Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE extremely slow & freezing/locking


  • This topic is locked This topic is locked
59 replies to this topic

#1 tmd598

tmd598

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:05:28 PM

Posted 04 August 2013 - 07:26 PM

I was referred here after being helped on the forum "Am I infected?"

 

My Internet Explorer began running extremely slow, and freezing and/or locking up on many site, much worse on Facebook.  When it does that, it takes forever and multiple attempts to close it.

 

On my own, I ran Malwarebytes and TDSSKiller, both of which did not detect anything.  I then posted on the "Am I infected?" forum.  I was advised, and these are the steps I have taken:

 

1.  Reset IE settings to default

2.  AdwCleaner

3. Junkware Removal Tool

4. Malwarebytes

5. Kaspersky Virus Removal Tool

6. Eset Online Anti-Virus Scanner

7. Ran IE with no Add-ons

 

None of these helped or detected a problem. I was then advised to download and run DDS and then post in this forum.  This is the DDS.txt log; I have also uploaded and attached the attach.txt file.

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Tammy Drury at 20:05:36 on 2013-08-04
.
============== Running Processes ================
.
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\SCardSvr.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CompuServe 7.0\cstray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\locator.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Backblaze\bzserv.exe
C:\Program Files\Backblaze\bzbui.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Backblaze\bztransmit.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://www.hackerwatch.org/library/app/feedback/?Md5=941C699E5368FD53B1DBA70E489B51E9&hwid=C1BC18BA719CDB32
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://channels.aimtoday.com/search/aimtoolbar.jsp
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll
TB: AIM Search: {40D41A8B-D79B-43D7-99A7-9EE0F344C385} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AIM Search: {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll
EB: Real.com: {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\shdocvw.dll
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Backblaze] "c:\program files\backblaze\bzbui.exe" -quiet
mRun: [PCMService] "c:\program files\dell\media experience\PCMService.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVWSzItQUxZTUYtU0xLTFUtQVoyVUItNkdPS0ItSkhGTkg"&"inst=NzctNjE0MTg3NzM1LUZMKzktRjEwTSs1LVFJWDErNC1YMjAxMCsyLUYxME0xMEQrMS1MSUMrNzctRkwxMCsxLVNQMSsxLVNVRCsxLVMxSSsxLVNVMysxLUNJUCsyLUREVCsyODQxLUYxME0xMkFOKzEtRjEwTTEyQisxLVRMKzEtQ0lEMTArMy1DSUQrMTAtRjEwTTEzVis1LUYxME0xMysxLUYxME0xM0QrMi1GMTBNMTNJRCs2MTQxODc3MzUtQzEwVSsxMTEzLVRCQ1YrMQ"&"prod=90"&"ver=10.0.1430
dRunOnce: [RunNarrator] Narrator.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
IE: {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155087809784
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://www.vzwpix.com/activex/VerizonWirelessUploadControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} - hxxp://pictures05.aim.com/ygp/aol/plugin/upf/AOLUPF.en-US-AIM.9.5.1.8.cab
DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.3.1/jinstall-131_02-win.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1007
DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
DPF: {FF452CFC-7056-4A5D-A327-1DFEC8EDC82A} - hxxp://www.neptune.com/features/upload/ms40upld.ocx
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{34F7834C-F1EA-4369-8A1E-DC7B4C2D8FAA} : DHCPNameServer = 192.168.254.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.4.0\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
Notify: System - <no file>
AppInit_DLLs= c:\progra~1\google\google~2\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335
R? Lavasoft Kernexplorer;Lavasoft helper driver
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avglogx;AVG Logging Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgtp;avgtp
S? avgwd;AVG WatchDog
S? bzserv;Backblaze Service
S? GKUPRO2D;GKUPRO2D
S? MBAMProtector;MBAMProtector
S? MBAMScheduler;MBAMScheduler
S? MBAMService;MBAMService
S? MSSQL$SQLEXPRESSEFILM;SQL Server (SQLEXPRESSEFILM)
S? NPF;NetGroup Packet Filter Driver
S? vToolbarUpdater15.4.0;vToolbarUpdater15.4.0
.
=============== Created Last 30 ================
.
2013-08-01 12:25:07 -------- d--h--w- C:\.bzvol
2013-08-01 12:24:32 -------- d-----w- c:\program files\Backblaze
2013-08-01 12:24:32 -------- d-----w- c:\documents and settings\all users\application data\Backblaze
2013-07-30 16:58:10 -------- d-----w- c:\documents and settings\tammy drury\application data\AVG2013
2013-07-30 16:54:53 -------- d-----w- c:\documents and settings\tammy drury\local settings\application data\AVG SafeGuard toolbar
2013-07-30 16:54:29 -------- d-----w- c:\documents and settings\tammy drury\application data\AVG SafeGuard toolbar
2013-07-30 16:54:23 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-07-30 16:54:16 -------- d-----w- c:\documents and settings\all users\application data\AVG SafeGuard toolbar
2013-07-30 16:54:15 -------- d-----w- c:\program files\common files\AVG Secure Search
2013-07-30 16:54:13 -------- d-----w- c:\program files\AVG SafeGuard toolbar
2013-07-30 16:50:26 -------- d-----w- c:\documents and settings\all users\application data\AVG2013
2013-07-30 16:48:02 -------- d-----w- c:\program files\AVG
2013-07-30 16:43:11 -------- d-----w- c:\documents and settings\tammy drury\local settings\application data\MFAData
2013-07-30 16:43:11 -------- d-----w- c:\documents and settings\tammy drury\local settings\application data\Avg2013
2013-07-30 14:39:44 -------- d-----w- c:\program files\ESET
2013-07-27 15:02:31 -------- d-----w- c:\windows\ERUNT
2013-07-26 11:32:25 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-26 11:32:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-07-20 05:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-07-20 05:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-07-20 05:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 05:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-07-10 05:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
==================== Find3M  ====================
.
2013-06-11 23:55:52 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-11 23:55:51 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-08 03:55:44 385024 ------w- c:\windows\system32\html.iec
2013-06-07 21:56:06 920064 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:56:06 43520 ------w- c:\windows\system32\licmgr10.dll
2013-06-07 21:56:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-06-04 07:23:02 562688 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-05-28 22:48:06 252288 ----a-r- c:\windows\system32\cpnprt2.cid
2013-05-09 04:28:02 1543680 ------w- c:\windows\system32\wmvdecod.dll
2004-09-10 18:40:38 75264 ----a-w- c:\program files\DECCHECK.exe
2004-05-01 03:26:06 4442820 ----a-w- c:\program files\CountdownClock204.exe
2003-08-13 16:19:54 61440 ----a-w- c:\program files\mdMod1.dll
2002-06-21 17:33:06 24576 ----a-w- c:\program files\EnDeCrypt.dll
2000-07-15 05:00:00 139776 ----a-w- c:\program files\setup.exe
.
============= FINISH: 20:10:01.40 ===============
 

 

Attached File  attach.txt   28.01KB   2 downloads

 

Any help appreciated!

 

Tammy

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,701 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:28 PM

Posted 09 August 2013 - 07:30 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/503367 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 tmd598

tmd598
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:05:28 PM

Posted 10 August 2013 - 08:23 AM

I was referred here after being helped on the forum "Am I infected?"
 
My Internet Explorer began running extremely slow, and freezing and/or locking up on many site, much worse on Facebook.  When it does that, it takes forever and multiple attempts to close it.
 
On my own, I ran Malwarebytes and TDSSKiller, both of which did not detect anything.  I then posted on the "Am I infected?" forum.  I was advised, and these are the steps I have taken:
 
1.  Reset IE settings to default
2.  AdwCleaner
3. Junkware Removal Tool
4. Malwarebytes
5. Kaspersky Virus Removal Tool
6. Eset Online Anti-Virus Scanner
7. Ran IE with no Add-ons

In my original post I forgot to add that I keep getting boxes coming up that say "AVG has detected high memory usage by the following application: Internet Explorer  128MB", or sometimes it's 74MB, etc.  It's like something has hijacked my IE and is using all my resources to run it?
 
I think I have my original Windows CD; I have a CD from Dell that says "Reinstallation CD Microsoft Wi ndows XP Home Edition Including Service Pack 2".  I am assuming this is what you are referring to.
 
 
 
 
New DDS log:
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Tammy Drury at 9:12:28 on 2013-08-10
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.510.308 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Backblaze\bzserv.exe
C:\Program Files\Backblaze\bzbui.exe
C:\Program Files\CompuServe 7.0\cstray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\locator.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://www.hackerwatch.org/library/app/feedback/?Md5=941C699E5368FD53B1DBA70E489B51E9&hwid=C1BC18BA719CDB32
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://channels.aimtoday.com/search/aimtoolbar.jsp
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll
TB: AIM Search: {40D41A8B-D79B-43D7-99A7-9EE0F344C385} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AIM Search: {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll
EB: Real.com: {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\shdocvw.dll
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Backblaze] "c:\program files\backblaze\bzbui.exe" -quiet
mRun: [PCMService] "c:\program files\dell\media experience\PCMService.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVWSzItQUxZTUYtU0xLTFUtQVoyVUItNkdPS0ItSkhGTkg"&"inst=NzctNjE0MTg3NzM1LUZMKzktRjEwTSs1LVFJWDErNC1YMjAxMCsyLUYxME0xMEQrMS1MSUMrNzctRkwxMCsxLVNQMSsxLVNVRCsxLVMxSSsxLVNVMysxLUNJUCsyLUREVCsyODQxLUYxME0xMkFOKzEtRjEwTTEyQisxLVRMKzEtQ0lEMTArMy1DSUQrMTAtRjEwTTEzVis1LUYxME0xMysxLUYxME0xM0QrMi1GMTBNMTNJRCs2MTQxODc3MzUtQzEwVSsxMTEzLVRCQ1YrMQ"&"prod=90"&"ver=10.0.1430
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\compus~1.lnk - c:\program files\compuserve 7.0\cstray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
IE: {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155087809784
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://www.vzwpix.com/activex/VerizonWirelessUploadControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} - hxxp://pictures05.aim.com/ygp/aol/plugin/upf/AOLUPF.en-US-AIM.9.5.1.8.cab
DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.3.1/jinstall-131_02-win.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1007
DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
DPF: {FF452CFC-7056-4A5D-A327-1DFEC8EDC82A} - hxxp://www.neptune.com/features/upload/ms40upld.ocx
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{34F7834C-F1EA-4369-8A1E-DC7B4C2D8FAA} : DHCPNameServer = 192.168.254.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.4.0\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
Notify: System - <no file>
AppInit_DLLs= c:\progra~1\google\google~2\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-7-10 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-7-30 37664]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 bzserv;Backblaze Service;c:\program files\backblaze\bzserv.exe [2013-8-1 219240]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-7-26 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-7-26 701512]
R2 MSSQL$SQLEXPRESSEFILM;SQL Server (SQLEXPRESSEFILM);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2010-12-10 29293408]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088]
R3 GKUPRO2D;GKUPRO2D;c:\windows\system32\drivers\GKUPRO2D.sys [2012-11-5 90240]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-7-26 22856]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2005-11-13 30192]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
.
=============== Created Last 30 ================
.
2013-08-01 12:25:07 -------- d--h--w- C:\.bzvol
2013-08-01 12:24:32 -------- d-----w- c:\program files\Backblaze
2013-08-01 12:24:32 -------- d-----w- c:\documents and settings\all users\application data\Backblaze
2013-07-30 16:58:10 -------- d-----w- c:\documents and settings\tammy drury\application data\AVG2013
2013-07-30 16:54:53 -------- d-----w- c:\documents and settings\tammy drury\local settings\application data\AVG SafeGuard toolbar
2013-07-30 16:54:29 -------- d-----w- c:\documents and settings\tammy drury\application data\AVG SafeGuard toolbar
2013-07-30 16:54:23 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-07-30 16:54:16 -------- d-----w- c:\documents and settings\all users\application data\AVG SafeGuard toolbar
2013-07-30 16:54:15 -------- d-----w- c:\program files\common files\AVG Secure Search
2013-07-30 16:54:13 -------- d-----w- c:\program files\AVG SafeGuard toolbar
2013-07-30 16:50:26 -------- d-----w- c:\documents and settings\all users\application data\AVG2013
2013-07-30 16:48:02 -------- d-----w- c:\program files\AVG
2013-07-30 16:43:11 -------- d-----w- c:\documents and settings\tammy drury\local settings\application data\MFAData
2013-07-30 16:43:11 -------- d-----w- c:\documents and settings\tammy drury\local settings\application data\Avg2013
2013-07-30 14:39:44 -------- d-----w- c:\program files\ESET
2013-07-27 15:02:31 -------- d-----w- c:\windows\ERUNT
2013-07-26 11:32:25 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-26 11:32:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-07-20 05:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-07-20 05:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-07-20 05:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 05:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
.
==================== Find3M  ====================
.
2013-07-10 05:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-06-11 23:55:52 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-11 23:55:51 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-08 03:55:44 385024 ------w- c:\windows\system32\html.iec
2013-06-07 21:56:06 920064 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:56:06 43520 ------w- c:\windows\system32\licmgr10.dll
2013-06-07 21:56:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-06-04 07:23:02 562688 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-05-28 22:48:06 252288 ----a-r- c:\windows\system32\cpnprt2.cid
2004-09-10 18:40:38 75264 ----a-w- c:\program files\DECCHECK.exe
2004-05-01 03:26:06 4442820 ----a-w- c:\program files\CountdownClock204.exe
2003-08-13 16:19:54 61440 ----a-w- c:\program files\mdMod1.dll
2002-06-21 17:33:06 24576 ----a-w- c:\program files\EnDeCrypt.dll
2000-07-15 05:00:00 139776 ----a-w- c:\program files\setup.exe
.
============= FINISH:  9:14:57.81 ===============
 
 
 
Attach.txt log is zipped and attached to this post.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 12/28/2004 7:50:36 PM
System Uptime: 8/10/2013 7:31:15 AM (2 hours ago)
.
Motherboard: Dell Computer Corp. | | 0N6381
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 72 GiB total, 14.82 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2499: 5/10/2013 8:07:43 PM - System Checkpoint
RP2500: 5/11/2013 8:29:43 PM - System Checkpoint
RP2501: 5/12/2013 8:46:04 PM - System Checkpoint
RP2502: 5/14/2013 6:13:46 PM - System Checkpoint
RP2503: 5/15/2013 7:45:43 PM - System Checkpoint
RP2504: 5/15/2013 9:00:32 PM - Software Distribution Service 3.0
RP2505: 5/17/2013 7:53:27 PM - System Checkpoint
RP2506: 5/18/2013 8:54:46 PM - System Checkpoint
RP2507: 5/19/2013 10:17:06 PM - System Checkpoint
RP2508: 5/21/2013 12:31:32 PM - System Checkpoint
RP2509: 5/22/2013 12:36:54 PM - System Checkpoint
RP2510: 5/23/2013 1:19:29 PM - System Checkpoint
RP2511: 5/24/2013 1:22:09 PM - System Checkpoint
RP2512: 5/25/2013 2:57:50 PM - System Checkpoint
RP2513: 5/26/2013 3:52:03 PM - System Checkpoint
RP2514: 5/27/2013 4:14:44 PM - System Checkpoint
RP2515: 5/28/2013 4:41:35 PM - System Checkpoint
RP2516: 5/29/2013 9:32:24 PM - System Checkpoint
RP2517: 5/30/2013 9:41:15 PM - System Checkpoint
RP2518: 6/1/2013 8:57:44 AM - System Checkpoint
RP2519: 6/2/2013 9:48:01 AM - System Checkpoint
RP2520: 6/4/2013 4:44:25 PM - System Checkpoint
RP2521: 6/5/2013 8:04:41 PM - System Checkpoint
RP2522: 6/7/2013 8:02:43 PM - System Checkpoint
RP2523: 6/8/2013 9:55:03 PM - System Checkpoint
RP2524: 6/10/2013 7:54:25 PM - System Checkpoint
RP2525: 6/12/2013 8:10:23 PM - System Checkpoint
RP2526: 6/12/2013 9:00:37 PM - Software Distribution Service 3.0
RP2527: 6/12/2013 10:39:14 PM - Software Distribution Service 3.0
RP2528: 6/13/2013 10:03:48 AM - Installed Microsoft Office Word Viewer 2003
RP2529: 6/13/2013 1:48:39 PM - Software Distribution Service 3.0
RP2530: 6/16/2013 4:55:07 PM - System Checkpoint
RP2531: 6/16/2013 9:02:45 PM - Software Distribution Service 3.0
RP2532: 6/17/2013 9:00:28 PM - Software Distribution Service 3.0
RP2533: 6/18/2013 9:00:43 PM - Software Distribution Service 3.0
RP2534: 6/19/2013 9:00:29 PM - Software Distribution Service 3.0
RP2535: 6/19/2013 11:03:19 PM - Software Distribution Service 3.0
RP2536: 7/6/2013 5:25:43 PM - System Checkpoint
RP2537: 7/7/2013 6:47:26 PM - System Checkpoint
RP2538: 7/11/2013 1:58:13 PM - System Checkpoint
RP2539: 7/11/2013 9:07:49 PM - Software Distribution Service 3.0
RP2540: 7/13/2013 10:22:05 AM - Software Distribution Service 3.0
RP2541: 7/15/2013 8:24:02 AM - System Checkpoint
RP2542: 7/16/2013 11:35:08 AM - System Checkpoint
RP2543: 7/17/2013 11:39:14 AM - System Checkpoint
RP2544: 7/18/2013 4:10:10 PM - System Checkpoint
RP2545: 7/19/2013 5:43:36 PM - System Checkpoint
RP2546: 7/20/2013 6:12:27 PM - System Checkpoint
RP2547: 7/21/2013 8:16:30 PM - System Checkpoint
RP2548: 7/22/2013 9:09:46 PM - System Checkpoint
RP2549: 7/24/2013 8:46:38 AM - System Checkpoint
RP2550: 7/26/2013 9:24:57 AM - System Checkpoint
RP2551: 7/27/2013 10:03:38 AM - System Checkpoint
RP2552: 7/27/2013 10:21:55 AM - Installed Microsoft Fix it 50195
RP2553: 7/28/2013 11:16:26 AM - System Checkpoint
RP2554: 7/28/2013 1:30:27 PM - Software Distribution Service 3.0
RP2555: 7/30/2013 8:52:26 AM - System Checkpoint
RP2556: 7/30/2013 12:48:01 PM - Installed AVG 2013
RP2557: 7/30/2013 12:49:21 PM - Installed AVG 2013
RP2558: 7/31/2013 6:04:13 PM - System Checkpoint
RP2559: 7/31/2013 7:29:20 PM - Software Distribution Service 3.0
RP2560: 8/1/2013 9:09:31 PM - System Checkpoint
RP2561: 8/2/2013 10:41:00 PM - System Checkpoint
RP2562: 8/3/2013 11:26:30 PM - System Checkpoint
RP2563: 8/5/2013 12:26:31 AM - System Checkpoint
RP2564: 8/6/2013 12:58:22 AM - System Checkpoint
RP2565: 8/7/2013 6:27:14 AM - System Checkpoint
RP2566: 8/8/2013 7:03:10 AM - System Checkpoint
RP2567: 8/9/2013 7:05:35 AM - System Checkpoint
.
==== Installed Programs ======================
.
1400
1400_Help
1400Trb
Acrobat.com
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Reader 9
AIM "You've Got Pictures" Picture Finder Plugin v9.5.1.8
AIM 6
AIM Toolbar
AiO_Scan
AiOSoftware
Amazon Kindle
Amazon MP3 Downloader 1.0.10
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 5
AVG 2013
Backblaze
Banctec Service Agreement
Bonjour
BufferChm
calibre
CompuServe
CompuServe Dialer
Conexant D850 56K V.9x DFVc Modem
Countdown Clock 2.0.4
Coupon Printer for Windows
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Media Experience
Dell Photo Printer 720
Dell Support Center (Support Software)
DellSupport
Destinations
DeviceManagementQFolder
Digimax 530 5100
Digital Line Detect
DocProc
EarthLink setup files
Efficient Networks SpeedStream DSL
ESET Online Scanner v3
eSupportQFolder
Fax
File Uploader
GdiplusUpgrade
Get High Speed Internet!
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Extended Capabilities 5.3
HP Image Zone Express
HP Imaging Device Functions 5.3
HP Photo Creations
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HPProductAssistant
Intel® Extreme Graphics 2 Driver
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections
Internet Explorer Default Page
iPod for Windows 2006-03-23
iTunes
J2SE Runtime Environment 5.0 Update 6
Jasc Paint Shop Photo Album
Jasc Paint Shop Photo Album 5
Java 2 Runtime Environment Standard Edition v1.3.1_02
Java 2 Runtime Environment, SE v1.4.2_03
Learn2 Player (Uninstall Only)
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Word Viewer 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Publisher 2002
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESSEFILM)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft Word 2000
Microsoft Works
Modem Helper
Move Media Player
MSN
MSN Messenger 7.5
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser
Musicmatch for Windows Media Player
Musicmatch® Jukebox
My Way Search Assistant
NetLibrary Media Center
NetWaiting
NetZeroInstallers
NewCopy
Nikon Message Center
Nikon Transfer
OneClickdigital Media Manager
OverDrive Media Console
PhotoShow Express
Picture Control Utility
PrintMaster Gold 4.00
ProductContext
QuickTime
Readme
RealPlayer
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SolutionCenter
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
SoundMAX
Status
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
ViewNX
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Watchtower Library 2010 - English
WebFldrs XP
WebReg
Webshots Desktop
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
WinPcap 4.1.2
WordPerfect Office 12
.
==== End Of File ===========================

Attached Files


Edited by Oh My, 12 August 2013 - 09:15 PM.
Posted Attach log


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,030 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:28 PM

Posted 12 August 2013 - 08:57 PM

Greetings Tammy and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please run this program for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 tmd598

tmd598
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:05:28 PM

Posted 13 August 2013 - 04:39 PM

Hello Gary, and thank you. I am very patient, and I have not done and will not do anything to my computer unless advised here.

 

FRST results:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-08-2013 01
Ran by Tammy Drury (administrator) on 13-08-2013 17:27:56
Running from C:\Documents and Settings\Tammy Drury\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE
(Lexmark International, Inc.) C:\WINDOWS\system32\LEXPPS.EXE
(Microsoft Corporation) C:\WINDOWS\System32\SCardSvr.exe
(America Online, Inc.) C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Backblaze\bzserv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(CyberLink Corp.) C:\Program Files\Dell\Media Experience\PCMService.exe
(Sonic Solutions) C:\WINDOWS\system32\dla\tfswctrl.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(Nikon Corporation) C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files\Backblaze\bzbui.exe
(CompuServe Interactive Services, Inc.) C:\Program Files\CompuServe 7.0\cstray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Microsoft Corporation) C:\WINDOWS\system32\locator.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PCMService] - C:\Program Files\Dell\Media Experience\PCMService.exe [290816 2004-04-11] (CyberLink Corp.)
HKLM\...\Run: [dla] - C:\WINDOWS\system32\dla\tfswctrl.exe [127035 2004-11-16] (Sonic Solutions)
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-16] (Google)
HKLM\...\Run: [dscactivate] - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2007-11-15] ( )
HKLM\...\Run: [DellSupportCenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM\...\Run: [Nikon Transfer Monitor] - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [479232 2009-09-15] (Nikon Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2285232 2013-07-30] ()
HKLM\...\Runonce: [AvgUninstallURL] - cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVWSzItQUxZTUYtU0xLTFUtQVoyVUItNkdPS0ItSkhGTkg"&"inst=NzctNjE0MTg3NzM1LUZMKzktRjEwTSs1LVFJWDErNC1YMjAxMCsyLUYxME0xMEQrMS1MSUMrNzctRkwxMCsxLVNQMSsxLVNVRCsxLVMxSSsxLVNVMysxLUNJUCsyLUREVCsyODQxLUYxME0xMkFOKzEtRjEwTTEyQisxLVRMKzEtQ0lEMTArMy1DSUQrMTAtRjEwTTEzVis1LUYxME0xMysxLUYxME0xM0QrMi1GMTBNMTNJRCs2MTQxODc3MzUtQzEwVSsxMTEzLVRCQ1YrMQ"&"prod=90"&"ver=10.0.1430 [x]
Winlogon\Notify\System:
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [DellSupportCenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKCU\...\Run: [Backblaze] - C:\Program Files\Backblaze\bzbui.exe [494696 2013-08-01] ()
HKU\Administrator\...\Run: [DellSupport] - C:\Program Files\DellSupport\DSAgnt.exe [ 2007-03-15] (Gteko Ltd.)
HKU\Default User\...\Run: [DellSupport] - C:\Program Files\DellSupport\DSAgnt.exe [ 2007-03-15] (Gteko Ltd.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CompuServe 7.0 Tray Icon.lnk
ShortcutTarget: CompuServe 7.0 Tray Icon.lnk -> C:\Program Files\CompuServe 7.0\cstray.exe (CompuServe Interactive Services, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
BootExecute: "autocheck autochk /p \??\C:".困ϩҰNo information available>困ϩҰSupportSoft Agent Servicee困ϩҰAdobeFlashPlayerUpdateSvce困ϩҰLexmark International, Inc.困ϩҰMicrosoft® .NET Frameworke困ϩҰQuickTime 7.6.9 (1680.9)3SMe[1].htmsⶡÎҰîThis security update is for Microsoft .NET Framework 3.5 SP1.If you later install a more recent service pack, this security update will be uninstalled automatically.For more information, visit http://support.microsoft.com/kb/2736416.804576.gned to㇁Î9DB8570D-FAB0-445E-AA3B-40549BE876F4C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {6F54641C-941D-4261-BA61-3453BE365037} URL =
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={0EDB88B1-A55E-428F-B9E4-EC67C83C8985}&mid=54d2f0f6bce47ef8b04dae742d935d5f-61b9d6ad12b4d5de404b0fc16f8bd669577986ad&lang=en&ds=AVG&pr=fr&d=2013-07-30 12:54:27&v=15.4.0.5&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} -  No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU -AIM Search - {40D41A8B-D79B-43D7-99A7-9EE0F344C385} -  No File
Toolbar: HKCU -No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU -No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155087809784
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://www.vzwpix.com/activex/VerizonWirelessUploadControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} http://pictures05.aim.com/ygp/aol/plugin/upf/AOLUPF.en-US-AIM.9.5.1.8.cab
DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/jinstall-131_02-win.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1007
DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
DPF: {FF452CFC-7056-4A5D-A327-1DFEC8EDC82A} http://www.neptune.com/features/upload/ms40upld.ocx
Handler: ipp - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.dll (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks:  - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -  No File [ ]
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Tammy Drury\Application Data\Mozilla\Firefox\Profiles\qr6pm1xi.default
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @movenetworks.com/Quantum Media Player - C:\Documents and Settings\Tammy Drury\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF Plugin: @real.com/nppl3260;version=6.0.11.2105 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2163 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1212 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Documents and Settings\Tammy Drury\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF SearchPlugin: C:\Documents and Settings\Tammy Drury\Application Data\Mozilla\Firefox\Profiles\qr6pm1xi.default\searchplugins\aim-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
FF Extension: No Name - C:\Documents and Settings\Tammy Drury\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Documents and Settings\Tammy Drury\Application Data\Mozilla\Firefox\Profiles\qr6pm1xi.default\Extensions\staged-xpis
FF Extension: No Name - C:\Documents and Settings\Tammy Drury\Application Data\Mozilla\Firefox\Profiles\qr6pm1xi.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: iMacros for Firefox - C:\Documents and Settings\Tammy Drury\Application Data\Mozilla\Firefox\Profiles\qr6pm1xi.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
FF Extension: AIM Toolbar - C:\Documents and Settings\Tammy Drury\Application Data\Mozilla\Firefox\Profiles\qr6pm1xi.default\Extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKCU\...\Firefox\Extensions: [moveplayer@movenetworks.com] C:\Documents and Settings\Tammy Drury\Application Data\Move Networks
FF Extension: Move Media Player - C:\Documents and Settings\Tammy Drury\Application Data\Move Networks

========================== Services (Whitelisted) =================

S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AOL ACS; C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe [1135728 2004-04-07] (America Online, Inc.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
R2 bzserv; C:\Program Files\Backblaze\bzserv.exe [219240 2013-08-01] ()
S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-16] (Google)
R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [311296 2004-03-04] (Lexmark International, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESSEFILM; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [143360 2003-12-17] (Intel® Corporation)
S4 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-13] (SupportSoft, Inc.)
R2 vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [1616048 2013-07-30] (AVG Secure Search)
S2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2001-09-25] (America Online, Inc.)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]
S4 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-03-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-07-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-07-30] (AVG Technologies)
R2 drvnddm; C:\Windows\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions)
S3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.)
S3 ENETHUSB; C:\Windows\System32\DRIVERS\enethusb.sys [28005 2003-05-14] (Efficient Networks, Inc.)
R3 GKUPRO2D; C:\Windows\System32\DRIVERS\GKUPRO2D.sys [90240 2012-11-05] (Gemalto)
R3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2005-10-22] (HP)
R3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2005-10-22] (HP)
R3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21744 2005-03-08] (HP)
R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1302332 2005-09-20] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
R3 senfilt; C:\Windows\System32\drivers\senfilt.sys [381056 2004-04-26] (Sensaura)
R1 sscdbhk5; C:\Windows\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions)
R1 ssrtln; C:\Windows\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions)
R2 tfsnboio; C:\Windows\System32\dla\tfsnboio.sys [25883 2004-11-16] (Sonic Solutions)
R2 tfsncofs; C:\Windows\System32\dla\tfsncofs.sys [34843 2004-11-16] (Sonic Solutions)
R2 tfsndrct; C:\Windows\System32\dla\tfsndrct.sys [4123 2004-11-16] (Sonic Solutions)
R2 tfsndres; C:\Windows\System32\dla\tfsndres.sys [2239 2004-11-16] (Sonic Solutions)
R2 tfsnifs; C:\Windows\System32\dla\tfsnifs.sys [86554 2004-11-16] (Sonic Solutions)
R2 tfsnopio; C:\Windows\System32\dla\tfsnopio.sys [15227 2004-11-16] (Sonic Solutions)
R2 tfsnpool; C:\Windows\System32\dla\tfsnpool.sys [6363 2004-11-16] (Sonic Solutions)
R2 tfsnudf; C:\Windows\System32\dla\tfsnudf.sys [98714 2004-11-16] (Sonic Solutions)
R2 tfsnudfa; C:\Windows\System32\dla\tfsnudfa.sys [100603 2004-11-16] (Sonic Solutions)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [28396 2001-09-27] (America Online, Inc.)
S3 bvrp_pci; No ImagePath
U2 CertPropSvc;
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-08-13 17:26 - 2013-08-13 17:26 - 01068613 _____ (Farbar) C:\Documents and Settings\Tammy Drury\Desktop\FRST.exe
2013-08-13 17:24 - 2013-08-13 17:24 - 01575274 _____ (Farbar) C:\Documents and Settings\Tammy Drury\Desktop\FRST64.exe
2013-08-10 09:15 - 2013-08-10 09:15 - 00025708 _____ C:\Documents and Settings\Tammy Drury\Desktop\attach2.txt
2013-08-10 09:15 - 2013-08-10 09:15 - 00014136 _____ C:\Documents and Settings\Tammy Drury\Desktop\dds2.txt
2013-08-04 20:10 - 2013-08-10 09:15 - 00025708 _____ C:\Documents and Settings\Tammy Drury\Desktop\attach.txt
2013-08-04 20:10 - 2013-08-10 09:14 - 00014136 _____ C:\Documents and Settings\Tammy Drury\Desktop\dds.txt
2013-08-04 20:03 - 2013-08-04 20:03 - 00688992 ____R (Swearware) C:\Documents and Settings\Tammy Drury\Desktop\dds.com
2013-08-01 08:25 - 2013-08-01 08:25 - 00000000 ___HD C:\.bzvol
2013-08-01 08:24 - 2013-08-01 08:24 - 00000000 ____D C:\Program Files\Backblaze
2013-08-01 08:24 - 2013-08-01 08:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Backblaze
2013-07-30 12:58 - 2013-07-30 12:58 - 00000000 ____D C:\Documents and Settings\Tammy Drury\Application Data\AVG2013
2013-07-30 12:54 - 2013-07-30 12:59 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
2013-07-30 12:54 - 2013-07-30 12:54 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
2013-07-30 12:54 - 2013-07-30 12:54 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2013-07-30 12:54 - 2013-07-30 12:54 - 00000000 ____D C:\Program Files\AVG SafeGuard toolbar
2013-07-30 12:54 - 2013-07-30 12:54 - 00000000 ____D C:\Documents and Settings\Tammy Drury\Local Settings\Application Data\AVG SafeGuard toolbar
2013-07-30 12:54 - 2013-07-30 12:54 - 00000000 ____D C:\Documents and Settings\Tammy Drury\Application Data\AVG SafeGuard toolbar
2013-07-30 12:54 - 2013-07-30 12:53 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2013-07-30 12:50 - 2013-07-30 12:56 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2013
2013-07-30 12:48 - 2013-07-30 12:48 - 00000000 ____D C:\Program Files\AVG
2013-07-30 12:43 - 2013-07-30 16:05 - 00000000 ____D C:\Documents and Settings\Tammy Drury\Local Settings\Application Data\Avg2013
2013-07-30 12:43 - 2013-07-30 12:43 - 00000000 ____D C:\Documents and Settings\Tammy Drury\Local Settings\Application Data\MFAData
2013-07-30 12:32 - 2013-07-30 12:32 - 00000086 _____ C:\Documents and Settings\Tammy Drury\Desktop\ESETScan.txt
2013-07-30 10:39 - 2013-07-30 10:39 - 00000000 ____D C:\Program Files\ESET
2013-07-29 18:03 - 2013-07-29 18:04 - 177123520 _____ C:\Documents and Settings\Tammy Drury\Desktop\setup_11.0.0.1245.x01_2013_07_23_10_15.exe
2013-07-28 13:25 - 2013-07-28 13:27 - 00291048 _____ C:\Documents and Settings\Tammy Drury\My Documents\AVSDK5_UNINST.LOG
2013-07-27 11:11 - 2013-07-27 11:11 - 00001761 _____ C:\Documents and Settings\Tammy Drury\Desktop\JRT.txt
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\WINDOWS\ERUNT
2013-07-27 11:01 - 2013-07-27 11:01 - 00561198 _____ (Oleg N. Scherbakov) C:\Documents and Settings\Tammy Drury\Desktop\JRT.exe
2013-07-27 10:51 - 2013-07-27 10:51 - 00008577 _____ C:\Documents and Settings\Tammy Drury\Desktop\AdwCleaner[S1].txt
2013-07-27 10:43 - 2013-07-27 10:44 - 00008577 _____ C:\AdwCleaner[S1].txt
2013-07-27 10:41 - 2013-07-27 10:41 - 00008323 _____ C:\Documents and Settings\Tammy Drury\Desktop\AdwCleaner[R2].txt
2013-07-27 10:39 - 2013-07-27 10:39 - 00008323 _____ C:\AdwCleaner[R2].txt
2013-07-27 10:34 - 2013-07-27 10:34 - 00008263 _____ C:\Documents and Settings\Tammy Drury\Desktop\AdwCleaner[R1].txt
2013-07-27 10:32 - 2013-07-27 10:33 - 00008263 _____ C:\AdwCleaner[R1].txt
2013-07-26 07:32 - 2013-07-26 07:32 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-26 07:32 - 2013-07-26 07:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-07-26 07:32 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-07-26 07:31 - 2013-07-26 07:31 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Documents and Settings\Tammy Drury\Desktop\mbam-setup-1.75.0.1300.exe
2013-07-20 01:51 - 2013-07-20 01:51 - 00246072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00208184 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00171320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00060216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys
2013-07-17 18:17 - 2013-07-17 18:17 - 00006144 _____ C:\Documents and Settings\Tammy Drury\My Documents\WK17XXXX

==================== One Month Modified Files and Folders =======

2013-08-13 17:27 - 2013-08-13 17:27 - 00000000 ____D C:\FRST
2013-08-13 17:26 - 2013-08-13 17:26 - 01068613 _____ (Farbar) C:\Documents and Settings\Tammy Drury\Desktop\FRST.exe
2013-08-13 17:24 - 2013-08-13 17:24 - 01575274 _____ (Farbar) C:\Documents and Settings\Tammy Drury\Desktop\FRST64.exe
2013-08-13 17:08 - 2010-11-10 20:31 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2013-08-13 17:01 - 2011-02-26 12:04 - 00000344 _____ C:\WINDOWS\Tasks\HP Photo Creations Messager.job
2013-08-13 16:57 - 2004-12-17 04:53 - 01538618 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-13 16:57 - 2004-08-10 15:04 - 00000768 _____ C:\WINDOWS\WIN.INI
2013-08-13 16:56 - 2012-06-17 09:14 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-13 16:56 - 2004-12-17 04:39 - 00000000 ____D C:\WINDOWS\Registration
2013-08-13 16:55 - 2004-08-10 14:59 - 00000159 _____ C:\WINDOWS\WIADEBUG.LOG
2013-08-13 16:55 - 2004-08-10 14:59 - 00000000 _____ C:\WINDOWS\WIASERVC.LOG
2013-08-13 16:53 - 2009-12-24 21:51 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-13 16:52 - 2004-12-17 04:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-13 07:57 - 2004-12-17 04:53 - 00032546 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-13 07:56 - 2004-12-28 20:51 - 00000178 ___SH C:\Documents and Settings\Tammy Drury\NTUSER.INI
2013-08-13 07:52 - 2009-12-24 21:51 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-13 07:10 - 2009-08-12 19:17 - 00000000 ____D C:\Program Files\CompuServe 7.0
2013-08-10 09:15 - 2013-08-10 09:15 - 00025708 _____ C:\Documents and Settings\Tammy Drury\Desktop\attach2.txt
2013-08-10 09:15 - 2013-08-10 09:15 - 00014136 _____ C:\Documents and Settings\Tammy Drury\Desktop\dds2.txt
2013-08-10 09:15 - 2013-08-04 20:10 - 00025708 _____ C:\Documents and Settings\Tammy Drury\Desktop\attach.txt
2013-08-10 09:14 - 2013-08-04 20:10 - 00014136 _____ C:\Documents and Settings\Tammy Drury\Desktop\dds.txt
2013-08-09 20:50 - 2013-01-05 22:45 - 00015872 _____ C:\Documents and Settings\Tammy Drury\My Documents\BooksReadJan-Dec2013.wdb
2013-08-09 20:50 - 2006-03-02 11:43 - 00003010 _____ C:\Documents and Settings\Tammy Drury\Application Data\wklnhst.dat
2013-08-05 15:48 - 2011-07-09 16:18 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-08-04 20:03 - 2013-08-04 20:03 - 00688992 ____R (Swearware) C:\Documents and Settings\Tammy Drury\Desktop\dds.com
2013-08-01 08:25 - 2013-08-01 08:25 - 00000000 ___HD C:\.bzvol
2013-08-01 08:24 - 2013-08-01 08:24 - 00000000 ____D C:\Program Files\Backblaze
2013-08-01 08:24 - 2013-08-01 08:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Backblaze
2013-07-30 16:05 - 2013-07-30 12:43 - 00000000 ____D C:\Documents and Settings\Tammy Drury\Local Settings\Application Data\Avg2013
2013-07-30 12:59 - 2013-07-30 12:54 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
2013-07-30 12:58 - 2013-07-30 12:58 - 00000000 ____D C:\Documents and Settings\Tammy Drury\Application Data\AVG2013
2013-07-30 12:56 - 2013-07-30 12:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2013
2013-07-30 12:54 - 2013-07-30 12:54 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
2013-07-30 12:54 - 2013-07-30 12:54 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2013-07-30 12:54 - 2013-07-30 12:54 - 00000000 ____D C:\Program Files\AVG SafeGuard toolbar
2013-07-30 12:54 - 2013-07-30 12:54 - 00000000 ____D C:\Documents and Settings\Tammy Drury\Local Settings\Application Data\AVG SafeGuard toolbar
2013-07-30 12:54 - 2013-07-30 12:54 - 00000000 ____D C:\Documents and Settings\Tammy Drury\Application Data\AVG SafeGuard toolbar
2013-07-30 12:53 - 2013-07-30 12:54 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2013-07-30 12:53 - 2011-04-14 01:33 - 00323172 _____ C:\WINDOWS\setupapi.log
2013-07-30 12:50 - 2010-08-03 20:08 - 00000000 ___HD C:\$AVG
2013-07-30 12:48 - 2013-07-30 12:48 - 00000000 ____D C:\Program Files\AVG
2013-07-30 12:43 - 2013-07-30 12:43 - 00000000 ____D C:\Documents and Settings\Tammy Drury\Local Settings\Application Data\MFAData
2013-07-30 12:39 - 2004-12-17 04:51 - 00002206 _____ C:\WINDOWS\system32\WPA.DBL
2013-07-30 12:32 - 2013-07-30 12:32 - 00000086 _____ C:\Documents and Settings\Tammy Drury\Desktop\ESETScan.txt
2013-07-30 10:39 - 2013-07-30 10:39 - 00000000 ____D C:\Program Files\ESET
2013-07-29 21:01 - 2004-12-28 20:51 - 00000000 ____D C:\Documents and Settings\Tammy Drury
2013-07-29 18:04 - 2013-07-29 18:03 - 177123520 _____ C:\Documents and Settings\Tammy Drury\Desktop\setup_11.0.0.1245.x01_2013_07_23_10_15.exe
2013-07-28 13:33 - 2013-07-11 23:05 - 00157751 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-28 13:33 - 2013-04-09 19:38 - 00262144 _____ C:\WINDOWS\system32\config\iolo App.evt
2013-07-28 13:27 - 2013-07-28 13:25 - 00291048 _____ C:\Documents and Settings\Tammy Drury\My Documents\AVSDK5_UNINST.LOG
2013-07-28 08:14 - 2013-04-10 20:29 - 00000408 _____ C:\WINDOWS\system32\iolo.ini
2013-07-28 08:14 - 2013-04-10 20:29 - 00000392 _____ C:\WINDOWS\system32\iolo.ini.txt
2013-07-27 11:11 - 2013-07-27 11:11 - 00001761 _____ C:\Documents and Settings\Tammy Drury\Desktop\JRT.txt
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\WINDOWS\ERUNT
2013-07-27 11:01 - 2013-07-27 11:01 - 00561198 _____ (Oleg N. Scherbakov) C:\Documents and Settings\Tammy Drury\Desktop\JRT.exe
2013-07-27 10:51 - 2013-07-27 10:51 - 00008577 _____ C:\Documents and Settings\Tammy Drury\Desktop\AdwCleaner[S1].txt
2013-07-27 10:44 - 2013-07-27 10:43 - 00008577 _____ C:\AdwCleaner[S1].txt
2013-07-27 10:41 - 2013-07-27 10:41 - 00008323 _____ C:\Documents and Settings\Tammy Drury\Desktop\AdwCleaner[R2].txt
2013-07-27 10:39 - 2013-07-27 10:39 - 00008323 _____ C:\AdwCleaner[R2].txt
2013-07-27 10:34 - 2013-07-27 10:34 - 00008263 _____ C:\Documents and Settings\Tammy Drury\Desktop\AdwCleaner[R1].txt
2013-07-27 10:33 - 2013-07-27 10:32 - 00008263 _____ C:\AdwCleaner[R1].txt
2013-07-26 07:32 - 2013-07-26 07:32 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-26 07:32 - 2013-07-26 07:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-07-26 07:31 - 2013-07-26 07:31 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Documents and Settings\Tammy Drury\Desktop\mbam-setup-1.75.0.1300.exe
2013-07-25 08:32 - 2005-01-13 08:48 - 00002473 _____ C:\Documents and Settings\Tammy Drury\Desktop\Microsoft Word.lnk
2013-07-20 01:51 - 2013-07-20 01:51 - 00246072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00208184 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00171320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2013-07-20 01:50 - 2013-07-20 01:50 - 00060216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys
2013-07-18 15:51 - 2012-01-12 13:06 - 00006144 _____ C:\Documents and Settings\Tammy Drury\My Documents\apptbooktemplate2.wdb
2013-07-18 15:51 - 2012-01-12 13:06 - 00006144 _____ C:\Documents and Settings\Tammy Drury\My Documents\apptbooktemplate.wdb
2013-07-17 18:17 - 2013-07-17 18:17 - 00006144 _____ C:\Documents and Settings\Tammy Drury\My Documents\WK17XXXX

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

 

Addition log:

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-08-2013 01
Ran by Tammy Drury at 2013-08-13 17:30:58
Running from C:\Documents and Settings\Tammy Drury\Desktop
Boot Mode: Normal
==========================================================

==================== Installed Programs =======================

1400 (Version: 50.0.206.000)
1400_Help (Version: 50.0.206.000)
1400Trb (Version: 50.0.206.000)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Reader 9 (Version: 9.0.0)
AIM "You've Got Pictures" Picture Finder Plugin v9.5.1.8
AIM 6
AIM Toolbar
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
Amazon Kindle
Amazon MP3 Downloader 1.0.10
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Panorama Maker 5 (Version: 5.0.1.25)
AVG 2013 (Version: 13.0.3211)
AVG 2013 (Version: 13.0.3392)
AVG 2013 (Version: 2013.0.3392)
Backblaze
Banctec Service Agreement (Version: 1.10.0000)
Bonjour (Version: 2.0.5.0)
BufferChm (Version: 53.0.13.000)
calibre (Version: 0.8.38)
CompuServe Dialer
Conexant D850 56K V.9x DFVc Modem
Countdown Clock 2.0.4
Coupon Printer for Windows (Version: 5.0.0.1)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder (Version: 1.00.0000)
Dell Digital Jukebox Driver
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Media Experience
Dell Photo Printer 720
Dell Support Center (Support Software) (Version: 2.2.09085)
DellSupport (Version: 6.0.3062)
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digimax 530 5100
Digital Line Detect (Version: 1.10)
DocProc (Version: 5.2.0.0)
EarthLink setup files (Version: 2005.1.47.0)
Efficient Networks SpeedStream DSL
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 50.0.206.000)
File Uploader (Version: 1.2.5)
GdiplusUpgrade (Version: 1.00.01)
Get High Speed Internet! (Version: 1.00.0000)
Google Desktop (Version: 5.9.1005.12335)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.153)
HP Extended Capabilities 5.3 (Version: 5.3)
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP Photo Creations (Version: 1.0.0.5192)
HP PSC & OfficeJet 5.3.B
HP Software Update (Version: 3.0.5.001)
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HPProductAssistant (Version: 53.0.13.000)
Intel® Extreme Graphics 2 Driver (Version: 6.14.10.4396)
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections (Version: 8.00.5000)
Internet Explorer Default Page (Version: 1.00.03)
iPod for Windows 2006-03-23 (Version: 4.7.0)
iTunes (Version: 10.3.1.55)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Jasc Paint Shop Photo Album (Version: 4.0.4)
Jasc Paint Shop Photo Album 5 (Version: 5.1.0)
Java 2 Runtime Environment Standard Edition v1.3.1_02
Java 2 Runtime Environment, SE v1.4.2_03 (Version: 1.4.2_03)
Learn2 Player (Uninstall Only)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 53.0.13.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Publisher 2002 (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESSEFILM) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft Word 2000 (Version: 9.00.2720)
Microsoft Works (Version: 08.04.0623)
Modem Helper (Version: 2.25)
Move Media Player
MSN
MSN Messenger 7.5 (Version: 7.5.0324.0)
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (Version: 6.10.1129.0)
Musicmatch for Windows Media Player (Version: 0.00.000)
Musicmatch® Jukebox (Version: 9.00.5100)
My Way Search Assistant (Version: 1.0.256)
NetLibrary Media Center (Version: 1.2.52.3)
NetWaiting (Version: 2.5.12)
NetZeroInstallers (Version: 1.0.0)
NewCopy (Version: 50.0.206.000)
Nikon Message Center (Version: 0.92.000)
Nikon Transfer (Version: 1.5.3)
OneClickdigital Media Manager (Version: 50.0.0.0)
OverDrive Media Console (Version: 3.1.1)
PhotoShow Express (Version: 3.0)
Picture Control Utility (Version: 1.1.9)
PrintMaster Gold 4.00
ProductContext (Version: 50.0.206.000)
QuickTime (Version: 7.69.80.9)
Readme (Version: 50.0.206.000)
RealPlayer
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
SolutionCenter (Version: 50.0.152.000)
Sonic DLA (Version: 4.95.3)
Sonic RecordNow! (Version: 7.3)
Sonic Update Manager (Version: 2.9)
SoundMAX (Version: 5.12.01.5211)
Status (Version: 53.0.13.000)
TrayApp (Version: 53.0.13.000)
Unload (Version: 5.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
ViewNX (Version: 1.5.2)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Watchtower Library 2010 - English (Version: 12.0)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Webshots Desktop
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WordPerfect Office 12 (Version: 12.0.0.238)
 

==================== Restore Points  =========================

14-05-2013 22:13:46 System Checkpoint
15-05-2013 23:45:43 System Checkpoint
16-05-2013 01:00:32 Software Distribution Service 3.0
17-05-2013 23:53:27 System Checkpoint
19-05-2013 00:54:46 System Checkpoint
20-05-2013 02:17:06 System Checkpoint
21-05-2013 16:31:32 System Checkpoint
22-05-2013 16:36:54 System Checkpoint
23-05-2013 17:19:29 System Checkpoint
24-05-2013 17:22:09 System Checkpoint
25-05-2013 18:57:50 System Checkpoint
26-05-2013 19:52:03 System Checkpoint
27-05-2013 20:14:44 System Checkpoint
28-05-2013 20:41:35 System Checkpoint
30-05-2013 01:32:24 System Checkpoint
31-05-2013 01:41:15 System Checkpoint
01-06-2013 12:57:44 System Checkpoint
02-06-2013 13:48:01 System Checkpoint
04-06-2013 20:44:25 System Checkpoint
06-06-2013 00:04:41 System Checkpoint
08-06-2013 00:02:43 System Checkpoint
09-06-2013 01:55:03 System Checkpoint
10-06-2013 23:54:25 System Checkpoint
13-06-2013 00:10:23 System Checkpoint
13-06-2013 01:00:37 Software Distribution Service 3.0
13-06-2013 02:39:14 Software Distribution Service 3.0
13-06-2013 14:03:48 Installed Microsoft Office Word Viewer 2003
13-06-2013 17:48:39 Software Distribution Service 3.0
16-06-2013 20:55:07 System Checkpoint
17-06-2013 01:02:45 Software Distribution Service 3.0
18-06-2013 01:00:28 Software Distribution Service 3.0
19-06-2013 01:00:43 Software Distribution Service 3.0
20-06-2013 01:00:29 Software Distribution Service 3.0
20-06-2013 03:03:19 Software Distribution Service 3.0
06-07-2013 21:25:43 System Checkpoint
07-07-2013 22:47:26 System Checkpoint
11-07-2013 17:58:13 System Checkpoint
12-07-2013 01:07:49 Software Distribution Service 3.0
13-07-2013 14:22:05 Software Distribution Service 3.0
15-07-2013 12:24:02 System Checkpoint
16-07-2013 15:35:08 System Checkpoint
17-07-2013 15:39:14 System Checkpoint
18-07-2013 20:10:10 System Checkpoint
19-07-2013 21:43:36 System Checkpoint
20-07-2013 22:12:27 System Checkpoint
22-07-2013 00:16:30 System Checkpoint
23-07-2013 01:09:46 System Checkpoint
24-07-2013 12:46:38 System Checkpoint
26-07-2013 13:24:57 System Checkpoint
27-07-2013 14:03:38 System Checkpoint
27-07-2013 14:21:55 Installed Microsoft Fix it 50195
28-07-2013 15:16:26 System Checkpoint
28-07-2013 17:30:27 Software Distribution Service 3.0
30-07-2013 12:52:26 System Checkpoint
30-07-2013 16:48:01 Installed AVG 2013
30-07-2013 16:49:21 Installed AVG 2013
31-07-2013 22:04:13 System Checkpoint
31-07-2013 23:29:20 Software Distribution Service 3.0
02-08-2013 01:09:31 System Checkpoint
03-08-2013 02:41:00 System Checkpoint
04-08-2013 03:26:30 System Checkpoint
05-08-2013 04:26:31 System Checkpoint
06-08-2013 04:58:22 System Checkpoint
07-08-2013 10:27:14 System Checkpoint
08-08-2013 11:03:10 System Checkpoint
09-08-2013 11:05:35 System Checkpoint
10-08-2013 14:07:28 System Checkpoint
11-08-2013 14:39:22 System Checkpoint

==================== Hosts content: ==========================

2004-08-04 07:00 - 2004-08-04 07:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Messager.job => C:\Documents and Settings\All Users\Application Data\HP Photo Creations\MessageCheck.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/10/2013 07:56:49 AM) (Source: Application Error) (User: )
Description: Faulting application wcs2000.exe, version 7.0.0.0, faulting module msvcrt.dll, version 7.0.2600.5512, fault address 0x0001aa71.
Processing media-specific event for [wcs2000.exe!ws!]

Error: (08/08/2013 04:09:55 PM) (Source: Application Error) (User: )
Description: Faulting application wcs2000.exe, version 7.0.0.0, faulting module msvcrt.dll, version 7.0.2600.5512, fault address 0x0001aa68.
Processing media-specific event for [wcs2000.exe!ws!]

Error: (08/06/2013 04:59:56 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/06/2013 04:59:56 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/06/2013 04:59:56 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/04/2013 07:53:10 AM) (Source: Application Error) (User: )
Description: Faulting application wcs2000.exe, version 7.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x10101010.
Processing media-specific event for [wcs2000.exe!ws!]

Error: (08/03/2013 08:21:37 AM) (Source: Application Error) (User: )
Description: Faulting application wcs2000.exe, version 7.0.0.0, faulting module msvcrt.dll, version 7.0.2600.5512, fault address 0x0001aa71.
Processing media-specific event for [wcs2000.exe!ws!]

Error: (08/02/2013 09:54:54 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/02/2013 09:54:53 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/02/2013 09:54:53 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

System errors:
=============
Error: (08/13/2013 06:56:02 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service failed to start due to the following error:
%%1053

Error: (08/13/2013 06:56:02 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Windows Image Acquisition (WIA) service to connect.

Error: (08/12/2013 07:16:50 PM) (Source: Service Control Manager) (User: )
Description: The SQL Server (SQLEXPRESSEFILM) service failed to start due to the following error:
%%1053

Error: (08/12/2013 07:16:50 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the SQL Server (SQLEXPRESSEFILM) service to connect.

Error: (08/01/2013 06:36:36 PM) (Source: DCOM) (User: TAMMYDRURY)
Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.

Error: (08/01/2013 06:35:01 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (08/01/2013 06:35:01 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

Error: (08/01/2013 06:34:10 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (08/01/2013 06:34:04 PM) (Source: DCOM) (User: TAMMYDRURY)
Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.

Error: (08/01/2013 06:31:01 PM) (Source: DCOM) (User: TAMMYDRURY)
Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.

Microsoft Office Sessions:
=========================
Error: (08/10/2013 07:56:49 AM) (Source: Application Error)(User: )
Description: wcs2000.exe7.0.0.0msvcrt.dll7.0.2600.55120001aa71

Error: (08/08/2013 04:09:55 PM) (Source: Application Error)(User: )
Description: wcs2000.exe7.0.0.0msvcrt.dll7.0.2600.55120001aa68

Error: (08/06/2013 04:59:56 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/06/2013 04:59:56 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/06/2013 04:59:56 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/04/2013 07:53:10 AM) (Source: Application Error)(User: )
Description: wcs2000.exe7.0.0.0unknown0.0.0.010101010

Error: (08/03/2013 08:21:37 AM) (Source: Application Error)(User: )
Description: wcs2000.exe7.0.0.0msvcrt.dll7.0.2600.55120001aa71

Error: (08/02/2013 09:54:54 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/02/2013 09:54:53 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/02/2013 09:54:53 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

==================== Memory info ===========================

Percentage of memory in use: 89%
Total physical RAM: 509.98 MB
Available physical RAM: 54.77 MB
Total Pagefile: 1246.59 MB
Available Pagefile: 465.62 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:71.7 GB) (Free:14.96 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 75 GB) (Disk ID: D0F4738C)
Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)
Partition 2: (Active) - (Size=72 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3 GB) - (Type=DB)

==================== End Of Log ============================

 

 

Thank you!

 

Tammy



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,030 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:28 PM

Posted 13 August 2013 - 09:52 PM

Hi Tammy,

For some reason I was not notified of your Post. Hopefully this will be a one time event. I usually reply rather quickly.

Thanks for running the program. Please do this for me.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
File: c:\program files\setup.exe
Reg: reg query "HKLM\System\CurrentControlSet\Control\Session Manager"
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlist log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 tmd598

tmd598
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:05:28 PM

Posted 14 August 2013 - 07:05 PM

Fixlist log:

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-08-2013 01
Ran by Tammy Drury at 2013-08-14 20:03:46 Run:1
Running from C:\Documents and Settings\Tammy Drury\Desktop
Boot Mode: Normal

==============================================

========================= File: c:\program files\setup.exe ========================

MD5: ca4d56abba85c97023f2e236dc82c4aa
Creation and modification date: 2000-07-15 01:00 - 2000-07-15 01:00
Size: 0139776
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: SETUP.EXE
Original Name: SETUP.EXE
Product Name: Microsoft® Visual Basic for Windows
Description: Setup Bootstrap for Visual Basic Setup Toolkit
File Version: 6.00.8804
Product Version: 6.00.8804
Copyright: Copyright © 1987-2000 Microsoft Corp.

====== End Of File: ======

========= reg query "HKLM\System\CurrentControlSet\Control\Session Manager" =========

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager
    BootExecute REG_MULTI_SZ "autocheck autochk /p \??\C:"\0.\0???\0\0No information available\0>\0???\0\0SupportSoft Agent Service\0e\0???\0\0AdobeFlashPlayerUpdateSvc\0e\0???\0\0Lexmark International, Inc.\0???\0\0Microsoft® .NET Framework\0e\0???\0\0QuickTime 7.6.9 (1680.9)\03\0SM\0e[1].htm\0s\0?Î?\0î\0This security update is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this security update will be uninstalled automatically.
For more information, visit http://support.microsoft.com/kb/2736416.\0804576.\0gned to\0?Î9DB8570D-FAB0-445E-AA3B-40549BE876F4\0\0C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart\0\0
    CriticalSectionTimeout REG_DWORD 0x278d00
    EnableMCA REG_DWORD 0x1
    EnableMCE REG_DWORD 0x0
    ExcludeFromKnownDlls REG_MULTI_SZ \0
    GlobalFlag REG_DWORD 0x0
    HeapDeCommitFreeBlockThreshold REG_DWORD 0x0
    HeapDeCommitTotalFreeThreshold REG_DWORD 0x0
    HeapSegmentCommit REG_DWORD 0x0
    HeapSegmentReserve REG_DWORD 0x0
    ObjectDirectories REG_MULTI_SZ \Windows\0\RPC Control\0\0
    ProtectionMode REG_DWORD 0x1
    ResourceTimeoutCount REG_DWORD 0x9e340
    ProcessorControl REG_DWORD 0x2
    RegisteredProcessors REG_DWORD 0x1
    LicensedProcessors REG_DWORD 0x1
    AutoChkTimeOut REG_DWORD 0x0

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCompatibility

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppPatches

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\DOS Devices

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Executive

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\FileRenameOperations

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\kernel

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\KnownDLLs

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Power

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SFC

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SubSystems

========= End of Reg: =========

==== End of Fixlog ====



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,030 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:28 PM

Posted 15 August 2013 - 09:45 AM

Hi Tammy,

I am not ignoring you. I am consulting with one of my colleagues regarding a unique entry in one of your logs.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 tmd598

tmd598
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:05:28 PM

Posted 15 August 2013 - 12:40 PM

No problem Gary. Like I said, I am patient! And I'm hoping we can fix this computer, so whatever it takes. :)



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,030 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:28 PM

Posted 15 August 2013 - 04:54 PM

Hi Tammy,

OK, here is what I would like to do.

After this fix has run please tell me if you receive any notifications about updates, especially .NET Framework.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager
    BootExecute REG_MULTI_SZ "autocheck autochk /p \??\C:"\0.\0???\0\0No information available\0>\0???\0\0SupportSoft Agent Service\0e\0???\0\0AdobeFlashPlayerUpdateSvc\0e\0???\0\0Lexmark International, Inc.\0???\0\0Microsoft® .NET Framework\0e\0???\0\0QuickTime 7.6.9 (1680.9)\03\0SM\0e[1].htm\0s\0?Î?\0î\0This security update is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this security update will be uninstalled automatically.
For more information, visit http://support.microsoft.com/kb/2736416.\0804576.\0gned to\0?Î9DB8570D-FAB0-445E-AA3B-40549BE876F4\0\0C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart\0\0
    CriticalSectionTimeout REG_DWORD 0x278d00
    EnableMCA REG_DWORD 0x1
    EnableMCE REG_DWORD 0x0
    ExcludeFromKnownDlls REG_MULTI_SZ \0
    GlobalFlag REG_DWORD 0x0
    HeapDeCommitFreeBlockThreshold REG_DWORD 0x0
    HeapDeCommitTotalFreeThreshold REG_DWORD 0x0
    HeapSegmentCommit REG_DWORD 0x0
    HeapSegmentReserve REG_DWORD 0x0
    ObjectDirectories REG_MULTI_SZ \Windows\0\RPC Control\0\0
    ProtectionMode REG_DWORD 0x1
    ResourceTimeoutCount REG_DWORD 0x9e340
    ProcessorControl REG_DWORD 0x2
    RegisteredProcessors REG_DWORD 0x1
    LicensedProcessors REG_DWORD 0x1
    AutoChkTimeOut REG_DWORD 0x0
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Test Internet Explorer (although I don't think anything will change, yet!)
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog log
  • How is IE behaving?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 tmd598

tmd598
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:05:28 PM

Posted 15 August 2013 - 06:24 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-08-2013 01
Ran by Tammy Drury at 2013-08-15 19:15:33 Run:2
Running from C:\Documents and Settings\Tammy Drury\Desktop
Boot Mode: Normal

==============================================

==== End of Fixlog ====

 

 

IE unchanged, still freezing, locking, takes forever to close, etc.



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,030 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:28 PM

Posted 15 August 2013 - 06:28 PM

Hi Tammy,

Not sure that entry was fixed. Please rerun Post #6 but copy and paste just this line:

Reg: reg query "HKLM\System\CurrentControlSet\Control\Session Manager"

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 tmd598

tmd598
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:05:28 PM

Posted 16 August 2013 - 06:16 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-08-2013 01
Ran by Tammy Drury at 2013-08-16 19:15:41 Run:3
Running from C:\Documents and Settings\Tammy Drury\Desktop
Boot Mode: Normal

==============================================

========= reg query "HKLM\System\CurrentControlSet\Control\Session Manager" =========

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager
    BootExecute REG_MULTI_SZ "autocheck autochk /p \??\C:"\0.\0???\0\0No information available\0>\0???\0\0SupportSoft Agent Service\0e\0???\0\0AdobeFlashPlayerUpdateSvc\0e\0???\0\0Lexmark International, Inc.\0???\0\0Microsoft® .NET Framework\0e\0???\0\0QuickTime 7.6.9 (1680.9)\03\0SM\0e[1].htm\0s\0?Î?\0î\0This security update is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this security update will be uninstalled automatically.
For more information, visit http://support.microsoft.com/kb/2736416.\0804576.\0gned to\0?Î9DB8570D-FAB0-445E-AA3B-40549BE876F4\0\0C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart\0\0
    CriticalSectionTimeout REG_DWORD 0x278d00
    EnableMCA REG_DWORD 0x1
    EnableMCE REG_DWORD 0x0
    ExcludeFromKnownDlls REG_MULTI_SZ \0
    GlobalFlag REG_DWORD 0x0
    HeapDeCommitFreeBlockThreshold REG_DWORD 0x0
    HeapDeCommitTotalFreeThreshold REG_DWORD 0x0
    HeapSegmentCommit REG_DWORD 0x0
    HeapSegmentReserve REG_DWORD 0x0
    ObjectDirectories REG_MULTI_SZ \Windows\0\RPC Control\0\0
    ProtectionMode REG_DWORD 0x1
    ResourceTimeoutCount REG_DWORD 0x9e340
    ProcessorControl REG_DWORD 0x2
    RegisteredProcessors REG_DWORD 0x1
    LicensedProcessors REG_DWORD 0x1
    AutoChkTimeOut REG_DWORD 0x0

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCompatibility

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppPatches

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\DOS Devices

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Executive

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\FileRenameOperations

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\kernel

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\KnownDLLs

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Power

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SFC

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SubSystems

========= End of Reg: =========

==== End of Fixlog ====



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,030 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:28 PM

Posted 16 August 2013 - 08:16 PM

Hi Tammy,

As I suspected it didn't do what we wanted it to do. Please do this.

===================================================

Manually Importing an Attached Registry Key (.reg) File

-------------------
  • Download the attached file and save it to your desktop
  • Right click on the file and select Merge
  • Once you receive confirmation the information was successfully merged reboot your computer
  • Rerun Post #12 and post the results in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 tmd598

tmd598
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:05:28 PM

Posted 16 August 2013 - 08:57 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-08-2013 01
Ran by Tammy Drury at 2013-08-16 21:56:27 Run:4
Running from C:\Documents and Settings\Tammy Drury\Desktop
Boot Mode: Normal

==============================================

========= reg query "HKLM\System\CurrentControlSet\Control\Session Manager" =========

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager
    BootExecute REG_MULTI_SZ autocheck autochk *\0\0
    CriticalSectionTimeout REG_DWORD 0x278d00
    EnableMCA REG_DWORD 0x1
    EnableMCE REG_DWORD 0x0
    ExcludeFromKnownDlls REG_MULTI_SZ \0
    GlobalFlag REG_DWORD 0x0
    HeapDeCommitFreeBlockThreshold REG_DWORD 0x0
    HeapDeCommitTotalFreeThreshold REG_DWORD 0x0
    HeapSegmentCommit REG_DWORD 0x0
    HeapSegmentReserve REG_DWORD 0x0
    ObjectDirectories REG_MULTI_SZ \Windows\0\RPC Control\0\0
    ProtectionMode REG_DWORD 0x1
    ResourceTimeoutCount REG_DWORD 0x9e340
    ProcessorControl REG_DWORD 0x2
    RegisteredProcessors REG_DWORD 0x1
    LicensedProcessors REG_DWORD 0x1
    AutoChkTimeOut REG_DWORD 0x0

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCompatibility

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppPatches

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\DOS Devices

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Executive

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\FileRenameOperations

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\kernel

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\KnownDLLs

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Power

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SFC

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SubSystems

========= End of Reg: =========

==== End of Fixlog ====






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users