IzzysMom

Infected with browser redirect & ads running (sound) when no programs open

10 posts in this topic

Browser hijacked - redirecting on all searches (IE, Safari AND Chrome) - audio ads running even when no programs opened (computer sitting idle on desktop screen)

My Mother's computer...so not sure WHEN it started or why....

OS - Win XP

D/L ad-aware first - it found 1 item & removed it (last night)...but still happening.

D/L MBAM today - found 13 problems - removed them...but still happening.

MBAM also popping up a balloon every few seconds ''Succsfully blocked acces to a potentially malicioius website: 83.133.120.87 (plus many more addy's) - so while its stopping the ads from playing, they are apparently still trying to get thru.

As per instructions - d/l dds programs - logs below.

Thanks in advance for any guidance in clearing this bugger out.

DDS.txt below:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Debbie Alvarez at 21:58:10 on 2012-06-12

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2037.820 [GMT -4:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

AV: CA Anti-Virus *Enabled/Updated* {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe

C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe

C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe

C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe

C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe

C:\Program Files\OLYMPUS\DeviceDetector\DeviceDetector4.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe

C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe

C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CAGlobal.exe

C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Light\CAGlobalLight.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://www.msn.com

uSearch Bar =

uInternet Settings,ProxyOverride = <local>;*.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common

files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: CA Toolbar Helper: {fbf2401b-7447-4727-be5d-c19b2075ca84} - c:\program files\ca\ca internet security suite\ca website

inspector\toolbar\CallingIDIE.dll

TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll

TB: CA Toolbar: {10134636-e7af-4ac5-a1dc-c7c44bb97d81} - c:\program files\ca\ca internet security suite\ca website inspector\toolbar\CallingIDIE.dll

TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File

TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File

uRun: [DellAutomatedPCTuneUp] "c:\program files\dellautomatedpctuneup\PTAgnt.exe" /startup

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [RoxioDragToDisc] "c:\program files\roxio\drag-to-disc\DrgToDsc.exe"

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [ECenter] c:\dell\e-center\EULALauncher.exe

mRun: [<NO NAME>]

mRun: [statusClient] c:\program files\hewlett-packard\toolbox2.0\apache tomcat 4.0\webapps\toolbox\statusclient\StatusClient.exe /auto

mRun: [TomcatStartup] c:\program files\hewlett-packard\toolbox2.0\hpbpsttp.exe

mRun: [cctray] "c:\program files\ca\ca internet security suite\cctray\cctray.exe"

mRun: [CAVRID] "c:\program files\ca\ca internet security suite\ca anti-virus\CAVRID.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [ictpb] rundll32.exe "c:\documents and settings\debbie alvarez\application data\ictpb.dll",SteamNetworking

mRun: [wlascv] "c:\windows\system32\rundll32.exe" "c:\documents and settings\debbie alvarez\application data\wlascv.dll",mpegInOpenTSStream

mRun: [sunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\device~1.lnk - c:\program files\olympus\devicedetector\DeviceDetector4.exe

mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} -

c:\progra~1\micros~3\office11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

LSP: c:\windows\system32\VetRedir.dll

LSP: mswsock.dll

DPF: {32505657-9980-0010-8000-00AA00389B71} -

hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab

DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www1.snapfish.com/SnapfishActivia.cab

DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - hxxp://www1.snapfish.com/SnapfishActivia3.cab

DPF: {6F750203-1362-4815-A476-88533DE61D0C} - hxxp://targetphoto.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.gamehouse.com/realarcade-webgames/bejeweled2/popcaploader.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 167.206.245.129 167.206.245.130

TCP: Interfaces\{19719792-B303-4535-B330-DDDC8C31C039} : DhcpNameServer = 167.206.245.129 167.206.245.130

Notify: igfxcui - igfxdev.dll

SEH: ShellHook Class: {1869181a-9f50-4fcf-8bff-1b8588ecb85c} - c:\program files\ca\ca internet security suite\ca website

inspector\linkadvisor\CIDLinkAdvisor.dll

.

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-6-11 64512]

R1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2008-3-8 26352]

R1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2008-3-8 21104]

R1 VETEFILE;VET File Scan Engine;c:\windows\system32\drivers\vetefile.sys [2008-3-8 746216]

R1 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\vetfddnt.sys [2008-3-8 21488]

R1 VETMONNT;VET File Monitor;c:\windows\system32\drivers\vetmonnt.sys [2008-3-8 161008]

R2 CAISafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2008-3-8 144696]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-6-12 654408]

R2 VETMSGNT;VET Message Service;c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2008-3-8 255312]

R3 DS2490;DS2490 (USB Host for 1-Wire Microlan);c:\windows\system32\drivers\DS2490.sys [2008-3-8 49108]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-6-12 22344]

R3 PPCtlPriv;PPCtlPriv;c:\program files\ca\ca internet security suite\ca anti-spyware\PPCtlPriv.exe [2008-3-8 185680]

R3 VETEBOOT;VET Boot Scan Engine;c:\windows\system32\drivers\veteboot.sys [2008-3-8 130280]

S2 gupdate1c9e303d819611e;Google Update Service (gupdate1c9e303d819611e);c:\program files\google\update\GoogleUpdate.exe [2009-6-1 133104]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-12-3 2152152]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-6-8

257224]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-6-1 133104]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-12-3 15232]

S3 Olympus DVR Service;Olympus DVR Service;c:\program files\common files\olympus shared\devicemanager\olydvrsv.exe [2010-5-14 176128]

.

=============== Created Last 30 ================

.

2012-06-13 00:51:59 -------- d-----w- c:\program files\Spybot - Search & Destroy

2012-06-13 00:51:59 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy

2012-06-12 22:35:43 -------- d-----w- c:\documents and settings\debbie alvarez\application data\Malwarebytes

2012-06-12 22:35:31 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-06-12 22:35:30 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-12 22:35:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-06-12 12:53:56 476960 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-06-12 12:53:55 472864 ----a-w- c:\windows\system32\deployJava1.dll

2012-06-12 05:09:43 16432 ----a-w- c:\windows\system32\lsdelete.exe

2012-06-12 02:36:55 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys

2012-06-12 02:36:23 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2012-06-12 02:27:55 -------- d-----w- c:\documents and settings\debbie alvarez\local settings\application data\Sunbelt Software

2012-06-12 02:24:00 -------- dc-h--w- c:\documents and settings\all users\application data\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}

2012-06-12 02:23:38 -------- d-----w- c:\program files\Lavasoft

2012-06-12 02:14:30 -------- d-----w- c:\documents and settings\debbie alvarez\local settings\application data\CRE

2012-06-12 02:13:53 -------- d-----w- c:\program files\Conduit

2012-06-12 02:13:44 -------- d-----w- c:\documents and settings\debbie alvarez\local settings\application data\Conduit

2012-06-08 18:32:02 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-08 18:32:02 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-08 13:27:57 334336 ----a-w- c:\documents and settings\debbie alvarez\application data\wlascv.dll

2012-06-05 19:48:28 256000 ----a-w- c:\documents and settings\debbie alvarez\application data\rcfre.dll

2012-06-05 19:47:56 -------- d-----w- c:\program files\common files\UserDictionary

2012-06-05 19:47:55 -------- d-----w- c:\documents and settings\all users\application data\F4D55F3E64EACED20001225B2830ACA8

2012-06-05 19:47:54 141312 --sha-w- c:\documents and settings\debbie alvarez\application data\ictpb.dll

.

==================== Find3M ====================

.

2012-06-12 12:53:32 73728 ----a-w- c:\windows\system32\javacpl.cpl

2008-03-21 03:40:39 774144 ----a-w- c:\program files\RngInterstitial.dll

.

============= FINISH: 21:58:31.17 ===============

attach.txt below

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 3/8/2008 3:52:51 PM

System Uptime: 6/12/2012 8:43:41 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0CU409

Processor: Intel® Pentium® Dual CPU E2160 @ 1.80GHz | Socket 775 |

1795/200mhz

Processor: Intel® Pentium® Dual CPU E2160 @ 1.80GHz | Socket 775 |

1795/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 149 GiB total, 118.191 GiB free.

D: is CDROM (CDFS)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP444: 4/14/2012 2:14:28 PM - Software Distribution Service 3.0

RP445: 4/18/2012 6:13:23 PM - System Checkpoint

RP446: 4/20/2012 7:00:52 PM - System Checkpoint

RP447: 4/21/2012 7:21:40 PM - System Checkpoint

RP448: 4/23/2012 4:50:41 PM - System Checkpoint

RP449: 5/13/2012 12:50:31 PM - Software Distribution Service 3.0

RP450: 5/24/2012 4:16:10 PM - System Checkpoint

RP451: 5/30/2012 7:47:34 PM - System Checkpoint

RP452: 6/8/2012 10:31:34 AM - System Checkpoint

RP453: 6/12/2012 8:52:30 AM - Removed Java™ 6 Update 17

RP454: 6/12/2012 8:53:22 AM - Installed Java™ 6 Update 32

.

==== Installed Programs ======================

.

Acrobat.com

Ad-Aware

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader 9.1

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Bicycle® Solitaire

Bonjour

Browser Address Error Redirector

CA Anti-Spyware

CA Anti-Virus

CA Internet Security Suite

CA Pest Patrol Realtime Protection

CA Website Inspector

Canon Camera Access Library

Canon Camera Support Core Library

Canon Camera Window DC_DV 5 for ZoomBrowser EX

Canon Camera Window DC_DV 6 for ZoomBrowser EX

Canon Camera Window MC 6 for ZoomBrowser EX

Canon G.726 WMP-Decoder

Canon MovieEdit Task for ZoomBrowser EX

Canon RAW Image Task for ZoomBrowser EX

Canon RemoteCapture Task for ZoomBrowser EX

Canon Utilities EOS Utility

Canon Utilities PhotoStitch

Canon Utilities ZoomBrowser EX

Case CATalyst Version 8

Compatibility Pack for the 2007 Office system

Dell Automated PC TuneUp

Dell Driver Reset Tool

eBay Desktop

File Uploader

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB906569)

Hotfix for Windows XP (KB908673)

Hotfix for Windows XP (KB909095)

Hotfix for Windows XP (KB921411)

Hotfix for Windows XP (KB924455)

Hotfix for Windows XP (KB934428-v2)

Hotfix for Windows XP (KB935448)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

hp LaserJet 1150 / 1300

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections 12.1.8.0

iTunes

J2SE Runtime Environment 5.0 Update 6

Java™ 6 Update 32

Java™ 6 Update 5

Java™ 6 Update 7

KODAK EASYSHARE Gallery Upload ActiveX Control

Let It Ride 1.0

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Office Standard Edition 2003

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

MobileMe Control Panel

MSN Toolbar

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB973686)

Nikon Message Center

Nikon Transfer

Olympus DSS Player Standard

Picture Control Utility

PowerDVD

QuickTime

RealArcade

Realtek High Definition Audio Driver

Roxio Creator Audio

Roxio Creator BDAV Plugin

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Drag-to-Disc

Roxio Express Labeler

Roxio Update Manager

Safari

Scrabble Blast!

SCRABBLE PLUS

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 (KB936782)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB893756)

Security Update for Windows XP (KB896358)

Security Update for Windows XP (KB896423)

Security Update for Windows XP (KB896428)

Security Update for Windows XP (KB899587)

Security Update for Windows XP (KB899588)

Security Update for Windows XP (KB899591)

Security Update for Windows XP (KB900725)

Security Update for Windows XP (KB901017)

Security Update for Windows XP (KB901214)

Security Update for Windows XP (KB902400)

Security Update for Windows XP (KB904706)

Security Update for Windows XP (KB905414)

Security Update for Windows XP (KB905749)

Security Update for Windows XP (KB908519)

Security Update for Windows XP (KB908531)

Security Update for Windows XP (KB911562)

Security Update for Windows XP (KB911927)

Security Update for Windows XP (KB913580)

Security Update for Windows XP (KB914388)

Security Update for Windows XP (KB914389)

Security Update for Windows XP (KB917344)

Security Update for Windows XP (KB917422)

Security Update for Windows XP (KB918118)

Security Update for Windows XP (KB918439)

Security Update for Windows XP (KB919007)

Security Update for Windows XP (KB920213)

Security Update for Windows XP (KB920670)

Security Update for Windows XP (KB920683)

Security Update for Windows XP (KB920685)

Security Update for Windows XP (KB921503)

Security Update for Windows XP (KB922819)

Security Update for Windows XP (KB923191)

Security Update for Windows XP (KB923414)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB923980)

Security Update for Windows XP (KB924191)

Security Update for Windows XP (KB924270)

Security Update for Windows XP (KB924496)

Security Update for Windows XP (KB924667)

Security Update for Windows XP (KB925902)

Security Update for Windows XP (KB926255)

Security Update for Windows XP (KB926436)

Security Update for Windows XP (KB927779)

Security Update for Windows XP (KB927802)

Security Update for Windows XP (KB928255)

Security Update for Windows XP (KB928843)

Security Update for Windows XP (KB929123)

Security Update for Windows XP (KB930178)

Security Update for Windows XP (KB931261)

Security Update for Windows XP (KB931784)

Security Update for Windows XP (KB932168)

Security Update for Windows XP (KB933729)

Security Update for Windows XP (KB935839)

Security Update for Windows XP (KB935840)

Security Update for Windows XP (KB936021)

Security Update for Windows XP (KB938127)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB938829)

Security Update for Windows XP (KB939653)

Security Update for Windows XP (KB941202)

Security Update for Windows XP (KB941568)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB941644)

Security Update for Windows XP (KB941693)

Security Update for Windows XP (KB943055)

Security Update for Windows XP (KB943460)

Security Update for Windows XP (KB943485)

Security Update for Windows XP (KB944338)

Security Update for Windows XP (KB944533)

Security Update for Windows XP (KB944653)

Security Update for Windows XP (KB945553)

Security Update for Windows XP (KB946026)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB947864)

Security Update for Windows XP (KB948590)

Security Update for Windows XP (KB948881)

Security Update for Windows XP (KB950749)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956390)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958215)

Security Update for Windows XP (KB958470)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960714)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB963027)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969897)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974455)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB976325)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Sonic Activation Module

Spybot - Search & Destroy

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB978506)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB894391)

Update for Windows XP (KB896256)

Update for Windows XP (KB898461)

Update for Windows XP (KB900485)

Update for Windows XP (KB910437)

Update for Windows XP (KB911280)

Update for Windows XP (KB912945)

Update for Windows XP (KB916595)

Update for Windows XP (KB920872)

Update for Windows XP (KB922582)

Update for Windows XP (KB925720)

Update for Windows XP (KB927891)

Update for Windows XP (KB930916)

Update for Windows XP (KB932823-v3)

Update for Windows XP (KB933360)

Update for Windows XP (KB936357)

Update for Windows XP (KB938828)

Update for Windows XP (KB942763)

Update for Windows XP (KB942840)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB976749)

Update for Windows XP (KB978207)

ViewNX

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Web Games Player Plugin

WebFldrs XP

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 8

Windows XP Hotfix - KB873339

Windows XP Hotfix - KB885250

Windows XP Hotfix - KB885835

Windows XP Hotfix - KB885836

Windows XP Hotfix - KB886185

Windows XP Hotfix - KB887472

Windows XP Hotfix - KB888302

Windows XP Hotfix - KB889673

Windows XP Hotfix - KB890859

Windows XP Hotfix - KB891781

.

==== Event Viewer Messages From Past Week ========

.

6/12/2012 8:07:56 PM, error: DCOM [10005] - DCOM got error "%1084"

attempting to start the service EventSystem with arguments "" in order to run the

server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

6/12/2012 8:07:21 PM, error: Service Control Manager [7026] - The following

boot-start or system-start driver(s) failed to load: Fips intelppm VET-FILT VET-REC

VETEFILE VETMONNT

6/12/2012 8:04:55 AM, error: Service Control Manager [7023] - The Network

Location Awareness (NLA) service terminated with the following error: The

specified procedure could not be found.

6/12/2012 7:59:55 PM, error: Service Control Manager [7026] - The following

boot-start or system-start driver(s) failed to load: iaStor

6/12/2012 7:59:23 PM, error: sr [1] - The System Restore filter encountered the

unexpected error '0xC0000001' while processing the file '' on the volume

'HarddiskVolume2'. It has stopped monitoring the volume.

6/11/2012 9:58:16 PM, error: Service Control Manager [7000] - The Upload

Manager service failed to start due to the following error: The account specified for

this service is different from the account specified for other services running in the

same process.

6/11/2012 9:58:16 PM, error: Service Control Manager [7000] - The DS1410D

service failed to start due to the following error: The system cannot find the device

specified.

6/11/2012 10:38:26 PM, error: Service Control Manager [7031] - The Lavasoft

Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The

following corrective action will be taken in 5000 milliseconds: Restart the service.

6/11/2012 10:02:01 PM, error: Service Control Manager [7023] - The Computer

Browser service terminated with the following error: This operation returned because

the timeout period expired.

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Hello IzzysMom and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

I see you are running Teatimer.

I suggest you to disable it because it can interfere with the changes you'll make on your system.

When everything is done and your log is clean again, you can enable it again.

If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.

How to disable TeaTimer <== click me for instructions.

After you disabled Teatimer, download ResetTeaTimer.exe to your desktop.

Then run ResetTeaTimer.exe.

This will only take a few seconds.

Step 2

Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. If you choose to install more than one Anti-Virus program on your computer, then only one of them should be active in memory at a time. My suggestion is to uninstall Ad-Aware and to keep CA Anti-Virus.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • a new fresh DDS log

Share this post


Link to post
Share on other sites

As instructed: teatime disabled - ad-aware uninstalled - malwarebytes update - quick scan performed (took over 50 minutes). Nothing found on this scan -- DDS also run - Please note: hijack still in progress. (MBAM is in almost constant pop up at task bar blocking outgoing malicious website - many ip addy's showing in message) Newest logs below as requested. Please advise as to next step, Thank you.

Malwarebytes Anti-Malware (Trial) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.16.04

Windows XP Service Pack 2 x86 NTFS

Internet Explorer 8.0.6001.18702

Debbie Alvarez :: DEBBIE [administrator]

Protection: Enabled

6/16/2012 9:05:13 AM

mbam-log-2012-06-16 (09-05-13).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 275064

Time elapsed: 54 minute(s), 40 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

DDS LOG FILE:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Debbie Alvarez at 10:01:37 on 2012-06-16

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2037.1201 [GMT -4:00]

.

AV: CA Anti-Virus *Enabled/Updated* {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe

C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe

C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe

C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe

C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe

C:\Program Files\OLYMPUS\DeviceDetector\DeviceDetector4.exe

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe

C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\wuauclt.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://www.msn.com

uSearch Bar =

uInternet Settings,ProxyOverride = <local>;*.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: CA Toolbar Helper: {fbf2401b-7447-4727-be5d-c19b2075ca84} - c:\program files\ca\ca internet security suite\ca website inspector\toolbar\CallingIDIE.dll

TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll

TB: CA Toolbar: {10134636-e7af-4ac5-a1dc-c7c44bb97d81} - c:\program files\ca\ca internet security suite\ca website inspector\toolbar\CallingIDIE.dll

TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File

TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File

uRun: [DellAutomatedPCTuneUp] "c:\program files\dellautomatedpctuneup\PTAgnt.exe" /startup

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [RoxioDragToDisc] "c:\program files\roxio\drag-to-disc\DrgToDsc.exe"

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [ECenter] c:\dell\e-center\EULALauncher.exe

mRun: [<NO NAME>]

mRun: [statusClient] c:\program files\hewlett-packard\toolbox2.0\apache tomcat 4.0\webapps\toolbox\statusclient\StatusClient.exe /auto

mRun: [TomcatStartup] c:\program files\hewlett-packard\toolbox2.0\hpbpsttp.exe

mRun: [cctray] "c:\program files\ca\ca internet security suite\cctray\cctray.exe"

mRun: [CAVRID] "c:\program files\ca\ca internet security suite\ca anti-virus\CAVRID.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [ictpb] rundll32.exe "c:\documents and settings\debbie alvarez\application data\ictpb.dll",SteamNetworking

mRun: [wlascv] "c:\windows\system32\rundll32.exe" "c:\documents and settings\debbie alvarez\application data\wlascv.dll",mpegInOpenTSStream

mRun: [sunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\device~1.lnk - c:\program files\olympus\devicedetector\DeviceDetector4.exe

mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

LSP: c:\windows\system32\VetRedir.dll

LSP: mswsock.dll

DPF: {32505657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab

DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www1.snapfish.com/SnapfishActivia.cab

DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - hxxp://www1.snapfish.com/SnapfishActivia3.cab

DPF: {6F750203-1362-4815-A476-88533DE61D0C} - hxxp://targetphoto.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.gamehouse.com/realarcade-webgames/bejeweled2/popcaploader.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 167.206.245.129 167.206.245.130

TCP: Interfaces\{19719792-B303-4535-B330-DDDC8C31C039} : DhcpNameServer = 167.206.245.129 167.206.245.130

Notify: igfxcui - igfxdev.dll

SEH: ShellHook Class: {1869181a-9f50-4fcf-8bff-1b8588ecb85c} - c:\program files\ca\ca internet security suite\ca website inspector\linkadvisor\CIDLinkAdvisor.dll

.

============= SERVICES / DRIVERS ===============

.

R1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2008-3-8 26352]

R1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2008-3-8 21104]

R1 VETEFILE;VET File Scan Engine;c:\windows\system32\drivers\vetefile.sys [2008-3-8 746216]

R1 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\vetfddnt.sys [2008-3-8 21488]

R1 VETMONNT;VET File Monitor;c:\windows\system32\drivers\vetmonnt.sys [2008-3-8 161008]

R2 CAISafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2008-3-8 144696]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-6-12 654408]

R2 VETMSGNT;VET Message Service;c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2008-3-8 255312]

R3 DS2490;DS2490 (USB Host for 1-Wire Microlan);c:\windows\system32\drivers\DS2490.sys [2008-3-8 49108]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-6-12 22344]

R3 PPCtlPriv;PPCtlPriv;c:\program files\ca\ca internet security suite\ca anti-spyware\PPCtlPriv.exe [2008-3-8 185680]

R3 VETEBOOT;VET Boot Scan Engine;c:\windows\system32\drivers\veteboot.sys [2008-3-8 130280]

S2 gupdate1c9e303d819611e;Google Update Service (gupdate1c9e303d819611e);c:\program files\google\update\GoogleUpdate.exe [2009-6-1 133104]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-6-8 257224]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-6-1 133104]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]

S3 Olympus DVR Service;Olympus DVR Service;c:\program files\common files\olympus shared\devicemanager\olydvrsv.exe [2010-5-14 176128]

.

=============== Created Last 30 ================

.

2012-06-13 00:51:59 -------- d-----w- c:\program files\Spybot - Search & Destroy

2012-06-13 00:51:59 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy

2012-06-12 22:35:43 -------- d-----w- c:\documents and settings\debbie alvarez\application data\Malwarebytes

2012-06-12 22:35:31 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-06-12 22:35:30 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-12 22:35:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-06-12 12:53:56 476960 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-06-12 12:53:55 472864 ----a-w- c:\windows\system32\deployJava1.dll

2012-06-12 02:36:23 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2012-06-12 02:27:55 -------- d-----w- c:\documents and settings\debbie alvarez\local settings\application data\Sunbelt Software

2012-06-12 02:23:38 -------- d-----w- c:\program files\Lavasoft

2012-06-12 02:14:30 -------- d-----w- c:\documents and settings\debbie alvarez\local settings\application data\CRE

2012-06-12 02:13:53 -------- d-----w- c:\program files\Conduit

2012-06-12 02:13:44 -------- d-----w- c:\documents and settings\debbie alvarez\local settings\application data\Conduit

2012-06-08 18:32:02 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-08 18:32:02 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-08 13:27:57 334336 ----a-w- c:\documents and settings\debbie alvarez\application data\wlascv.dll

2012-06-05 19:48:28 256000 ----a-w- c:\documents and settings\debbie alvarez\application data\rcfre.dll

2012-06-05 19:47:56 -------- d-----w- c:\program files\common files\UserDictionary

2012-06-05 19:47:55 -------- d-----w- c:\documents and settings\all users\application data\F4D55F3E64EACED20001225B2830ACA8

2012-06-05 19:47:54 141312 --sha-w- c:\documents and settings\debbie alvarez\application data\ictpb.dll

.

==================== Find3M ====================

.

2012-06-12 12:53:32 73728 ----a-w- c:\windows\system32\javacpl.cpl

2008-03-21 03:40:39 774144 ----a-w- c:\program files\RngInterstitial.dll

.

============= FINISH: 10:02:09.15 ===============

ATTACH LOG FILE:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 3/8/2008 3:52:51 PM

System Uptime: 6/16/2012 8:59:56 AM (2 hours ago)

.

Motherboard: Dell Inc. | | 0CU409

Processor: Intel® Pentium® Dual CPU E2160 @ 1.80GHz | Socket 775 | 1184/200mhz

Processor: Intel® Pentium® Dual CPU E2160 @ 1.80GHz | Socket 775 | 1184/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 149 GiB total, 118.568 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP444: 4/14/2012 2:14:28 PM - Software Distribution Service 3.0

RP445: 4/18/2012 6:13:23 PM - System Checkpoint

RP446: 4/20/2012 7:00:52 PM - System Checkpoint

RP447: 4/21/2012 7:21:40 PM - System Checkpoint

RP448: 4/23/2012 4:50:41 PM - System Checkpoint

RP449: 5/13/2012 12:50:31 PM - Software Distribution Service 3.0

RP450: 5/24/2012 4:16:10 PM - System Checkpoint

RP451: 5/30/2012 7:47:34 PM - System Checkpoint

RP452: 6/8/2012 10:31:34 AM - System Checkpoint

RP453: 6/12/2012 8:52:30 AM - Removed Java 6 Update 17

RP454: 6/12/2012 8:53:22 AM - Installed Java 6 Update 32

.

==== Installed Programs ======================

.

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader 9.1

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Bicycle® Solitaire

Bonjour

Browser Address Error Redirector

CA Anti-Spyware

CA Anti-Virus

CA Internet Security Suite

CA Pest Patrol Realtime Protection

CA Website Inspector

Canon Camera Access Library

Canon Camera Support Core Library

Canon Camera Window DC_DV 5 for ZoomBrowser EX

Canon Camera Window DC_DV 6 for ZoomBrowser EX

Canon Camera Window MC 6 for ZoomBrowser EX

Canon G.726 WMP-Decoder

Canon MovieEdit Task for ZoomBrowser EX

Canon RAW Image Task for ZoomBrowser EX

Canon RemoteCapture Task for ZoomBrowser EX

Canon Utilities EOS Utility

Canon Utilities PhotoStitch

Canon Utilities ZoomBrowser EX

Case CATalyst Version 8

Compatibility Pack for the 2007 Office system

Dell Automated PC TuneUp

Dell Driver Reset Tool

eBay Desktop

File Uploader

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB906569)

Hotfix for Windows XP (KB908673)

Hotfix for Windows XP (KB909095)

Hotfix for Windows XP (KB921411)

Hotfix for Windows XP (KB924455)

Hotfix for Windows XP (KB934428-v2)

Hotfix for Windows XP (KB935448)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

hp LaserJet 1150 / 1300

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections 12.1.8.0

iTunes

J2SE Runtime Environment 5.0 Update 6

Java 6 Update 32

Java 6 Update 5

Java 6 Update 7

KODAK EASYSHARE Gallery Upload ActiveX Control

Let It Ride 1.0

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Office Standard Edition 2003

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

MobileMe Control Panel

MSN Toolbar

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB973686)

Nikon Message Center

Nikon Transfer

Olympus DSS Player Standard

Picture Control Utility

PowerDVD

QuickTime

RealArcade

Realtek High Definition Audio Driver

Roxio Creator Audio

Roxio Creator BDAV Plugin

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Drag-to-Disc

Roxio Express Labeler

Roxio Update Manager

Safari

Scrabble Blast!

SCRABBLE PLUS

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 (KB936782)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB893756)

Security Update for Windows XP (KB896358)

Security Update for Windows XP (KB896423)

Security Update for Windows XP (KB896428)

Security Update for Windows XP (KB899587)

Security Update for Windows XP (KB899588)

Security Update for Windows XP (KB899591)

Security Update for Windows XP (KB900725)

Security Update for Windows XP (KB901017)

Security Update for Windows XP (KB901214)

Security Update for Windows XP (KB902400)

Security Update for Windows XP (KB904706)

Security Update for Windows XP (KB905414)

Security Update for Windows XP (KB905749)

Security Update for Windows XP (KB908519)

Security Update for Windows XP (KB908531)

Security Update for Windows XP (KB911562)

Security Update for Windows XP (KB911927)

Security Update for Windows XP (KB913580)

Security Update for Windows XP (KB914388)

Security Update for Windows XP (KB914389)

Security Update for Windows XP (KB917344)

Security Update for Windows XP (KB917422)

Security Update for Windows XP (KB918118)

Security Update for Windows XP (KB918439)

Security Update for Windows XP (KB919007)

Security Update for Windows XP (KB920213)

Security Update for Windows XP (KB920670)

Security Update for Windows XP (KB920683)

Security Update for Windows XP (KB920685)

Security Update for Windows XP (KB921503)

Security Update for Windows XP (KB922819)

Security Update for Windows XP (KB923191)

Security Update for Windows XP (KB923414)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB923980)

Security Update for Windows XP (KB924191)

Security Update for Windows XP (KB924270)

Security Update for Windows XP (KB924496)

Security Update for Windows XP (KB924667)

Security Update for Windows XP (KB925902)

Security Update for Windows XP (KB926255)

Security Update for Windows XP (KB926436)

Security Update for Windows XP (KB927779)

Security Update for Windows XP (KB927802)

Security Update for Windows XP (KB928255)

Security Update for Windows XP (KB928843)

Security Update for Windows XP (KB929123)

Security Update for Windows XP (KB930178)

Security Update for Windows XP (KB931261)

Security Update for Windows XP (KB931784)

Security Update for Windows XP (KB932168)

Security Update for Windows XP (KB933729)

Security Update for Windows XP (KB935839)

Security Update for Windows XP (KB935840)

Security Update for Windows XP (KB936021)

Security Update for Windows XP (KB938127)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB938829)

Security Update for Windows XP (KB939653)

Security Update for Windows XP (KB941202)

Security Update for Windows XP (KB941568)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB941644)

Security Update for Windows XP (KB941693)

Security Update for Windows XP (KB943055)

Security Update for Windows XP (KB943460)

Security Update for Windows XP (KB943485)

Security Update for Windows XP (KB944338)

Security Update for Windows XP (KB944533)

Security Update for Windows XP (KB944653)

Security Update for Windows XP (KB945553)

Security Update for Windows XP (KB946026)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB947864)

Security Update for Windows XP (KB948590)

Security Update for Windows XP (KB948881)

Security Update for Windows XP (KB950749)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956390)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958215)

Security Update for Windows XP (KB958470)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960714)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB963027)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969897)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974455)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB976325)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Sonic Activation Module

Spybot - Search & Destroy

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB978506)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB894391)

Update for Windows XP (KB896256)

Update for Windows XP (KB898461)

Update for Windows XP (KB900485)

Update for Windows XP (KB910437)

Update for Windows XP (KB911280)

Update for Windows XP (KB912945)

Update for Windows XP (KB916595)

Update for Windows XP (KB920872)

Update for Windows XP (KB922582)

Update for Windows XP (KB925720)

Update for Windows XP (KB927891)

Update for Windows XP (KB930916)

Update for Windows XP (KB932823-v3)

Update for Windows XP (KB933360)

Update for Windows XP (KB936357)

Update for Windows XP (KB938828)

Update for Windows XP (KB942763)

Update for Windows XP (KB942840)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB976749)

Update for Windows XP (KB978207)

ViewNX

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Web Games Player Plugin

WebFldrs XP

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 8

Windows XP Hotfix - KB873339

Windows XP Hotfix - KB885250

Windows XP Hotfix - KB885835

Windows XP Hotfix - KB885836

Windows XP Hotfix - KB886185

Windows XP Hotfix - KB887472

Windows XP Hotfix - KB888302

Windows XP Hotfix - KB889673

Windows XP Hotfix - KB890859

Windows XP Hotfix - KB891781

.

==== Event Viewer Messages From Past Week ========

.

6/16/2012 9:00:40 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000043' while processing the file 'ipsec.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

6/16/2012 8:50:40 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'ipsec.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

6/12/2012 8:44:01 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.

6/12/2012 8:39:19 AM, error: Service Control Manager [7000] - The Upload Manager service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.

6/12/2012 8:39:19 AM, error: Service Control Manager [7000] - The DS1410D service failed to start due to the following error: The system cannot find the device specified.

6/12/2012 8:07:56 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

6/12/2012 8:07:21 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm VET-FILT VET-REC VETEFILE VETMONNT

6/12/2012 7:59:55 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: iaStor

6/12/2012 7:59:23 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

6/12/2012 10:12:31 AM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.

6/11/2012 10:38:26 PM, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Share this post


Link to post
Share on other sites

Disabled anti-virus & malwarebytes software

Downloaded combofix - saved to desktop

double click on combofix - accept YES to license.

WIndow opens & shows progress of a bunch of files extracting - plus it creates a folder named : 32788R22FWJFW on my C: drive.

Status bar in this window comes to end. I get a "beep" from the system. -- that window closes (Without me touching it) and then NOTHING...no other windows open - nothing runs. No scans etc start running as displayed in the description of what to expect that were listed on the link above to bleepingcomputer.

Left system untouched for over 20 minutes - nothing started etc. (Well, except for the occasional audio commercial that seems to just play randomly as part of this whole problem.)

Not sure step I have missed or what is preventing Combofix from running.

Please advise as to what step(s) I should attempt.

Thank you.

Share this post


Link to post
Share on other sites

No luck. - Booted in Safe Mode w/Network. Double click combofix -- window opened - files extracted. (This is where is stalled previously) - but this time I got a second window saying it was backing up the registry - status bar moved quickly showing backing up 13 files. Then that window closed. There was a lightning fast flash of a DOS type blue screen window that closed immediately, a beep, and then the window that showed the extracted files also closed....and NOTHING. That's as far as it went. Nothing else happened. No scan - no additional messages.

What should I try next?

Share this post


Link to post
Share on other sites

Run this tool in Normal mode:

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Share this post


Link to post
Share on other sites

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.