Page 1 of 5 12345 LastLast
Results 1 to 10 of 42

Thread: SVCHOST trojan

  1. 2012-03-09, 20:29 #1
    musicalpulltoy
    musicalpulltoy is offline
    Senior Member musicalpulltoy's Avatar
    Join Date
    Mar 2009
    Posts
    104

    Default SVCHOST trojan

    hello
    superantispyware found a trojan. just want to find out if theres any remnants
    thank you

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.0.0
    Run by DAD at 12:18:08 on 2012-03-09
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1271.390 [GMT -7:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated*

    {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: ZoneAlarm Free Firewall *Enabled*
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
    C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\WINDOWS\system32\charmap.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uInternet Connection Wizard,ShellNext = hxxp://www.dell4me.com/myway
    uInternet Settings,ProxyOverride = <local>
    uSearchURL,(Default) =

    hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
    uURLSearchHooks: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} -

    c:\program files\zonealarm_security\prxtbZon2.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program

    files\avg\avg2012\avgssie.dll
    BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} -

    c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    BHO: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program

    files\zonealarm_security\prxtbZon2.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program

    files\java\jre7\bin\jp2ssv.dll
    TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
    TB: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program

    files\zonealarm_security\prxtbZon2.dll
    TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program

    files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
    mRun: [Task Catcher] c:\program files\billp studios\task catcher\tasktrap.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [ISW] c:\program files\checkpoint\zaforcefield\ForceField.exe /icon="hidden"
    mRun: [ZoneAlarm] c:\program files\checkpoint\zonealarm\zatray.exe
    dRunOnce: [RunNarrator] Narrator.exe
    StartupFolder: c:\docume~1\dad\startm~1\programs\startup\erunta~1.lnk - c:\program

    files\erunt\AUTOBACK.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program

    files\netgear\wg111v3\WG111v3.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\system~1\micros~1.lnk -

    c:\program files\microsoft office\office10\OSA.EXE
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} -

    c:\windows\system32\Shdocvw.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} -

    c:\progra~1\spybot~1\SDHelper.dll
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -

    hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1246

    219383859
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -

    hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -

    hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} -

    hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -

    hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    TCP: Interfaces\{D3C8F517-0E02-41EF-88B6-50CFBAF7D6D0} : NameServer =

    68.105.28.11,68.105.28.12,68.105.29.12
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program

    files\avg\avg2012\avgpp.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -

    c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} -

    c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program

    files\superantispyware\SASSEH.DLL
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common

    files\lightscribe\LSRunOnce.exe"
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\dad\application

    data\mozilla\firefox\profiles\fn2dlw99.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\documents and settings\dad\application

    data\mozilla\firefox\profiles\fn2dlw99.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3a

    b546}\components\RadioWMPCoreGecko19.dll
    FF - component: c:\documents and settings\dad\application

    data\mozilla\firefox\profiles\fn2dlw99.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3a

    b546}\components\RadioWMPCoreGecko5.dll
    FF - component: c:\documents and settings\dad\application

    data\mozilla\firefox\profiles\fn2dlw99.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3a

    b546}\components\RadioWMPCoreGecko6.dll
    FF - component: c:\documents and settings\dad\application

    data\mozilla\firefox\profiles\fn2dlw99.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3a

    b546}\components\RadioWMPCoreGecko7.dll
    FF - component: c:\documents and settings\dad\application

    data\mozilla\firefox\profiles\fn2dlw99.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3a

    b546}\components\RadioWMPCoreGecko8.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff10.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff4.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff5.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff6.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff7.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff8.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff9.dll
    FF - plugin: c:\documents and settings\dad\application

    data\mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\documents and settings\dad\application

    data\mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: c:\documents and settings\dad\local settings\application

    data\google\update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
    FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla

    firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - c:\program files\mozilla

    firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} -

    %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: User Agent Switcher: {e968fc70-8f95-4ab9-9e79-304de2a71ee1} -

    %profile%\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
    FF - Ext: Split Browser: {29c4afe1-db19-4298-8785-fcc94d1d6c1d} -

    %profile%\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}
    FF - Ext: Easy YouTube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} -

    %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
    FF - Ext: Ghostery: firefox@ghostery.com - %profile%\extensions\firefox@ghostery.com
    FF - Ext: WorldIP: {f36c6cd1-da73-491d-b290-8fc9115bfa55} -

    %profile%\extensions\{f36c6cd1-da73-491d-b290-8fc9115bfa55}
    FF - Ext: JavaScript Deobfuscator: jsdeobfuscator@adblockplus.org -

    %profile%\extensions\jsdeobfuscator@adblockplus.org
    FF - Ext: DOM Inspector: inspector@mozilla.org - %profile%\extensions\inspector@mozilla.org
    FF - Ext: Firebug: firebug@software.joehewitt.com -

    %profile%\extensions\firebug@software.joehewitt.com
    FF - Ext: ZoneAlarm Security Community Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} -

    %profile%\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} -

    c:\windows\microsoft.net\framework\v3.5\windows presentation

    foundation\DotNetAssistantExtension
    FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program

    files\avg\avg2012\Firefox4
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7

    32592]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8

    230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus

    Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 295248]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
    R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2011-11-9 525840]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12

    4433248]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys

    [2011-11-3 27016]
    R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe

    [2011-11-3 497280]
    R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe

    -service --> c:\program files\checkpoint\zonealarm\vsmon.exe -service [?]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-3 134608]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-3 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-3 16720]
    R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista

    Driver;c:\windows\system32\drivers\wg111v3.sys [2007-4-23 224896]
    R3 s3legacy;s3legacy;c:\windows\system32\drivers\s3legacy.sys [2011-9-23 65664]
    S2 DCService.exe;DCService.exe;c:\documents and settings\all users\application

    data\datacardservice\dcservice.exe --> c:\documents and settings\all users\application

    data\datacardservice\DCService.exe [?]
    S3 epstw2k;SCM Parallel Port SCSI Driver;c:\windows\system32\drivers\epstw2k.sys [2011-7-31

    114944]
    S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys -->

    c:\windows\system32\drivers\ewusbnet.sys [?]
    S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys -->

    c:\windows\system32\drivers\ew_jubusenum.sys [?]
    S3 N3AB;N3AB Wireless Network Adapter Service;c:\windows\system32\drivers\N3AB.sys

    [2005-12-23 457312]
    S3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\drivers\PTDUBus.sys

    [2009-3-14 29824]
    S3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\drivers\PTDUMdm.sys [2009-3-14 41344]
    S3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\drivers\PTDUVsp.sys [2009-3-14

    39936]
    S3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\drivers\PTDUWWAN.sys [2009-3-14

    59776]
    S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys

    [2011-5-3 86824]
    S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem

    Filter;c:\windows\system32\drivers\s1018mdfl.sys [2011-5-3 15016]
    S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem

    Driver;c:\windows\system32\drivers\s1018mdm.sys [2011-5-3 114728]
    S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers

    (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2011-5-3 106208]
    S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation

    (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2011-5-3 26024]
    S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX

    Interface;c:\windows\system32\drivers\s1018obex.sys [2011-5-3 104744]
    S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation

    (WDM);c:\windows\system32\drivers\s1018unic.sys [2011-5-3 109864]
    S3 s3m;s3m;c:\windows\system32\drivers\s3m.sys [2011-4-12 166720]
    S3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [2011-7-31 11520]
    S3 SiSV;SiSV;c:\windows\system32\drivers\SiSV.sys [2011-4-12 50432]
    S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\sony ericsson\sony

    ericsson pc companion\PCCService.exe [2011-5-3 150528]
    S4 DirMon2;DirMon2;C:/Program Files/Dragon Global/DirMon2/DirMon2.exe -be_the_service -->

    C:/Program Files/Dragon Global/DirMon2/DirMon2.exe -be_the_service [?]
    S4 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k

    nosGetPlusHelper [2004-8-10 14336]
    S4 TridWnW;PCI Audio Driver;c:\windows\system32\drivers\TridWnW.sys [2011-4-30 150872]
    .
    =============== Created Last 30 ================
    .
    2012-02-14 19:42:50 3072 ------w- c:\windows\system32\iacenc.dll
    2012-02-14 19:42:50 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
    2012-02-10 22:15:34 -------- d-----w- C:\OEMSettings
    .
    ==================== Find3M ====================
    .
    2012-01-12 16:53:24 1859968 ----a-w- c:\windows\system32\win32k.sys
    2011-12-17 19:46:36 916992 ----a-w- c:\windows\system32\wininet.dll
    2011-12-17 19:46:36 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-12-17 19:46:36 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-12-16 12:22:58 385024 ----a-w- c:\windows\system32\html.iec
    2011-12-10 22:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
    .
    ============= FINISH: 12:20:41.88 ===============
  2. 2012-03-10, 09:45 #2
    Scolabar
    Scolabar is offline
    Emeritus- Malware Team
    Join Date
    Aug 2011
    Posts
    148

    Default

    Hi musicalpulltoy,

    Firstly, welcome to the Safer-Networking Malware Removal Forum. I see this is not the first time you have requested help here.
    My name is Scolabar, and I'll be helping you with your malware problems.
    Logs can take a while to research, so please be patient.
    If you no longer require help I would be grateful if you would let me know.

    Please note the following important guidelines before proceeding:
    1. The instructions that will be provided are for YOUR computer and system only!
      Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable      !
    2. If you have any questions or do not understand something, please do not hesitate to ask, don't guess or assume.
    3. Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
    4. Only reply to this thread, do not start another. Please, continue responding, until I give you the All Clean.
      Absence of symptoms does not necessarily mean that everything is clear.
    5. DO NOT run any other fix or removal tools unless instructed to do so!
    6. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
    7. Print each set of instructions, if possible. Your Internet connection will not be available during some fix processes.
    8. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
    9. Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

    Please Note: If you haven't done so already, please read this topic "BEFORE You POST"(Please read this Procedure Before Requesting Assistance) where the conditions for receiving help here are explained.

    Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
    In light of this, it would be advisable for you to back up any important files and folders that you don't want to lose before we start.
    If you follow these guidelines, things should proceed smoothly.
    I am currently reviewing your log and will return, as soon as possible, with additional instructions.

    Thank you for your patience.

    Scolabar
    Malware Removal University - You too could train to help others
  3. 2012-03-10, 19:26 #3
    Scolabar
    Scolabar is offline
    Emeritus- Malware Team
    Join Date
    Aug 2011
    Posts
    148

    Default

    Hi musicalpulltoy,

    Thank you again for your patience.

    Please read these instructions carefully before executing and perform the steps, in the order given.
    lf you have any questions about or problems with, executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

    Before we proceed please make sure any open programs are closed.

    Step 1:
    Business Use Computer?

    Entries in the log you have provided lead me to believe that this computer may be being used for business purposes.
    Please could you confirm whether or not this is the case? If not, please proceed with Step 2 and clarify for what purposes this computer is used in your next post.

    Step 2:
    Advisory - P2P Software Present!

    IMPORTANT There are signs of a P2P (Peer-to-Peer) File Sharing Program installed on your computer.

    µTorrent
    P2P File Sharing Programs are used as a major conduit for spreading malware infection to computer systems these days.

    P2P programs open up access to the computer on which the program is installed. The computer's settings are more often than not changed in a manner that renders the computer insecure and access to the computer remains open even when the program is not in use. Consequently, the system's security is completely compromised.

    So be aware that it is not just what is downloaded that causes problems, just having a P2P program installed is like leaving all the doors to your house unlocked.

    I advise you take the time to read the following articles that explain the risk of installing these programs:

    I strongly recommend that you uninstall the P2P software as follows:

    Remove P2P Program
    1. Click on Start > Control Panel and double-click on Programs and Features.
    2. Locate the following program:

      µTorrent

    3. Click on the Change/Remove button to uninstall it.
    4. When the program has been uninstalled Close the Programs and Features and Control Panel windows.

    Step 3:
    Disable Wordwrap

    You logs indicate that the Wordwrap feature is enabled in Notepad. Please follow the instructions to disable that feature.

    1. Launch Notepad.
    2. Then click on the Format menu and make sure Wordwrap is Unchecked.
    3. Close Notepad.

    Step 4:
    CKScanner

    1. Please download CKScanner and Save it to your Desktop.
      Make sure that CKScanner.exe is on your Desktop before running the application!
    2. Double-click on the CKScanner.exe icon to run the program.
    3. Then click on the Search For Files button.
    4. When the scan has finished (- the hourglass cursor will disappear when the scan has completed) click on the Save List To File button.
      A text file will be created on your Desktop named ckfiles.txt. A message box will verify the file saved.
      Note: Please run the program ONCE only.
    5. Click on the Exit button to close the program.
    6. Double-click on the ckfiles.txt file to open it.
    7. Then Copy and Paste the entire contents of the file into your next reply.

    Step 5:
    Security Check

    1. Please download Security Check by screen317 and Save it to your Desktop.
      Alternate download site: Link 2
    2. Double-click on the SecurityCheck.exe icon to run the program.
      If you receive an Open File Security Warning click the Run button.
    3. Press the Space Bar when you see the Press any key to continue... message.
      Please Note: This scan will take a short while to complete, so please be patient.
    4. When the scan has completed, a Notepad file will automatically open called checkup.txt.
    5. Save the file checkup.txt to your Desktop.
      Please Note: This output file is NOT automatically saved!
    6. Then Copy and Paste the entire contents of the checkup.txt file into your next reply.

    Step 6:
    Re-Run DDS

    Please re-run DDS. Then Copy and Paste the contents of both the DDS.txt and Attach.txt logs into your next reply.

    Step 7:
    Include in Next Post

    1. Did you have any problems carrying out the instructions?
    2. ckfiles.txt.
    3. checkup.txt.
    4. DDS.txt.
    5. Attach.txt.
    6. Do you have the original Windows installation media for your PC?


    Scolabar
    --------------------------------------------------------------------------
    No Reply Within 3 Days Will Result In Your Topic Being Closed
    Malware Removal University - You too could train to help others
  4. 2012-03-11, 03:33 #4
    musicalpulltoy
    musicalpulltoy is offline
    Senior Member musicalpulltoy's Avatar
    Join Date
    Mar 2009
    Posts
    104

    Default

    hello scolabar
    thank you for your help

    this may have been a business pc with previous owner but not any more.
    NO, i do not have originl install disc, just a c: drive backup i made saved to e: drive.
    below are the 4 text files you requested

    CKScanner - Additional Security Risks - These are not necessarily bad
    c:\documents and settings\dad\my documents\802ether\aircrack.exe
    c:\documents and settings\dad\my documents\802ether\aircrack.html
    c:\documents and settings\dad\my documents\downloads\windows_wifi_collection_-_aircrack_airsnort_airopeek.rar
    c:\documents and settings\dad\my documents\keygen\file_id.diz
    c:\documents and settings\dad\my documents\keygen\keygen.exe
    c:\documents and settings\dad\my documents\keygen\ror.nfo
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\readme.txt
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\setup.exe
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\data.tag
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\data1.cab
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\data1.hdr
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\lang.dat
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\layout.bin
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\manual.pdf
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\os.dat
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\palettes.reg
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\quicktour.pdf
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\readme.txt
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\rfgrabber probe manual.pdf
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\sernumdll.dll
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\setup.exe
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\setup.ini
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\setup.ins
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\setup.lid
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\_inst32i.ex_
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\_isdel.exe
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\_setup.dll
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\_sys1.cab
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\_sys1.hdr
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\_user1.cab
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\_user1.hdr
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\decoders.html
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\nametableformat.html
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\peekpluginsdk.html
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\protospecsxml.html
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\psids.h
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\pspecs.xsd
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\readme.html
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\agtypes.h
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\memutil.h
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\packetheaders.h
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\peekplug.h
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\plugbase.cpp
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\plugbase.h
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\plugindebug.cpp
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\plugindebug.h
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\tabber\resource.h
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\tabber\stdafx.cpp
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\tabber\stdafx.h
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\tabber\tabber.cpp
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\tabber\tabber.def
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\tabber\tabber.h
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\tabber\tabber.rc
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\tabber\tabber.sln
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\airopeeknx\peek sdk\source\tabber\tabber.vcproj
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\data.tag
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\data1.cab
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\data1.hdr
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\lang.dat
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\layout.bin
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\os.dat
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\setup.exe
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\setup.ini
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\setup.ins
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\setup.lid
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\_inst32i.ex_
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\_isdel.exe
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\_setup.dll
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\_sys1.cab
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\_sys1.hdr
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\_user1.cab
    c:\documents and settings\dad\my documents\keygen\airopeeknx202\inettools\_user1.hdr
    c:\program files\gimp-2.0\share\gimp\2.0\patterns\cracked.pat
    c:\_otl\movedfiles\10012011_143750\c_documents and settings\dad\local settings\application data\im\sound\tchaikovsky_the_nutcracker.imw
    scanner sequence 3.ZZ.11.AJNAHG
    ----- EOF -----

    Results of screen317's Security Check version 0.99.31
    Windows XP Service Pack 3 x86
    Internet Explorer 8
    ``````````````````````````````
    Antivirus/Firewall Check:
    Windows Firewall Disabled!
    AVG 2012
    ESET Online Scanner v3
    ZoneAlarm Firewall
    ZoneAlarm Free
    ZoneAlarm Toolbar
    ZoneAlarm Security Toolbar
    ZoneAlarm Security
    ```````````````````````````````
    Anti-malware/Other Utilities Check:
    MVPS Hosts File
    Spybot - Search & Destroy
    SUPERAntiSpyware
    IE SpyAd
    Java(TM) 7
    Adobe Flash Player 10.3.183.7 Flash Player out of Date!
    Mozilla Firefox (3.6.12) Firefox out of Date!
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent
    WinPatrol winpatrol.exe
    AVG avgwdsvc.exe
    AVG avgtray.exe
    AVG avgrsx.exe
    AVG avgnsx.exe
    AVG avgemc.exe
    BillP Studios WinPatrol winpatrol.exe
    CheckPoint ZoneAlarm vsmon.exe
    CheckPoint ZoneAlarm zatray.exe
    ``````````End of Log````````````

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.0.0
    Run by DAD at 19:18:24 on 2012-03-10
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1271.571 [GMT -7:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: ZoneAlarm Free Firewall *Enabled*
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
    C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
    C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uInternet Connection Wizard,ShellNext = hxxp://www.dell4me.com/myway
    uInternet Settings,ProxyOverride = <local>
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
    uURLSearchHooks: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program files\zonealarm_security\prxtbZon2.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    BHO: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program files\zonealarm_security\prxtbZon2.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
    TB: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program files\zonealarm_security\prxtbZon2.dll
    TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
    mRun: [Task Catcher] c:\program files\billp studios\task catcher\tasktrap.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [ISW] c:\program files\checkpoint\zaforcefield\ForceField.exe /icon="hidden"
    mRun: [ZoneAlarm] c:\program files\checkpoint\zonealarm\zatray.exe
    dRunOnce: [RunNarrator] Narrator.exe
    StartupFolder: c:\docume~1\dad\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\system~1\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1246219383859
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    TCP: Interfaces\{D3C8F517-0E02-41EF-88B6-50CFBAF7D6D0} : NameServer = 68.105.28.11,68.105.28.12,68.105.29.12
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\dad\application data\mozilla\firefox\profiles\fn2dlw99.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\documents and settings\dad\application data\mozilla\firefox\profiles\fn2dlw99.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko19.dll
    FF - component: c:\documents and settings\dad\application data\mozilla\firefox\profiles\fn2dlw99.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko5.dll
    FF - component: c:\documents and settings\dad\application data\mozilla\firefox\profiles\fn2dlw99.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko6.dll
    FF - component: c:\documents and settings\dad\application data\mozilla\firefox\profiles\fn2dlw99.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko7.dll
    FF - component: c:\documents and settings\dad\application data\mozilla\firefox\profiles\fn2dlw99.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko8.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff10.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff4.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff5.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff6.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff7.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff8.dll
    FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff9.dll
    FF - plugin: c:\documents and settings\dad\application data\mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\documents and settings\dad\application data\mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: c:\documents and settings\dad\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
    FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: User Agent Switcher: {e968fc70-8f95-4ab9-9e79-304de2a71ee1} - %profile%\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
    FF - Ext: Split Browser: {29c4afe1-db19-4298-8785-fcc94d1d6c1d} - %profile%\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}
    FF - Ext: Easy YouTube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
    FF - Ext: Ghostery: firefox@ghostery.com - %profile%\extensions\firefox@ghostery.com
    FF - Ext: WorldIP: {f36c6cd1-da73-491d-b290-8fc9115bfa55} - %profile%\extensions\{f36c6cd1-da73-491d-b290-8fc9115bfa55}
    FF - Ext: JavaScript Deobfuscator: jsdeobfuscator@adblockplus.org - %profile%\extensions\jsdeobfuscator@adblockplus.org
    FF - Ext: DOM Inspector: inspector@mozilla.org - %profile%\extensions\inspector@mozilla.org
    FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
    FF - Ext: ZoneAlarm Security Community Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - %profile%\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\avg\avg2012\Firefox4
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 295248]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
    R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2011-11-9 525840]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27016]
    R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-3 497280]
    R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe -service --> c:\program files\checkpoint\zonealarm\vsmon.exe -service [?]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-3 134608]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-3 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-3 16720]
    R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2007-4-23 224896]
    R3 s3legacy;s3legacy;c:\windows\system32\drivers\s3legacy.sys [2011-9-23 65664]
    S2 DCService.exe;DCService.exe;c:\documents and settings\all users\application data\datacardservice\dcservice.exe --> c:\documents and settings\all users\application data\datacardservice\DCService.exe [?]
    S3 epstw2k;SCM Parallel Port SCSI Driver;c:\windows\system32\drivers\epstw2k.sys [2011-7-31 114944]
    S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys --> c:\windows\system32\drivers\ewusbnet.sys [?]
    S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys --> c:\windows\system32\drivers\ew_jubusenum.sys [?]
    S3 N3AB;N3AB Wireless Network Adapter Service;c:\windows\system32\drivers\N3AB.sys [2005-12-23 457312]
    S3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\drivers\PTDUBus.sys [2009-3-14 29824]
    S3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\drivers\PTDUMdm.sys [2009-3-14 41344]
    S3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\drivers\PTDUVsp.sys [2009-3-14 39936]
    S3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\drivers\PTDUWWAN.sys [2009-3-14 59776]
    S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2011-5-3 86824]
    S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2011-5-3 15016]
    S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2011-5-3 114728]
    S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2011-5-3 106208]
    S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2011-5-3 26024]
    S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2011-5-3 104744]
    S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2011-5-3 109864]
    S3 s3m;s3m;c:\windows\system32\drivers\s3m.sys [2011-4-12 166720]
    S3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [2011-7-31 11520]
    S3 SiSV;SiSV;c:\windows\system32\drivers\SiSV.sys [2011-4-12 50432]
    S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\sony ericsson\sony ericsson pc companion\PCCService.exe [2011-5-3 150528]
    S4 DirMon2;DirMon2;C:/Program Files/Dragon Global/DirMon2/DirMon2.exe -be_the_service --> C:/Program Files/Dragon Global/DirMon2/DirMon2.exe -be_the_service [?]
    S4 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-10 14336]
    S4 TridWnW;PCI Audio Driver;c:\windows\system32\drivers\TridWnW.sys [2011-4-30 150872]
    .
    =============== Created Last 30 ================
    .
    2012-02-14 19:42:50 3072 ------w- c:\windows\system32\iacenc.dll
    2012-02-14 19:42:50 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
    2012-02-10 22:15:34 -------- d-----w- C:\OEMSettings
    .
    ==================== Find3M ====================
    .
    2012-01-12 16:53:24 1859968 ----a-w- c:\windows\system32\win32k.sys
    2011-12-17 19:46:36 916992 ----a-w- c:\windows\system32\wininet.dll
    2011-12-17 19:46:36 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-12-17 19:46:36 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-12-16 12:22:58 385024 ----a-w- c:\windows\system32\html.iec
    .
    ============= FINISH: 19:21:08.87 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 12/23/2005 3:47:02 PM
    System Uptime: 3/9/2012 9:36:13 PM (22 hours ago)
    .
    Motherboard: Dell Computer Corp. | | 0CF458
    Processor: Intel(R) Celeron(R) CPU 2.53GHz | Microprocessor | 2527/533mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 34 GiB total, 11.286 GiB free.
    E: is FIXED (NTFS) - 233 GiB total, 160.223 GiB free.
    F: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP1149: 2/7/2012 8:30:17 AM - System Checkpoint
    RP1150: 2/8/2012 8:51:41 AM - System Checkpoint
    RP1151: 2/10/2012 7:40:58 AM - System Checkpoint
    RP1152: 2/10/2012 3:12:15 PM - Configured NETGEAR WG111v3 wireless USB 2.0 adapter
    RP1153: 2/10/2012 3:14:53 PM - Installed NETGEAR WG111v3 wireless USB 2.0 adapter
    RP1154: 2/11/2012 3:49:07 PM - System Checkpoint
    RP1155: 2/12/2012 4:34:57 PM - System Checkpoint
    RP1156: 2/13/2012 7:55:23 PM - System Checkpoint
    RP1157: 2/14/2012 5:48:14 PM - Software Distribution Service 3.0
    RP1158: 2/15/2012 6:06:04 PM - System Checkpoint
    RP1159: 2/16/2012 6:34:43 PM - System Checkpoint
    RP1160: 2/17/2012 7:32:00 PM - System Checkpoint
    RP1161: 2/18/2012 8:04:38 PM - System Checkpoint
    RP1162: 2/19/2012 8:32:01 PM - System Checkpoint
    RP1163: 2/20/2012 9:32:05 PM - System Checkpoint
    RP1164: 2/21/2012 10:32:00 PM - System Checkpoint
    RP1165: 2/22/2012 11:32:00 PM - System Checkpoint
    RP1166: 2/23/2012 11:33:09 PM - System Checkpoint
    RP1167: 2/25/2012 1:19:01 PM - System Checkpoint
    RP1168: 2/26/2012 1:37:52 PM - System Checkpoint
    RP1169: 2/27/2012 2:50:45 PM - System Checkpoint
    RP1170: 2/28/2012 3:03:49 PM - System Checkpoint
    RP1171: 2/29/2012 3:36:47 PM - System Checkpoint
    RP1172: 3/1/2012 4:36:44 PM - System Checkpoint
    RP1173: 3/2/2012 5:37:49 PM - System Checkpoint
    RP1174: 3/7/2012 10:32:21 AM - System Checkpoint
    RP1175: 3/8/2012 10:45:57 AM - System Checkpoint
    RP1176: 3/9/2012 3:35:17 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    µTorrent
    7-Zip 4.42
    Adobe Flash Player 10 Plugin
    AOLIcon
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Avanquest update
    AVG 2012
    Calculator Powertoy for Windows XP
    Critical Update for Windows Media Player 11 (KB959772)
    Dell Digital Jukebox Driver
    Dell Driver Download Manager
    Dell Driver Reset Tool
    Dell Game Console
    Dell Media Experience
    Dell Support 3.1
    Dell Support Center (Support Software)
    Dell System Restore
    ERUNT 1.1j
    ESET Online Scanner v3
    EVEREST Home Edition v2.20
    GIMP 2.6.11
    Google Chrome
    Google Talk (remove only)
    Google Talk Plugin
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB915800-v4)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB981793)
    Intel(R) Extreme Graphics 2 Driver
    Intel(R) PRO Network Adapters and Drivers
    Intel(R) PROSet for Wired Connections
    Internet Explorer Default Page
    iTunes
    Java Auto Updater
    Java(TM) 7
    LAME v3.98.3 for Audacity
    LightScribe System Software 1.14.17.1
    Malwarebytes Anti-Malware version 1.60.1.1000
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Halo
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Standard
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Plus! Photo Story 2 LE
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Modem Helper
    Mozilla Firefox (3.6.12)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    MSXML 6 Service Pack 2 (KB973686)
    Nero 7 Essentials
    neroxml
    NetAlyzer
    NETGEAR WG111v3 wireless USB 2.0 adapter
    PANTECH UM175 Driver
    Photo Click
    QuickBooks Pro 2006
    QuickTime
    RealPlayer Basic
    Rosetta Stone 2.1.4.1A
    Safari
    Scrapbooks Plus Workshop
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Search 4 - KB963093
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2491683)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    Sony Ericsson PC Companion 2.01.149
    Spybot - Search & Destroy
    SUPERAntiSpyware
    System Explorer 3.0.4
    Task Catcher
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB971930)
    Update for Windows Internet Explorer 8 (KB972636)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2616676-v2)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VC 9.0 Runtime
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WD Diagnostics
    WebFldrs XP
    Windows Backup Utility
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Imaging Component
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 10
    Windows Media Player 11
    Windows Search 4.0
    Windows XP Service Pack 3
    WinPatrol
    Yahoo! Messenger
    ZoneAlarm Firewall
    ZoneAlarm Free
    ZoneAlarm Security
    ZoneAlarm Security Toolbar
    ZoneAlarm Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/9/2012 9:39:08 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
    3/9/2012 9:39:08 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    3/8/2012 4:53:24 AM, error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).
    3/7/2012 8:41:50 AM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 3 time(s).
    3/7/2012 8:21:42 AM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 2 time(s).
    3/7/2012 8:19:02 AM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 1 time(s).
    3/7/2012 7:42:15 AM, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    3/7/2012 7:42:15 AM, error: Service Control Manager [7000] - The DCService.exe service failed to start due to the following error: The system cannot find the file specified.
    3/7/2012 7:36:12 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    3/7/2012 7:36:12 AM, error: Service Control Manager [7031] - The ZoneAlarm Toolbar IswSvc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    3/7/2012 4:24:56 PM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 4 time(s).
    3/7/2012 11:13:16 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.117 with the system having network hardware address 00:1C:BE:B1:AF:36. Network operations on this system may be disrupted as a result.
    3/6/2012 8:21:58 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
    3/6/2012 11:15:24 PM, error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 2 time(s).
    .
    ==== End Of File ===========================
  5. 2012-03-12, 12:38 #5
    Scolabar
    Scolabar is offline
    Emeritus- Malware Team
    Join Date
    Aug 2011
    Posts
    148

    Default

    Hi musicalpulltoy,

    Thank you for the logs and feedback.

    I notice that the µTorrent P2P File Sharing software is still installed on the computer. If you wish to continue receiving assistance, please remove the program as requested in my previous post.

    In addition to the instructions below please confirm how many people use the computer.

    Again, please remember to read the instructions below carefully before executing and perform the steps, in the order given.
    If you have any questions about or problems executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

    Before proceeding please make sure any open programs are closed.

    Step 1:
    MGA Diagnostics

    1. Please download this tool from Microsoft and Save it to your Desktop.
    2. Double-click on MGADiag.exe to launch the program.
    3. Click on the Continue button to proceed.
    4. The program will now run. It will take a short while to complete its diagnosis, please be patient.
    5. When it has finished click on the Copy button.
    6. Click on Start > Run.
    7. In the text entry box type:

      Notepad

    8. Then click on the OK button.
    9. This will open an empty Notepad file.
    10. Paste the copied contents into the new Notepad window and Save the file as mgadiag.txt to your Desktop.
    11. Click on the OK button to exit the MGA Diagnostics program.
    12. Then Copy and Paste the entire contents of mgadiag.txt into your next reply.

    Step 2:
    Re-Run DDS

    Please re-run DDS. Then Copy and Paste the contents of the Attach.txt log into your next reply.

    Step3:
    Include in Next Post

    1. Did you have any problems carrying out the instructions?
    2. Confirm the removal of the µTorrent P2P File Sharing software.
    3. How many people use the computer?
    4. mgadiag.txt
    5. Attach.txt.


    Scolabar
    --------------------------------------------------------------------------
    No Reply Within 3 Days Will Result In Your Topic Being Closed
    Last edited by Scolabar; 2012-03-12 at 12:48.
    Malware Removal University - You too could train to help others
  6. 2012-03-12, 15:01 #6
    musicalpulltoy
    musicalpulltoy is offline
    Senior Member musicalpulltoy's Avatar
    Join Date
    Mar 2009
    Posts
    104

    Default

    HIYA
    just me and my daughter use thi pc on the 1 profile.
    utorentz is gone.
    everything has gone smooth so far.

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Genuine
    Validation Code: 0
    Cached Validation Code: N/A
    Windows Product Key: *****-*****-GD6GR-K6DP3-4C8MT
    Windows Product Key Hash: s2kt66ZJWfV4nS1wFD5F9bxTSDw=
    Windows Product ID: 76477-OEM-2111907-00102
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 5.1.2600.2.00010300.3.0.hom
    ID: {05D19138-9C93-473E-B1C2-CF7405AB822F}(3)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: Registered, 1.7.69.2
    Signed By: Microsoft
    Product Name: N/A
    Architecture: N/A
    Build lab: N/A
    TTS Error: N/A
    Validation Diagnostic: 025D1FF3-230-1
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A
    Version: N/A

    Windows XP Notifications Data-->
    Cached Result: 0
    File Exists: Yes
    Version: 1.7.17.0
    WgaTray.exe Signed By: Microsoft
    WgaLogon.dll Signed By: Microsoft

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office XP Standard - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{05D19138-9C93-473E-B1C2-CF7405AB822F}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010300.3.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-4C8MT</PKey><PID>76477-OEM-2111907-00102</PID><PIDType>2</PIDType><SID>S-1-5-21-1668751319-4250827956-263943839</SID><SYSTEM><Manufacturer>Dell Computer Corporation</Manufacturer><Model>Dell DE051 </Model></SYSTEM><BIOS><Manufacturer>Dell Computer Corporation</Manufacturer><Version>A01</Version><SMBIOSVersion major="2" minor="3"/><Date>20060103000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>BC083B6F0184607C</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>US Mountain Standard Time(GMT-07:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Dell Dimension DE051</name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.17.0"/><File Name="WgaLogon.dll" Version="1.7.17.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120409-6000-11D3-8CFE-0050048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office XP Standard</Name><Ver>10</Ver><Val>D654C153799E2A</Val><Hash>PTShsZJqiZBUt44bnPrpOz/7tas=</Hash><Pid>54187-700-2396375-17948</Pid><PidType>1</PidType></Product></Products><Applications><App Id="16" Version="10" Result="100"/><App Id="18" Version="10" Result="100"/><App Id="1A" Version="10" Result="100"/><App Id="1B" Version="10" Result="100"/></Applications></Office></Software></GenuineResults>

    Licensing Data-->
    N/A

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    N/A

    OEM Activation 1.0 Data-->
    BIOS string matches: yes
    Marker string from BIOS: 1B2B6:Dell Inc|1B2B6:Microsoft Corporation
    Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

    OEM Activation 2.0 Data-->
    N/A



    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 12/23/2005 3:47:02 PM
    System Uptime: 3/9/2012 9:36:13 PM (57 hours ago)
    .
    Motherboard: Dell Computer Corp. | | 0CF458
    Processor: Intel(R) Celeron(R) CPU 2.53GHz | Microprocessor | 2527/533mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 34 GiB total, 11.192 GiB free.
    E: is FIXED (NTFS) - 233 GiB total, 160.223 GiB free.
    F: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP1149: 2/7/2012 8:30:17 AM - System Checkpoint
    RP1150: 2/8/2012 8:51:41 AM - System Checkpoint
    RP1151: 2/10/2012 7:40:58 AM - System Checkpoint
    RP1152: 2/10/2012 3:12:15 PM - Configured NETGEAR WG111v3 wireless USB 2.0 adapter
    RP1153: 2/10/2012 3:14:53 PM - Installed NETGEAR WG111v3 wireless USB 2.0 adapter
    RP1154: 2/11/2012 3:49:07 PM - System Checkpoint
    RP1155: 2/12/2012 4:34:57 PM - System Checkpoint
    RP1156: 2/13/2012 7:55:23 PM - System Checkpoint
    RP1157: 2/14/2012 5:48:14 PM - Software Distribution Service 3.0
    RP1158: 2/15/2012 6:06:04 PM - System Checkpoint
    RP1159: 2/16/2012 6:34:43 PM - System Checkpoint
    RP1160: 2/17/2012 7:32:00 PM - System Checkpoint
    RP1161: 2/18/2012 8:04:38 PM - System Checkpoint
    RP1162: 2/19/2012 8:32:01 PM - System Checkpoint
    RP1163: 2/20/2012 9:32:05 PM - System Checkpoint
    RP1164: 2/21/2012 10:32:00 PM - System Checkpoint
    RP1165: 2/22/2012 11:32:00 PM - System Checkpoint
    RP1166: 2/23/2012 11:33:09 PM - System Checkpoint
    RP1167: 2/25/2012 1:19:01 PM - System Checkpoint
    RP1168: 2/26/2012 1:37:52 PM - System Checkpoint
    RP1169: 2/27/2012 2:50:45 PM - System Checkpoint
    RP1170: 2/28/2012 3:03:49 PM - System Checkpoint
    RP1171: 2/29/2012 3:36:47 PM - System Checkpoint
    RP1172: 3/1/2012 4:36:44 PM - System Checkpoint
    RP1173: 3/2/2012 5:37:49 PM - System Checkpoint
    RP1174: 3/7/2012 10:32:21 AM - System Checkpoint
    RP1175: 3/8/2012 10:45:57 AM - System Checkpoint
    RP1176: 3/9/2012 3:35:17 PM - System Checkpoint
    RP1177: 3/10/2012 8:10:06 PM - System Checkpoint
    RP1178: 3/11/2012 8:41:36 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    7-Zip 4.42
    Adobe Flash Player 10 Plugin
    AOLIcon
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Avanquest update
    AVG 2012
    Calculator Powertoy for Windows XP
    Critical Update for Windows Media Player 11 (KB959772)
    Dell Digital Jukebox Driver
    Dell Driver Download Manager
    Dell Driver Reset Tool
    Dell Game Console
    Dell Media Experience
    Dell Support 3.1
    Dell Support Center (Support Software)
    Dell System Restore
    ERUNT 1.1j
    ESET Online Scanner v3
    EVEREST Home Edition v2.20
    GIMP 2.6.11
    Google Chrome
    Google Talk (remove only)
    Google Talk Plugin
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB915800-v4)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB981793)
    Intel(R) Extreme Graphics 2 Driver
    Intel(R) PRO Network Adapters and Drivers
    Intel(R) PROSet for Wired Connections
    Internet Explorer Default Page
    iTunes
    Java Auto Updater
    Java(TM) 7
    LAME v3.98.3 for Audacity
    LightScribe System Software 1.14.17.1
    Malwarebytes Anti-Malware version 1.60.1.1000
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Halo
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Standard
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Plus! Photo Story 2 LE
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Modem Helper
    Mozilla Firefox (3.6.12)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    MSXML 6 Service Pack 2 (KB973686)
    Nero 7 Essentials
    neroxml
    NetAlyzer
    NETGEAR WG111v3 wireless USB 2.0 adapter
    PANTECH UM175 Driver
    Photo Click
    QuickBooks Pro 2006
    QuickTime
    RealPlayer Basic
    Rosetta Stone 2.1.4.1A
    Safari
    Scrapbooks Plus Workshop
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Search 4 - KB963093
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2491683)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    Sony Ericsson PC Companion 2.01.149
    Spybot - Search & Destroy
    SUPERAntiSpyware
    System Explorer 3.0.4
    Task Catcher
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB971930)
    Update for Windows Internet Explorer 8 (KB972636)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2616676-v2)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VC 9.0 Runtime
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WD Diagnostics
    WebFldrs XP
    Windows Backup Utility
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Imaging Component
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 10
    Windows Media Player 11
    Windows Search 4.0
    Windows XP Service Pack 3
    WinPatrol
    Yahoo! Messenger
    ZoneAlarm Firewall
    ZoneAlarm Free
    ZoneAlarm Security
    ZoneAlarm Security Toolbar
    ZoneAlarm Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/9/2012 9:39:08 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
    3/9/2012 9:39:08 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    3/8/2012 4:53:24 AM, error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).
    3/7/2012 8:41:50 AM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 3 time(s).
    3/7/2012 8:21:42 AM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 2 time(s).
    3/7/2012 8:19:02 AM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 1 time(s).
    3/7/2012 7:42:15 AM, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    3/7/2012 7:42:15 AM, error: Service Control Manager [7000] - The DCService.exe service failed to start due to the following error: The system cannot find the file specified.
    3/7/2012 7:36:12 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    3/7/2012 7:36:12 AM, error: Service Control Manager [7031] - The ZoneAlarm Toolbar IswSvc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    3/7/2012 4:24:56 PM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 4 time(s).
    3/7/2012 11:13:16 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.117 with the system having network hardware address 00:1C:BE:B1:AF:36. Network operations on this system may be disrupted as a result.
    3/6/2012 8:21:58 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
    3/6/2012 11:15:24 PM, error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 2 time(s).
    .
    ==== End Of File ===========================
  7. 2012-03-13, 11:57 #7
    Scolabar
    Scolabar is offline
    Emeritus- Malware Team
    Join Date
    Aug 2011
    Posts
    148

    Default

    Hi musicalpulltoy,

    Thank you for the logs.

    Before proceeding we need to deal with the following issue:

    Step 1:
    Cracks, Keygens and Warez

    The recent logs you have posted show that cracked software has been downloaded and installed on this computer.

    In using a crack, the 'cracker' has broken the 'End User Licence Agreement' (EULA) of the product.
    The distribution and use of cracked copies is illegal in almost every developed country.

    This forum's policy on the matter of illegal Pirated/Warez/Cracked software is clearly stated HERE under the "BEFORE You POST"(Please read this Procedure Before Requesting Assistance).

    I strongly advise you stay away from using Cracks, Keygens and/or Warez in future.
    They are one of the biggest causes of malware infection around. It is little wonder you systems have become infected what with the P2P software and the cracks!

    In line with this forum's policy ALL such software present on the system will need to be removed in order to proceed with continued assistance. If you in agreement with this please continue with Step 2 below.

    Step 2:
    Remove/Uninstall Cracked Programs

    Please remove/uninstall ALL illegal/cracked programs present on the system.

    Step 3:
    CKScanner

    1. Please re-run the CKScanner tool just ONCE again.
    2. Then Copy and Paste the entire contents of the ckfiles.txt file into your next reply.

    Step 4:
    Re-Run DDS

    Please re-run DDS. Then Copy and Paste the contents of the Attach.txt log into your next reply.

    Step 5:
    Include in Next Post

    1. Did you have any problems carrying out the instructions?
    2. ckfiles.txt
    3. Attach.txt.


    Scolabar
    --------------------------------------------------------------------------
    No Reply Within 3 Days Will Result In Your Topic Being Closed
    Malware Removal University - You too could train to help others
  8. 2012-03-13, 21:02 #8
    musicalpulltoy
    musicalpulltoy is offline
    Senior Member musicalpulltoy's Avatar
    Join Date
    Mar 2009
    Posts
    104

    Default

    hi!
    guess their all gone although it not right to tell people what they can and cannot have.
    they probably came with the pc, remember its used.


    CKScanner - Additional Security Risks - These are not necessarily bad
    c:\program files\gimp-2.0\share\gimp\2.0\patterns\cracked.pat
    c:\_otl\movedfiles\10012011_143750\c_documents and settings\dad\local settings\application data\im\sound\tchaikovsky_the_nutcracker.imw
    scanner sequence 3.AA.11.UGEMEF
    ----- EOF -----

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 12/23/2005 3:47:02 PM
    System Uptime: 3/9/2012 9:36:13 PM (87 hours ago)
    .
    Motherboard: Dell Computer Corp. | | 0CF458
    Processor: Intel(R) Celeron(R) CPU 2.53GHz | Microprocessor | 2527/533mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 34 GiB total, 11.161 GiB free.
    E: is FIXED (NTFS) - 233 GiB total, 160.223 GiB free.
    F: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP1149: 2/7/2012 8:30:17 AM - System Checkpoint
    RP1150: 2/8/2012 8:51:41 AM - System Checkpoint
    RP1151: 2/10/2012 7:40:58 AM - System Checkpoint
    RP1152: 2/10/2012 3:12:15 PM - Configured NETGEAR WG111v3 wireless USB 2.0 adapter
    RP1153: 2/10/2012 3:14:53 PM - Installed NETGEAR WG111v3 wireless USB 2.0 adapter
    RP1154: 2/11/2012 3:49:07 PM - System Checkpoint
    RP1155: 2/12/2012 4:34:57 PM - System Checkpoint
    RP1156: 2/13/2012 7:55:23 PM - System Checkpoint
    RP1157: 2/14/2012 5:48:14 PM - Software Distribution Service 3.0
    RP1158: 2/15/2012 6:06:04 PM - System Checkpoint
    RP1159: 2/16/2012 6:34:43 PM - System Checkpoint
    RP1160: 2/17/2012 7:32:00 PM - System Checkpoint
    RP1161: 2/18/2012 8:04:38 PM - System Checkpoint
    RP1162: 2/19/2012 8:32:01 PM - System Checkpoint
    RP1163: 2/20/2012 9:32:05 PM - System Checkpoint
    RP1164: 2/21/2012 10:32:00 PM - System Checkpoint
    RP1165: 2/22/2012 11:32:00 PM - System Checkpoint
    RP1166: 2/23/2012 11:33:09 PM - System Checkpoint
    RP1167: 2/25/2012 1:19:01 PM - System Checkpoint
    RP1168: 2/26/2012 1:37:52 PM - System Checkpoint
    RP1169: 2/27/2012 2:50:45 PM - System Checkpoint
    RP1170: 2/28/2012 3:03:49 PM - System Checkpoint
    RP1171: 2/29/2012 3:36:47 PM - System Checkpoint
    RP1172: 3/1/2012 4:36:44 PM - System Checkpoint
    RP1173: 3/2/2012 5:37:49 PM - System Checkpoint
    RP1174: 3/7/2012 10:32:21 AM - System Checkpoint
    RP1175: 3/8/2012 10:45:57 AM - System Checkpoint
    RP1176: 3/9/2012 3:35:17 PM - System Checkpoint
    RP1177: 3/10/2012 8:10:06 PM - System Checkpoint
    RP1178: 3/11/2012 8:41:36 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    7-Zip 4.42
    Adobe Flash Player 10 Plugin
    AOLIcon
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Avanquest update
    AVG 2012
    Calculator Powertoy for Windows XP
    Critical Update for Windows Media Player 11 (KB959772)
    Dell Digital Jukebox Driver
    Dell Driver Download Manager
    Dell Driver Reset Tool
    Dell Game Console
    Dell Media Experience
    Dell Support 3.1
    Dell Support Center (Support Software)
    Dell System Restore
    ERUNT 1.1j
    ESET Online Scanner v3
    EVEREST Home Edition v2.20
    GIMP 2.6.11
    Google Chrome
    Google Talk (remove only)
    Google Talk Plugin
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB915800-v4)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB981793)
    Intel(R) Extreme Graphics 2 Driver
    Intel(R) PRO Network Adapters and Drivers
    Intel(R) PROSet for Wired Connections
    Internet Explorer Default Page
    iTunes
    Java Auto Updater
    Java(TM) 7
    LAME v3.98.3 for Audacity
    LightScribe System Software 1.14.17.1
    Malwarebytes Anti-Malware version 1.60.1.1000
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Halo
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Standard
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Plus! Photo Story 2 LE
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Modem Helper
    Mozilla Firefox (3.6.12)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    MSXML 6 Service Pack 2 (KB973686)
    Nero 7 Essentials
    neroxml
    NetAlyzer
    NETGEAR WG111v3 wireless USB 2.0 adapter
    PANTECH UM175 Driver
    Photo Click
    QuickBooks Pro 2006
    QuickTime
    RealPlayer Basic
    Rosetta Stone 2.1.4.1A
    Safari
    Scrapbooks Plus Workshop
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Search 4 - KB963093
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2491683)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    Sony Ericsson PC Companion 2.01.149
    Spybot - Search & Destroy
    SUPERAntiSpyware
    System Explorer 3.0.4
    Task Catcher
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB971930)
    Update for Windows Internet Explorer 8 (KB972636)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2616676-v2)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VC 9.0 Runtime
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WD Diagnostics
    WebFldrs XP
    Windows Backup Utility
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Imaging Component
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 10
    Windows Media Player 11
    Windows Search 4.0
    Windows XP Service Pack 3
    WinPatrol
    Yahoo! Messenger
    ZoneAlarm Firewall
    ZoneAlarm Free
    ZoneAlarm Security
    ZoneAlarm Security Toolbar
    ZoneAlarm Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/9/2012 9:39:08 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
    3/9/2012 9:39:08 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    3/8/2012 4:53:24 AM, error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).
    3/7/2012 8:41:50 AM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 3 time(s).
    3/7/2012 8:21:42 AM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 2 time(s).
    3/7/2012 8:19:02 AM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 1 time(s).
    3/7/2012 7:42:15 AM, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    3/7/2012 7:42:15 AM, error: Service Control Manager [7000] - The DCService.exe service failed to start due to the following error: The system cannot find the file specified.
    3/7/2012 7:36:12 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    3/7/2012 7:36:12 AM, error: Service Control Manager [7031] - The ZoneAlarm Toolbar IswSvc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    3/7/2012 4:24:56 PM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 4 time(s).
    3/7/2012 11:13:16 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.117 with the system having network hardware address 00:1C:BE:B1:AF:36. Network operations on this system may be disrupted as a result.
    3/6/2012 8:21:58 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
    3/6/2012 11:15:24 PM, error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 2 time(s).
    .
    ==== End Of File ===========================
  9. 2012-03-14, 17:10 #9
    Scolabar
    Scolabar is offline
    Emeritus- Malware Team
    Join Date
    Aug 2011
    Posts
    148

    Default

    Hi musicalpulltoy,

    Quote Originally Posted by musicalpulltoy
    guess their all gone although it not right to tell people what they can and cannot have.
    they probably came with the pc, remember its used.
    I agree that it the user's choice to be able to choose what software to run.
    However, it is not reasonable to expect helpers here at S-N, or at any other respectable help forum for that matter, to assist users with illegal software on their systems.
    That would be tantamount to condoning the use of such software.

    It is important to remember that it is the helpers who give their own time freely to assist users such as yourself with their malware problems, and it is the helper's prerogative to continue to assist the user or withdraw their support.

    CKScanner Query

    Please confirm whether or not the CKScanner tool was run once only, as per my instructions.

    Scolabar
    --------------------------------------------------------------------------
    No Reply Within 3 Days Will Result In Your Topic Being Closed
    Malware Removal University - You too could train to help others
  10. 2012-03-14, 19:50 #10
    musicalpulltoy
    musicalpulltoy is offline
    Senior Member musicalpulltoy's Avatar
    Join Date
    Mar 2009
    Posts
    104

    Default

    hellooo
    i ran it a second time after reading it and deleting another part of the cracks.
    also i have had no problems running any of then programs you asked about earlier.
    are we good now?
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules