Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP items


  • Please log in to reply
40 replies to this topic

#1 judyjht

judyjht

  • Members
  • 799 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Maine
  • Local time:12:59 AM

Posted 02 September 2013 - 06:55 PM

I don't know what is going on buy my XP Professional Dell Inspiron 6000 Laptop is acting weirg.  I ran MalwareByles and this is the log.  Not sure what to do next..  Right now I am running Kaspersky Full Scan and it has found 2 things already  I think it will take awhile to finish.

 

I also seen in Add & Remove Progeams:  Default Tab, Mixi DJ V44 Toolbar and Move Media Player - none of which I recognize.  Thes 3 things might be better off in another forum - not sure which one.   Anyone help me?  Thanks in advance.

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.31.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Judy Peacock :: JHT-W9WG3DVW97D [administrator]

9/2/2013 9:41:06 AM
mbam-log-2013-09-02 (09-41-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 340584
Time elapsed: 26 minute(s), 37 second(s)

Memory Processes Detected: 3
C:\Program Files\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> 508 -> Delete on reboot.
C:\Program Files\DefaultTab\DefaultTabSearch.exe (PUP.Optional.DefaultTab) -> 1360 -> Delete on reboot.
C:\Documents and Settings\Judy Peacock\Application Data\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab) -> 1612 -> Delete on reboot.

Memory Modules Detected: 2
C:\Program Files\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.

Registry Keys Detected: 15
HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowser.1 (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowser (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabSearch (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Bad: (http://search.conduit.com?SearchSource=10&CUI=UN41641296131105610&UM=2&ctid=CT3298580) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 26
C:\Program Files\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\SProtectorRepository (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\DefaultTab (PUP.Optional.DefaultTab) -> Delete on reboot.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.

Files Detected: 132
C:\Documents and Settings\Judy Peacock\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\DefaultTab\DefaultTab\DefaultTabStart.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\DefaultTab\DefaultTab\DefaultTabStart64.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\DefaultTab\DefaultTab\DefaultTabWrap.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\DefaultTab\DefaultTab\DefaultTabWrap64.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\checktbexist.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\setup.exe (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\air57.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\air6F.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\airAD.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\ct3298580\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\ct3298580\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\ct3298580\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\ct3298580\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\ct3298580\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\ct3298580\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\ct3298580\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Local Settings\Temp\ct3298580\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\popupTransparent.xul (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\SearchProtect\ffprotect\SProtectorRepository\searchProtectorData (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files\DefaultTab\DefaultTab.crx (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Program Files\DefaultTab\DefaultTabSearch.exe (PUP.Optional.DefaultTab) -> Delete on reboot.
C:\Program Files\DefaultTab\uid (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Program Files\DefaultTab\uninstaller.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab) -> Delete on reboot.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\1.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\a.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\b.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\c.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\d.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\e.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\f.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\g.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\h.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\i.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\j.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\k.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\l.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\m.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\n.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\o.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\p.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\q.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\r.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\s.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\t.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\u.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\v.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\w.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\wlu.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\x.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\y.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy Peacock\Application Data\PriceGong\Data\z.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.

(end)
 

 



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:59 PM

Posted 02 September 2013 - 09:08 PM

Hello -

Generally speaking, you have done the correct thing by removal of the Potentially Unwanted Programs in the list.

Also Mixi DJ V44 Toolbar is downloaded with other programs and not as a Selected single program.

That can be removed from Add / Remove -

Many of these are now picked up by Malwarebytes, where they may not have been in earlier scans.

The program (MBAM) has become more sensitive to these where it once over-looked them.

 

Download Security Check by Screen317
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

We may as well run a full MiniToolBox check while we are doing this -

Download MiniToolBox, Save it to your desktop and run it.
Checkmark the following checkboxes:
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List content of Hosts
* List IP configuration
* List Winsock Entries
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (Only Problems)
* List Users, Partitions and Memory size.
* List Minidump Files
* List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

 

Thank You -



#3 judyjht

judyjht
  • Topic Starter

  • Members
  • 799 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Maine
  • Local time:12:59 AM

Posted 03 September 2013 - 08:50 AM

OK will do and I will post when I am done.  My Kaspersky Full scan found 4 things it deleted.  All 4 are:  Packed.Win32.Krap.hc



#4 judyjht

judyjht
  • Topic Starter

  • Members
  • 799 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Maine
  • Local time:12:59 AM

Posted 03 September 2013 - 09:05 AM

OK here is the Security Check text:

 

 Results of screen317's Security Check version 0.99.73  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Kaspersky Anti-Virus   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.2004)   
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 17  
 Java version out of Date!
 Adobe Flash Player     11.8.800.94  
 Adobe Reader 9  
 Adobe Reader XI  
 Mozilla Firefox (23.0.1)
 Google Chrome 29.0.1547.57  
 Google Chrome 29.0.1547.62  
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Anti-Virus 2013 avp.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 23% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 



#5 judyjht

judyjht
  • Topic Starter

  • Members
  • 799 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Maine
  • Local time:12:59 AM

Posted 03 September 2013 - 11:01 AM

It has been ":checking FF Proxy settings"  for about 2 hours already - is that correct??


Edited by judyjht, 03 September 2013 - 11:01 AM.


#6 judyjht

judyjht
  • Topic Starter

  • Members
  • 799 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Maine
  • Local time:12:59 AM

Posted 03 September 2013 - 01:51 PM

Just got back home - here is the log from the Mini Tool Box:

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Judy Peacock (administrator) on 03-09-2013 at 10:12:19
Running from "C:\Documents and Settings\Judy Peacock\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Could not flush the DNS Resolver Cache: Function failed during execution.




========================= IE Proxy Settings: ==============================

Proxy is enabled.
ProxyServer: http=127.0.0.1:8118

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® PRO/Wireless 2200BG Network Connection = Wireless Network Connection 2 - Don't ENABLE unless D-Link down (Disconnected)
1394 Net Adapter = 1394 Connection (you don't use this) (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection 2 (Blue Cable) (Media disconnected)
D-Link DWA-652 XtremeN Notebook Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection 3"

set address name="Wireless Network Connection 3" source=dhcp
set dns name="Wireless Network Connection 3" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 3" source=dhcp

# Interface IP Configuration for "Local Area Connection 2 (Blue Cable)"

set address name="Local Area Connection 2 (Blue Cable)" source=dhcp
set dns name="Local Area Connection 2 (Blue Cable)" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2 (Blue Cable)" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : jht-w9wg3dvw97d

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection 3:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : D-Link DWA-652 XtremeN Notebook Adapter

        Physical Address. . . . . . . . . : 00-1E-58-3A-29-27



Ethernet adapter Local Area Connection 2 (Blue Cable):



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

        Physical Address. . . . . . . . . : 00-11-43-77-E0-06

Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 1e 58 3a 29 27 ...... D-Link DWA-652 XtremeN Notebook Adapter
0x10004 ...00 11 43 77 e0 06 ...... Broadcom 440x 10/100 Integrated Controller
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
  255.255.255.255  255.255.255.255  255.255.255.255           10004      1
  255.255.255.255  255.255.255.255  255.255.255.255           10003      1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 25 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/02/2013 07:42:40 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/02 19:42:40.703]: [00002428]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.161]

Error: (09/02/2013 07:41:31 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/02 19:41:31.687]: [00002428]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.161]

Error: (09/02/2013 07:40:22 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/02 19:40:22.671]: [00002428]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.161]

Error: (09/02/2013 07:39:13 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/02 19:39:13.656]: [00002428]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.161]

Error: (09/02/2013 07:38:04 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/02 19:38:04.515]: [00002428]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.161]

Error: (09/02/2013 07:36:55 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/02 19:36:55.359]: [00002428]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.161]

Error: (09/02/2013 07:35:45 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/02 19:35:45.906]: [00002428]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.161]

Error: (09/02/2013 07:34:36 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/02 19:34:36.781]: [00002428]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.161]

Error: (09/02/2013 07:33:27 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/02 19:33:27.734]: [00002428]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.161]

Error: (09/02/2013 07:32:18 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/02 19:32:18.671]: [00002428]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.1.161]


System errors:
=============
Error: (09/03/2013 09:38:46 AM) (Source: Service Control Manager) (User: )
Description: The Cron Service for Prey service failed to start due to the following error:
%%1053

Error: (09/03/2013 09:38:46 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Cron Service for Prey service to connect.

Error: (09/03/2013 00:07:00 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Silverlight (KB2847559).

Error: (09/02/2013 06:10:06 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Silverlight (KB2847559).

Error: (09/02/2013 05:05:29 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the QBCFMonitorService service to connect.

Error: (09/02/2013 05:05:29 PM) (Source: Service Control Manager) (User: )
Description: The Cron Service for Prey service failed to start due to the following error:
%%1053

Error: (09/02/2013 05:05:29 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Cron Service for Prey service to connect.

Error: (09/01/2013 06:05:25 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Silverlight (KB2847559).

Error: (09/01/2013 07:42:41 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (08/31/2013 11:09:42 PM) (Source: DCOM) (User: JHT-W9WG3DVW97D)
Description: The server {72278E83-B0EF-4E49-9E10-6947602C1030} did not register with DCOM within the required timeout.


Microsoft Office Sessions:
=========================
Error: (05/31/2013 09:06:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 89667 seconds with 6480 seconds of active time.  This session ended with a crash.

Error: (10/27/2012 10:03:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 101909 seconds with 960 seconds of active time.  This session ended with a crash.

Error: (08/25/2012 10:12:14 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 94353 seconds with 4260 seconds of active time.  This session ended with a crash.

Error: (03/18/2012 01:41:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 96454 seconds with 1440 seconds of active time.  This session ended with a crash.

Error: (10/10/2011 07:58:13 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1595 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (10/09/2011 00:55:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 106659 seconds with 1920 seconds of active time.  This session ended with a crash.

Error: (01/16/2011 08:21:26 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 55321 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (12/24/2010 11:24:18 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2341 seconds with 60 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

2007 Microsoft Office Suite Service Pack 1 (SP1)
7-Zip 9.20
Acronis True Image Home (Version: 10.0.4871)
Adobe AIR (Version: 3.8.0.1280)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe CSI CS4 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Drive CS4 (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Fonts All (Version: 2.0)
Adobe Illustrator CS4 (Version: 14.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Reader 9.3.1 (Version: 9.3.1)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
ALPS Touch Pad Driver
Amazon Kindle
AM-DeadLink 4.6 (Version: 4.6)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Belarc Advisor 8.1
Bonjour (Version: 3.0.0.10)
Broadcom 440x 10/100 Integrated Controller (Version: 5.51.03)
Broadcom Management Programs 2 (Version: 7.82.01)
Brother MFL-Pro Suite MFC-J615W (Version: 1.0.4.0)
CameraHelperMsi (Version: 13.10.1217.0)
CCScore (Version: 8.02.0000.0001)
CleVR Stitcher (Version: 1.20090723)
CleVR Stitcher (Version: 1.255)
Click to Call with Skype (Version: 5.5.8013)
C-Major Audio (Version: 42xx)
Conexant D110 MDC V.92 Modem
Connect (Version: 1.0.0.1)
Critical Update for Windows Media Player 11 (KB959772)
DefaultTab (Version: 2.2.16.0)
Dell Wireless WLAN Card (Version: 4.100.15.8)
Dropbox (Version: 2.0.22)
DWA-652 (Version: )
EaseUS Data Recovery Wizard 5.8.0
erLT (Version: 1.20.138.34)
ERUNT 1.1j
ESSBrwr (Version: 8.02.0000.0001)
ESSCDBK (Version: 8.02.0000.0001)
ESScore (Version: 8.02.0000.0001)
ESSgui (Version: 8.02.0000.0001)
ESSini (Version: 8.02.0000.0001)
ESSPCD (Version: 8.02.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
Evernote v. 4.6.7 (Version: 4.6.7.8409)
FreeSizer v.1.0.0 (Version: 1.0.0)
FreeUndelete 2.1.36867.1 (Version: 2.1.36867.1)
Google Chrome (Version: 29.0.1547.62)
Google Drive (Version: 1.11.4865.2530)
Google Talk Plugin (Version: 4.5.3.14917)
Google Update Helper (Version: 1.3.21.153)
Hulu Desktop (Version: 0.9.14)
I8kfanGUI V3.1 (Version: 3.1)
InstallVC90Support (Version: 1.01.0000)
Intel® Graphics Media Accelerator Driver for Mobile (Version: 6.14.10.4609)
Intel® PROSet/Wireless Software (Version: 11.01.0000)
IP Camera
IPSetup (Version: 1.0.6)
iTunes (Version: 11.0.4.4)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Jing (Version: 2.8.13007.1)
Kaspersky Anti-Virus 2013 (Version: 13.0.1.4190)
Kodak EasyShare software
kuler (Version: 2.0)
Logitech Desktop Messenger (Version: 2.54.11)
Logitech QuickCam Driver Package
Logitech Vid HD (Version: 7.2 (7240))
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.10.1216.0)
LWS Gallery (Version: 13.10.1216.0)
LWS Help_main (Version: 13.10.1224.0)
LWS Launcher (Version: 13.10.1224.0)
LWS Motion Detection (Version: 13.10.1218.0)
LWS Pictures And Video (Version: 13.10.1218.0)
LWS Twitter (Version: 13.00.1216.0)
LWS Video Mask Maker (Version: 13.10.1216.0)
LWS VideoEffects (Version: 13.00.1774.0)
LWS Webcam Software (Version: 13.00.1774.0)
LWS WLM Plugin (Version: 1.10.1222.0)
LWS YouTube Plugin (Version: 13.10.1216.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
mCore (Version: 9.03.0000)
mDriver (Version: 9.03.0000)
mDrWiFi (Version: 9.03.0000)
MGI PhotoSuite 4 (Remove Only)
mHlpDell (Version: 9.03.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6215.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Silverlight (Version: 2.0.31005.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6215.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308)
mIWA (Version: 9.03.0000)
mLogView (Version: 9.03.0000)
mMHouse (Version: 9.03.0000)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
mPfMgr (Version: 9.03.0000)
mPfWiz (Version: 9.03.0000)
mProSafe (Version: 9.00.0000)
mSCfg (Version: 9.03.0000)
mSSO (Version: 9.03.0000)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6.0 Parser (Version: 6.00.3883.8)
mWlsSafe (Version: 9.00.0000)
mWMI (Version: 9.03.0000)
My Webcam Broadcaster (Version: 1.0.0)
MyDefrag v4.3.1 (Version: 4.0.0.0)
mZConfig (Version: 9.03.0000)
Nero 8 (Version: 8.3.500)
neroxml (Version: 1.0.0)
netbrdg (Version: 7.01.0000.0001)
OfotoNow
OfotoXMI (Version: 8.02.1000.0001)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
ooVoo (Version: 3.0.4039)
PaperPort Image Printer (Version: 1.00.0000)
PDF Settings CS4 (Version: 9.0)
PerfectDisk 2008 Professional (Version: 9.0.64)
Photoshop Camera Raw (Version: 5.0)
PrimoPDF -- by Nitro PDF Software (Version: 5.0.0.13)
QuickBooks (Version: 20.0.4017.807)
QuickBooks (Version: 23.0.4008.2305)
QuickBooks Pro 2010 (Version: 20.0.4017.807)
QuickBooks Pro 2013 (Version: 23.0.4006.2305)
QuickTime (Version: 7.74.80.86)
Recuva (Version: 1.44)
Safari (Version: 5.34.57.2)
SAGEim (Version: 1.00.0000)
SAGE-Online (Version: 5.00.0000)
ScanSoft PaperPort 11 (Version: 11.2.0000)
SeaTools for Windows (Version: 1.2.0.5)
Secunia PSI (3.0.0.2004) (Version: 3.0.0.2004)
SecurView Pro 2.1.1 (Version: 2.1.1)
SFR (Version: 8.01.0000.0001)
SHASTA (Version: 7.01.0000.0001)
skin0001 (Version: 8.02.0000.0001)
SKINXSDK (Version: 8.02.0000.0001)
Skype™ 6.6 (Version: 6.6.106)
SolveigMM AVI Trimmer (Version: 2.0.1204.27)
Speccy (Version: 1.07)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
staticcr (Version: 8.02.0000.0001)
StickyPad (Version: 2.3.52)
Suite Shared Configuration CS4 (Version: 1.0)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 7.10.8.0)
Taskbar Shuffle version 2.5 (Version: 2.5)
TeamViewer 8 (Version: 8.0.17292)
Unsubscribe Outlook 2007 (Version: 2.0.3)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Windows (KB971513)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb958619)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows Internet Explorer 8 (KB968220) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2808679) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951618-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VCRedistSetup (Version: 1.0.0)
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1)
VPRINTOL (Version: 8.02.0000.0001)
VS 2008 CRT Package (Version: 1.1.0)
Web Protect for Windows (Version: 3.28.33)
WebFldrs XP (Version: 9.50.6513)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Service Pack 3 (Version: 20080414.031525)
WIRELESS (Version: 8.02.0000.0001)
XFINITY Caller ID (Version: 3.1.38)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 2039.37 MB
Available physical RAM: 1260.62 MB
Total Pagefile: 3416.7 MB
Available Pagefile: 2636.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.22 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:119.49 GB) (Free:26.45 GB) NTFS

========================= Users: ========================================

User accounts for \\JHT-W9WG3DVW97D

Administrator            ASPNET                   Guest                    
HelpAssistant            Judy Peacock             QBDataServiceUser17      
QBDataServiceUser20      QBDataServiceUser23      SUPPORT_388945a0         

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

11-06-2013 00:23:59 System Checkpoint
11-06-2013 01:40:14 Software Distribution Service 3.0
11-06-2013 10:49:02 Removed Bing Desktop
11-06-2013 10:53:31 Removed PocketCloud Windows Companion.
11-06-2013 13:57:55 Removed Comcast Access
11-06-2013 15:44:10 Installed Jing
11-06-2013 16:13:08 Removed SupportSoft Assisted Service
11-06-2013 20:57:47 Software Distribution Service 3.0
12-06-2013 21:57:19 System Checkpoint
13-06-2013 23:39:34 System Checkpoint
15-06-2013 23:53:45 System Checkpoint
17-06-2013 00:54:29 System Checkpoint
22-06-2013 00:46:17 System Checkpoint
23-06-2013 22:29:58 System Checkpoint
25-06-2013 19:41:53 Removed Comcast Universal Caller ID
27-06-2013 21:49:58 System Checkpoint
28-06-2013 22:50:22 System Checkpoint
29-06-2013 23:01:54 System Checkpoint
30-06-2013 23:17:31 System Checkpoint
02-07-2013 13:08:35 System Checkpoint
05-07-2013 04:22:55 System Checkpoint
06-07-2013 05:50:33 System Checkpoint
07-07-2013 17:27:14 System Checkpoint
11-07-2013 03:56:04 System Checkpoint
11-07-2013 22:00:47 Software Distribution Service 3.0
12-07-2013 00:59:09 Software Distribution Service 3.0
13-07-2013 13:47:30 Software Distribution Service 3.0
15-07-2013 14:11:45 Software Distribution Service 3.0
15-07-2013 23:14:40 Software Distribution Service 3.0
16-07-2013 11:24:43 Software Distribution Service 3.0
17-07-2013 14:15:47 System Checkpoint
18-07-2013 13:33:46 Software Distribution Service 3.0
19-07-2013 03:13:58 Software Distribution Service 3.0
19-07-2013 23:43:48 Software Distribution Service 3.0
20-07-2013 15:26:11 Software Distribution Service 3.0
20-07-2013 22:00:26 Software Distribution Service 3.0
21-07-2013 15:46:23 Software Distribution Service 3.0
22-07-2013 02:49:33 Software Distribution Service 3.0
23-07-2013 02:57:45 System Checkpoint
24-07-2013 02:37:48 Software Distribution Service 3.0
25-07-2013 11:00:51 Software Distribution Service 3.0
26-07-2013 11:21:18 Software Distribution Service 3.0
26-07-2013 15:21:10 Software Distribution Service 3.0
26-07-2013 22:00:25 Software Distribution Service 3.0
27-07-2013 22:00:23 Software Distribution Service 3.0
28-07-2013 19:29:31 Software Distribution Service 3.0
30-07-2013 11:49:56 Software Distribution Service 3.0
31-07-2013 12:12:53 Software Distribution Service 3.0
01-08-2013 11:45:45 Software Distribution Service 3.0
02-08-2013 11:20:35 Software Distribution Service 3.0
02-08-2013 14:19:58 Software Distribution Service 3.0
02-08-2013 22:00:39 Software Distribution Service 3.0
04-08-2013 00:16:18 Software Distribution Service 3.0
04-08-2013 18:58:30 Software Distribution Service 3.0
06-08-2013 11:56:33 Software Distribution Service 3.0
07-08-2013 11:42:05 Software Distribution Service 3.0
07-08-2013 11:50:55 Software Distribution Service 3.0
07-08-2013 22:00:20 Software Distribution Service 3.0
08-08-2013 13:31:17 Printer Driver CutePDF Writer Installed
09-08-2013 13:14:09 Software Distribution Service 3.0
09-08-2013 14:47:46 Software Distribution Service 3.0
09-08-2013 22:00:20 Software Distribution Service 3.0
10-08-2013 22:00:24 Software Distribution Service 3.0
11-08-2013 23:24:23 Software Distribution Service 3.0
12-08-2013 02:08:35 Removed Evernote v. 4.6.6
12-08-2013 02:09:12 Installed Evernote v. 4.6.7
12-08-2013 22:00:19 Software Distribution Service 3.0
13-08-2013 03:24:14 Software Distribution Service 3.0
14-08-2013 13:26:38 Software Distribution Service 3.0
16-08-2013 13:15:49 System Checkpoint
16-08-2013 14:48:11 Software Distribution Service 3.0
16-08-2013 22:00:22 Software Distribution Service 3.0
17-08-2013 21:27:49 Software Distribution Service 3.0
17-08-2013 22:00:18 Software Distribution Service 3.0
18-08-2013 19:42:02 Software Distribution Service 3.0
19-08-2013 22:00:50 Software Distribution Service 3.0
20-08-2013 22:00:24 Software Distribution Service 3.0
21-08-2013 22:03:50 Software Distribution Service 3.0
22-08-2013 12:42:59 Software Distribution Service 3.0
23-08-2013 13:15:53 System Checkpoint
23-08-2013 14:54:38 Software Distribution Service 3.0
23-08-2013 23:01:12 Software Distribution Service 3.0
24-08-2013 12:50:18 Software Distribution Service 3.0
24-08-2013 13:42:42 Software Distribution Service 3.0
25-08-2013 16:39:30 System Checkpoint
25-08-2013 17:23:44 Software Distribution Service 3.0
26-08-2013 01:43:34 Removed GlobeReader
26-08-2013 01:45:18 Removed Ask Toolbar
27-08-2013 10:44:20 Software Distribution Service 3.0
27-08-2013 13:02:22 Software Distribution Service 3.0
29-08-2013 11:18:35 Software Distribution Service 3.0
30-08-2013 11:15:03 Software Distribution Service 3.0
30-08-2013 14:53:58 Software Distribution Service 3.0
31-08-2013 15:19:07 Software Distribution Service 3.0
01-09-2013 22:00:27 Software Distribution Service 3.0
02-09-2013 13:10:37 Removed ASPCA Reminder by We-Care.com v4.1.22.1
02-09-2013 22:00:20 Software Distribution Service 3.0
03-09-2013 04:06:49 Software Distribution Service 3.0

**** End of log ****
 



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:59 PM

Posted 03 September 2013 - 05:28 PM

Hi Judy -

"Could not flush the DNS Resolver Cache: Function failed during execution."
This earlier item may have caused some of the F/fox problem.

 

""It has been ":checking FF Proxy settings"  for about 2 hours already - is that correct??"" Very unusual unless you had F/fox open - You were Offline once the MiniToolBox scan started ? Yes ?

""NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.""

 

3 main scans, and they are Rkill, the ESETOnline Scanner, and TDSSKiller -

 

 

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

* Double-click on the Rkill desktop icon to run the tool.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
NOTE * Do not reboot until instructed. or your next 2 scans are completed.
*  Do not reboot your computer after running RKill as the malware programs will start again.
* If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

 

 

NOTE - If the computer is a laptop please be sure it is connected to a power source and not just Batteries - These scans can run for much longer than the estimated times -

 

This is required to avoid conflicts ......

How To Temporarily Disable Your Anti-virus only during the scans.

Scan your machine with ESET OnlineScan
1. Hold down Control and click HERE to open ESET OnlineScan in a new window.
2. Click the ESET Online Scanner button.
3. NOTE :.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

 

- 1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
- 2. Double click on the ESET Online Scanner icon on your desktop.

 

 4. Check "YES, I accept the Terms of Use."
 5. Click the Start button.
 6. Accept any security warnings from your browser.
 7. Under scan settings, check "Scan Archives" and "Remove found threats"
8. Click Advanced settings and select the following:
Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology

 9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this will take some time to download the program for a first time, and then download updated data base (1 to 2  hours is not unusual)
10. When the scan completes, click List Threats
11. Click Export, and save the file to your desktop using a unique name, such as ESETScan.
- Include the contents of this report in your next reply.
12. Click the Back button.
13. Click the Finish button
Or you can find a report at  C:\Program Files\esetonlinescanner\log.txt.

 

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

• Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.
• If TDSSKiller does not run, try renaming it.
• To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
• Click the Start Scan button.
Do not use the computer during the scan
• If the scan completes with nothing found, click Close to exit.
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
• Ensure Cure (default) is selected, then click Continue > "Reboot now" to finish the cleaning process.
• A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2012_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
• Copy and paste the contents of that file in your next reply.

 

 

Thank You -


Edited by noknojon, 03 September 2013 - 08:27 PM.


#8 judyjht

judyjht
  • Topic Starter

  • Members
  • 799 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Maine
  • Local time:12:59 AM

Posted 03 September 2013 - 06:57 PM

Here is the RKill:

 

Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/03/2013 07:55:02 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Documents and Settings\Judy Peacock\Start Menu\Programs\Startup\Snippy.exe (PID: 1156) [UP-HEUR]
 * C:\WINDOWS\system32\IoctlSvc.exe (PID: 1608) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\assembly\GAC_MSIL\Intuit.QuickBooks.FCS\1.3.0.0__5b3f47ba29970ccb => C:\WINDOWS\WinSxS\MSIL_Intuit.QuickBooks.FCS_5b3f47ba29970ccb_1.3.0.0_x-ww_d936dcb9 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

Checking Windows Service Integrity:

 * DNS Client (Dnscache) is not Running.
   Startup Type set to: Disabled

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 09/03/2013 07:56:35 PM
Execution time: 0 hours(s), 1 minute(s), and 32 seconds(s)
 



#9 judyjht

judyjht
  • Topic Starter

  • Members
  • 799 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Maine
  • Local time:12:59 AM

Posted 03 September 2013 - 07:05 PM

I am confused - on the ADWCleaner I don't know what to un-check.  It says to un-check anything I do not want to remove but I am not sure what I want to remove!!  I have not done anything yet.



#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:59 PM

Posted 03 September 2013 - 07:23 PM

I am sorry, but this is my fault 100% -

The 2 post are saved in my books together and the second one should not have been added.

 

You do not need to remove anything there yet -

 

Did you select to Remove or Search for problems ? Search is all that was required -

Search will produce a log with [R1] in the middle of it. Then you can continue.

I would also prefer you to even {X} close AdwCleaner and continue with the other scans if you can -

 

Thanks -



#11 judyjht

judyjht
  • Topic Starter

  • Members
  • 799 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Maine
  • Local time:12:59 AM

Posted 03 September 2013 - 07:55 PM

Oh gee - almost ready for bed here.  Can we start again where I am supposed to be??  I think I did SCAN but I am not 100% sure.  What should I do now?  I think I need to start over at this point.  I think I did the RKill scan correct but you need to tell me what to do next - exactly!



#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:59 PM

Posted 03 September 2013 - 08:29 PM

OK -

Delete AdwCleaner if you can, and run the other 3 programs as listed above - (no AdwCleaner)

 

Rkill / ESET Online / TDSSKiller , in that order only - The only offending line has been removed -

 

Thank You -



#13 blueicetwice

blueicetwice

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Paul & Mpls - Maoisota
  • Local time:10:59 PM

Posted 03 September 2013 - 08:39 PM

I just ran mini tool box and came up with over 500 errors!  Well that is what I thought I read, however,

the log shows 32 errors... No mini dump...


Edited by blueicetwice, 03 September 2013 - 08:43 PM.


#14 judyjht

judyjht
  • Topic Starter

  • Members
  • 799 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Maine
  • Local time:12:59 AM

Posted 03 September 2013 - 09:15 PM

Here is the RKILL TXT:

:Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/03/2013 10:12:21 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\assembly\GAC_MSIL\Intuit.QuickBooks.FCS\1.3.0.0__5b3f47ba29970ccb => C:\WINDOWS\WinSxS\MSIL_Intuit.QuickBooks.FCS_5b3f47ba29970ccb_1.3.0.0_x-ww_d936dcb9 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

Checking Windows Service Integrity:

 * DNS Client (Dnscache) is not Running.
   Startup Type set to: Disabled

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 09/03/2013 10:13:02 PM
Execution time: 0 hours(s), 0 minute(s), and 40 seconds(s)
 



#15 judyjht

judyjht
  • Topic Starter

  • Members
  • 799 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Maine
  • Local time:12:59 AM

Posted 03 September 2013 - 09:26 PM

Running the ESET now






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users