Jump to content

Multiple Computers - dds - Computer #1


mjburgard

Recommended Posts

I have multiple computers infected with spyware.password and pup.crossfire.sa. Here is the dds and attach scripts from computer #1. I ran MWB, then ran dds, then uploaded scripts. 2nd computer coming soon.

Here are the files in text format

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 1/17/2007 6:33:34 PM

System Uptime: 9/24/2012 6:57:05 AM (1 hours ago)

.

Motherboard: Dell Inc. | | 0WG864

Processor: Intel® Core2 CPU 6400 @ 2.13GHz | Microprocessor | 2128/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 458 GiB total, 389.422 GiB free.

D: is CDROM ()

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP2288: 6/26/2012 5:55:35 PM - System Checkpoint

RP2289: 6/27/2012 6:55:40 PM - System Checkpoint

RP2290: 6/28/2012 7:03:23 PM - System Checkpoint

RP2291: 6/30/2012 11:19:16 AM - System Checkpoint

RP2292: 7/1/2012 7:02:11 PM - System Checkpoint

RP2293: 7/2/2012 9:51:32 PM - System Checkpoint

RP2294: 7/3/2012 11:11:43 PM - System Checkpoint

RP2295: 7/4/2012 11:15:04 PM - System Checkpoint

RP2296: 7/6/2012 12:12:10 AM - System Checkpoint

RP2297: 7/7/2012 2:52:07 AM - System Checkpoint

RP2298: 7/8/2012 3:15:07 AM - System Checkpoint

RP2299: 7/9/2012 4:15:09 AM - System Checkpoint

RP2300: 7/10/2012 7:38:24 AM - System Checkpoint

RP2301: 7/11/2012 6:21:54 PM - System Checkpoint

RP2302: 7/12/2012 7:00:25 AM - Software Distribution Service 3.0

RP2303: 7/13/2012 7:30:33 AM - System Checkpoint

RP2304: 7/14/2012 7:45:04 AM - System Checkpoint

RP2305: 7/15/2012 8:30:36 AM - System Checkpoint

RP2306: 7/16/2012 9:42:38 AM - System Checkpoint

RP2307: 7/17/2012 10:30:40 AM - System Checkpoint

RP2308: 7/18/2012 6:36:12 PM - System Checkpoint

RP2309: 7/19/2012 6:38:24 PM - System Checkpoint

RP2310: 7/20/2012 6:38:55 PM - System Checkpoint

RP2311: 7/21/2012 7:05:26 PM - System Checkpoint

RP2312: 7/22/2012 7:51:58 PM - System Checkpoint

RP2313: 7/23/2012 8:41:30 PM - System Checkpoint

RP2314: 7/24/2012 9:24:46 PM - System Checkpoint

RP2315: 7/25/2012 9:58:41 PM - System Checkpoint

RP2316: 7/26/2012 10:11:55 PM - System Checkpoint

RP2317: 7/28/2012 3:17:07 AM - System Checkpoint

RP2318: 7/29/2012 3:59:59 AM - System Checkpoint

RP2319: 7/30/2012 4:04:09 AM - System Checkpoint

RP2320: 7/31/2012 4:50:42 AM - System Checkpoint

RP2321: 8/1/2012 5:14:29 AM - System Checkpoint

RP2322: 8/2/2012 5:39:09 AM - System Checkpoint

RP2323: 8/3/2012 3:22:30 PM - System Checkpoint

RP2324: 8/4/2012 4:07:20 PM - System Checkpoint

RP2325: 8/6/2012 8:15:05 AM - System Checkpoint

RP2326: 8/7/2012 7:34:49 PM - System Checkpoint

RP2327: 8/8/2012 10:06:28 PM - System Checkpoint

RP2328: 8/9/2012 10:40:52 PM - System Checkpoint

RP2329: 8/11/2012 3:29:27 AM - System Checkpoint

RP2330: 8/12/2012 8:55:38 AM - System Checkpoint

RP2331: 8/13/2012 6:01:26 PM - System Checkpoint

RP2332: 8/14/2012 6:46:39 AM - Printer Driver Amyuni Document Converter 400 Installed

RP2333: 8/15/2012 8:24:22 PM - System Checkpoint

RP2334: 8/16/2012 7:00:26 AM - Software Distribution Service 3.0

RP2335: 8/17/2012 7:43:48 AM - System Checkpoint

RP2336: 8/18/2012 8:43:39 AM - System Checkpoint

RP2337: 8/19/2012 9:43:34 AM - System Checkpoint

RP2338: 8/20/2012 10:43:30 AM - System Checkpoint

RP2339: 8/21/2012 11:43:25 AM - System Checkpoint

RP2340: 8/22/2012 6:30:19 PM - System Checkpoint

RP2341: 8/22/2012 6:46:24 PM - Installed DirectX

RP2342: 8/22/2012 10:02:59 PM - Printer Driver Amyuni Document Converter 400 Installed

RP2343: 8/22/2012 10:06:11 PM - Printer Driver Amyuni Document Converter 400 Installed

RP2344: 8/22/2012 10:06:52 PM - Printer Driver Amyuni Document Converter 400 Installed

RP2345: 8/23/2012 10:43:16 PM - System Checkpoint

RP2346: 8/25/2012 2:55:58 AM - System Checkpoint

RP2347: 8/26/2012 3:43:29 AM - System Checkpoint

RP2348: 8/27/2012 3:57:07 AM - System Checkpoint

RP2349: 8/28/2012 4:55:33 AM - System Checkpoint

RP2350: 8/29/2012 4:58:05 AM - System Checkpoint

RP2351: 8/30/2012 5:43:36 AM - System Checkpoint

RP2352: 8/31/2012 6:58:08 AM - System Checkpoint

RP2353: 9/1/2012 7:09:05 AM - System Checkpoint

RP2354: 9/2/2012 12:13:28 PM - System Checkpoint

RP2355: 9/3/2012 1:05:25 PM - System Checkpoint

RP2356: 9/4/2012 1:43:44 PM - System Checkpoint

RP2357: 9/5/2012 6:01:05 PM - System Checkpoint

RP2358: 9/6/2012 6:57:10 PM - System Checkpoint

RP2359: 9/7/2012 7:33:07 PM - System Checkpoint

RP2360: 9/9/2012 9:52:14 AM - System Checkpoint

RP2361: 9/10/2012 9:40:44 PM - System Checkpoint

RP2362: 9/11/2012 9:54:09 PM - System Checkpoint

RP2363: 9/12/2012 10:56:11 PM - System Checkpoint

RP2364: 9/13/2012 7:00:17 AM - Software Distribution Service 3.0

RP2365: 9/14/2012 9:29:44 AM - System Checkpoint

RP2366: 9/15/2012 3:54:18 PM - System Checkpoint

RP2367: 9/16/2012 4:29:45 PM - System Checkpoint

RP2368: 9/17/2012 6:45:42 PM - System Checkpoint

RP2369: 9/18/2012 7:29:49 PM - System Checkpoint

RP2370: 9/20/2012 7:48:31 AM - System Checkpoint

RP2371: 9/21/2012 7:58:10 AM - System Checkpoint

RP2372: 9/22/2012 1:34:56 PM - System Checkpoint

RP2373: 9/23/2012 7:00:15 AM - Software Distribution Service 3.0

RP2374: 9/23/2012 8:23:41 PM - Removed Java 6 Update 20

RP2375: 9/23/2012 8:24:04 PM - Installed Java 6 Update 35

.

==== Installed Programs ======================

.

Actiontec Gateway

Adobe AIR

Adobe Community Help

Adobe Download Manager

Adobe Flash Player 11 ActiveX

Adobe Photoshop Elements 10

Adobe Photoshop.com Inspiration Browser

Adobe Reader 9.5.2

Adobe Shockwave Player

Advanced Decoder Patch

AI RoboForm (All Users)

aioprnt

Amazon Games & Software Downloader

Amazon MP3 Downloader 1.0.3

AnswerWorks 5.0 English Runtime

AOLIcon

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Software Suite

Bing Bar

BL2003 Registration

BlackBerry Desktop Software 6.0.2

Bonjour

Broderbund Business Lawyer 2003

BUM

C4USelfUpdater

CCH Small Firm Services (xulRunner)

CCScore

Coupon Printer for Windows

Creative MediaSource

Creative Vado AAC Codec

Creative Vado Effects Plugin

Creative Vado HD Codec

Creative Vado MP4 Reader

Critical Update for Windows Media Player 11 (KB959772)

CyberPower PowerPanel Personal Edition

Data Doctor Recovery Memory Card 3.0.1.5

DeductionPro 2009

Dell CinePlayer

Dell Driver Download Manager

Dell Driver Download Manager - 1

Dell Driver Reset Tool

Dell System Restore

DivX Codec

DivX Content Uploader

DivX Converter

DivX Player

DivX Web Player

Elements 10 Organizer

EPSON Printer Software

ESSBrwr

ESSCDBK

ESScore

essentials

ESSgui

ESSini

ESSPCD

ESSPDock

ESSSONIC

ESSTOOLS

essvatgt

Facebook Plug-In

Fences

FormDocs 7.6.2

Google Chrome

Google Desktop

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

GoToMyPC

H&R Block Business 2009 (Remove Only)

H&R Block Business 2010 (Remove Only)

H&R Block Business 2011 (Remove Only)

H&R Block Montana 2009

H&R Block Montana 2010

H&R Block Montana 2011

H&R Block Premium + Efile + State 2009

H&R Block Premium + Efile + State 2010

H&R Block Premium + Efile + State 2011

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB915800-v4)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

IBM ViaVoice Gold Command Runtime, Version 4.3

Intel® Matrix Storage Manager

Intel® PRO Network Connections

iTunes

Java Auto Updater

Java 6 Update 35

kgcbase

kgchday

Kodak AIO Printer

KODAK EASYSHARE Gallery Easy Upload, v2.0

Kodak EasyShare software

ksDIP

KSU

Learn2 Player (Uninstall Only)

Lernout & Hauspie TruVoice American English TTS Engine

Let's Go Read - An Island Adventure

LiveUpdate 3.0 (Symantec Corporation)

Logitech Print Service

Logitech QuickCam Software

Logitech® Camera Driver

Malwarebytes Anti-Malware version 1.65.0.1400

Maxtor Manager

MetaFrame Presentation Server Client

Micro Logic Info Select 2007

Microsoft .NET Framework 1.0 Hotfix (KB2572066)

Microsoft .NET Framework 1.0 Hotfix (KB2604042)

Microsoft .NET Framework 1.0 Hotfix (KB2656378)

Microsoft .NET Framework 1.0 Hotfix (KB953295)

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Corporation

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft LifeCam

Microsoft National Language Support Downlevel APIs

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Plus! Digital Media Edition Installer

Microsoft Plus! Photo Story 2 LE

Microsoft Software Update for Web Folders (English) 12

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser

netbrdg

nLite 1.4.9.1

Norton PC Checkup

Notifier

NVIDIA Drivers

ocr

OfotoXMI

PC Study Bible 3.1

PCDADDIN

PCDHELP

Pdf995 (installed by H&R Block)

PdfEdit995 (installed by H&R Block)

PHOTOfunSTUDIO 6.5 BD Edition

PreReq

PSE10 STI Installer

Qualxserve Service Agreement

Quicken 2010

QuickTime

Roxio DLA

Roxio Express Labeler

Roxio MyDVD Plus

Roxio RecordNow Audio

Roxio RecordNow Copy

Roxio RecordNow Data

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB928090)

Security Update for Windows Internet Explorer 7 (KB931768)

Security Update for Windows Internet Explorer 7 (KB933566)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB969897)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Search 4 - KB963093

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Segoe UI

SFR

SFR2

SHASTA

SILKYPIX Developer Studio 3.1 SE

SKIN0001

SKINXSDK

Sleepy 6.2

Smilebox

Sonic Activation Module

Sonic Encoders

Sound Blaster X-Fi

staticcr

Super Utilities Pro 7.39

Symantec AntiVirus

Symantec KB-DocID:2003093015493306

TaxCut Montana 2007

TaxCut Montana 2008

TaxCut Premium + State + Efile 2008

tooltips

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition

Update for Windows Internet Explorer 8 (KB969497)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB961503)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

URL Assistant

Viewpoint Manager (Remove Only)

Viewpoint Media Player

VPRINTOL

WebEx

WebIQ Technology Engine

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Live Sign-in Assistant

Windows Live Upload Tool

Windows Media Format 11 runtime

Windows Media Player 10

Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]

Windows Media Player 11

Windows Search 4.0

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB2619340

Windows XP Media Center Edition 2005 KB2628259

Windows XP Media Center Edition 2005 KB908246

Windows XP Media Center Edition 2005 KB925766

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

WIRELESS

Yahoo! Browser Services

Yahoo! Install Manager

Yahoo! Internet Mail

Yahoo! Messenger

Yahoo! Music Jukebox

.

==== End Of File ===========================

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Mikeb at 7:05:10 on 2012-09-24

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.1915 [GMT -6:00]

.

AV: Symantec AntiVirus Corporate Edition *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}

FW: Norton Internet Worm Protection *Disabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Microsoft\BingBar\SeaPort.EXE

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\Program Files\Citrix\GoToMyPC\g2svc.exe

C:\Program Files\Citrix\GoToMyPC\g2comm.exe

C:\Program Files\Citrix\GoToMyPC\g2pre.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Citrix\GoToMyPC\g2tray.exe

C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe

C:\Program Files\Maxtor\Sync\SyncServices.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\msiexec.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe

C:\Program Files\Sleepy\service.exe

svchost.exe

C:\Program Files\Sleepy\slptask.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\CTHELPER.EXE

C:\WINDOWS\system32\CTXFIHLP.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

C:\Program Files\Dell\Media Experience\DMXLauncher.exe

C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE

C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe

C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\PROGRA~1\SYMANT~1\VPTray.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Sleepy\slptray.exe

C:\Program Files\Microsoft LifeCam\LifeExp.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe

C:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\SuperLogix\Super Utilities\SuperUtil.exe

C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://seattletimes.nwsource.com/html/nationworld/?from=stnv2

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = localhost;*.local

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

mSearchAssistant = hxxp://www.google.com/ie

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {36ada89d-2440-4dc4-820a-3a05e8630935} - c:\program files\video activex access\iesplg.dll

BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL

BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File

TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File

TB: {31615D5C-5126-448A-818A-A7CDFEE85A9B} - No File

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [LogitechSoftwareUpdate] "c:\program files\logitech\video\ManifestEngine.exe" boot

uRun: [super Utilities] c:\program files\superlogix\super utilities\SuperUtil.exe /min

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

uRun: [\\DELL8400\EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\e_s10ic1.exe /p41 "\\dell8400\EPSON Stylus Photo R300 Series" /M "Stylus Photo R300" /EF "HKCU"

uRun: [PowerPanel Personal Edition User Interaction] "c:\program files\cyberpower powerpanel personal edition\pppeuser.exe"

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [Google Update] "c:\documents and settings\mikeb\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [CTHelper] CTHELPER.EXE

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe

mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe

mRun: [CTDVDDET] "c:\program files\creative\sound blaster x-fi\dvdaudio\CTDVDDET.EXE"

mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi\volume panel\VolPanel.exe" /r

mRun: [AudioDrvEmulator] "c:\program files\creative\shared files\module loader\dllml.exe" -1 audiodrvemulator "c:\program files\creative\shared files\module loader\audio emulator\AudDrvEm.dll"

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [LVCOMSX] c:\windows\system32\LVCOMSX.EXE

mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe

mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe

mRun: [\\DELL_8400\EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\e_s4i2f1.exe /p42 "\\dell_8400\EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"

mRun: [EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB002" /M "Stylus Photo R300"

mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [vptray] c:\progra~1\symant~1\VPTray.exe

mRun: [Auto EPSON Stylus Photo R300 Series on DELL_4600] c:\windows\system32\spool\drivers\w32x86\3\e_s4i2f1.exe /p48 "auto epson stylus photo r300 series on dell_4600" /o22 "\\dell_4600\EPSON R300" /M "Stylus Photo R300"

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"

mRun: [\\DELL_GX50\EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\e_s4i2f1.exe /p42 "\\dell_gx50\EPSON Stylus Photo R300 Series" /O6 "USB002" /M "Stylus Photo R300"

mRun: [AdmTask] c:\program files\admtask\admtask.exe /m

mRun: [\\DELL8400\EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\e_s4i2f1.exe /p41 "\\dell8400\EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe"

mRun: [Conime] %windir%\system32\conime.exe

mRun: [AmazonGSDownloaderTray] c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderTray.exe

mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe

mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"

dRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

dRunOnce: [KodakHomeCenter] "c:\program files\kodak\aio\center\AiOHomeCenter.exe"

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\photof~1.lnk - c:\program files\common files\panasonic\photofunstudio autostart\AutoStartupService.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

IE: &Search

IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm

IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html

IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000

IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html

IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html

IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm

IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm

IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html

IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL

DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxps://support.dell.com/systemprofiler/SysPro.CAB

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll

DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} - hxxp://webiq005.webiqonline.com/WebIQ/DataServer/Pub/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}

DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.costcophotocenter.com/CostcoActivia.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab

DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab

DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://colorworldprinters.webex.com/client/T27L/support/ieatgpc.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} - hxxp://www.costcophotocenter.com/upload/activex/v3_0_0_2/PhotoCenter_ActiveX_Control.cab?

TCP: Interfaces\{44A5B0B9-1B52-4C31-A60D-84EFE3B64963} : NameServer = 69.51.76.36,69.51.76.26

Notify: GoToMyPC - c:\program files\citrix\gotomypc\G2WinLogon.dll

Notify: NavLogon - c:\windows\system32\NavLogon.dll

AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

.

============= SERVICES / DRIVERS ===============

.

R0 HWFProt;Hywave File Protector HWFProt;c:\windows\system32\drivers\HWFProt.sys [2007-5-6 43936]

R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2005-2-4 324232]

R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2005-2-4 53896]

R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files\adobe\elements 10 organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]

R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648]

R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2005-6-2 185968]

R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2005-6-2 161392]

R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\EKAiOHostService.exe [2011-9-5 393648]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-16 399432]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-6 676936]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2005-6-23 1715904]

R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2007-1-9 1174152]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-4-1 24652]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-6 22856]

R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20120921.002\naveng.sys [2012-9-21 92704]

R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20120921.002\navex15.sys [2012-9-21 1601184]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-31 135664]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-20 250568]

S3 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2011-2-6 401920]

S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336]

S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2005-6-2 83568]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-11-29 30192]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-31 135664]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2005-8-16 14336]

S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2005-6-23 124608]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-09-24 02:24:23 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-09-24 02:24:23 477168 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-09-15 23:29:00 92208 ----a-w- c:\windows\system\WING.DLL

2012-09-15 23:29:00 6736 ----a-w- c:\windows\system32\WINGDIB.DRV

2012-09-15 23:29:00 6736 ----a-w- c:\windows\system\WINGDIB.DRV

2012-09-15 23:29:00 5024 ----a-w- c:\windows\system32\WINGPAL.WND

2012-09-15 23:29:00 188960 ----a-w- c:\windows\system32\WINGDE.DLL

2012-09-15 23:29:00 188960 ----a-w- c:\windows\system\WINGDE.DLL

2012-09-15 23:29:00 12800 ----a-w- c:\windows\system\WING32.DLL

2012-09-15 23:28:59 92208 ----a-w- c:\windows\system32\WING.DLL

2012-09-15 23:28:59 12800 ----a-w- c:\windows\system32\WING32.DLL

2012-09-15 23:27:19 -------- d-----w- C:\ViaVoice

2012-09-15 23:25:50 299520 ----a-w- c:\windows\uninst.exe

2012-09-15 23:24:49 274432 ----a-w- c:\windows\TLCUninstall.exe

2012-09-15 23:24:49 -------- d-----w- c:\program files\The Learning Company

2012-09-07 03:19:01 -------- d-----w- c:\documents and settings\mikeb\application data\Malwarebytes

2012-09-07 03:18:51 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-09-07 03:18:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-07 03:18:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

.

==================== Find3M ====================

.

2012-09-24 02:24:11 473072 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-07 02:20:32 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-09-07 02:20:31 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll

2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-08-28 15:14:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec

2012-08-15 05:52:34 9232584 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll

2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys

2008-10-30 02:43:14 774144 ----a-w- c:\program files\RngInterstitial.dll

.

============= FINISH: 7:05:27.50 ===============

Link to post
Share on other sites

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

~~~~~~~~~~~~~~~~~~~~~

Then.........

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

MrC

Link to post
Share on other sites

Here is Rogue Killer Report. Then I ran quick scan again on mwb.

RogueKiller V8.0.5 [09/23/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User : Mikeb [Admin rights]

Mode : Scan -- Date : 09/24/2012 22:05:32

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤

[services][ROGUE ST] HKLM\[...]\ControlSet001\Services\61883 (system32\DRIVERS\61883.sys) -> FOUND

[services][ROGUE ST] HKLM\[...]\ControlSet002\Services\61883 (system32\DRIVERS\61883.sys) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{44A5B0B9-1B52-4C31-A60D-84EFE3B64963} : NameServer (69.51.76.36,69.51.76.26) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{44A5B0B9-1B52-4C31-A60D-84EFE3B64963} : NameServer (69.51.76.36,69.51.76.26) -> FOUND

[HJ] HKCU\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> FOUND

[HJ] HKLM\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

SSDT[31] : NtConnectPort @ 0x805A45D8 -> HOOKED (Unknown @ 0x85500290)

¤¤¤ Extern Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST500DM002-1BC142 +++++

--- User ---

[MBR] 09d8b74f0322c94d835854cda5ec02c9

[bSP] 7f166d3ba33d31b30b7c948a6193e751 : MBR Code unknown

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 78 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 160650 | Size: 469156 Mo

2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 960992235 | Size: 7703 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

Can you post the log from Malwarebytes.

~~~~~~~~~~~~~~~~~~~~~

Run RogueKiller again and click Scan

When the scan completes > click on the Registry tab

Put a check next to all of these and uncheck the rest: (if found)

[services][ROGUE ST] HKLM\[...]\ControlSet001\Services\61883 (system32\DRIVERS\61883.sys) -> FOUND

[services][ROGUE ST] HKLM\[...]\ControlSet002\Services\61883 (system32\DRIVERS\61883.sys) -> FOUND

[HJ] HKCU\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> FOUND

[HJ] HKLM\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> FOUND

Now click Delete on the right hand column under Options

MrC

Link to post
Share on other sites

Here is mbam log after quick scan

Malwarebytes Anti-Malware (PRO) 1.65.0.1400

www.malwarebytes.org

Database version: v2012.09.25.02

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Mikeb :: DELL_E520 [administrator]

Protection: Enabled

9/24/2012 10:12:28 PM

mbam-log-2012-09-24 (22-12-28).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 255817

Time elapsed: 24 minute(s), 33 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

MrC

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.