32/Doomjuice is a family of worms that target machines infected with Win32/Mydoom. Win32/Doomjuice scans for systems listening on the TCP port opened by the backdoor component of Win32/Mydoom.

It is important I tell you this now.

One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Tony Girgenti

Tony Girgenti
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 06 September 2011 - 07:34 PM

Let's clean it.

Thanks,
Tony

Stop The World, I want To Get Off!

Life Isn't About Waiting For The Storm To Pass ... It's About Learning To Dance In The Rain.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 AM

Posted 06 September 2011 - 08:40 PM

Ok, we will do it in steps. Only back up your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup any executable files (*.exe), screensavers (*.scr), autorun (.ini) or script files (.php, .asp, .htm, .html, .xml ) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executables inside them as some types of malware can penetrate compressed files and infect the .exe files within them.


You have alot of ADobe tools, I see that Reader needs ab update. I am not sure of the rest/

ALso Java is outdated.
Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7-windows-i586.exe to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


Similarly Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional





I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.

Edited by boopme, 06 September 2011 - 08:42 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Tony Girgenti

Tony Girgenti
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 07 September 2011 - 03:59 PM

boopme,

How do you prepare a DVD for backup?

I have a Sony DRX-S70U CD/DVD rewritable drive with a blank DVD.

I want to make sure I backup those files you suggested, but i can't acces the DVD drive with a new DVD in it.

The drive does work, because i can read existing CD/DVDs in it.

Any help that you can provide would be gratefully appreciated.

Thanks,
Tony

Stop The World, I want To Get Off!

Life Isn't About Waiting For The Storm To Pass ... It's About Learning To Dance In The Rain.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 AM

Posted 07 September 2011 - 04:12 PM

Hi Tony, so you can Acees it but not write ti it??

This sould be the easiest fix,,, Click the FIX-IT button.

http://support.microsoft.com/mats/cd_dvd_drive_problems/en-us
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Tony Girgenti

Tony Girgenti
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 07 September 2011 - 04:25 PM

That didn't help.

It shows up in Windows Explorer as the F: drive.

When i select it with the mouse when there is a brand new DVD in there, it gives the error:

"F:\ is not accessible. Incorrect function"

When i select it with the mouse when there is an already recorded DVD in there, it displays the files and folders on the DVD.

Thanks,
Tony
Stop The World, I want To Get Off!

Life Isn't About Waiting For The Storm To Pass ... It's About Learning To Dance In The Rain.

#12 Zomalaja

Zomalaja

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 09 September 2011 - 10:11 AM

If you have Roxio software, this may help:

http://support.microsoft.com/default.aspx?scid=kb;en-us;315350

"Easy CD Creator version 4.x and earlier versions are not supported in Windows XP."

Also, make sure recording is enabled, rt click on the drive icon, choose properties, then recording, see if "Enable CD Recording on this drive" is checked.

Nero InCD is also known to cause problems.

#13 Tony Girgenti

Tony Girgenti
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 12 September 2011 - 10:35 AM

Hello boopme.

I’m sorry for not replying back to you sooner.

I am terribly confused by all of the replies I received from other forums on MSDN.

I am in the process of using a new hard drive to install Vista Business and get a system up and running on it and plan to carefully move files from my old drive to my new drive.

I'm doing it that way because I thought that was an acceptable way to handle this problem according to the suggestions I received from the MSDN forum. I think you even recommended something like that in one of your previous posts here.

Now, I'm getting replies suggesting that it is best that I reformat my existing hard drive.

I won't bore you with the details of the problems I am having doing that because it is just a subsidiary part of my total problem.

I still have my original hard drive and have not had it on line or booted from it since I started this new hard drive project.

I don't know what to do except continue the way I am going and hope that I can get what I need from my old drive without getting infected by doing so.

I have Windows XP Pro SP3 on my old(infected) hard drive, but I am using Vista to install on the new hard drive. I’m doing that because when I tried to install Windows XP Pro on the new hard drive it kept giving me a Blue screen error of 7E. It never gets to the screen where it says “To Install Windows, hit Enter”.

I also tried another Microsoft Windows XP Pro install CD. With that one it finally gave me the screen that said “To Install Windows, hit Enter”. When I hit enter, it said there were no hard drives.

That’s when I tried Windows Vista CD. It installed, but I am having all kinds of issues.

I do appreciate all of the time and effort that you have extended to help me with this problem.

Thanks for your help.

Tony

Stop The World, I want To Get Off!

Life Isn't About Waiting For The Storm To Pass ... It's About Learning To Dance In The Rain.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:27 AM

Posted 13 September 2011 - 03:55 PM

Tony, I didnt get my email for this.. anyway.. This is a question netter asked in VISTa or XP as its not malware and they can help you with these quirks.

I can say,1) Backup all your important data files, pictures, music, work etc... and save it onto an external hard-drive. These files usually include .doc, .txt, .mp3, .jpg etc...
2) Do not backup any executables files or any window files. These include .exe/.scr/.htm/.html/.xml/.zip/.rar files as they may contain traces of malware. Also, .html or .htm files that are webpages should also be avoided.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Tony Girgenti

Tony Girgenti
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 14 September 2011 - 11:57 AM

boopme,

I'm confused. You said on 9/06/2011 "you have a
Doomjuice Backdoor infection." and "I would counsel you to disconnect this PC from the Internet immediately."

I'm also not sure of what you mean by "netter asked in VISTa or XP as its not malware and they can help you with these quirks"

I have to assume you are referring to a thread. Where can I find that thread?

Thanks,
Tony

Stop The World, I want To Get Off!

Life Isn't About Waiting For The Storm To Pass ... It's About Learning To Dance In The Rain.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users