PDA

View Full Version : Claria & Exac


revell
2010-07-01, 00:07
My first clue to problem: emails covertly sent from my hotmail account NOT originated by me to my entire addrbook . I was alerted to the invasion after I began receiving UNDELIVERABLE NOTIFICATIONS (emails sent to outdated email addresses in my addrbook) and saw the suspect email:

SUBJ: symbol symbol Beautiful store character character <symbols & characters may chg for each email>

12

I ordered one black apple iphone 3gs 16gb from this website:

Edit [I]Removed link.

one weeks ago, today I've got it . Amazing,beyond my imagination, it's genuine and as good as expected,but much cheaper. I'm pleased to share this good news with you! May all goes well for you.
RAN full AVG antivirus scan => NO INFECTIONS

WENT TO MICROSOFT:
http://www.microsoft.com/protect/data/home/wireless.aspx
Get a free PC safety scan for Windows XP
Ran FULL SERVICE SCAN <Protection, Clean up, Tune up>
Report cited Claria & Exac <Clariagain (3 items-MED), Exact.B (4 items-HIGH), Exact.I (4 items-HIGH)> and reported it could NOT remove items <more detail given re. locations if needed>
Registry was involved in Clean up process of scan.

On further research, I located your site, SPYBOT R&D .

Read rules. Ran ERUNT <NOT NTREGOPT> System Registry ONLY
Ran DDS. DDS.txt below. Attach.txt states “UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT”. You state “DO NOT ATTACH” so I will await instructions on the attach.txt report file. Cannot find any mention of COMPUTER NAME to chg to OWNER.



DDS (Ver_10-03-17.01) - NTFSx86
Run by Administrator at 12:42:29.95 on Wed 06/30/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.255.66 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Rosewill\Common\RaUI.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Administrator\Desktop\EXEs-DT\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.usna.edu/
uSearch Page = hxxp://home.netscape.com/home/winsearch.html
mSearch Bar = hxxp://home.netscape.com/home/winsearch200.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://keyword.netscape.com/keyword/%s
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\rosewi~1.lnk - c:\program files\rosewill\common\RaUI.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {44226DFF-747E-4edc-B30C-78752E50CD0C} - {44226DFF-747E-4edc-B30C-78752E50CD0C} - c:\program files\ati multimedia\tv\EXPLBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: aol.com\free
Trusted Zone: paypal.com\www
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {84818113-96C5-11D2-BE39-006008BF4DD5} - hxxp://www.scotlandspeople.gov.uk/Viewers/ActiveXControl/viewdw32.ocx
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-6-24 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-6-28 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-6-28 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-6-28 242896]
R2 AtiBt829;ATI WDM Bt829 Video;c:\windows\system32\drivers\atinbtxx.sys [2002-2-21 60800]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-6-28 308064]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1352832]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2009-3-21 564480]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-10-31 133104]
S3 ATIVXSXX;ATI Audio Crossbar (ATIVXBAR);c:\windows\system32\drivers\ativxbar.sys [2002-12-11 26624]

=============== Created Last 30 ================

2010-06-29 18:07:40 0 dc----w- c:\program files\Trend Micro
2010-06-28 19:07:09 12464 -c--a-w- c:\windows\system32\avgrsstx.dll
2010-06-28 19:06:42 242896 -c--a-w- c:\windows\system32\drivers\avgtdix.sys
2010-06-28 19:05:49 216200 -c--a-w- c:\windows\system32\drivers\avgldx86.sys
2010-06-28 19:04:30 0 dc----w- c:\windows\system32\drivers\Avg
2010-06-28 18:56:07 0 dc----w- c:\program files\AVG
2010-06-28 18:55:16 0 dc----w- c:\docume~1\alluse~1\applic~1\avg9
2010-06-28 17:46:24 0 dc----w- c:\windows\system32\wbem\Repository
2010-06-24 19:41:22 15880 -c--a-w- c:\windows\system32\lsdelete.exe
2010-06-24 18:44:24 64288 -c--a-w- c:\windows\system32\drivers\Lbd.sys
2010-06-24 18:44:10 95024 -c--a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-06-24 18:32:39 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-06-18 20:25:29 5632 -c--a-w- c:\windows\system32\ptpusb.dll
2010-06-18 20:25:23 159232 -c--a-w- c:\windows\system32\ptpusd.dll
2010-06-09 11:12:49 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

==================== Find3M ====================

2010-05-06 10:41:53 916480 -c--a-w- c:\windows\system32\wininet.dll
2010-05-02 05:22:50 1851264 -c--a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30:08 285696 -c--a-w- c:\windows\system32\atmfd.dll
2010-04-14 09:00:44 271704 -c--a-w- c:\windows\system32\hpzids01.dll
2007-11-30 20:09:18 132938 -c--a-w- c:\program files\INSTALL.LOG
2007-01-31 19:10:03 7246848 -c--a-w- c:\program files\HTML Guardian 7.msi

============= FINISH: 12:44:31.64 ===============

ALSO before the Microsoft scan, I updated anti-virus defs and ran a full AVG scan and it found 0 INFECTIONS... NADA.
shelf life
2010-07-05, 15:59
hi,

Your post is a few days old. If you still need help simply reply back.
revell
2010-07-05, 17:14
YES, PLEASE. I would still appreciate help.
shelf life
2010-07-06, 00:49
ok we can start with Malwarebytes and see if it digs up anything:

Please download Malwarebytes (http://www.malwarebytes.org/mbam.php) to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.

Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.

Be sure that everything is checked, and click *Remove Selected.*

*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.
revell
2010-07-06, 05:33
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4281

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/5/2010 10:26:00 PM
mbam-log-2010-07-05 (22-26-00).txt

Scan type: Full scan (C:\|K:\|)
Objects scanned: 199429
Time elapsed: 3 hour(s), 10 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
shelf life
2010-07-06, 23:20
That log looks good. Can you post the attach.txt from the DDS scan. if you didnt save it just run DDS again.
revell
2010-07-07, 01:21
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/13/2003 1:21:11 PM
System Uptime: 6/30/2010 9:54:28 AM (3 hours ago)

Motherboard: Dell Computer Corporation | | OptiPlex GX300
Processor: Intel Pentium III processor | Microprocessor | 728/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 19 GiB total, 7.358 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
H: is Removable
J: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1312: 5/30/2010 12:05:58 PM - System Checkpoint
RP1313: 5/31/2010 8:03:05 PM - System Checkpoint
RP1314: 6/1/2010 8:09:07 PM - System Checkpoint
RP1315: 6/2/2010 10:13:21 PM - System Checkpoint
RP1316: 6/3/2010 10:18:41 PM - System Checkpoint
RP1317: 6/4/2010 10:25:28 PM - System Checkpoint
RP1318: 6/5/2010 3:00:44 AM - Software Distribution Service 3.0
RP1319: 6/6/2010 7:25:02 AM - System Checkpoint
RP1320: 6/7/2010 7:55:08 AM - System Checkpoint
RP1321: 6/8/2010 8:55:10 AM - System Checkpoint
RP1322: 6/9/2010 1:28:33 PM - System Checkpoint
RP1323: 6/10/2010 3:01:06 AM - Software Distribution Service 3.0
RP1324: 6/11/2010 3:45:27 AM - System Checkpoint
RP1325: 6/12/2010 4:45:27 AM - System Checkpoint
RP1326: 6/13/2010 5:45:25 AM - System Checkpoint
RP1327: 6/14/2010 6:45:27 AM - System Checkpoint
RP1328: 6/15/2010 7:45:28 AM - System Checkpoint
RP1329: 6/16/2010 8:45:27 AM - System Checkpoint
RP1330: 6/17/2010 9:14:56 AM - System Checkpoint
RP1331: 6/18/2010 9:59:52 AM - System Checkpoint
RP1332: 6/19/2010 10:50:28 AM - System Checkpoint
RP1333: 6/20/2010 12:19:12 PM - System Checkpoint
RP1334: 6/21/2010 12:49:56 PM - System Checkpoint
RP1335: 6/22/2010 3:17:24 PM - System Checkpoint
RP1336: 6/23/2010 3:54:09 PM - System Checkpoint
RP1337: 6/24/2010 5:00:10 PM - System Checkpoint
RP1338: 6/25/2010 6:13:46 PM - System Checkpoint
RP1339: 6/26/2010 6:37:57 PM - System Checkpoint
RP1340: 6/27/2010 7:39:42 PM - System Checkpoint
RP1341: 6/28/2010 1:43:43 PM - Restore Operation
RP1342: 6/28/2010 2:55:11 PM - Installed AVG Free 9.0
RP1343: 6/29/2010 9:46:54 AM - Avg Update
RP1344: 6/30/2010 7:29:39 AM - Cleaned registry with Windows Live OneCare safety scanner

==== Installed Programs ======================

32 Bit HP CIO Components Installer
Acrobat.com
Ad-Aware
Ad-Aware Email Scanner for Outlook
Ad-Aware SE Personal
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3
AIO_Scan
Ancestry Family Tree
Apple Software Update
ATI Display Driver
ATI DVD
ATI Multimedia Center
Audacity 1.3.12 (Unicode)
Avery Wizard 3.1
AVG Free 9.0
BufferChm
C8100
C8100_doccd
C8100_Help
Copy
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocProc
DocProcQFolder
Easy Graphic Converter 1.2
eSupportQFolder
Fax
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Driver Diagnostics
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Product Assistant
HP Product Detection
HP Smart Web Printing 4.60
HP Solution Center 9.0
HP Update
HPProductAssistant
HSP56 Modem Drivers
HTML-Kit
HTML Guardian 7
HyperTerminal Private Edition v6.1
LightScribe 1.4.142.1
Maple 8
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft WinUsb 1.0
MicroStaff WINASPI
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Netscape Communicator 4.79
OmniFormat
PanoStandAlone
PCsync
Pdf995
PhotoFiltre
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_min
PSSWCORE
RealNetworks - Microsoft Visual C++ 2005 Runtime
RealPlayer
Rosewill Wireless Network 11N USB adapter RNX-N100
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
RoxioShim
Scan
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
SmartWebPrinting
SolutionCenter
Status
Super DVD Creator 8.0
Toolbox
TrayApp
UnloadSupport
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoToolkit01
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
WebReg
Windows Easy Transfer
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live OneCare safety scanner
Windows Media Format Runtime
Windows Media Player 10
Windows Movie Maker 2.0
Windows XP Service Pack 3
WinZip

==== Event Viewer Messages From Past Week ========

6/29/2010 10:51:37 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
6/28/2010 1:19:14 PM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
6/26/2010 11:48:18 AM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.
6/26/2010 11:48:18 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .
6/26/2010 11:48:18 AM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2.
6/26/2010 11:48:17 AM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.
6/26/2010 11:48:17 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .
6/26/2010 11:48:17 AM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2.
6/24/2010 2:51:12 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

==== End Of File ===========================
shelf life
2010-07-07, 01:51
Thanks for the info. I was looking for any third party software that may have installed unwanted add-ons like adware. Dont recognize any in your list.

Is AVG coming up clean after a scan? You can do a online scan for another opinion:


ESET online scanner:

http://www.eset.com/onlinescan/

uses Internet Explorer only
check "YES" to accept terms
click start button
allow the ActiveX component to install
click the start button. the Scanner will update.
check both "Remove found threats" and "Scan unwanted applications"
click scan
when done you can find the scan log at:C:\Program Files\EsetOnlineScanner\log.txt
please copy/paste that log in next reply.

Once we are sure of no malware on your machine you should change your hotmail log in password.
tashi
2010-07-13, 21:54
Still with us revell? :)
tashi
2010-07-21, 06:30
revell this thread has been archived due to inactivity.

As it has been four days or more since your last post, and the helper assisting you posted a response to which you did not reply, your topic will not be re-opened. If you still require help, please start a new topic and include a DDS log with a link to your previous thread.

Please do not add any logs that might have been requested previously, you would be starting fresh.

Applies only to the original poster, anyone else with similar problems please start your own topic. .

Thank you shelf life.