Page 9 of 14 FirstFirst ... 5678910111213 ... LastLast
Results 81 to 90 of 136

Thread: Can't run HJT

  1. #81
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    Okay. I restored it to September 2nd and 5:59:40pm and I now have remove available. Which programs would you like me to remove?

  2. #82
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Good. Now let's go back to post #52. From there do steps after ComboFix (don't run it again at this point).
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  3. #83
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    I've completed the list on post #52 except for new dds log. That's next. Here is the Kaspersky report.

  4. #84
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    Here is the new dds log.


    DDS (Ver_09-07-30.01) - NTFSx86
    Run by Mary at 21:37:59.45 on Sun 09/06/2009
    Internet Explorer: 7.0.5730.13

    ============== Running Processes ===============


    ============== Pseudo HJT Report ===============

    uSearch Bar = hxxp://www.google.com/ie
    uStart Page = hxxp://www.my.yahoo.com/
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy162-8-10-2009\SDHelper.dll
    BHO: c:\windows\system32\ghaf8jkdfd.dll: {a36d2a01-00f3-42bd-f434-00bbc39c8953} - c:\windows\system32\ghaf8jkdfd.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\ycomp5_3_19_0.dll
    TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6253\SiteAdv.dll
    TB: Merriam-Webster Online: {b7b76dd6-b6f0-4443-af81-6a3ecf12a57d} - c:\windows\_MWOLTB.DLL
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
    TB: {11359F4A-B191-42D7-905A-594F8CF0387B} - No File
    uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
    uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [OM_Monitor] c:\program files\olympus\olympus master\Monitor.exe -NoStart
    uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    uRun: [AbacastDistributedOnDemand:11] c:\documents and settings\mary\local settings\application data\abacastdistributedondemand\node\11\AbacastDistributedOnDemand.exe -r:11 -x:1
    uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\WCESCOMM.EXE"
    uRun: [mswindows restore service] c:\docume~1\mary\locals~1\temp\w2ovzh.exe
    uRun: [Windows System Recover!] c:\docume~1\mary\locals~1\temp\1158995548.exe
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy162-8-10-2009\TeaTimer.exe
    uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~2.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 1.0.3705; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.msnbc.msn.com/id/20044245/ns/entertainment-comics_games_news_of_the_weird/?cat=uj"
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [diagent] "c:\program files\creative\sblive\diagnostics\diagent.exe" startup
    mRun: [UpdReg] c:\windows\UpdReg.EXE
    mRun: [DVDSentry] c:\windows\system32\DSentry.exe
    mRun: [MMTray] c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe
    mRun: [AdaptecDirectCD] "c:\program files\roxio\easy cd creator 5\directcd\DirectCD.exe"
    mRun: [Dell AIO Printer A940] "c:\program files\dell aio printer a940\dlbabmgr.exe"
    mRun: [Atari Launcher] c:\program files\hasbro interactive\atari arcade hits 1\Atari icon.exe
    mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe
    mRun: [ViewMgr] c:\program files\viewpoint\viewpoint manager\ViewMgr.exe
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [SiteAdvisor] c:\program files\siteadvisor\6172\SiteAdv.exe
    mRun: [OM_Monitor] c:\program files\olympus\olympus master\FirstStart.exe
    mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    StartupFolder: c:\documents and settings\mary\start menu\programs\startup\PowerReg Scheduler.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\program\Kodak Software Updater.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    uPolicies-explorer: NoFolderOptions = 1 (0x1)
    mPolicies-explorer: <NO NAME> =
    IE: {10F055B8-F443-4adf-948A-EC551E9DBCE4} - c:\documents and settings\mary\start menu\programs\ultimatebet\UltimateBet.lnk
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INETREPL.DLL
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INETREPL.DLL
    IE: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - {4C171D40-8277-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\messenger\yhexbmes0411.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy162-8-10-2009\SDHelper.dll
    Trusted Zone: internet
    Trusted Zone: mcafee.com
    DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
    DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
    DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
    DPF: {41F17733-B041-4099-A042-B518BB6A408C} - hxxp://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe
    DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,73/mcinsctl.cab
    DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
    DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156782442455
    DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://cid-46c60f1cf692a806.spaces.live.com/PhotoUpload/MsnPUpld.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3}
    DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} - hxxp://cdn2.zone.msn.com/binframework/v10/ZAxRcMgr.cab31267.cab
    DPF: {ABB660B6-6694-407B-950A-EDBA5A159722}
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,16/mcgdmgr.cab
    DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://a.download.toontown.com/sv1.0.37.7/ttinst.cab
    DPF: {C487F60B-59B9-47D9-BFDF-AB26786F8823} - hxxp://zone.msn.com/bingame/zpagames/zpa_stoo.cab62201.cab
    DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
    DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab55579.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
    Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - c:\program files\microsoft activesync\AATP.DLL
    Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6253\SiteAdv.dll
    WinCE Filter: image/bmp - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: image/gif - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: image/jpeg - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: image/xbm - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: text/asp - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: text/html - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\program files\microsoft activesync\CENETFLT.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    STS: c:\windows\system32\ghaf8jkdfd.dll: {a36d2a01-00f3-42bd-f434-00bbc39c8953} - c:\windows\system32\ghaf8jkdfd.dll
    SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
    LSA: Authentication Packages = msv1_0 c:\windows\system32\cbXNDUOE

    ============= SERVICES / DRIVERS ===============


    =============== Created Last 30 ================

    2009-09-06 10:32 411,368 a------- c:\windows\system32\deploytk.dll
    2009-09-06 10:32 73,728 a------- c:\windows\system32\javacpl.cpl
    2009-09-05 21:39 <DIR> --d----- c:\windows\system32\Data
    2009-09-05 21:39 <DIR> --d----- c:\program files\GetModule
    2009-09-05 21:39 <DIR> --d----- c:\program files\Common
    2009-09-05 21:39 <DIR> --d----- c:\docume~1\mary\applic~1\EurekaLog
    2009-09-05 12:41 <DIR> --d----- c:\windows\system32\wbem\Repository
    2009-09-03 08:51 <DIR> --d----- C:\cmdcons
    2009-08-28 12:34 <DIR> --d----- c:\program files\Trend Micro
    2009-08-10 09:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Citrix
    2009-08-10 09:53 <DIR> --d----- c:\program files\Citrix
    2009-08-10 09:52 61,224 a------- c:\documents and settings\mary\GoToAssistDownloadHelper.exe
    2009-08-10 07:11 <DIR> --d----- c:\program files\Spybot - Search & Destroy162-8-10-2009

    ==================== Find3M ====================

    2009-08-26 08:11 77,688 a------- c:\docume~1\mary\applic~1\GDIPFONTCACHEV1.DAT
    2009-08-05 04:11 204,800 a------- c:\windows\system32\mswebdvd.dll
    2009-08-05 04:11 204,800 a------- c:\windows\system32\dllcache\mswebdvd.dll
    2009-07-13 23:43 10,841,088 a------- c:\windows\system32\dllcache\wmp.dll
    2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
    2009-07-13 23:43 286,208 a------- c:\windows\system32\dllcache\wmpdxm.dll
    2009-06-16 09:55 119,808 a------- c:\windows\system32\t2embed.dll
    2009-06-16 09:55 119,808 a------- c:\windows\system32\dllcache\t2embed.dll
    2009-06-16 09:55 82,432 a------- c:\windows\system32\fontsub.dll
    2009-06-16 09:55 82,432 a------- c:\windows\system32\dllcache\fontsub.dll
    2009-06-12 06:50 80,896 a------- c:\windows\system32\tlntsess.exe
    2009-06-12 06:50 80,896 a------- c:\windows\system32\dllcache\tlntsess.exe
    2009-06-12 06:50 76,288 a------- c:\windows\system32\telnet.exe
    2009-06-12 06:50 76,288 a------- c:\windows\system32\dllcache\telnet.exe

    ============= FINISH: 21:38:54.48 ===============

  5. #85
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    Here's the new attach log.


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-07-30.01)


    ==== Disk Partitions =========================


    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    No restore point in system.

    ==== Installed Programs ======================


    3D Groove Playback Engine
    Abacast Distributed Live
    Abacast Distributed On-Demand
    ABBYY FineReader 5.0 Sprint
    Acrobat.com
    Ad-Aware
    Adobe Flash Player 10 ActiveX
    Adobe Shockwave Player 11.5
    Apple Mobile Device Support
    Apple Software Update
    Atari Arcade Hits 1
    Banctec Service Agreement
    Barbie(TM) as The Princess and the Pauper
    BitZipper 2009
    Bonjour
    Business Complete Care Services Agreement
    Camera Support Core Library
    Camera Window DS
    Camera Window DVC
    Camera Window MC
    Canon Camera Support Core Library
    Canon Camera Window DC_DV 5 for ZoomBrowser EX
    Canon Camera Window DS for ZoomBrowser EX
    Canon Camera Window MC 5 for ZoomBrowser EX
    Canon MovieEdit Task for ZoomBrowser EX
    Canon PhotoRecord
    Canon RAW Image Task for ZoomBrowser EX
    Canon Utilities PhotoStitch 3.1
    Canon ZoomBrowser EX
    CCScore
    Charlie and the Chocolate Factory (remove only)
    Critical Update for Windows Media Player 11 (KB959772)
    Dangerous Mines Lite
    DAO
    Dell AIO Printer A940
    Dell Digital Jukebox Driver
    Dell Picture Studio - Dell Image Expert
    Dell Solution Center
    Dell Support Center
    DellSupport
    Diner Dash 2
    Disney's Toontown Online
    Disney Pirates of the Caribbean Online
    Disney Princess Royal Horse Show
    DVDSentry
    Easy CD Creator 5 Basic
    Emperor's Mahjong
    ESPNMotion
    ESSCDBK
    ESScore
    ESSgui
    ESShelp
    ESSini
    ESSPCD
    ESSSONIC
    ESSTOOLS
    ESSvpaht
    ESSvpot
    FamilyFun edition of Disney Motion
    FaxTools
    Google Earth
    Google Toolbar for Internet Explorer
    Grandmaster Challenge
    Hardwood Solitaire III Lite
    Hawaiian Explorer Pearl Harbor 1.0.0.30
    HDView for Internet Explorer
    Help and Support Customization
    Hidden Expedition Titanic (remove only)
    HijackThis 2.0.2
    HLPIndex
    HLPRFO
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB906569)
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB970653-v3)
    ImageMixer VCD/DVD2 for OLYMPUS
    Intel(R) PRO Network Adapters and Drivers
    Intel(R) PROSet
    InterActual Player
    iTunes
    Java(TM) 6 Update 16
    Jewel Quest (remove only)
    Kodak EasyShare software
    KSU
    Luxor - Quest for the Afterlife
    Luxor (remove only)
    Luxor 3
    Mall Tycoon 3
    McAfee SecurityCenter
    McAfee Virtual Technician
    Merriam-Webster Online Toolbar
    MiaMath
    Microsoft .NET Framework (English)
    Microsoft .NET Framework (English) v1.0.3705
    Microsoft .NET Framework 1.0 Hotfix (KB928367)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft ActiveSync 3.7
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Data Access Components KB870669
    Microsoft Interactive Training
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Media Content
    Microsoft Office XP Small Business
    Microsoft Pandora's Box
    Microsoft Reader
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    MovieEdit Task
    MSN Messenger 6.1
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 6 Service Pack 2 (KB954459)
    MUSICMATCH® Jukebox
    My Family Health Portrait
    My Wal-Mart Digital Photo Center
    Netflix Movie Viewer
    Notifier
    NVIDIA Drivers
    OLYMPUS Master
    OTtBPSDK
    Paint Shop Pro 7
    PCDADDIN
    PCDHELP
    PhotoStitch
    Poppit To Go
    PowerDVD
    Princess Fashion Boutique 2
    QuickTime
    RAW Image Task 2.1
    RealPlayer
    Rio Audio Manager
    RunAlyzer
    School Tycoon
    Search for the Secret Keys
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB911565)
    Security Update for Windows Media Player 9 (KB917734)
    Security Update for Windows XP (KB883939)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB896688)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899589)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB903235)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911280)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB918899)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921503)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922760)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925454)
    Security Update for Windows XP (KB925486)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928090)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB929969)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931768)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933566)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB937143)
    Security Update for Windows XP (KB937894)
    Security Update for Windows XP (KB938127)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB939653)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB941568)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB941644)
    Security Update for Windows XP (KB941693)
    Security Update for Windows XP (KB942615)
    Security Update for Windows XP (KB943055)
    Security Update for Windows XP (KB943460)
    Security Update for Windows XP (KB943485)
    Security Update for Windows XP (KB944338)
    Security Update for Windows XP (KB944533)
    Security Update for Windows XP (KB944653)
    Security Update for Windows XP (KB945553)
    Security Update for Windows XP (KB946026)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB947864)
    Security Update for Windows XP (KB948590)
    Security Update for Windows XP (KB948881)
    Security Update for Windows XP (KB950749)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973869)
    SFR
    SHASTA
    SKIN0001
    SKINXSDK
    Sound Blaster Live!
    SpongeBob SquarePants Diner Dash (remove only)
    SpongeBob SquarePants Employee of the Month
    SpongeBob SquarePants Krabby Quest (remove only)
    SpongeBob SquarePants Obstacle Odyssey (remove only)
    Spybot - Search & Destroy
    Study Helpers Math Booster
    Study Helpers Spelling Bee
    The Game of Life - SpongeBob SquarePants Edition
    UltimateBet
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB896727)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB925720)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB929338)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB932823-v3)
    Update for Windows XP (KB933360)
    Update for Windows XP (KB936357)
    Update for Windows XP (KB938828)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB942840)
    Update for Windows XP (KB946627)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB973815)
    Viewpoint Manager (Remove Only)
    Viewpoint Media Player
    Virtual Earth 3D (Beta)
    VPRINTOL
    WebFldrs XP
    Winamp (remove only)
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage v1.3.0254.0
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Live OneCare safety scanner
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Hotfix - KB834707
    Windows XP Hotfix - KB867282
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890047
    Windows XP Hotfix - KB890175
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB890923
    Windows XP Hotfix - KB891781
    Windows XP Hotfix - KB893066
    Windows XP Hotfix - KB893086
    Windows XP Service Pack 2
    WIRELESS
    Yahoo! Companion
    Yahoo! Install Manager
    Yahoo! Messenger
    Yahoo! Messenger Explorer Bar
    Yahoo! Widgets
    Zuma Deluxe 1.0

    ==== End Of File ===========================

  6. #86
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Please download Malwarebytes' Anti-Malware to your desktop.

    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform full scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    • Please post contents of that file & fresh dds.txt in your next reply.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  7. #87
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    Here's the log. dds log next post.

    Malwarebytes' Anti-Malware 1.40
    Database version: 2750
    Windows 5.1.2600 Service Pack 2

    9/7/2009 9:49:47 AM
    mbam-log-2009-09-07 (09-49-47).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 265064
    Time elapsed: 1 hour(s), 24 minute(s), 11 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 16
    Registry Values Infected: 5
    Registry Data Items Infected: 1
    Folders Infected: 1
    Files Infected: 3

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a36d2a01-00f3-42bd-f434-00bbc39c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{e24211b3-a78a-c6a9-d317-70979ace5058} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a36d2a01-00f3-42bd-f434-00bbc39c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{afd4ad01-58c1-47db-a404-fbe00a6c5486} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a36d2a01-00f3-42bd-f434-00bbc39c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\downloader.downloaderctrl.1 (Adware.2020search) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\cs41275 (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{a36d2a01-00f3-42bd-f434-00bbc39c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WINID (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msWindows restore service (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows System Recover! (Trojan.Downloader) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    C:\Program Files\GetModule (Trojan.Agent) -> Quarantined and deleted successfully.

    Files Infected:
    C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP2063\A0148886.exe (Trojan.Banker) -> Quarantined and deleted successfully.
    C:\END (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

  8. #88
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    Newest DDS log:


    DDS (Ver_09-07-30.01) - NTFSx86
    Run by Mary at 10:05:07.15 on Mon 09/07/2009
    Internet Explorer: 7.0.5730.13

    ============== Running Processes ===============


    ============== Pseudo HJT Report ===============

    uSearch Bar = hxxp://www.google.com/ie
    uStart Page = hxxp://www.my.yahoo.com/
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy162-8-10-2009\SDHelper.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\ycomp5_3_19_0.dll
    TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6253\SiteAdv.dll
    TB: Merriam-Webster Online: {b7b76dd6-b6f0-4443-af81-6a3ecf12a57d} - c:\windows\_MWOLTB.DLL
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
    TB: {11359F4A-B191-42D7-905A-594F8CF0387B} - No File
    uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
    uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [OM_Monitor] c:\program files\olympus\olympus master\Monitor.exe -NoStart
    uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    uRun: [AbacastDistributedOnDemand:11] c:\documents and settings\mary\local settings\application data\abacastdistributedondemand\node\11\AbacastDistributedOnDemand.exe -r:11 -x:1
    uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\WCESCOMM.EXE"
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy162-8-10-2009\TeaTimer.exe
    uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~2.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 1.0.3705; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.msnbc.msn.com/id/20044245/ns/entertainment-comics_games_news_of_the_weird/?cat=uj"
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [diagent] "c:\program files\creative\sblive\diagnostics\diagent.exe" startup
    mRun: [UpdReg] c:\windows\UpdReg.EXE
    mRun: [DVDSentry] c:\windows\system32\DSentry.exe
    mRun: [AdaptecDirectCD] "c:\program files\roxio\easy cd creator 5\directcd\DirectCD.exe"
    mRun: [Dell AIO Printer A940] "c:\program files\dell aio printer a940\dlbabmgr.exe"
    mRun: [Atari Launcher] c:\program files\hasbro interactive\atari arcade hits 1\Atari icon.exe
    mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe
    mRun: [ViewMgr] c:\program files\viewpoint\viewpoint manager\ViewMgr.exe
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [SiteAdvisor] c:\program files\siteadvisor\6172\SiteAdv.exe
    mRun: [OM_Monitor] c:\program files\olympus\olympus master\FirstStart.exe
    mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    StartupFolder: c:\documents and settings\mary\start menu\programs\startup\PowerReg Scheduler.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\program\Kodak Software Updater.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    mPolicies-explorer: <NO NAME> =
    IE: {10F055B8-F443-4adf-948A-EC551E9DBCE4} - c:\documents and settings\mary\start menu\programs\ultimatebet\UltimateBet.lnk
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INETREPL.DLL
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INETREPL.DLL
    IE: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - {4C171D40-8277-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\messenger\yhexbmes0411.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy162-8-10-2009\SDHelper.dll
    Trusted Zone: internet
    Trusted Zone: mcafee.com
    DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
    DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
    DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
    DPF: {41F17733-B041-4099-A042-B518BB6A408C} - hxxp://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe
    DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,73/mcinsctl.cab
    DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
    DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156782442455
    DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://cid-46c60f1cf692a806.spaces.live.com/PhotoUpload/MsnPUpld.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3}
    DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} - hxxp://cdn2.zone.msn.com/binframework/v10/ZAxRcMgr.cab31267.cab
    DPF: {ABB660B6-6694-407B-950A-EDBA5A159722}
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,16/mcgdmgr.cab
    DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://a.download.toontown.com/sv1.0.37.7/ttinst.cab
    DPF: {C487F60B-59B9-47D9-BFDF-AB26786F8823} - hxxp://zone.msn.com/bingame/zpagames/zpa_stoo.cab62201.cab
    DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
    DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab55579.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
    Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - c:\program files\microsoft activesync\AATP.DLL
    Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6253\SiteAdv.dll
    WinCE Filter: image/bmp - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: image/gif - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: image/jpeg - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: image/xbm - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: text/asp - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\program files\microsoft activesync\CENETFLT.DLL
    WinCE Filter: text/html - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\program files\microsoft activesync\CENETFLT.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    LSA: Authentication Packages = msv1_0 c:\windows\system32\cbXNDUOE

    ============= SERVICES / DRIVERS ===============


    =============== Created Last 30 ================

    2009-09-07 08:21 <DIR> --d----- c:\docume~1\mary\applic~1\Malwarebytes
    2009-09-07 08:21 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-09-07 08:21 19,096 a------- c:\windows\system32\drivers\mbam.sys
    2009-09-07 08:21 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
    2009-09-07 08:21 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2009-09-06 10:32 411,368 a------- c:\windows\system32\deploytk.dll
    2009-09-06 10:32 73,728 a------- c:\windows\system32\javacpl.cpl
    2009-09-05 21:39 <DIR> --d----- c:\windows\system32\Data
    2009-09-05 21:39 <DIR> --d----- c:\program files\Common
    2009-09-05 21:39 <DIR> --d----- c:\docume~1\mary\applic~1\EurekaLog
    2009-09-05 12:41 <DIR> --d----- c:\windows\system32\wbem\Repository
    2009-09-03 08:51 <DIR> --d----- C:\cmdcons
    2009-08-28 12:34 <DIR> --d----- c:\program files\Trend Micro
    2009-08-10 09:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Citrix
    2009-08-10 09:53 <DIR> --d----- c:\program files\Citrix
    2009-08-10 09:52 61,224 a------- c:\documents and settings\mary\GoToAssistDownloadHelper.exe
    2009-08-10 07:11 <DIR> --d----- c:\program files\Spybot - Search & Destroy162-8-10-2009

    ==================== Find3M ====================

    2009-08-26 08:11 77,688 a------- c:\docume~1\mary\applic~1\GDIPFONTCACHEV1.DAT
    2009-08-05 04:11 204,800 a------- c:\windows\system32\mswebdvd.dll
    2009-08-05 04:11 204,800 a------- c:\windows\system32\dllcache\mswebdvd.dll
    2009-07-13 23:43 10,841,088 a------- c:\windows\system32\dllcache\wmp.dll
    2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
    2009-07-13 23:43 286,208 a------- c:\windows\system32\dllcache\wmpdxm.dll
    2009-06-16 09:55 119,808 a------- c:\windows\system32\t2embed.dll
    2009-06-16 09:55 119,808 a------- c:\windows\system32\dllcache\t2embed.dll
    2009-06-16 09:55 82,432 a------- c:\windows\system32\fontsub.dll
    2009-06-16 09:55 82,432 a------- c:\windows\system32\dllcache\fontsub.dll
    2009-06-12 06:50 80,896 a------- c:\windows\system32\tlntsess.exe
    2009-06-12 06:50 80,896 a------- c:\windows\system32\dllcache\tlntsess.exe
    2009-06-12 06:50 76,288 a------- c:\windows\system32\telnet.exe
    2009-06-12 06:50 76,288 a------- c:\windows\system32\dllcache\telnet.exe

    ============= FINISH: 10:05:54.48 ===============

  9. #89
    Senior Member
    Join Date
    Jul 2009
    Posts
    101

    Default

    Newest Attach log:



    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-07-30.01)


    ==== Disk Partitions =========================


    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    No restore point in system.

    ==== Installed Programs ======================


    3D Groove Playback Engine
    Abacast Distributed Live
    Abacast Distributed On-Demand
    ABBYY FineReader 5.0 Sprint
    Acrobat.com
    Ad-Aware
    Adobe Flash Player 10 ActiveX
    Adobe Shockwave Player 11.5
    Apple Mobile Device Support
    Apple Software Update
    Atari Arcade Hits 1
    Banctec Service Agreement
    Barbie(TM) as The Princess and the Pauper
    BitZipper 2009
    Bonjour
    Business Complete Care Services Agreement
    Camera Support Core Library
    Camera Window DS
    Camera Window DVC
    Camera Window MC
    Canon Camera Support Core Library
    Canon Camera Window DC_DV 5 for ZoomBrowser EX
    Canon Camera Window DS for ZoomBrowser EX
    Canon Camera Window MC 5 for ZoomBrowser EX
    Canon MovieEdit Task for ZoomBrowser EX
    Canon PhotoRecord
    Canon RAW Image Task for ZoomBrowser EX
    Canon Utilities PhotoStitch 3.1
    Canon ZoomBrowser EX
    CCScore
    Charlie and the Chocolate Factory (remove only)
    Critical Update for Windows Media Player 11 (KB959772)
    Dangerous Mines Lite
    DAO
    Dell AIO Printer A940
    Dell Digital Jukebox Driver
    Dell Picture Studio - Dell Image Expert
    Dell Solution Center
    Dell Support Center
    DellSupport
    Diner Dash 2
    Disney's Toontown Online
    Disney Pirates of the Caribbean Online
    Disney Princess Royal Horse Show
    DVDSentry
    Easy CD Creator 5 Basic
    Emperor's Mahjong
    ESPNMotion
    ESSCDBK
    ESScore
    ESSgui
    ESShelp
    ESSini
    ESSPCD
    ESSSONIC
    ESSTOOLS
    ESSvpaht
    ESSvpot
    FamilyFun edition of Disney Motion
    FaxTools
    Google Earth
    Google Toolbar for Internet Explorer
    Grandmaster Challenge
    Hardwood Solitaire III Lite
    Hawaiian Explorer Pearl Harbor 1.0.0.30
    HDView for Internet Explorer
    Help and Support Customization
    Hidden Expedition Titanic (remove only)
    HijackThis 2.0.2
    HLPIndex
    HLPRFO
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB906569)
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB970653-v3)
    ImageMixer VCD/DVD2 for OLYMPUS
    Intel(R) PRO Network Adapters and Drivers
    Intel(R) PROSet
    InterActual Player
    iTunes
    Java(TM) 6 Update 16
    Jewel Quest (remove only)
    Kodak EasyShare software
    KSU
    Luxor - Quest for the Afterlife
    Luxor (remove only)
    Luxor 3
    Mall Tycoon 3
    Malwarebytes' Anti-Malware
    McAfee SecurityCenter
    McAfee Virtual Technician
    Merriam-Webster Online Toolbar
    MiaMath
    Microsoft .NET Framework (English)
    Microsoft .NET Framework (English) v1.0.3705
    Microsoft .NET Framework 1.0 Hotfix (KB928367)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft ActiveSync 3.7
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Data Access Components KB870669
    Microsoft Interactive Training
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Media Content
    Microsoft Office XP Small Business
    Microsoft Pandora's Box
    Microsoft Reader
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    MovieEdit Task
    MSN Messenger 6.1
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 6 Service Pack 2 (KB954459)
    MUSICMATCH® Jukebox
    My Family Health Portrait
    My Wal-Mart Digital Photo Center
    Netflix Movie Viewer
    Notifier
    NVIDIA Drivers
    OLYMPUS Master
    OTtBPSDK
    Paint Shop Pro 7
    PCDADDIN
    PCDHELP
    PhotoStitch
    Poppit To Go
    PowerDVD
    Princess Fashion Boutique 2
    QuickTime
    RAW Image Task 2.1
    RealPlayer
    Rio Audio Manager
    RunAlyzer
    School Tycoon
    Search for the Secret Keys
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB911565)
    Security Update for Windows Media Player 9 (KB917734)
    Security Update for Windows XP (KB883939)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB896688)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899589)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB903235)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911280)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB918899)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921503)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922760)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925454)
    Security Update for Windows XP (KB925486)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928090)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB929969)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931768)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933566)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB937143)
    Security Update for Windows XP (KB937894)
    Security Update for Windows XP (KB938127)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB939653)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB941568)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB941644)
    Security Update for Windows XP (KB941693)
    Security Update for Windows XP (KB942615)
    Security Update for Windows XP (KB943055)
    Security Update for Windows XP (KB943460)
    Security Update for Windows XP (KB943485)
    Security Update for Windows XP (KB944338)
    Security Update for Windows XP (KB944533)
    Security Update for Windows XP (KB944653)
    Security Update for Windows XP (KB945553)
    Security Update for Windows XP (KB946026)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB947864)
    Security Update for Windows XP (KB948590)
    Security Update for Windows XP (KB948881)
    Security Update for Windows XP (KB950749)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973869)
    SFR
    SHASTA
    SKIN0001
    SKINXSDK
    Sound Blaster Live!
    SpongeBob SquarePants Diner Dash (remove only)
    SpongeBob SquarePants Employee of the Month
    SpongeBob SquarePants Krabby Quest (remove only)
    SpongeBob SquarePants Obstacle Odyssey (remove only)
    Spybot - Search & Destroy
    Study Helpers Math Booster
    Study Helpers Spelling Bee
    The Game of Life - SpongeBob SquarePants Edition
    UltimateBet
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB896727)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB925720)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB929338)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB932823-v3)
    Update for Windows XP (KB933360)
    Update for Windows XP (KB936357)
    Update for Windows XP (KB938828)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB942840)
    Update for Windows XP (KB946627)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB973815)
    Viewpoint Manager (Remove Only)
    Viewpoint Media Player
    Virtual Earth 3D (Beta)
    VPRINTOL
    WebFldrs XP
    Winamp (remove only)
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage v1.3.0254.0
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Live OneCare safety scanner
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Hotfix - KB834707
    Windows XP Hotfix - KB867282
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890047
    Windows XP Hotfix - KB890175
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB890923
    Windows XP Hotfix - KB891781
    Windows XP Hotfix - KB893066
    Windows XP Hotfix - KB893086
    Windows XP Service Pack 2
    WIRELESS
    Yahoo! Companion
    Yahoo! Install Manager
    Yahoo! Messenger
    Yahoo! Messenger Explorer Bar
    Yahoo! Widgets
    Zuma Deluxe 1.0

    ==== End Of File ===========================

  10. #90
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,


    We need to execute an OTM script
    1. Please download OTM by OldTimer and save it to your desktop.
    2. Double click the OTM icon on your desktop.
    3. Paste the following code under the Paste Fix Here area. Do not include the word
      Code
      .
      Code:
      :Files
      c:\windows\system32\Data
      c:\program files\Common
      
      :reg
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
      "Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00
    4. Push the large MoveIt button.
    5. OTM may ask to reboot the machine. Please do so if asked.
    6. Copy/Paste the contents under the Results line here in your next reply with a fresh dds log. How's the system running?
    7. If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •