Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SSL Error Cannot connect to www.pinterest.com


  • This topic is locked This topic is locked
44 replies to this topic

#1 brancat

brancat

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 18 April 2014 - 10:50 AM

Attached File  dds.txt   9.85KB   3 downloadsAttached File  attach.txt   14.94KB   4 downloads


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.16544 BrowserJavaVersion: 10.51.2
Run by Owner at 10:40:52 on 2014-04-18
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1015.234 [GMT -7:00]
.
AV: Norton Internet Security *Enabled/Outdated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled*
.
============== Running Processes ================
.
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\ModPS2Key.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Coupons\CouponPrinterService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650
mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650
uProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: NCO 2.0 IE BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\common files\symantec shared\coshared\browser\2.0\CoIEPlg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\common files\symantec shared\ids\IPSBHO.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Show Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\common files\symantec shared\coshared\browser\2.0\CoIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Power2GoExpress] NA
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [CHotkey] zHotkey.exe
mRun: [ShowWnd] ShowWnd.exe
mRun: [ModPS2] ModPS2Key.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [Reminder] c:\windows\creator\Remind_XP.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [isCfgWiz] "c:\program files\common files\symantec shared\opc\{c86ea115-facd-4aa8-bfa2-398c677d0936}\SYMCUW.exe" -G:{77CCBE0B-A541-49a9-883E-14F8337EC861} -T:Config -REBOOT
mRun: [osCheck] "c:\program files\norton internet security\osCheck.exe"
mRun: [Conime] c:\windows\system32\conime.exe
mRun: [EKStatusMonitor] c:\program files\kodak\aio\statusmonitor\EKStatusMonitor.exe
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bigfix.lnk - c:\program files\bigfix\bigfix.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\oemreset.lnk - c:\windows\options\OemReset.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{FE6BC53B-3CA8-44E7-A31E-1E6602602D43} : DHCPNameServer = 10.0.0.1
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2008-3-16 149864]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2008-3-16 149864]
R2 CouponPrinterService;Coupon Printer Service;c:\program files\coupons\CouponPrinterService.exe [2014-2-13 152560]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\EKAiOHostService.exe [2013-3-15 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files\kodak\aio\statusmonitor\EKPrinterSDK.exe [2013-1-15 780152]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\ccSvcHst.exe [2008-3-16 149864]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20070820.048\NAVENG.SYS [2014-2-19 81232]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20070820.048\NAVEX15.SYS [2014-2-19 865904]
S3 el575nd5;3Com Megahertz 10/100 LAN CardBus PC Card Driver;c:\windows\system32\drivers\el575ND5.sys [2014-2-19 69692]
S3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2014-2-19 1245064]
.
=============== Created Last 30 ================
.
2014-04-18 17:19:55 -------- d-----w- C:\AdwCleaner
2014-03-22 01:40:54 -------- d-----w- c:\documents and settings\owner\local settings\application data\WMTools Downloaded Files
2014-03-20 16:34:57 -------- d-----w- c:\program files\Haali
2014-03-20 16:34:46 57344 ----a-w- c:\windows\system32\ff_vfw.dll
2014-03-20 16:34:45 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2014-03-20 16:34:42 -------- d-----w- c:\program files\ffdshow
2014-03-20 16:33:43 -------- d-----w- c:\program files\Hello Kitty Snap n Share
.
==================== Find3M ====================
.
2014-03-06 16:32:53 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-03-06 16:32:52 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-03-06 00:26:26 469488 ----a-w- c:\windows\system32\cpnprt2wswin32.cid
2014-03-06 00:22:36 465280 ----a-r- c:\windows\system32\cpnprt2win32.cid
2014-02-19 14:40:11 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2014-02-19 14:40:11 123952 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2014-02-19 14:28:08 315392 ----a-w- c:\windows\HideWin.exe
.
============= FINISH: 10:41:21.25 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 2/19/2014 6:25:16 AM
System Uptime: 4/18/2014 10:24:19 AM (0 hours ago)
.
Motherboard: ELITEGROUP | | 945GCT-M3
Processor: Intel Celeron processor | Socket 775 | 1999/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 142 GiB total, 129.678 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 3.422 GiB free.
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1: 2/19/2014 6:25:21 AM - System Checkpoint
RP2: 2/19/2014 6:27:02 AM - Installed PS2 Multimedia Keyboard Driver
RP3: 2/19/2014 6:27:55 AM - Installed REALTEK GbE & FE Ethernet PCI NIC Driver
RP4: 2/19/2014 6:28:10 AM - Installed Realtek High Definition Audio Driver
RP5: 2/19/2014 6:28:20 AM - Installed Windows XP KB888111WXPSP2.
RP6: 2/19/2014 6:30:42 AM - Installed Windows XP Wudf01000.
RP7: 2/19/2014 6:31:43 AM - Installed Windows XP MSCompPackV1.
RP8: 2/19/2014 6:32:04 AM - Installed Windows XP KB926239.
RP9: 2/19/2014 6:33:37 AM - Installed Microsoft Office Home and Student 2007
RP10: 2/19/2014 6:36:05 AM - Printer Driver Send To Microsoft OneNote Driver Installed
RP11: 2/19/2014 6:45:51 AM - Installed Windows XP KB929338.
RP12: 2/19/2014 6:46:16 AM - Installed Windows XP KB925902.
RP13: 2/19/2014 6:46:37 AM - Installed Windows XP KB930178.
RP14: 2/19/2014 6:46:57 AM - Installed Windows XP KB931261.
RP15: 2/19/2014 6:47:19 AM - Installed Windows XP KB931784.
RP16: 2/19/2014 6:47:41 AM - Installed Windows XP KB932168.
RP17: 2/19/2014 6:48:02 AM - Installed Windows XP KB935448.
RP18: 2/19/2014 6:48:19 AM - Installed Windows XP KB930916.
RP19: 2/19/2014 6:48:55 AM - Installed Windows XP KB931768.
RP20: 2/19/2014 6:49:28 AM - Installed Windows XP KB935840.
RP21: 2/19/2014 6:50:00 AM - Installed Windows XP KB933566.
RP22: 2/19/2014 6:50:29 AM - Installed Windows XP KB935839.
RP23: 2/19/2014 6:50:51 AM - Installed Windows XP KB927891.
RP24: 2/19/2014 6:51:12 AM - Installed Windows XP KB929123.
RP25: 2/19/2014 6:51:39 AM - Installed Windows XP KB936357.
RP26: 2/19/2014 6:52:05 AM - Installed Windows XP KB923689.
RP27: 2/19/2014 6:52:28 AM - Installed Windows XP KB921503.
RP28: 2/19/2014 6:52:50 AM - Installed Windows XP KB936021.
RP29: 2/19/2014 6:52:59 AM - Installed MSXML 4.0 SP2 (KB936181)
RP30: 2/19/2014 6:53:25 AM - Installed Windows Media Player 11 KB936782_WMP11.
RP31: 2/19/2014 6:54:05 AM - Installed Windows XP KB937143.
RP32: 2/19/2014 6:54:37 AM - Installed Windows XP KB938127.
RP33: 2/19/2014 6:55:01 AM - Installed Windows XP KB938828.
RP34: 2/19/2014 6:55:24 AM - Installed Windows XP KB938829.
RP35: 2/19/2014 6:55:31 AM - Installed MSXML 6.0 Parser (KB933579)
RP36: 2/19/2014 6:55:39 AM - Removed MSXML 6.0 Parser
RP37: 2/19/2014 6:57:50 AM - Installed Windows Media Player 11 KB939683.
RP38: 2/19/2014 6:58:21 AM - Installed Windows XP KB933360.
RP39: 2/19/2014 6:59:06 AM - Installed Windows XP KB939653.
RP40: 2/19/2014 6:59:56 AM - Installed Windows XP KB933729.
RP41: 2/19/2014 7:00:27 AM - Installed Windows XP KB941202.
RP42: 2/19/2014 7:01:11 AM - Installed Windows XP KB911280.
RP43: 2/19/2014 7:01:46 AM - Installed Windows XP KB914388.
RP44: 2/19/2014 7:02:15 AM - Installed Windows XP KB916595.
RP45: 2/19/2014 7:02:46 AM - Installed Windows XP KB917159.
RP46: 2/19/2014 7:03:11 AM - Installed Windows XP KB917537.
RP47: 2/19/2014 7:03:40 AM - Installed Windows XP KB919007.
RP48: 2/19/2014 7:04:09 AM - Installed Windows XP KB920685.
RP49: 2/19/2014 7:04:41 AM - Installed Windows XP KB920872.
RP50: 2/19/2014 7:05:07 AM - Installed Windows XP KB922582.
RP51: 2/19/2014 7:05:23 AM - Installed Step By Step Interactive Training KB923723.
RP52: 2/19/2014 7:05:52 AM - Installed Windows XP KB918118.
RP53: 2/19/2014 7:06:19 AM - Installed Windows XP KB924667.
RP54: 2/19/2014 7:06:51 AM - Installed Windows XP KB925720.
RP55: 2/19/2014 7:07:20 AM - Installed Windows XP KB926436.
RP56: 2/19/2014 7:07:48 AM - Installed Windows XP KB927779.
RP57: 2/19/2014 7:08:15 AM - Installed Windows XP KB927802.
RP58: 2/19/2014 7:08:52 AM - Installed Windows XP KB928255.
RP59: 2/19/2014 7:09:23 AM - Installed Windows XP KB928843.
RP60: 2/20/2014 7:51:43 AM - System Checkpoint
RP61: 2/24/2014 12:49:51 AM - System Checkpoint
RP62: 2/25/2014 1:38:37 AM - System Checkpoint
RP63: 2/26/2014 2:37:59 AM - System Checkpoint
RP64: 2/27/2014 3:25:41 AM - System Checkpoint
RP65: 2/28/2014 3:28:52 AM - System Checkpoint
RP66: 3/1/2014 12:13:52 PM - System Checkpoint
RP67: 3/2/2014 12:23:51 PM - System Checkpoint
RP68: 3/3/2014 1:24:56 PM - System Checkpoint
RP69: 3/4/2014 1:27:28 PM - System Checkpoint
RP70: 3/5/2014 4:43:59 PM - System Checkpoint
RP71: 3/6/2014 8:32:43 AM - Installed Java 7 Update 51
RP72: 3/6/2014 8:23:19 AM - System Checkpoint
RP73: 3/7/2014 10:04:26 AM - System Checkpoint
RP74: 3/8/2014 9:34:37 PM - System Checkpoint
RP75: 3/9/2014 9:40:31 PM - System Checkpoint
RP76: 3/10/2014 10:41:50 PM - System Checkpoint
RP77: 3/11/2014 11:03:47 PM - System Checkpoint
RP78: 3/12/2014 11:37:36 PM - System Checkpoint
RP79: 3/14/2014 12:29:50 AM - System Checkpoint
RP80: 3/15/2014 3:03:20 AM - System Checkpoint
RP81: 3/16/2014 3:29:49 AM - System Checkpoint
RP82: 3/17/2014 3:57:32 AM - System Checkpoint
RP83: 3/18/2014 3:58:29 AM - System Checkpoint
RP84: 3/19/2014 4:58:28 AM - System Checkpoint
RP85: 3/20/2014 8:50:47 AM - System Checkpoint
RP86: 3/21/2014 11:47:26 AM - System Checkpoint
RP87: 3/22/2014 2:04:02 PM - System Checkpoint
RP88: 3/23/2014 2:10:08 PM - System Checkpoint
RP89: 3/24/2014 2:10:47 PM - System Checkpoint
RP90: 3/25/2014 2:16:03 PM - System Checkpoint
RP91: 3/26/2014 3:12:11 PM - System Checkpoint
RP92: 3/27/2014 5:38:00 PM - System Checkpoint
RP93: 3/28/2014 5:56:09 PM - System Checkpoint
RP94: 3/29/2014 6:01:27 PM - System Checkpoint
RP95: 3/30/2014 6:06:29 PM - System Checkpoint
RP96: 3/31/2014 6:55:10 PM - System Checkpoint
RP97: 4/1/2014 7:02:55 PM - System Checkpoint
RP98: 4/3/2014 9:08:17 AM - System Checkpoint
RP99: 4/4/2014 11:41:40 AM - System Checkpoint
RP100: 4/5/2014 12:22:51 PM - System Checkpoint
RP101: 4/6/2014 1:03:50 PM - System Checkpoint
RP102: 4/7/2014 1:26:23 PM - System Checkpoint
RP103: 4/8/2014 1:48:39 PM - System Checkpoint
RP104: 4/9/2014 2:48:37 PM - System Checkpoint
RP105: 4/10/2014 2:51:20 PM - System Checkpoint
RP106: 4/11/2014 3:17:40 PM - System Checkpoint
RP107: 4/12/2014 6:57:12 PM - System Checkpoint
RP108: 4/13/2014 7:17:39 PM - System Checkpoint
RP109: 4/15/2014 10:25:52 PM - System Checkpoint
RP110: 4/16/2014 11:14:39 PM - System Checkpoint
RP111: 4/17/2014 11:46:44 PM - System Checkpoint
.
==== Installed Programs ======================
.
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 9 ActiveX
Adobe Reader 8.1.2
Agere Systems PCI-SV92PP Soft Modem
aioscnnr
AppCore
BigFix
Browser Address Error Redirector
ccCommon
center
Compatibility Pack for the 2007 Office system
Component Framework
Coupon Printer for Windows
DVD Suite
eMachines Connect
eMachines Games
essentials
ffdshow [rev 2527] [2008-12-19]
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
Haali Media Splitter
Hello Kitty Snap n Share
High Definition Audio Driver Package - KB888111
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB895953)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB910728)
Hotfix for Windows XP (KB914906)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB928388)
Hotfix for Windows XP (KB929120)
Hotfix for Windows XP (KB935448)
Intel® Graphics Media Accelerator Driver
Java 7 Update 51
Java Auto Updater
Java™ 6 Update 4
Kodak AIO Printer
KODAK AiO Software
LiveUpdate (Symantec Corporation)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Works
MSN
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 6.0 Parser (KB933579)
Norton AntiVirus
Norton AntiVirus Help
Norton Confidential Core
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
ocr
Power2Go 5.0
PowerDVD
PreReq
PrintProjects
PS2 Multimedia Keyboard Driver
REALTEK GbE & FE Ethernet PCI NIC Driver
Realtek High Definition Audio Driver
Recovery Software Suite eMachines
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917537)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
SPBBC 32bit
Symantec Real Time Storage Protection Component
SymNet
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
WebFldrs XP
Windows Backup Utility
Windows Genuine Advantage Validation Tool
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885626
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
.
==== Event Viewer Messages From Past Week ========
.
4/14/2014 12:50:56 PM, error: Dhcp [1002] - The IP address lease 10.0.0.6 for the Network Card with network address 001E902D521A has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).
4/11/2014 9:07:23 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
.
==== End Of File ===========================

Edited by Oh My, 26 April 2014 - 08:06 PM.
Logs posted


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:52 PM

Posted 23 April 2014 - 10:55 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/531512 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,171 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 AM

Posted 26 April 2014 - 08:05 PM

Greetings brancat and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Farbar's MiniToolBox

--------------------
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List devices >>(Problem only)<<

  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • Result log
  • Attached System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,171 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 AM

Posted 29 April 2014 - 07:21 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.

  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 brancat

brancat
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 01 May 2014 - 09:08 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014
Ran by Owner (administrator) on YOUR-52F1BA236E on 01-05-2014 09:03:41
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Coupons.com Inc.) C:\Program Files\Coupons\CouponPrinterService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(New Boundary Technologies, Inc.) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
() C:\WINDOWS\zHotkey.exe
(Chicony) C:\WINDOWS\ModPS2Key.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
() C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [CHotkey] => C:\WINDOWS\zHotkey.exe [547840 2006-11-07] ()
HKLM\...\Run: [ShowWnd] => C:\WINDOWS\ShowWnd.exe [36864 2005-01-27] ()
HKLM\...\Run: [ModPS2] => C:\WINDOWS\ModPS2Key.exe [53248 2006-11-07] (Chicony)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16132608 2008-03-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2008-03-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Recguard] => C:\WINDOWS\SMINST\RECGUARD.EXE [212992 2002-09-14] ()
HKLM\...\Run: [Reminder] => C:\WINDOWS\Creator\Remind_XP.exe [966656 2005-02-25] (SoftThinks)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [56928 2006-11-23] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [58928 2006-11-29] ()
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [1838592 2014-02-19] (Google)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [ccApp] => C:\Program Files\Common Files\Symantec Shared\ccApp.exe [51048 2008-03-16] (Symantec Corporation)
HKLM\...\Run: [isCfgWiz] => C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe [607624 2008-03-16] (Symantec Corporation)
HKLM\...\Run: [osCheck] => C:\Program Files\Norton Internet Security\osCheck.exe [714608 2008-03-16] (Symantec Corporation)
HKLM\...\Run: [Conime] => C:\WINDOWS\system32\conime.exe [27648 2004-08-04] (Microsoft Corporation)
HKLM\...\Run: [EKStatusMonitor] => C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKU\S-1-5-21-4025658388-1159348150-765080461-1003\...\Run: [Power2GoExpress] => NA
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [145408 2014-02-19] (Google)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BigFix.lnk
ShortcutTarget: BigFix.lnk -> C:\Program Files\BigFix\bigfix.exe (BigFix Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Oemreset.lnk
ShortcutTarget: Oemreset.lnk -> C:\WINDOWS\OPTIONS\OemReset.exe (SoftThinks)
Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=W3650
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll (Gateway Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?gd=&ctid=CT3326230&octid=EB_ORIGINAL_CTID&ISID=ME8CF60B4-C882-42C7-8B68-B910C9B99DE9&SearchSource=55&CUI=&UM=5&UP=SPB990EABA-589F-407F-BFAA-ADDE714D3E44&SSPV=
CHR StartupUrls: "hxxp://search.conduit.com/?gd=&ctid=CT3326230&octid=EB_ORIGINAL_CTID&ISID=ME8CF60B4-C882-42C7-8B68-B910C9B99DE9&SearchSource=55&CUI=&UM=5&UP=SPB990EABA-589F-407F-BFAA-ADDE714D3E44&SSPV="
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultNewTabURL: 
CHR Extension: (Duolingo) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2014-03-04]
CHR Extension: (Google Drive) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-04]
CHR Extension: (YouTube) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-04]
CHR Extension: (Google Search) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-04]
CHR Extension: (Evernote Web) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-03-04]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-04]
CHR Extension: (Gmail) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-04]
 
========================== Services (Whitelisted) =================
 
S4 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [243064 2008-03-16] (Symantec Corporation)
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-03-16] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-03-16] (Symantec Corporation)
R2 CLTNetCnService; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-03-16] (Symantec Corporation)
S3 comHost; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [55640 2008-03-16] (Symantec Corporation)
R2 CouponPrinterService; C:\Program Files\Coupons\CouponPrinterService.exe [152560 2014-02-13] (Coupons.com Inc.)
S3 GameConsoleService; C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe [181800 2007-08-29] (WildTangent, Inc.)
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [1838592 2014-02-19] (Google)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-03-06] (Oracle Corporation)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2013-03-15] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-01-15] (Eastman Kodak Company)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3192184 2008-03-16] (Symantec Corporation)
R2 LiveUpdate Notice; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149864 2008-03-16] (Symantec Corporation)
R2 PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [172032 2014-02-19] (New Boundary Technologies, Inc.)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2008-03-15] ()
R3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1245064 2014-02-19] ()
 
==================== Drivers (Whitelisted) ====================
 
R0 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2004-08-04] (Microsoft Corporation)
R2 CO_Mon; C:\WINDOWS\system32\drivers\CO_Mon.sys [36056 2008-03-16] (Symantec Corporation)
S3 el575nd5; C:\WINDOWS\System32\DRIVERS\el575nd5.sys [69692 2001-08-17] (3Com Corporation)
R3 NAVENG; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070820.048\NAVENG.SYS [81232 2008-03-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070820.048\NAVEX15.SYS [865904 2008-03-16] (Symantec Corporation)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-08-04] ()
S3 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [446512 2008-03-16] (Symantec Corporation)
R3 SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [278576 2008-03-16] (Symantec Corporation)
S3 SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [317616 2008-03-16] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [43696 2008-03-16] (Symantec Corporation)
S3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [123952 2014-02-19] (Symantec Corporation)
S3 SYMIDSCO; C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20070823.002\SymIDSCo.sys [158072 2008-03-16] (Symantec Corporation)
S3 SymIM; C:\WINDOWS\System32\DRIVERS\SymIM.sys [31280 2008-03-16] (Symantec Corporation)
R3 SymIMMP; C:\WINDOWS\System32\DRIVERS\SymIM.sys [31280 2008-03-16] (Symantec Corporation)
U5 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.sys [188464 2008-03-16] (Symantec Corporation)
U1 WS2IFSL; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-01 09:01 - 2014-05-01 09:03 - 00000000 ____D () C:\FRST
2014-04-25 20:09 - 2014-04-25 20:09 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Local Settings\Application Data\Sun
2014-04-25 20:09 - 2014-04-25 20:09 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Application Data\Sun
2014-04-25 20:04 - 2014-04-25 20:04 - 00000803 _____ () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Start Menu\Programs\Internet Explorer.lnk
2014-04-25 20:04 - 2014-04-25 20:04 - 00000788 _____ () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Start Menu\Programs\Windows Media Player.lnk
2014-04-25 20:04 - 2014-04-25 20:04 - 00000782 _____ () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Desktop\Windows Media Player.lnk
2014-04-25 20:04 - 2014-04-25 20:04 - 00000738 _____ () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Start Menu\Programs\Outlook Express.lnk
2014-04-25 20:04 - 2014-04-25 20:04 - 00000020 ___SH () C:\Documents and Settings\Panda.YOUR-52F1BA236E\ntuser.ini
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ___RD () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Start Menu\Programs\Accessories
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Start Menu\Programs\CyberLink DVD Suite
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\My Documents\My Google Gadgets
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Local Settings\Application Data\Google
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Application Data\Symantec
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E
2014-04-25 20:04 - 2006-05-06 19:38 - 00001599 _____ () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Start Menu\Programs\Remote Assistance.lnk
2014-04-23 16:07 - 2014-04-23 16:07 - 00000000 ____D () C:\Documents and Settings\Panda\Local Settings\Application Data\Sun
2014-04-23 16:02 - 2014-04-23 16:02 - 00000000 ____D () C:\Documents and Settings\Panda\My Documents\My Google Gadgets
2014-04-23 16:01 - 2014-04-25 20:03 - 00000000 ____D () C:\Documents and Settings\Panda
2014-04-23 16:01 - 2014-04-25 13:27 - 00000178 ___SH () C:\Documents and Settings\Panda\ntuser.ini
2014-04-23 16:01 - 2014-04-23 16:01 - 00000803 _____ () C:\Documents and Settings\Panda\Start Menu\Programs\Internet Explorer.lnk
2014-04-23 16:01 - 2014-04-23 16:01 - 00000788 _____ () C:\Documents and Settings\Panda\Start Menu\Programs\Windows Media Player.lnk
2014-04-23 16:01 - 2014-04-23 16:01 - 00000738 _____ () C:\Documents and Settings\Panda\Start Menu\Programs\Outlook Express.lnk
2014-04-23 16:01 - 2014-04-23 16:01 - 00000000 ___RD () C:\Documents and Settings\Panda\Start Menu\Programs\Accessories
2014-04-23 16:01 - 2014-04-23 16:01 - 00000000 ____D () C:\Documents and Settings\Panda\Start Menu\Programs\CyberLink DVD Suite
2014-04-23 16:01 - 2014-04-23 16:01 - 00000000 ____D () C:\Documents and Settings\Panda\Local Settings\Application Data\Google
2014-04-23 16:01 - 2006-05-06 19:38 - 00001599 _____ () C:\Documents and Settings\Panda\Start Menu\Programs\Remote Assistance.lnk
2014-04-18 12:41 - 2014-04-18 12:42 - 00015301 _____ () C:\Documents and Settings\Owner\Desktop\attach.txt
2014-04-18 12:41 - 2014-04-18 12:42 - 00010091 _____ () C:\Documents and Settings\Owner\Desktop\dds.txt
2014-04-18 12:19 - 2014-04-18 12:22 - 00000000 ____D () C:\AdwCleaner
2014-04-18 11:16 - 2014-04-18 11:16 - 00000000 ____D () C:\Documents and Settings\Administrator.YOUR-52F1BA236E\Local Settings\Application Data\Google
2014-04-18 11:15 - 2014-04-18 11:17 - 00000178 ___SH () C:\Documents and Settings\Administrator.YOUR-52F1BA236E\ntuser.ini
2014-04-18 11:15 - 2014-04-18 11:15 - 00000000 ____D () C:\Documents and Settings\Administrator.YOUR-52F1BA236E
2014-04-18 11:15 - 2014-02-19 09:06 - 00000000 ___RD () C:\Documents and Settings\Administrator.YOUR-52F1BA236E\Start Menu\Programs\Accessories
2014-04-18 11:15 - 2006-05-06 19:38 - 00001599 _____ () C:\Documents and Settings\Administrator.YOUR-52F1BA236E\Start Menu\Programs\Remote Assistance.lnk
2014-04-08 14:11 - 2014-04-08 14:11 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\04-08-2014
 
==================== One Month Modified Files and Folders =======
 
2014-05-01 09:03 - 2014-05-01 09:01 - 00000000 ____D () C:\FRST
2014-05-01 08:07 - 2014-03-04 08:56 - 00000884 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-01 04:59 - 2006-05-06 19:37 - 00447918 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-30 21:07 - 2014-03-04 08:56 - 00000880 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-30 13:14 - 2014-03-04 16:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kodak
2014-04-29 13:28 - 2014-03-04 08:57 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-04-29 09:07 - 2006-05-06 19:41 - 00032506 _____ () C:\WINDOWS\SchedLgU.Txt
2014-04-26 23:35 - 2006-05-06 12:33 - 00000367 _____ () C:\WINDOWS\wiadebug.log
2014-04-25 20:09 - 2014-04-25 20:09 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Local Settings\Application Data\Sun
2014-04-25 20:09 - 2014-04-25 20:09 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Application Data\Sun
2014-04-25 20:04 - 2014-04-25 20:04 - 00000803 _____ () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Start Menu\Programs\Internet Explorer.lnk
2014-04-25 20:04 - 2014-04-25 20:04 - 00000788 _____ () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Start Menu\Programs\Windows Media Player.lnk
2014-04-25 20:04 - 2014-04-25 20:04 - 00000782 _____ () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Desktop\Windows Media Player.lnk
2014-04-25 20:04 - 2014-04-25 20:04 - 00000738 _____ () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Start Menu\Programs\Outlook Express.lnk
2014-04-25 20:04 - 2014-04-25 20:04 - 00000020 ___SH () C:\Documents and Settings\Panda.YOUR-52F1BA236E\ntuser.ini
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ___RD () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Start Menu\Programs\Accessories
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Start Menu\Programs\CyberLink DVD Suite
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\My Documents\My Google Gadgets
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Local Settings\Application Data\Google
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E\Application Data\Symantec
2014-04-25 20:04 - 2014-04-25 20:04 - 00000000 ____D () C:\Documents and Settings\Panda.YOUR-52F1BA236E
2014-04-25 20:04 - 2006-05-06 19:35 - 00055474 _____ () C:\WINDOWS\wmsetup.log
2014-04-25 20:04 - 2006-05-06 19:24 - 00000532 _____ () C:\WINDOWS\win.ini
2014-04-25 20:03 - 2014-04-23 16:01 - 00000000 ____D () C:\Documents and Settings\Panda
2014-04-25 13:36 - 2014-02-19 09:33 - 00000000 ____D () C:\Documents and Settings\Owner\Start Menu\Programs\CyberLink DVD Suite
2014-04-25 13:29 - 2006-05-06 19:41 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-25 13:29 - 2006-05-06 12:33 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-04-25 13:27 - 2014-04-23 16:01 - 00000178 ___SH () C:\Documents and Settings\Panda\ntuser.ini
2014-04-25 13:27 - 2006-05-06 19:41 - 00000178 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-04-24 09:18 - 2006-05-06 12:30 - 00339102 _____ () C:\WINDOWS\setupapi.log
2014-04-23 22:18 - 2006-05-06 12:30 - 00218183 _____ () C:\WINDOWS\setupact.log
2014-04-23 16:07 - 2014-04-23 16:07 - 00000000 ____D () C:\Documents and Settings\Panda\Local Settings\Application Data\Sun
2014-04-23 16:02 - 2014-04-23 16:02 - 00000000 ____D () C:\Documents and Settings\Panda\My Documents\My Google Gadgets
2014-04-23 16:01 - 2014-04-23 16:01 - 00000803 _____ () C:\Documents and Settings\Panda\Start Menu\Programs\Internet Explorer.lnk
2014-04-23 16:01 - 2014-04-23 16:01 - 00000788 _____ () C:\Documents and Settings\Panda\Start Menu\Programs\Windows Media Player.lnk
2014-04-23 16:01 - 2014-04-23 16:01 - 00000738 _____ () C:\Documents and Settings\Panda\Start Menu\Programs\Outlook Express.lnk
2014-04-23 16:01 - 2014-04-23 16:01 - 00000000 ___RD () C:\Documents and Settings\Panda\Start Menu\Programs\Accessories
2014-04-23 16:01 - 2014-04-23 16:01 - 00000000 ____D () C:\Documents and Settings\Panda\Start Menu\Programs\CyberLink DVD Suite
2014-04-23 16:01 - 2014-04-23 16:01 - 00000000 ____D () C:\Documents and Settings\Panda\Local Settings\Application Data\Google
2014-04-20 13:07 - 2006-05-06 19:24 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-04-18 12:42 - 2014-04-18 12:41 - 00015301 _____ () C:\Documents and Settings\Owner\Desktop\attach.txt
2014-04-18 12:42 - 2014-04-18 12:41 - 00010091 _____ () C:\Documents and Settings\Owner\Desktop\dds.txt
2014-04-18 12:22 - 2014-04-18 12:19 - 00000000 ____D () C:\AdwCleaner
2014-04-18 11:19 - 2006-05-06 12:31 - 00471150 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-18 11:17 - 2014-04-18 11:15 - 00000178 ___SH () C:\Documents and Settings\Administrator.YOUR-52F1BA236E\ntuser.ini
2014-04-18 11:16 - 2014-04-18 11:16 - 00000000 ____D () C:\Documents and Settings\Administrator.YOUR-52F1BA236E\Local Settings\Application Data\Google
2014-04-18 11:15 - 2014-04-18 11:15 - 00000000 ____D () C:\Documents and Settings\Administrator.YOUR-52F1BA236E
2014-04-08 14:11 - 2014-04-08 14:11 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\04-08-2014
 
Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\WINDOWS\explorer.exe
[2009-07-31 11:29] - [2007-06-13 05:23] - 1033216 ____A (Microsoft Corporation) 97bd6515465659ff8f3b7be375b2ea87 
 
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe
[2009-07-31 11:31] - [2004-08-04 14:00] - 0108032 ____A (Microsoft Corporation) c6ce6eec82f187615d1002bb3bb50ed4 
 
C:\WINDOWS\system32\User32.dll
[2006-05-06 19:24] - [2007-03-08 10:36] - 0577536 ____A (Microsoft Corporation) b409909f6e2e8a7067076ed748abf1e7 
 
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll
[2006-05-06 19:24] - [2005-07-26 06:39] - 0397824 ____A (Microsoft Corporation) ce94a2bd25e3e9f4d46a7373ff455c6d 
 
 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
 
==================== End Of Log ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-05-2014
Ran by Owner at 2014-05-01 09:04:21
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Norton Internet Security (Disabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security (Disabled) {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
 
==================== Installed Programs ======================
 
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 9 ActiveX (HKLM\...\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}) (Version: 9.0.115.0 - Adobe Systems, Inc.)
Adobe Reader 8.1.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Agere Systems PCI-SV92PP Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - )
aioscnnr (Version: 7.6.13.10 - Your Company Name) Hidden
AppCore (Version: 1.3 - Symantec Corporation) Hidden
BigFix (HKLM\...\{34FF0741-EC67-4C05-AC2A-6D257123DF2E}) (Version: 2.2.0.04 - BigFix)
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )
ccCommon (Version: 107.0.0.102 - Symantec) Hidden
center (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Component Framework (Version: 2006.1.3.35 - Symantec Corporation) Hidden
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated)
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version:  - )
eMachines Connect (HKLM\...\{DF86A72C-4585-4D75-B592-968C8C6604A1}) (Version: 1.1.0 - Acceller)
eMachines Games (HKLM\...\WildTangent emachines Master Uninstall) (Version: GTWY0802 - WildTangent)
essentials (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Haali Media Splitter (HKLM\...\HaaliMkx) (Version:  - )
Hello Kitty Snap n Share (HKLM\...\Hello Kitty Snap n Share) (Version:  - )
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 4 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160040}) (Version: 1.6.0.40 - Sun Microsystems, Inc.)
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)
LiveUpdate (Symantec Corporation) (HKLM\...\PsuedoLiveUpdate) (Version: 3.4.0.162 - Symantec)
LiveUpdate (Symantec Corporation) (Version: 3.4.0.162 - Symantec) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 2.0 (HKLM\...\Microsoft .NET Framework 2.0) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 2.0 (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSN (HKLM\...\MSNINST) (Version:  - )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Norton AntiVirus (Version: 15.0.0.58 - Symantec Corporation) Hidden
Norton AntiVirus Help (Version: 15.0 - Symantec Corporation) Hidden
Norton Confidential Core (Version: 2.0.0.84 - Symantec Corporation) Hidden
Norton Internet Security (Symantec Corporation) (HKLM\...\SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}) (Version: 15.0.0.60 - Symantec Corporation)
Norton Internet Security (Version: 15.0.0.60 - Symantec Corporation) Hidden
Norton Protection Center (Version: 3.1.0.98 - Symantec Corporation) Hidden
ocr (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Power2Go 5.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version:  - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2407.0 - CyberLink Corporation)
PreReq (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
PS2 Multimedia Keyboard Driver (HKLM\...\{FF262740-C85A-11D5-BBEC-00D0B740900A}) (Version:  - )
REALTEK GbE & FE Ethernet PCI NIC Driver (HKLM\...\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}) (Version: 1.02.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5404 - Realtek Semiconductor Corp.)
Recovery Software Suite eMachines (HKLM\...\{15377C3E-9655-400F-B441-E69F0A6BEAFE}) (Version: 1.00.0000 - eMachines)
SPBBC 32bit (Version: 4.0.0.134 - Symantec Corporation) Hidden
Symantec Real Time Storage Protection Component (Version: 10.2.0.57 - Symantec Corporation) Hidden
SymNet (Version: 8.0.0.129 - Symantec Corporation) Hidden
Update for Windows XP (KB894391) (HKLM\...\KB894391) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB896727) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB900485) (HKLM\...\KB900485) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB910437) (HKLM\...\KB910437) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB912945) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB916595) (HKLM\...\KB916595) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB920872) (HKLM\...\KB920872) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB922582) (HKLM\...\KB922582) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB925720) (HKLM\...\KB925720) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB927891) (HKLM\...\KB927891) (Version: 3 - Microsoft Corporation)
Update for Windows XP (KB929338) (HKLM\...\KB929338) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB930916) (HKLM\...\KB930916) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB933360) (HKLM\...\KB933360) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB936357) (HKLM\...\KB936357) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB938828) (HKLM\...\KB938828) (Version: 1 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Backup Utility (HKLM\...\{76EFFC7C-17A6-479D-9E47-8E658C1695AE}) (Version: 5.1 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (HKLM\...\WGA) (Version:  - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version: 3.1 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (Version: 3.1 - Microsoft Corporation) Hidden
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20061107.210142 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows XP Hotfix - KB834707 (Version: 20040929.110854 - Microsoft Corporation) Hidden
Windows XP Hotfix - KB867282 (Version: 20050127.090417 - Microsoft Corporation) Hidden
Windows XP Hotfix - KB873333 (HKLM\...\KB873333) (Version: 20050114.005213 - Microsoft Corporation)
Windows XP Hotfix - KB873339 (HKLM\...\KB873339) (Version: 20041117.092459 - Microsoft Corporation)
Windows XP Hotfix - KB885250 (HKLM\...\KB885250) (Version: 20050118.202711 - Microsoft Corporation)
Windows XP Hotfix - KB885626 (HKLM\...\KB885626) (Version: 20040909.122822 - Microsoft Corporation)
Windows XP Hotfix - KB885835 (HKLM\...\KB885835) (Version: 20041027.181713 - Microsoft Corporation)
Windows XP Hotfix - KB885836 (HKLM\...\KB885836) (Version: 20041028.173203 - Microsoft Corporation)
Windows XP Hotfix - KB888113 (HKLM\...\KB888113) (Version: 20041116.131036 - Microsoft Corporation)
Windows XP Hotfix - KB888239 (HKLM\...\KB888239) (Version: 20041124.162528 - Microsoft Corporation)
Windows XP Hotfix - KB888302 (HKLM\...\KB888302) (Version: 20041207.111426 - Microsoft Corporation)
Windows XP Hotfix - KB890047 (HKLM\...\KB890047) (Version: 20041221.124506 - Microsoft Corporation)
Windows XP Hotfix - KB890175 (HKLM\...\KB890175) (Version: 20041201.233338 - Microsoft Corporation)
Windows XP Hotfix - KB890859 (HKLM\...\KB890859) (Version: 1 - Microsoft Corporation)
Windows XP Hotfix - KB890923 (Version: 1 - Microsoft Corporation) Hidden
Windows XP Hotfix - KB891781 (HKLM\...\KB891781) (Version: 20050110.165439 - Microsoft Corporation)
Windows XP Hotfix - KB893066 (HKLM\...\KB893066) (Version: 1 - Microsoft Corporation)
Windows XP Hotfix - KB893086 (HKLM\...\KB893086) (Version: 1 - Microsoft Corporation)
 
==================== Restore Points  =========================
 
19-02-2014 14:25:21 System Checkpoint
19-02-2014 14:27:02 Installed PS2 Multimedia Keyboard Driver
19-02-2014 14:27:55 Installed REALTEK GbE & FE Ethernet PCI NIC Driver
19-02-2014 14:28:10 Installed Realtek High Definition Audio Driver
19-02-2014 14:28:20 Installed Windows XP KB888111WXPSP2.
19-02-2014 14:30:42 Installed Windows XP Wudf01000.
19-02-2014 14:31:43 Installed Windows XP MSCompPackV1.
19-02-2014 14:32:04 Installed Windows XP KB926239.
19-02-2014 14:33:37 Installed Microsoft Office Home and Student 2007
19-02-2014 14:36:05 Printer Driver Send To Microsoft OneNote Driver Installed
19-02-2014 14:45:51 Installed Windows XP KB929338.
19-02-2014 14:46:16 Installed Windows XP KB925902.
19-02-2014 14:46:37 Installed Windows XP KB930178.
19-02-2014 14:46:57 Installed Windows XP KB931261.
19-02-2014 14:47:19 Installed Windows XP KB931784.
19-02-2014 14:47:41 Installed Windows XP KB932168.
19-02-2014 14:48:02 Installed Windows XP KB935448.
19-02-2014 14:48:19 Installed Windows XP KB930916.
19-02-2014 14:48:55 Installed Windows XP KB931768.
19-02-2014 14:49:28 Installed Windows XP KB935840.
19-02-2014 14:50:00 Installed Windows XP KB933566.
19-02-2014 14:50:29 Installed Windows XP KB935839.
19-02-2014 14:50:51 Installed Windows XP KB927891.
19-02-2014 14:51:12 Installed Windows XP KB929123.
19-02-2014 14:51:39 Installed Windows XP KB936357.
19-02-2014 14:52:05 Installed Windows XP KB923689.
19-02-2014 14:52:28 Installed Windows XP KB921503.
19-02-2014 14:52:50 Installed Windows XP KB936021.
19-02-2014 14:52:59 Installed MSXML 4.0 SP2 (KB936181)
19-02-2014 14:53:25 Installed Windows Media Player 11 KB936782_WMP11.
19-02-2014 14:54:05 Installed Windows XP KB937143.
19-02-2014 14:54:37 Installed Windows XP KB938127.
19-02-2014 14:55:01 Installed Windows XP KB938828.
19-02-2014 14:55:24 Installed Windows XP KB938829.
19-02-2014 14:55:31 Installed MSXML 6.0 Parser (KB933579)
19-02-2014 14:55:39 Removed MSXML 6.0 Parser
19-02-2014 14:57:50 Installed Windows Media Player 11 KB939683.
19-02-2014 14:58:21 Installed Windows XP KB933360.
19-02-2014 14:59:06 Installed Windows XP KB939653.
19-02-2014 14:59:56 Installed Windows XP KB933729.
19-02-2014 15:00:27 Installed Windows XP KB941202.
19-02-2014 15:01:11 Installed Windows XP KB911280.
19-02-2014 15:01:46 Installed Windows XP KB914388.
19-02-2014 15:02:15 Installed Windows XP KB916595.
19-02-2014 15:02:46 Installed Windows XP KB917159.
19-02-2014 15:03:11 Installed Windows XP KB917537.
19-02-2014 15:03:40 Installed Windows XP KB919007.
19-02-2014 15:04:09 Installed Windows XP KB920685.
19-02-2014 15:04:41 Installed Windows XP KB920872.
19-02-2014 15:05:07 Installed Windows XP KB922582.
19-02-2014 15:05:23 Installed Step By Step Interactive Training KB923723.
19-02-2014 15:05:52 Installed Windows XP KB918118.
19-02-2014 15:06:19 Installed Windows XP KB924667.
19-02-2014 15:06:51 Installed Windows XP KB925720.
19-02-2014 15:07:20 Installed Windows XP KB926436.
19-02-2014 15:07:48 Installed Windows XP KB927779.
19-02-2014 15:08:15 Installed Windows XP KB927802.
19-02-2014 15:08:52 Installed Windows XP KB928255.
19-02-2014 15:09:23 Installed Windows XP KB928843.
20-02-2014 15:51:43 System Checkpoint
24-02-2014 08:49:51 System Checkpoint
25-02-2014 09:38:37 System Checkpoint
26-02-2014 10:37:59 System Checkpoint
27-02-2014 11:25:41 System Checkpoint
28-02-2014 11:28:52 System Checkpoint
01-03-2014 20:13:52 System Checkpoint
02-03-2014 20:23:51 System Checkpoint
03-03-2014 21:24:56 System Checkpoint
04-03-2014 21:27:28 System Checkpoint
06-03-2014 00:43:59 System Checkpoint
06-03-2014 16:32:43 Installed Java 7 Update 51
06-03-2014 16:23:19 System Checkpoint
07-03-2014 18:04:26 System Checkpoint
09-03-2014 04:34:37 System Checkpoint
10-03-2014 04:40:31 System Checkpoint
11-03-2014 05:41:50 System Checkpoint
12-03-2014 06:03:47 System Checkpoint
13-03-2014 06:37:36 System Checkpoint
14-03-2014 07:29:50 System Checkpoint
15-03-2014 10:03:20 System Checkpoint
16-03-2014 10:29:49 System Checkpoint
17-03-2014 10:57:32 System Checkpoint
18-03-2014 10:58:29 System Checkpoint
19-03-2014 11:58:28 System Checkpoint
20-03-2014 15:50:47 System Checkpoint
21-03-2014 18:47:26 System Checkpoint
22-03-2014 21:04:02 System Checkpoint
23-03-2014 21:10:08 System Checkpoint
24-03-2014 21:10:47 System Checkpoint
25-03-2014 21:16:03 System Checkpoint
26-03-2014 22:12:11 System Checkpoint
28-03-2014 00:38:00 System Checkpoint
29-03-2014 00:56:09 System Checkpoint
30-03-2014 01:01:27 System Checkpoint
31-03-2014 01:06:29 System Checkpoint
01-04-2014 01:55:10 System Checkpoint
02-04-2014 02:02:55 System Checkpoint
03-04-2014 16:08:17 System Checkpoint
04-04-2014 18:41:40 System Checkpoint
05-04-2014 19:22:51 System Checkpoint
06-04-2014 20:03:50 System Checkpoint
07-04-2014 20:26:23 System Checkpoint
08-04-2014 20:48:39 System Checkpoint
09-04-2014 21:48:37 System Checkpoint
10-04-2014 21:51:20 System Checkpoint
11-04-2014 22:17:40 System Checkpoint
13-04-2014 01:57:12 System Checkpoint
14-04-2014 02:17:39 System Checkpoint
16-04-2014 05:25:52 System Checkpoint
17-04-2014 06:14:39 System Checkpoint
18-04-2014 06:46:44 System Checkpoint
19-04-2014 07:22:14 System Checkpoint
20-04-2014 18:23:28 System Checkpoint
21-04-2014 19:22:13 System Checkpoint
22-04-2014 20:11:55 System Checkpoint
23-04-2014 20:13:08 System Checkpoint
24-04-2014 20:56:08 System Checkpoint
25-04-2014 21:32:37 System Checkpoint
26-04-2014 22:32:37 System Checkpoint
27-04-2014 23:32:37 System Checkpoint
29-04-2014 00:32:39 System Checkpoint
30-04-2014 01:32:37 System Checkpoint
01-05-2014 02:32:37 System Checkpoint
 
==================== Hosts content: ==========================
 
2009-07-31 11:29 - 2004-08-04 14:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-02-19 09:33 - 2008-03-15 23:40 - 00167936 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2009-01-10 17:15 - 2009-01-10 17:15 - 00159744 _____ () C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
2009-01-10 17:14 - 2009-01-10 17:14 - 00023552 _____ () C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
2014-02-19 09:27 - 2006-11-07 17:08 - 00547840 _____ () C:\WINDOWS\zHotkey.exe
2014-02-19 09:36 - 2014-02-19 09:36 - 00036352 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
2014-02-19 09:39 - 2014-02-19 09:39 - 01245064 _____ () C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
2014-02-19 09:39 - 2014-02-19 09:39 - 00359280 _____ () C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll
2014-04-29 13:27 - 2014-04-23 19:33 - 00065352 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2009-07-31 11:28 - 2004-08-04 14:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2009-07-31 11:30 - 2004-08-04 14:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-04-11 09:21 - 2014-02-10 15:44 - 04592128 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-11 09:21 - 2014-02-10 15:44 - 00112128 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2014-04-29 13:27 - 2014-04-23 19:33 - 04081480 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-29 13:27 - 2014-04-23 19:33 - 00390472 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-29 13:27 - 2014-04-23 19:33 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/25/2014 08:57:42 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 34.0.1847.116, faulting module chrome.dll, version 34.0.1847.116, fault address 0x0042860b.
Processing media-specific event for [chrome.exe!ws!]
 
Error: (04/25/2014 08:03:13 PM) (Source: Application Hang) (User: )
Description: Hanging application mshta.exe, version 7.0.5730.11, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (04/25/2014 01:27:51 PM) (Source: Application Error) (User: )
Description: Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]
 
Error: (04/23/2014 11:14:40 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
 
Error: (04/23/2014 10:28:02 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list cab from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The specified server cannot perform the requested operation.
 
Error: (04/23/2014 10:28:00 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list cab from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: This operation returned because the timeout period expired.
 
Error: (04/23/2014 04:09:28 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 34.0.1847.116, faulting module chrome.dll, version 34.0.1847.116, fault address 0x0042860b.
Processing media-specific event for [chrome.exe!ws!]
 
Error: (03/27/2014 08:24:36 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
 
Error: (03/27/2014 08:24:33 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
 
 
System errors:
=============
Error: (04/30/2014 01:10:33 PM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
 
Error: (04/28/2014 01:10:33 PM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
 
Error: (04/26/2014 01:10:33 PM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
 
Error: (04/24/2014 01:10:33 PM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
 
Error: (04/23/2014 11:00:18 PM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.10 for the Network Card with network address 001E902D521A has been
denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).
 
Error: (04/23/2014 04:02:33 PM) (Source: System Error) (User: )
Description: Error code 1000008e, parameter1 c0000005, parameter2 bf8dfdbd, parameter3 a91c8aec, parameter4 00000000.
 
Error: (04/22/2014 01:10:33 PM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
 
Error: (04/20/2014 01:10:48 PM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
 
Error: (04/18/2014 11:36:30 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
 
Error: (04/18/2014 11:36:30 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Percentage of memory in use: 53%
Total physical RAM: 1015.48 MB
Available physical RAM: 467.8 MB
Total Pagefile: 2440.6 MB
Available Pagefile: 1745.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1960.04 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:142.21 GB) (Free:128.89 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (RECOVERY) (Fixed) (Total:6.83 GB) (Free:3.42 GB) FAT32
Drive e: (HelloKitty) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 23213B72)
Partition 1: (Active) - (Size=142 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7 GB) - (Type=0B)
 
==================== End Of Log ============================


#6 brancat

brancat
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 01 May 2014 - 09:34 AM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Owner (administrator) on 01-05-2014 at 09:34:22
Running from "C:\Documents and Settings\Owner\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : YOUR-52F1BA236E
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Unknown
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Connection-specific DNS Suffix  . : 
 
        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
 
        Physical Address. . . . . . . . . : 00-1E-90-2D-52-1A
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 10.0.0.3
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 10.0.0.1
 
        DHCP Server . . . . . . . . . . . : 10.0.0.1
 
        DNS Servers . . . . . . . . . . . : 10.0.0.1
 
        Lease Obtained. . . . . . . . . . : Thursday, May 01, 2014 1:29:10 AM
 
        Lease Expires . . . . . . . . . . : Friday, May 02, 2014 1:29:10 AM
 
Server:  UnKnown
Address:  10.0.0.1
 
Name:    google.com
Addresses:  74.125.225.167, 74.125.225.166, 74.125.225.165, 74.125.225.168
 74.125.225.169, 74.125.225.174, 74.125.225.160, 74.125.225.161, 74.125.225.162
 74.125.225.163, 74.125.225.164
 
 
 
Pinging google.com [74.125.225.167] with 32 bytes of data:
 
 
 
Reply from 74.125.225.167: bytes=32 time=629ms TTL=45
 
Reply from 74.125.225.167: bytes=32 time=629ms TTL=45
 
 
 
Ping statistics for 74.125.225.167:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 629ms, Maximum = 629ms, Average = 629ms
 
Server:  UnKnown
Address:  10.0.0.1
 
Name:    yahoo.com
Addresses:  98.138.253.109, 206.190.36.45, 98.139.183.24
 
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
 
 
 
Reply from 98.138.253.109: bytes=32 time=671ms TTL=46
 
Reply from 98.138.253.109: bytes=32 time=671ms TTL=46
 
 
 
Ping statistics for 98.138.253.109:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 671ms, Maximum = 671ms, Average = 671ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1e 90 2d 52 1a ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.3  20
         10.0.0.0    255.255.255.0         10.0.0.3        10.0.0.3  20
         10.0.0.3  255.255.255.255        127.0.0.1       127.0.0.1  20
   10.255.255.255  255.255.255.255         10.0.0.3        10.0.0.3  20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
        224.0.0.0        240.0.0.0         10.0.0.3        10.0.0.3  20
  255.255.255.255  255.255.255.255         10.0.0.3        10.0.0.3  1
Default Gateway:          10.0.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Devices: ================================
 
 
**** End of log ****


#7 brancat

brancat
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 01 May 2014 - 09:40 AM

Attached File  summary.zip   62.15KB   0 downloads



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,171 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 AM

Posted 01 May 2014 - 09:41 AM

Welcome and thanks for posting the information. I will review the system information file once you have attached it.

Can you tell me if you recognize this as a User Profile?

C:\Documents and Settings\Panda.YOUR-52F1BA236E

===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message attempt to run the program in Safe Mode
  • Press any key to start the program
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Junkware log
  • Security Check information
  • How is your computer running? Are you able to access all web sites?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 brancat

brancat
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 01 May 2014 - 09:43 AM

Yes, I do recognize it.  We have 2 user profiles on this computer.  



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,171 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 AM

Posted 01 May 2014 - 09:48 AM

OK great. Just wanted to make sure.

I will await your next post.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 brancat

brancat
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 01 May 2014 - 10:05 AM

I tried opening the Junkware Removal Tool but I get an error message Non 7z archive. 



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,171 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 AM

Posted 01 May 2014 - 10:10 AM

Can you tell me what happens when you double click the screen317's Security Check file you downloaded?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 brancat

brancat
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 01 May 2014 - 10:13 AM

I haven't downloaded it yet.  I was trying to download the JRT first.  Downloading SecurityCheck now. 



#14 brancat

brancat
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 01 May 2014 - 10:21 AM

 Results of screen317's Security Check version 0.99.82  
 Windows XP Service Pack 2 x86   
 Internet Explorer 7 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Norton AntiVirus     
 Norton AntiVirus Help    
 Norton Internet Security (Symantec Corporation)  
 Norton Internet Security    
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 51  
 Java™ 6 Update 4  
 Java version out of Date! 
 Adobe Flash Player 9 Flash Player out of Date! 
 Adobe Reader 8 Adobe Reader out of Date! 
 Google Chrome 34.0.1847.116  
 Google Chrome 34.0.1847.131  
 Google Chrome plugins...  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:: 17% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 


#15 brancat

brancat
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 01 May 2014 - 10:23 AM

Still can't open JRT.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users