PDA

View Full Version : WindowsSecurityCenter.Firewallbypass


Shelena
2010-06-27, 20:39
WindowsSecurityCenter.Firewallbypass keeps returing after removal by spybot.

Have interesting problem trying to login to secure banking site where we keep being asked for credit card info. Seems to be hijacking us to a pay pal account. We have not entered any info here.

I believe I am supposed to paste these D.S.S reports here:


DDS (Ver_10-03-17.01) - NTFSx86
Run by Owner at 13:19:57.98 on Sun 06/27/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.235 [GMT -5:00]


============== Running Processes ===============

C:\WINNT\system32\svchost -k DcomLaunch
svchost.exe
C:\WINNT\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe -k imgsvc
C:\WINNT\Explorer.EXE
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\PSSFDXCH\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uSearch Page =
uWindow Title = Windows Internet Explorer provided by Yahoo!
mSearch Bar =
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
mSearchAssistant =
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
mWinlogon: Userinit=c:\winnt\system32\Userinit.exe
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\winnt\system32\ctfmon.exe
uPolicies-explorer: NoSMHelp = 1 (0x1)
uPolicies-explorer: MaxRecentDocs = 15 (0xf)
mPolicies-explorer: NoSMHelp = 1 (0x1)
mPolicies-explorer: MaxRecentDocs = 15 (0xf)
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
Trusted Zone: yahoo.com\www
Trusted Zone: yahoo.com\games
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/RACtrl.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://www.pcpitstop.com/mhLbl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo2.walgreens.com/WalgreensActivia.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
Notify: LMIinit - LMIinit.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\winnt\system32\rundll32.exe c:\winnt\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\ymh6glz8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\documents and settings\all users\application data\realarcade\npraclient.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\ymh6glz8.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\ymh6glz8.default\extensions\npmozax@real.com\plugins\npmozax.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJPI150_01.dll
FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npraclient.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - HiddenExtension: XULRunner: {B636EF1C-DB71-4A56-A3B6-415301BFF86A} - c:\documents and settings\doug\local settings\application data\{B636EF1C-DB71-4A56-A3B6-415301BFF86A}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 10);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-1-27 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\winnt\system32\drivers\LMIRfsDriver.sys [2010-6-22 47640]
S0 ntcdrdrv;ntcdrdrv;c:\winnt\system32\drivers\ntcdrdrv.sys --> c:\winnt\system32\drivers\ntcdrdrv.sys [?]
S2 A4SII300;A4SII300;c:\winnt\system32\drivers\a4sii300.sys --> c:\winnt\system32\drivers\A4SII300.SYS [?]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\progra~1\pc-doc~1\diagno~1\pcdrdrv.sys --> c:\progra~1\pc-doc~1\diagno~1\PCDRDRV.sys [?]
S4 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-1-16 161064]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1352832]
S4 LicCtrlService;LicCtrl Service;c:\winnt\Runservice.exe [2005-3-20 2560]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
S4 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

=============== Created Last 30 ================

2010-06-22 14:32:38 0 dc----w- c:\documents and settings\owner\Templates-bak
2010-06-22 14:28:53 0 dc----w- C:\mail-shelena
2010-06-22 14:25:12 63 -c--a-w- c:\winnt\mdm.ini
2010-06-22 14:25:03 0 -c--a-w- c:\winnt\NSREX.INI
2010-06-22 14:21:00 0 dc----w- c:\winnt\ShellNew
2010-06-22 14:20:31 0 dc----w- c:\program files\Snapshot Viewer
2010-06-22 14:19:32 0 dc----w- c:\winnt\Twain32
2010-06-22 14:01:29 0 dc----w- C:\Office
2010-06-22 13:41:48 29568 -c--a-w- c:\winnt\system32\LMIport.dll
2010-06-22 13:41:46 83360 -c--a-w- c:\winnt\system32\LMIRfsClientNP.dll
2010-06-22 13:41:46 47640 -c--a-w- c:\winnt\system32\drivers\LMIRfsDriver.sys
2010-06-22 13:41:25 87424 -c--a-w- c:\winnt\system32\LMIinit.dll
2010-06-22 13:40:37 0 dc----w- c:\program files\LogMeIn
2010-06-22 01:05:10 0 dcsh--w- c:\documents and settings\owner\IECompatCache
2010-06-16 01:14:40 221568 -c----w- c:\winnt\system32\MpSigStub.exe
2010-06-15 23:58:31 0 dcsh--w- c:\documents and settings\owner\PrivacIE
2010-06-14 18:35:25 0 dcsh--w- c:\documents and settings\owner\IETldCache
2010-06-14 00:30:34 0 dc----w- c:\winnt\ie8updates
2010-06-14 00:24:21 0 dc-h--w- c:\winnt\ie8
2010-06-14 00:16:13 599040 -c----w- c:\winnt\system32\dllcache\msfeeds.dll
2010-06-14 00:16:13 55296 -c----w- c:\winnt\system32\dllcache\msfeedsbs.dll
2010-06-14 00:16:12 12800 -c----w- c:\winnt\system32\dllcache\xpshims.dll
2010-06-14 00:16:11 743424 -c----w- c:\winnt\system32\dllcache\iedvtool.dll
2010-06-14 00:16:11 247808 -c----w- c:\winnt\system32\dllcache\ieproxy.dll
2010-06-14 00:16:10 1985536 -c----w- c:\winnt\system32\dllcache\iertutil.dll
2010-06-14 00:16:07 11076096 -c----w- c:\winnt\system32\dllcache\ieframe.dll
2010-06-14 00:15:48 41984 -c----w- c:\winnt\system32\dllcache\iecompat.dll
2010-06-06 19:40:26 0 -c--a-w- c:\winnt\Xyarakoboxagij.bin
2010-06-06 19:40:23 120 -c--a-w- c:\winnt\Fsoharuyuqidef.dat

==================== Find3M ====================

2010-06-22 13:10:52 91041 --sha-w- c:\winnt\system32\mmf.sys
2010-06-15 19:07:45 15880 -c--a-w- c:\winnt\system32\lsdelete.exe
2010-05-06 10:41:53 916480 -c--a-w- c:\winnt\system32\wininet.dll
2010-05-02 05:56:34 1850880 -c--a-w- c:\winnt\system32\win32k.sys
2010-05-01 16:07:27 411368 -c--a-w- c:\winnt\system32\deployJava1.dll
2010-04-20 05:51:20 285696 -c--a-w- c:\winnt\system32\atmfd.dll
2005-02-03 04:08:46 2636408 -c--a-w- c:\program files\aawsepersonal.exe

============= FINISH: 13:21:25.68 ===============
And this this one as well

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 9/29/2003 6:01:14 PM
System Uptime: 6/27/2010 10:29:01 AM (3 hours ago)

Motherboard: Intel Corporation | | D845GERG3
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | J2E1 | 2399/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 37 GiB total, 14.514 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 233 GiB total, 228.862 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1060: 5/2/2010 11:56:27 AM - System Checkpoint
RP1061: 5/5/2010 9:02:08 PM - System Checkpoint
RP1062: 5/8/2010 1:11:56 PM - System Checkpoint
RP1063: 5/9/2010 3:28:04 PM - System Checkpoint
RP1064: 5/11/2010 11:34:38 PM - Software Distribution Service 3.0
RP1065: 5/15/2010 12:32:12 PM - System Checkpoint
RP1066: 5/16/2010 1:37:14 PM - System Checkpoint
RP1067: 5/21/2010 6:18:59 PM - System Checkpoint
RP1068: 5/22/2010 6:20:43 PM - System Checkpoint
RP1069: 5/23/2010 8:05:14 PM - System Checkpoint
RP1070: 5/25/2010 7:49:51 PM - Software Distribution Service 3.0
RP1071: 5/31/2010 10:42:05 AM - System Checkpoint
RP1072: 6/5/2010 10:22:03 AM - System Checkpoint
RP1073: 6/6/2010 11:22:02 AM - System Checkpoint
RP1074: 6/10/2010 7:12:19 AM - System Checkpoint
RP1075: 6/11/2010 12:20:27 PM - System Checkpoint
RP1076: 6/11/2010 2:04:56 PM - Software Distribution Service 3.0
RP1077: 6/12/2010 9:40:51 AM - Software Distribution Service 3.0
RP1078: 6/12/2010 11:24:44 PM - Software Distribution Service 3.0
RP1079: 6/13/2010 3:52:34 PM - Cleaned registry with Windows Live OneCare safety scanner
RP1080: 6/13/2010 7:16:42 PM - Software Distribution Service 3.0
RP1081: 6/13/2010 7:26:12 PM - Installed Windows Internet Explorer 8.
RP1082: 6/13/2010 7:28:05 PM - Software Distribution Service 3.0
RP1083: 6/14/2010 7:37:22 PM - System Checkpoint
RP1084: 6/15/2010 1:00:26 AM - Software Distribution Service 3.0
RP1085: 6/15/2010 8:10:41 PM - Installed Windows Defender
RP1086: 6/15/2010 8:14:28 PM - Software Distribution Service 3.0
RP1087: 6/16/2010 8:54:35 PM - System Checkpoint
RP1088: 6/16/2010 10:41:05 PM - Windows Defender Checkpoint
RP1089: 6/16/2010 10:53:30 PM - Software Distribution Service 3.0
RP1090: 6/19/2010 10:50:21 AM - Software Distribution Service 3.0
RP1091: 6/20/2010 11:26:58 AM - System Checkpoint
RP1092: 6/21/2010 7:12:57 PM - Software Distribution Service 3.0
RP1093: 6/21/2010 8:43:51 PM - Software Distribution Service 3.0
RP1094: 6/21/2010 8:47:47 PM - Software Distribution Service 3.0
RP1095: 6/22/2010 8:40:26 AM - Installed LogMeIn
RP1096: 6/22/2010 8:58:02 AM - Removed Microsoft Office 2000 SR-1 Professional
RP1097: 6/22/2010 9:19:21 AM - Installed Microsoft Office 2000 Professional
RP1098: 6/23/2010 11:20:28 AM - System Checkpoint
RP1099: 6/26/2010 10:16:52 AM - System Checkpoint
RP1100: 6/27/2010 10:21:56 AM - System Checkpoint

==== Installed Programs ======================

Ad-Aware
Ad-Aware Email Scanner for Outlook
Adobe Acrobat 5.0
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.8
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Aveyond
Aveyond 2
AzureBay Screen Saver
Big Fish Games Client
Bonjour
Canon MP Navigator EX 1.0
Canon MX310 series
Canon MX310 series User Registration
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Chocolatier(R) - Decadence by Design(TM)
CLUE Classic
Compatibility Pack for the 2007 Office system
DrawPlus 3.0
DVD
Easy CD Creator 5 Basic
ERUNT 1.1j
Facebook Desktop
Fairy Godmother Tycoon
Farm Craft
Fish Tycoon
GameHouse Sudoku
Gateway Ink Monitor
GradeQuick
GTW V.92 Voicemodem
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Inspector Parker
Intel(R) Extreme Graphics Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet
iPhoto Plus 4
iTunes
J2SE Runtime Environment 5.0 Update 1
Java Auto Updater
Java(TM) 6 Update 20
Lemonade Tycoon
LogMeIn
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Professional
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Web Publishing Wizard 1.52
Mozilla Firefox (3.6.4)
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
My Kingdom for the Princess
My Tribe
Oasis(TM)
Photo Organizer
PIXMA Extended Survey Program
Play Music Demo
Pop-Up Stopper Free Edition
Presto! PageManager 7.15.16
Print Perfect Gold
PS/2 Millennium Keyboard
QuickTime
Ranch Rush
RealArcade
RealPlayer
SCRABBLE®
Seagate Manager Installer
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926247)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981350)
Security Update for Windows XP (KB982381)
Shockwave
Spybot - Search & Destroy
Su-Doku Quest
Totem Tribe
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Virtual Families
Virtual Villagers: The Lost Children
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Wik(TM) and the Fable of Souls
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Live Messenger
Windows Live OneCare safety scanner
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB884020
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
Wonderland - Secret Worlds
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
YAMAHA Digital Music Notebook - Keyboard Edition
YAMAHA Digital Music Notebook Keyboard Lesson Plug-in
YAMAHA Musicsoft Downloader 5.0

==== Event Viewer Messages From Past Week ========

6/27/2010 9:43:51 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
6/27/2010 9:43:36 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
6/27/2010 10:30:07 AM, error: Service Control Manager [7002] - The A4SII300 service depends on the 2Parallel arbitrat group and no member of this group started.
6/26/2010 9:36:53 AM, error: Service Control Manager [7002] - The A4SII300 service depends on the 2Parallel arbitrat group and no member of this group started.
6/26/2010 3:01:57 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the RemoteAccess service.
6/22/2010 8:59:39 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
6/22/2010 8:11:17 AM, error: Service Control Manager [7023] - The Human Interface Device Access service terminated with the following error: The specified module could not be found.
6/22/2010 8:11:17 AM, error: Service Control Manager [7002] - The A4SII300 service depends on the 2Parallel arbitrat group and no member of this group started.
6/22/2010 2:15:22 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service YahooAUService with arguments "" in order to run the server: {90AFF435-B544-4F94-A0C2-CC020EACA4E3}
6/22/2010 2:15:22 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service YahooAUService with arguments "" in order to run the server: {3D369E3A-9EDF-46C4-B4BC-47BF3304BF7C}
6/22/2010 2:12:12 PM, error: Service Control Manager [7002] - The A4SII300 service depends on the 2Parallel arbitrat group and no member of this group started.
6/22/2010 10:05:30 PM, error: Print [6161] -
6/21/2010 7:48:00 PM, error: Service Control Manager [7002] - The A4SII300 service depends on the 2Parallel arbitrat group and no member of this group started.
6/21/2010 7:08:49 PM, error: Service Control Manager [7002] - The A4SII300 service depends on the 2Parallel arbitrat group and no member of this group started.
6/20/2010 9:10:21 AM, error: Service Control Manager [7002] - The A4SII300 service depends on the 2Parallel arbitrat group and no member of this group started.

==== End Of File ===========================
Hope this is what I am supposed to do, very new at this.

Other information that may be useful. Had e-mail issues and a tech from phone company used log me in to fix (I personally know this tech) Have recently added window defender, spybot had found a virtumonde virus and we were working on removing that. I use IE, husband uses Firefox.
We are concerned because the secure site has taken to flashing, only when husband is logged in and requesting that credit card info before allowing him to log in, which we have not I repeat NOT given.

Any help you can provide will be appreciated. This is an older computer and you may just want me to get a new one. (lol)
Blade81
2010-07-01, 10:55
Hi,

Download GMER (http://www.gmer.net) here by clicking download exe -button and then saving it your desktop:
Double-click .exe that you downloaded
Click rootkit-tab, uncheck files option and then click scan.
Don't check
Show All
box while scanning in progress!
When scanning is ready, click Copy.
This copies log to clipboard
Post log (if the log is long, archive it into a zip file and attach instead of posting) in your reply. Post fresh dds log too.
Blade81
2010-07-06, 09:07
Due to inactivity, this thread will now be closed.

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.