Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Error Wizard


  • This topic is locked This topic is locked
4 replies to this topic

#1 JohnDavidLynchJr

JohnDavidLynchJr

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 20 March 2013 - 07:25 AM

Unable to send e-mail from software.
 
Unable to remove.
 
Here are my log files.

EDIT: Logs posted by Oh My!

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.17.2
Run by lcoolidge at 6:43:02 on 2013-03-20
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3061.2403 [GMT -5:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\RINGCE~1\EXTREM~1\RCUI.exe
C:\PROGRA~1\RINGCE~1\EXTREM~1\RCHotKey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\VirusScan Enterprise\mcconsol.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe" //eml:c:\documents and settings\lcoolidge\desktop\GE April Published Price Lists Attached.eml
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20130304151410.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [RCUI] "c:\progra~1\ringce~1\extrem~1\RCUI.exe"
uRun: [RCHotKey] "c:\progra~1\ringce~1\extrem~1\RCHotKey.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoWelcomeScreen = dword:1
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1362431876988
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1362431901672
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.16.2 64.130.108.18 64.130.108.19
TCP: Interfaces\{1720F835-F5B1-49FE-99B3-5D52666E8FFE} : DHCPNameServer = 192.168.16.2 64.130.108.18 64.130.108.19
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.172\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2013-3-4 565352]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2013-3-4 89624]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2011-1-12 120128]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2013-3-4 166024]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2011-9-14 209760]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2013-3-4 167344]
R2 uvnc_service;uvnc_service;c:\program files\ultravnc\winvnc.exe [2013-3-18 1590216]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2013-3-4 180072]
R3 mv2;mv2;c:\windows\system32\drivers\mv2.sys [2013-3-4 11496]
S0 cerc6;cerc6; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2013-3-4 59288]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2013-3-4 92192]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-03-19 12:51:36 221184 ----a-w- c:\windows\system32\wmpns.dll
2013-03-18 22:15:43 -------- d-----w- c:\program files\ESET
2013-03-18 20:30:45 -------- d-----w- c:\program files\UltraVNC
2013-03-18 11:37:14 -------- d-sha-r- C:\cmdcons
2013-03-17 14:09:33 -------- d-----w- C:\ProgramData
2013-03-17 04:15:00 -------- d-----w- C:\temp
2013-03-15 13:37:47 -------- d-sh--w- c:\documents and settings\lcoolidge\IECompatCache
2013-03-14 16:29:57 -------- d-----w- c:\documents and settings\lcoolidge\local settings\application data\Temp
2013-03-13 22:41:51 14664 ----a-w- c:\windows\stinger.sys
2013-03-13 22:41:02 -------- d-----w- c:\program files\stinger
2013-03-13 22:14:05 98816 ----a-w- c:\windows\sed.exe
2013-03-13 22:14:05 256000 ----a-w- c:\windows\PEV.exe
2013-03-13 22:14:05 208896 ----a-w- c:\windows\MBR.exe
2013-03-13 10:01:37 -------- d--h--w- c:\windows\$hf_mig$
2013-03-13 08:15:32 15859416 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-03-12 20:06:15 -------- d-----w- c:\documents and settings\lcoolidge\local settings\application data\Help
2013-03-05 17:33:05 -------- d-----w- c:\program files\MSECache
2013-03-05 17:24:21 -------- d-----w- c:\windows\SxsCaPendDel
2013-03-05 15:57:16 -------- d-----w- c:\documents and settings\all users\application data\RingCentral
2013-03-05 15:54:59 275696 ----a-w- c:\windows\system32\mucltui.dll
2013-03-05 15:54:59 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2013-03-05 14:35:03 -------- d-----w- c:\documents and settings\lcoolidge\local settings\application data\Adobe
2013-03-05 02:49:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
2013-03-05 02:49:51 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2013-03-05 02:31:05 -------- d-----w- c:\documents and settings\lcoolidge\application data\Malwarebytes
2013-03-05 02:29:33 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2013-03-05 02:29:32 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-05 02:29:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-05 01:52:26 -------- d-----w- c:\documents and settings\lcoolidge\local settings\application data\Sun
2013-03-05 00:48:44 -------- d-----w- c:\windows\system32\winrm
2013-03-05 00:48:44 -------- d-----w- c:\windows\system32\GroupPolicy
2013-03-05 00:44:53 -------- d-----w- c:\documents and settings\lcoolidge\local settings\application data\ApplicationHistory
2013-03-05 00:11:59 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-05 00:11:59 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-05 00:11:59 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-05 00:11:48 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-05 00:08:14 -------- d-----w- c:\windows\system32\Adobe
2013-03-05 00:06:36 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-05 00:06:36 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-05 00:01:13 -------- d-----w- c:\program files\GUM115.tmp
2013-03-04 23:59:15 -------- d-----w- c:\documents and settings\lcoolidge\local settings\application data\Google
2013-03-04 22:00:57 -------- d-----w- c:\program files\Windows Media Connect 2
2013-03-04 21:59:44 -------- d-----w- c:\windows\system32\LogFiles
2013-03-04 21:48:06 -------- d-----w- c:\program files\Premier
2013-03-04 21:47:22 -------- d-----w- c:\documents and settings\lcoolidge\local settings\application data\Downloaded Installations
2013-03-04 21:45:25 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2013-03-04 21:38:59 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2013-03-04 21:38:59 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2013-03-04 21:38:53 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2013-03-04 21:38:53 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-03-04 21:37:41 -------- d-----w- c:\documents and settings\lcoolidge\application data\HpUpdate
2013-03-04 21:37:39 544616 ------w- c:\windows\system32\HPDiscoPM5912.dll
2013-03-04 21:37:37 488808 ----a-w- c:\windows\system32\HPWia1_OJ8600.dll
2013-03-04 21:37:37 429928 ----a-w- c:\windows\system32\hpinksts5912.dll
2013-03-04 21:37:37 270696 ----a-w- c:\windows\system32\hpinksts5912LM.dll
2013-03-04 21:37:37 216424 ----a-w- c:\windows\system32\hpinkcoi5912.dll
2013-03-04 21:37:37 1946472 ----a-w- c:\windows\system32\HPScanTRDrv_OJ8600.dll
2013-03-04 21:36:49 -------- d-----w- c:\program files\HP
2013-03-04 21:35:43 -------- d-----w- c:\documents and settings\lcoolidge\local settings\application data\HP
2013-03-04 21:34:24 2193024 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2013-03-04 21:34:24 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2013-03-04 21:34:23 2027520 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2013-03-04 21:33:24 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2013-03-04 21:33:24 272128 ------w- c:\windows\system32\drivers\bthport.sys
2013-03-04 21:31:45 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2013-03-04 21:31:45 3072 ------w- c:\windows\system32\iacenc.dll
2013-03-04 21:26:57 -------- d-----w- c:\windows\system32\PreInstall
2013-03-04 21:23:19 2529 ----a-w- C:\dels.bat
2013-03-04 21:20:51 -------- d-----w- C:\QUARANTINE
2013-03-04 21:14:32 -------- d-----w- c:\documents and settings\lcoolidge\application data\McAfee
2013-03-04 21:14:10 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2013-03-04 21:14:10 92192 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2013-03-04 21:14:10 89624 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2013-03-04 21:14:10 74848 ----a-w- c:\windows\system32\MfeOtlkAddin.dll
2013-03-04 21:14:10 59288 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2013-03-04 21:14:10 565352 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2013-03-04 21:14:10 22816 ----a-w- c:\windows\system32\MFEOtlk.dll
2013-03-04 21:14:10 180072 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2013-03-04 21:14:10 167344 ----a-w- c:\windows\system32\mfevtps.exe
2013-03-04 21:14:10 119968 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2013-03-04 21:13:49 -------- d-----w- c:\program files\McAfee
2013-03-04 21:13:49 -------- d-----w- c:\program files\common files\McAfee
2013-03-04 21:11:49 21480 ----a-w- c:\windows\system32\mv2.dll
2013-03-04 21:11:49 11496 ----a-w- c:\windows\system32\drivers\mv2.sys
2013-03-04 21:10:07 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2013-03-04 21:09:10 -------- d-----w- c:\windows\system32\ReinstallBackups
2013-03-04 21:06:35 -------- d-----w- c:\program files\Dell
2013-03-04 21:02:30 -------- d-----w- c:\documents and settings\lcoolidge\local settings\application data\Deployment
2013-03-04 20:55:31 -------- d-sh--w- c:\documents and settings\lcoolidge\PrivacIE
2013-03-04 20:53:29 28552 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2013-03-04 20:53:29 28040 ----a-w- c:\windows\system32\mdimon.dll
2013-03-04 20:53:05 -------- d-----w- c:\program files\common files\L&H
2013-03-04 20:53:01 -------- d-----w- c:\program files\Microsoft ActiveSync
2013-03-04 20:52:46 -------- d-----w- c:\windows\SHELLNEW
2013-03-04 20:44:33 -------- d-----w- c:\windows\SchCache
2013-03-04 20:38:13 -------- d-----w- c:\windows\ie8updates
2013-03-04 20:37:38 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2013-03-04 20:37:31 -------- dc-h--w- c:\windows\ie8
2013-03-04 20:34:58 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2013-03-04 20:34:05 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2013-03-04 20:34:02 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2013-03-04 20:34:02 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2013-03-04 20:34:01 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2013-03-04 20:34:01 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2013-03-04 20:34:01 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2013-03-04 20:34:00 2004992 -c----w- c:\windows\system32\dllcache\iertutil.dll
2013-03-04 20:33:59 11111424 -c----w- c:\windows\system32\dllcache\ieframe.dll
2013-03-04 20:27:44 6272 -c--a-w- c:\windows\system32\dllcache\splitter.sys
2013-03-04 20:24:04 161792 -c--a-w- c:\windows\system32\dllcache\b57xp32.sys
2013-03-04 20:24:04 161792 ----a-w- c:\windows\system32\drivers\b57xp32.sys
2013-03-04 20:24:04 -------- d-----w- c:\program files\Broadcom
2013-03-04 20:22:37 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2013-03-04 20:00:13 -------- d-s---w- c:\windows\system32\Microsoft
.
==================== Find3M ====================
.
2013-02-05 20:05:47 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:05:46 43520 ------w- c:\windows\system32\licmgr10.dll
2013-02-05 20:05:46 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:53:57 385024 ------w- c:\windows\system32\html.iec
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:19:45 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37:01 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll
.
============= FINISH: 6:48:26.15 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/4/2013 1:59:08 PM
System Uptime: 3/19/2013 11:01:01 PM (7 hours ago)
.
Motherboard: Dell Inc. | | 0KP561
Processor: Intel® Pentium® Dual CPU E2160 @ 1.80GHz | CPU | 1793/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 134.631 GiB free.
D: is CDROM ()
F: is Removable
P: is NetworkDisk (NTFS) - 601 GiB total, 538.452 GiB free.
S: is NetworkDisk (NTFS) - 601 GiB total, 538.452 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP17: 3/4/2013 5:45:05 PM - Installed Windows XP WgaNotify.
RP18: 3/4/2013 6:11:34 PM - Installed Java 7 Update 17
RP19: 3/4/2013 6:43:20 PM - Software Distribution Service 3.0
RP20: 3/4/2013 7:54:21 PM - Software Distribution Service 3.0
RP21: 3/4/2013 8:23:01 PM - Software Distribution Service 3.0
RP22: 3/5/2013 9:59:47 AM - Unsigned printer driver RingCentral Internet Fax installed.
RP23: 3/5/2013 11:23:44 AM - Software Distribution Service 3.0
RP24: 3/5/2013 11:33:23 AM - Installed Microsoft Office Excel Viewer
RP25: 3/5/2013 11:55:02 AM - Installed Compatibility Pack for the 2007 Office system
RP26: 3/6/2013 12:18:24 PM - System Checkpoint
RP27: 3/7/2013 5:00:14 AM - Software Distribution Service 3.0
RP28: 3/8/2013 5:00:16 AM - Software Distribution Service 3.0
RP29: 3/9/2013 5:02:56 AM - System Checkpoint
RP30: 3/10/2013 7:02:56 AM - System Checkpoint
RP31: 3/11/2013 8:04:02 AM - System Checkpoint
RP32: 3/12/2013 11:39:30 AM - System Checkpoint
RP33: 3/13/2013 5:00:25 AM - Software Distribution Service 3.0
RP34: 3/14/2013 5:09:56 AM - System Checkpoint
RP35: 3/15/2013 6:01:27 AM - System Checkpoint
RP36: 3/15/2013 8:37:07 AM - Software Distribution Service 3.0
RP37: 3/16/2013 9:02:58 AM - System Checkpoint
RP38: 3/18/2013 6:35:56 AM - ComboFix created restore point
RP39: 3/19/2013 8:15:03 AM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.02)
Adobe Shockwave Player 12.0
Broadcom Gigabit Integrated Controller
Color LaserJet 1600
Compatibility Pack for the 2007 Office system
Dell System Detect
ESET Online Scanner v3
eXtreme Fax Call Controller
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HP FWUpdateEDO2
HP Officejet Pro 8600 Basic Device Software
HP Officejet Pro 8600 Help
HP Update
I.R.I.S. OCR
Intel® Graphics Media Accelerator Driver
Java 7 Update 17
Java Auto Updater
Malwarebytes Anti-Malware version 1.70.0.1100
McAfee Agent
McAfee VirusScan Enterprise
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Excel Viewer
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Premier
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SoundMAX
Spybot - Search & Destroy
swMSM
UltraVNC 1.0.8.2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB898461)
Update for Windows XP (KB943729)
Update for Windows XP (KB951978)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
.
==== Event Viewer Messages From Past Week ========
.
3/19/2013 6:28:06 AM, error: Service Control Manager [7034] - The McAfee Validation Trust Protection Service service terminated unexpectedly. It has done this 1 time(s).
3/19/2013 6:28:01 AM, error: Service Control Manager [7034] - The McAfee Framework Service service terminated unexpectedly. It has done this 1 time(s).
3/19/2013 6:28:01 AM, error: Service Control Manager [7034] - The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).
3/19/2013 6:28:01 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
3/19/2013 6:28:01 AM, error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
3/18/2013 7:50:57 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the HidServ service.
3/18/2013 7:09:33 PM, error: TermDD [50] - The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client.
3/18/2013 6:30:58 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
3/18/2013 6:27:21 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/18/2013 3:26:37 PM, error: Print [27] - PrintQueue could not be created or updated because we failed to bind to the Container: LDAP://server.Harris.local/CN=HSS-104,CN=Computers,DC=Harris,DC=local. Error: 8007203a
3/17/2013 9:01:12 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm
3/17/2013 7:48:14 AM, error: Service Control Manager [7034] - The uvnc_service service terminated unexpectedly. It has done this 1 time(s).
3/13/2013 6:00:34 PM, error: NETLOGON [5719] - No Domain Controller is available for domain HARRIS due to the following: The RPC server is unavailable. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
3/13/2013 5:58:33 PM, error: Print [33] - The PrintQueue Container could not be found because the DNS Domain name could not be retrieved. Error: 6ba
3/13/2013 5:58:30 PM, error: TermServDevices [1111] - Driver Microsoft Shared Fax Driver required for printer Fax is unknown. Contact the administrator to install the driver before you log in again.
3/13/2013 5:58:30 PM, error: TermServDevices [1111] - Driver HP Photosmart Prem C410 series required for printer HP Photosmart Prem C410 series is unknown. Contact the administrator to install the driver before you log in again.
3/13/2013 5:58:30 PM, error: TermServDevices [1111] - Driver HP Photosmart Prem C410 series fax required for printer HP Photosmart Prem C410 series fax is unknown. Contact the administrator to install the driver before you log in again.
3/13/2013 5:09:10 AM, error: NETLOGON [5719] - No Domain Controller is available for domain HARRIS due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
.
==== End Of File ===========================

Attached Files


Edited by Oh My, 24 March 2013 - 08:21 AM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,045 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:11 PM

Posted 24 March 2013 - 08:20 AM

Greetings John and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, do not use the StartNewTopic.gif button but use the AddReply.gif button instead.
  • In the upper right hand corner of the topic you will see the WatchTopic.gif button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided and I will reply as soon as possible.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 JohnDavidLynchJr

JohnDavidLynchJr
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:11 PM

Posted 27 March 2013 - 06:48 AM

Thank You for all of your help.

We did find and cleanup some stuff.

The software people decided this Error Wizard is from their software.

He went in and made a change, all is well now.

Thank You Again.

Please help me close this case.

John



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,045 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:11 PM

Posted 27 March 2013 - 07:41 AM

Thank you for letting us know. 


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,045 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:11 PM

Posted 27 March 2013 - 07:41 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users