Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

system check took over my computer


  • This topic is locked This topic is locked
2 replies to this topic

#1 house90712

house90712

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:45 PM

Posted 11 January 2012 - 11:45 AM

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 9/8/2011 10:10:03 PM
System Uptime: 1/10/2012 9:03:53 PM (11 hours ago)
.
Motherboard: ASUSTek Computer INC. | | Salmon
Processor: AMD Athlon™ 64 Processor 3400+ | Socket 754 | 1808/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 180 GiB total, 126.246 GiB free.
D: is FIXED (FAT32) - 6 GiB total, 0.428 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP29: 10/26/2011 11:08:45 AM - System Checkpoint
RP30: 10/29/2011 3:42:30 PM - System Checkpoint
RP31: 10/30/2011 10:25:59 PM - Update to an unsigned driver
RP32: 11/4/2011 8:32:12 PM - System Checkpoint
RP33: 11/5/2011 9:30:07 PM - System Checkpoint
RP34: 11/8/2011 12:46:47 AM - System Checkpoint
RP35: 11/8/2011 7:42:02 PM - Installed Windows Media Format Runtime
RP36: 11/8/2011 7:42:23 PM - Installed Windows XP Wudf01000.
RP37: 11/8/2011 7:44:20 PM - Installed Windows XP KB926239.
RP38: 11/9/2011 6:34:55 AM - Unsigned driver install
RP39: 11/9/2011 8:03:49 PM - Installed Windows Media Player 10
RP40: 11/9/2011 9:42:12 PM - Installed Java™ 6 Update 29
RP41: 11/11/2011 12:56:25 AM - System Checkpoint
RP42: 11/12/2011 3:00:01 AM - System Checkpoint
RP43: 11/13/2011 3:52:20 AM - System Checkpoint
RP44: 11/14/2011 3:57:31 AM - System Checkpoint
RP45: 11/15/2011 4:31:42 AM - System Checkpoint
RP46: 11/16/2011 4:32:51 AM - System Checkpoint
RP47: 11/16/2011 7:15:06 PM - Unsigned driver install
RP48: 11/17/2011 7:01:24 PM - Software Distribution Service 3.0
RP49: 11/18/2011 3:00:30 AM - Software Distribution Service 3.0
RP50: 11/18/2011 7:27:17 PM - Software Distribution Service 3.0
RP51: 11/19/2011 3:00:32 AM - Software Distribution Service 3.0
RP52: 11/20/2011 3:00:26 AM - Software Distribution Service 3.0
RP53: 11/20/2011 8:18:20 PM - Software Distribution Service 3.0
RP54: 11/20/2011 10:57:09 PM - Software Distribution Service 3.0
RP55: 11/21/2011 9:57:33 PM - Software Distribution Service 3.0
RP56: 11/21/2011 11:31:21 PM - Software Distribution Service 3.0
RP57: 11/22/2011 11:26:14 AM - Software Distribution Service 3.0
RP58: 11/22/2011 7:36:41 PM - Software Distribution Service 3.0
RP59: 11/22/2011 10:59:55 PM - Software Distribution Service 3.0
RP60: 11/23/2011 3:00:23 AM - Software Distribution Service 3.0
RP61: 11/23/2011 8:42:39 PM - Software Distribution Service 3.0
RP62: 11/23/2011 8:49:57 PM - Installed Windows Internet Explorer 8.
RP63: 11/23/2011 8:51:10 PM - Software Distribution Service 3.0
RP64: 11/23/2011 8:58:18 PM - Software Distribution Service 3.0
RP65: 11/23/2011 9:30:32 PM - Software Distribution Service 3.0
RP66: 11/24/2011 3:00:39 AM - Software Distribution Service 3.0
RP67: 11/25/2011 3:08:51 AM - System Checkpoint
RP68: 11/26/2011 4:28:56 AM - System Checkpoint
RP69: 11/27/2011 4:37:36 AM - System Checkpoint
RP70: 11/28/2011 1:36:35 PM - System Checkpoint
RP71: 11/29/2011 3:08:31 PM - System Checkpoint
RP72: 11/30/2011 3:18:49 PM - System Checkpoint
RP73: 12/1/2011 4:32:00 AM - Software Distribution Service 3.0
RP74: 12/2/2011 4:33:15 AM - System Checkpoint
RP75: 12/3/2011 10:59:53 AM - System Checkpoint
RP76: 12/4/2011 11:21:27 AM - System Checkpoint
RP77: 12/5/2011 1:11:33 PM - System Checkpoint
RP78: 12/6/2011 1:26:29 PM - System Checkpoint
RP79: 12/7/2011 2:33:17 PM - System Checkpoint
RP80: 12/8/2011 10:50:24 AM - Restore Operation
RP81: 12/9/2011 10:57:02 AM - System Checkpoint
RP82: 12/10/2011 2:05:55 PM - System Checkpoint
RP83: 12/10/2011 4:51:11 PM - Installed Windows Media Player 10
RP84: 12/10/2011 4:51:52 PM - Software Distribution Service 3.0
RP85: 12/10/2011 8:29:56 PM - Software Distribution Service 3.0
RP86: 12/11/2011 9:28:09 PM - System Checkpoint
RP87: 12/13/2011 12:10:51 AM - System Checkpoint
RP88: 12/14/2011 12:21:20 AM - System Checkpoint
RP89: 12/15/2011 1:00:26 AM - System Checkpoint
RP90: 12/16/2011 10:15:04 PM - System Checkpoint
RP91: 12/17/2011 10:46:42 PM - System Checkpoint
RP92: 12/18/2011 11:45:40 PM - System Checkpoint
RP93: 12/20/2011 12:45:41 AM - System Checkpoint
RP94: 12/21/2011 12:49:15 AM - System Checkpoint
RP95: 12/22/2011 1:49:15 AM - System Checkpoint
RP96: 12/23/2011 2:12:46 AM - System Checkpoint
RP97: 12/24/2011 3:12:45 AM - System Checkpoint
RP98: 12/25/2011 4:12:48 AM - System Checkpoint
RP99: 12/26/2011 5:12:45 AM - System Checkpoint
RP100: 12/27/2011 6:12:46 AM - System Checkpoint
RP101: 12/28/2011 12:50:42 PM - System Checkpoint
RP102: 12/29/2011 1:42:47 PM - System Checkpoint
RP103: 12/30/2011 3:34:17 PM - System Checkpoint
RP104: 12/31/2011 4:36:20 PM - System Checkpoint
RP105: 1/1/2012 4:46:43 PM - System Checkpoint
RP106: 1/2/2012 6:05:37 PM - System Checkpoint
RP107: 1/3/2012 8:24:58 PM - System Checkpoint
RP108: 1/4/2012 10:28:33 PM - System Checkpoint
RP109: 1/5/2012 10:42:33 PM - System Checkpoint
RP110: 1/6/2012 10:49:13 PM - System Checkpoint
RP111: 1/7/2012 11:55:15 PM - System Checkpoint
RP112: 1/9/2012 12:28:16 AM - System Checkpoint
RP113: 1/10/2012 12:29:38 AM - System Checkpoint
RP114: 1/10/2012 6:07:27 AM - Software Distribution Service 3.0
RP115: 1/10/2012 7:41:25 AM - Restore Operation
RP116: 1/10/2012 8:08:34 AM - Restore Operation
RP117: 1/10/2012 8:12:57 AM - Restore Operation
RP118: 1/10/2012 10:01:49 AM - Software Distribution Service 3.0
RP119: 1/10/2012 9:00:59 PM - Restore Operation
RP120: 1/10/2012 9:19:09 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Acrobat - Reader 6.0.2 Update
Adobe Flash Player 11 ActiveX
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 6.0.1
Adobe Shockwave Player 11.6
Agere Systems PCI Soft Modem
Blackhawk Striker 2 from Compaq (remove only)
Blasterball 2 from Compaq (remove only)
Blasterball 2 Holidays from Compaq (remove only)
Blasterball 2 Remix from Compaq (remove only)
blinkx beat
Bounce Symphony from Compaq (remove only)
CC_ccProxyExt
ccCommon
ccPxyCore
Compaq Connections
Compaq Organize
Crystal Maze from Compaq (remove only)
DealScout for Google Chrome
Easy Internet Sign-up
EPSON Scan
EPSON WorkForce 500 Series Printer Uninstall
Final Drive Nitro from Compaq (remove only)
Google Chrome
Google Toolbar for Internet Explorer
Help and Support Additions
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP Help and Support 4.0
HpSdpAppCoreApp
iLivid
InterVideo WinDVD Player
iTunes
J2SE Runtime Environment 5.0
Java Auto Updater
Java™ 6 Update 29
KBD
Lexibox Deluxe from Compaq (remove only)
LiveReg (Symantec Corporation)
LiveUpdate 2.5 (Symantec Corporation)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Standard Edition 2003
Microsoft Plus! Dancer LE
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
MSRedist
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton AntiSpam
Norton AntiVirus 2005
Norton Internet Security
Norton Internet Security 2005 (Symantec Corporation)
Norton Security Center
Norton WMI Update
Overball from Compaq (remove only)
PC-Doctor for Windows
Phoenix Assault from Compaq (remove only)
Polar Bowler from Compaq (remove only)
Polar Golfer from Compaq (remove only)
PS2
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Registry Mechanic 10.0
Remove Microsoft Money 2005 installer
Remove WeatherBug installer
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981350)
Security Update for Windows XP (KB982381)
Shooting Stars Pool from Compaq (remove only)
SiS VGA Utilities
Slyder from Compaq (remove only)
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
SPBBC
SpySubtract
Super Granny from Compaq (remove only)
swMSM
SymNet
The Weather Channel Desktop 6
Tradewinds from Compaq (remove only)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB898461)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VooMuu
WebFldrs XP
Windows iLivid Toolbar
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB891781
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
1/9/2012 6:26:53 PM, error: atapi [9] - The device, \Device\Ide\IdePort2, did not respond within the timeout period.
1/7/2012 11:22:00 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. .
1/7/2012 11:22:00 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Nikon\Nikon Transfer\NktTransfer.exe. Reference error message: The operation completed successfully. .
1/7/2012 11:22:00 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
1/6/2012 6:50:44 PM, error: Print [19] - Sharing printer failed + 1722, Printer EPSON WorkForce 500 Series share name Printer.
1/6/2012 6:33:00 PM, error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
1/10/2012 9:01:16 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK8 Fips SYMTDI
1/10/2012 6:33:18 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
1/10/2012 6:16:19 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
1/10/2012 6:16:02 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/10/2012 6:15:03 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK8 Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SYMTDI Tcpip
1/10/2012 6:15:03 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
1/10/2012 6:15:03 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/10/2012 6:15:03 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/10/2012 6:15:03 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
1/10/2012 6:14:28 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
.
==== End Of File ===========================


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Compaq_Owner at 8:32:49 on 2012-01-11
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.383.137 [GMT -8:00]
.
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\WI371A~1\Datamngr\DATAMN~1.EXE
C:\Documents and Settings\All Users\Application Data\oklbxWqyXCYA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEQA.EXE
C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2.001\Local Settings\Application Data\VooMuuSA\bin\2.0.7.0\VooMuuSA.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\All Users\Application Data\uMytAwWsYOZkKI.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\HP\KBD\KBD.EXE
C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2.001\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2.001\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Compaq_Owner.YOUR-F78BF48CE2.001\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchqu.com/406
uSearch Page = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=presario&pf=desktop
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll
BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\wi371a~1\datamngr\BROWSE~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: CNavExtBho Class: {bdf3e430-b101-42ad-a544-fadc6b084872} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Norton AntiVirus: {42cdd1bf-3ffb-4238-8ad1-7859df00b1d6} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\compaq_owner.your-f78bf48ce2.001\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [EPSON WorkForce 500 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatieqa.exe /fu "c:\windows\temp\E_S7B.tmp" /EF "HKCU"
uRun: [VooMuuSA] "c:\documents and settings\compaq_owner.your-f78bf48ce2.001\local settings\application data\voomuusa\bin\2.0.7.0\VooMuuSA.exe"
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
mRun: [SSC_UserPrompt] c:\program files\common files\symantec shared\security center\UsrPrmpt.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [IS CfgWiz] c:\program files\norton internet security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [AlcxMonitor] ALCXMNTR.EXE
mRun: [DATAMNGR] c:\progra~1\wi371a~1\datamngr\DATAMN~1.EXE
mRun: [oklbxWqyXCYA.exe] c:\documents and settings\all users\application data\oklbxWqyXCYA.exe
uPolicies-explorer: NoDesktop = 1 (0x1)
uPolicies-system: DisableTaskMgr = 1 (0x1)
mPolicies-system: DisableTaskMgr = 1 (0x1)
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{706A6EFC-C142-47E4-99D4-3C86F24678B8} : DhcpNameServer = 209.18.47.61 209.18.47.62
AppInit_DLLs: c:\progra~1\wi371a~1\datamngr\datamngr.dll c:\progra~1\wi371a~1\datamngr\IEBHO.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {FA010552-4A27-4cb1-A1BB-3E2D697F1639} - No File
.
============= SERVICES / DRIVERS ===============
.
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20050309.032\NAVENG.Sys [2005-5-5 73728]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20050309.032\NavEx15.Sys [2005-5-5 631040]
.
=============== Created Last 30 ================
.
2012-01-10 14:07:59 -------- d--h--w- C:\154e20972666531d6c804a0f874a
2012-01-10 03:11:27 354560 ---ha-w- c:\documents and settings\all users\application data\uMytAwWsYOZkKI.exe
2012-01-10 03:02:23 449280 ---ha-w- c:\documents and settings\all users\application data\oklbxWqyXCYA.exe
2012-01-08 07:28:47 1409 ---ha-w- c:\windows\QTFont.for
2011-12-17 07:28:01 -------- d--h--w- C:\temp
2011-12-15 03:18:24 -------- d--h--w- c:\documents and settings\compaq_owner.your-f78bf48ce2.001\application data\searchquband
2011-12-15 03:18:24 -------- d--h--w- c:\documents and settings\compaq_owner.your-f78bf48ce2.001\AppData
2011-12-15 03:11:34 -------- d--h--w- c:\documents and settings\all users\application data\boost_interprocess
2011-12-14 23:58:58 -------- d--h--w- c:\documents and settings\compaq_owner.your-f78bf48ce2.001\local settings\application data\Ilivid Player
2011-12-14 23:57:12 -------- dc-h--w- c:\documents and settings\all users\application data\{B49A644A-1076-4A3D-B124-DAA7862F2318}
2011-12-14 23:56:51 -------- d--h--w- c:\program files\iLivid
2011-12-14 23:56:09 -------- d--h--w- c:\documents and settings\compaq_owner.your-f78bf48ce2.001\application data\searchqutoolbar
2011-12-14 23:55:49 -------- d--h--w- c:\program files\Windows iLivid Toolbar
2011-12-14 23:55:33 -------- d--h--w- c:\documents and settings\compaq_owner.your-f78bf48ce2.001\local settings\application data\PackageAware
.
==================== Find3M ====================
.
2011-11-17 03:14:34 414368 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-10 05:42:30 73728 ---ha-w- c:\windows\system32\javacpl.cpl
2011-11-10 05:42:30 472808 ---ha-w- c:\windows\system32\deployJava1.dll
2009-09-11 23:31:28 19362 ---ha-w- c:\program files\common files\yrariceqe.vbs
2009-09-11 23:31:27 16672 ---ha-w- c:\program files\common files\ubenaleg.exe
2009-09-11 23:31:27 16587 ---ha-w- c:\program files\common files\fesyjyjy.exe
.
============= FINISH: 8:35:29.60 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:09:45 AM

Posted 15 January 2012 - 11:23 AM

Do you still need help?

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#3 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:09:45 AM

Posted 20 January 2012 - 10:41 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users