Author Topic: relevant knowledge and atdm (Read 41816 times)

darcomputer · « **on:** September 13, 2011, 03:37:44 PM »

I've had problems for a long time. Relevant Knowledge I can't get rid of. And atpm, sry if wrong spelling is hard to get rid of also. Computer is slow, freezes up with IE asking me to send error reports. help plz

darcomputer · « **Reply #1 on:** September 13, 2011, 03:40:38 PM »

I have done everything requested from 'read this before posting', downloaded and ran 'hijack this' I own Superantispyware, etc In order.

Quantos · « **Reply #2 on:** September 13, 2011, 03:48:44 PM »

You need to read and follow the information HERE.
Post the requested logs and someone who is far wiser than me will help you out.

Allan · « **Reply #3 on:** September 13, 2011, 03:49:25 PM »

Please follow the instructions in the following link and post your logs:
http://www.computerhope.com/forum/index.php/topic,46313.0.html

darcomputer · « **Reply #4 on:** September 13, 2011, 03:57:55 PM »

i'm sry but i followed your link but don't see the instructions on how to NOT post as a reply

Allan · « **Reply #5 on:** September 13, 2011, 03:58:57 PM »

Please post the logs in this thread. Sorry for any confusion.

darcomputer · « **Reply #6 on:** September 13, 2011, 04:00:03 PM »

i run xp pro sp3

Quantos · « **Reply #7 on:** September 13, 2011, 04:02:57 PM »

Quote from: darcomputer on September 13, 2011, 04:00:03 PM

i run xp pro sp3

Allan, do you still have my pliers?

darcomputer · « **Reply #8 on:** September 13, 2011, 04:10:42 PM »

sry they are all attachments

[regaining space - attachment deleted by admin]

Allan · « **Reply #9 on:** September 13, 2011, 04:16:55 PM »

A malware specialist will help you as soon as possible. Meanwhile, please make it easier for him and copy and paste the contents of those logs into your next post rather than using attachments. Thank you.

darcomputer · « **Reply #10 on:** September 13, 2011, 04:29:26 PM »

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/11/2011 at 11:08 AM

Application Version : 5.0.1118

Core Rules Database Version : 7673
Trace Rules Database Version: 5485

Scan type : Complete Scan
Total Scan Time : 00:47:21

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 575
Memory threats detected : 0
Registry items scanned : 36750
Registry threats detected : 0
File items scanned : 106270
File threats detected : 17

Adware.Tracking Cookie
   C:\Documents and Settings\Darlene\Cookies\B56ZTV94.txt
   C:\Documents and Settings\Darlene\Cookies\T22L6PJ7.txt
   C:\Documents and Settings\Darlene\Cookies\KHCVP985.txt
   C:\Documents and Settings\Darlene\Cookies\4M8PURA6.txt
   C:\Documents and Settings\Darlene\Cookies\S2DXJNWP.txt
   C:\Documents and Settings\Darlene\Cookies\G0TXPP2G.txt
   C:\Documents and Settings\Darlene\Cookies\5BK0946J.txt
   C:\Documents and Settings\Darlene\Cookies\16S3MUK1.txt
   C:\Documents and Settings\Darlene\Cookies\I5IRFJQC.txt
   C:\Documents and Settings\Darlene\Cookies\8M1A865Z.txt
   C:\Documents and Settings\Darlene\Cookies\SY13HLME.txt
   C:\Documents and Settings\Darlene\Cookies\EKA17RYV.txt
   C:\Documents and Settings\Darlene\Cookies\211P2RYS.txt
   C:\Documents and Settings\Darlene\Cookies\N5YENYAB.txt
   C:\Documents and Settings\Darlene\Cookies\B8BWHXOL.txt
   C:\Documents and Settings\Darlene\Cookies\RL1HOG55.txt
   vitamine.networldmedia.net [ C:\DOCUMENTS AND SETTINGS\DARLENE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2MNN8U74 ]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:22:21 PM, on 9/12/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsgk32st.exe
C:\Program Files\COGECO Security Services\Common\FSMA32.EXE
C:\Program Files\COGECO Security Services\Anti-Virus\FSGK32.EXE
C:\Program Files\COGECO Security Services\Common\FSHDLL32.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\tlntsvr.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
C:\Program Files\COGECO Security Services\FWES\Program\fsdfwd.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fssm32.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\COGECO Security Services\Common\FSM32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Microsoft Silverlight\4.0.60531.0\agcp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Darlene\Local Settings\Temporary Internet Files\Content.IE5\14VJT9US\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.msn.com/?lang=en-ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.computerhope.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101791&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {96b985b7-3cf9-456a-9db6-791710e60f5f} - C:\Program Files\MyPoints Point Finder\Helper.dll
R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: FCTBPos00Pos - {614BDA1F-9BEF-4CD1-BDE4-FA4804929B4A} - C:\Program Files\MyPoints Point Finder\Toolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file)
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\COGECO Security Services\NRS\iescript\baselitmus.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MyPoints Point Finder - {89A2510A-B4B6-4683-BEC9-1B96700BC7F1} - C:\Program Files\MyPoints Point Finder\Toolbar.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\COGECO Security Services\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\COGECO Security Services\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\COGECO Security Services\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b5 -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b5 -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - Startup: CNET TechTracker.lnk = C:\Documents and Settings\Darlene\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Go to PlaySushi web site - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} - https://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {5D2CF9D0-113A-476B-986F-288B54571614} (DevalVR Control) - http://www.devalvr.com/instalacion/plugin/devalvrplugin.php
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237576997218
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} (ZPA_WheelOfFortune Object) - http://zone.msn.com/bingame/zpagames/zpa_wof.cab55579.cab
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} (WorldWinner ActiveX Launcher Control) - http://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (MSN Games – Hearts) - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - http://www.worldwinner.com/games/v42/tilecity/tilecity.cab
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinner.com/games/v43/paint/paint.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553550000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.98.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://linksyssupport.webex.com/client/T27L10NSP11EP13-5395-linksyssupport/support/ieatgpc.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} (CPlayFirstSweetopiaControl Object) - http://zone.msn.com/bingame/swet/default/Sweetopia.1.0.0.46.cab
O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} (MSN Games – Backgammon) - http://zone.msn.com/bingame/zpagames/ZPA_Backgammon.cab64162.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\COGECO Security Services\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\COGECO Security Services\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\COGECO Security Services\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\COGECO Security Services\ORSP Client\fsorsp.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: vseamps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
O23 - Service: vsedsps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
O23 - Service: vseqrts - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe

--
End of file - 13464 bytes

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7702

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9/12/2011 3:53:47 PM
mbam-log-2011-09-12 (15-53-47).txt

Scan type: Quick scan
Objects scanned: 177583
Time elapsed: 6 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\activex.DLL (Adware.180Solutions) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

darcomputer · « **Reply #11 on:** September 13, 2011, 04:43:09 PM »

the last Relevant Knowledge email i recieved was Sept. 2. i have them going into my junk email

Allan · « **Reply #12 on:** September 13, 2011, 04:48:55 PM »

Please stop posting. Just wait for a malware specialist to reply.

SuperDave · « **Reply #13 on:** September 13, 2011, 06:41:54 PM »

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.

1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )

darcomputer · « **Reply #14 on:** September 14, 2011, 06:34:56 AM »

had a really hard time getting back my computer, froze many times but worked this time

connected to the computer and AV on:

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Darlene at 21:55:25 on 2011-09-13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1919.1044 [GMT -4:00]
.
AV: COGECO Security Services 9.01 *Enabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: COGECO Security Services 9.01 *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsgk32st.exe
C:\Program Files\COGECO Security Services\Common\FSMA32.EXE
C:\Program Files\COGECO Security Services\Anti-Virus\FSGK32.EXE
C:\Program Files\COGECO Security Services\Common\FSHDLL32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\tlntsvr.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fssm32.exe
C:\Program Files\COGECO Security Services\FWES\Program\fsdfwd.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\COGECO Security Services\Common\FSM32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Darlene\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.computerhope.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
uURLSearchHooks: H - No File
uURLSearchHooks: FCToolbarURLSearchHook Class: {96b985b7-3cf9-456a-9db6-791710e60f5f} - c:\program files\mypoints point finder\Helper.dll
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: MyPoints Point Finder BHO: {614bda1f-9bef-4cd1-bde4-fa4804929b4a} - c:\program files\mypoints point finder\Toolbar.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files\cogeco security services\nrs\iescript\baselitmus.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MyPoints Point Finder: {89a2510a-b4b6-4683-bec9-1b96700bc7f1} - c:\program files\mypoints point finder\Toolbar.dll
TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files\cogeco security services\nrs\iescript\baselitmus.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [lxcemon.exe] "c:\program files\lexmark 4300 series\lxcemon.exe"
mRun: [EzPrint] "c:\program files\lexmark 4300 series\ezprint.exe"
mRun: [LXCECATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCEtime.dll,_RunDLLEntry@16
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [F-Secure Manager] "c:\program files\cogeco security services\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "c:\program files\cogeco security services\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRunOnce: [WUAppSetup] c:\program files\common files\logishrd\WUApp32.exe -v 0x046d -p 0x08b5 -f video -m logitech -d 10.5.1.2023
StartupFolder: c:\docume~1\darlene\startm~1\programs\startup\cnette~1.lnk - c:\documents and settings\darlene\application data\cbs interactive\cnet techtracker\TechTracker.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB}
Trusted Zone: facebook.com\www
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/common/asusTek_sys_ctrl.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} - hxxps://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
DPF: {5D2CF9D0-113A-476B-986F-288B54571614} - hxxp://www.devalvr.com/instalacion/plugin/devalvrplugin.php
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237576997218
DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} - hxxp://zone.msn.com/bingame/zpagames/zpa_wof.cab55579.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} - hxxp://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab
DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} - hxxp://zone.msn.com/binGame/ZAxRcMgr.cab
DPF: {A4110378-789B-455F-AE86-3A1BFC402853} - hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} - hxxp://www.worldwinner.com/games/v42/tilecity/tilecity.cab
DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} - hxxp://www.worldwinner.com/games/v43/paint/paint.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553550000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.98.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://linksyssupport.webex.com/client/T27L10NSP11EP13-5395-linksyssupport/support/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} - hxxp://zone.msn.com/bingame/swet/default/Sweetopia.1.0.0.46.cab
DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} - hxxp://zone.msn.com/bingame/zpagames/ZPA_Backgammon.cab64162.cab
TCP: DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194
TCP: Interfaces\{BC44D23C-E2E6-4FDB-BE8D-AD1BEF8F5D5E} : DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
LSA: Authentication Packages = msv1_0 nwprovau
Hosts: 127.0.0.1   www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2011-3-26 42672]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-3-26 82120]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\cogeco security services\hips\drivers\fshs.sys [2011-3-26 68064]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-5-4 116608]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files\cogeco security services\anti-virus\fsgk32st.exe [2011-3-26 215648]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-12 366152]
R2 vseamps;vseamps;c:\program files\common files\authentium\antivirus5\vseamps.exe [2010-4-8 117288]
R2 vsedsps;vsedsps;c:\program files\common files\authentium\antivirus5\vsedsps.exe [2010-4-8 117288]
R2 vseqrts;vseqrts;c:\program files\common files\authentium\antivirus5\vseqrts.exe [2010-4-8 154152]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\cogeco security services\anti-virus\minifilter\fsgk.sys [2011-3-26 148632]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\cogeco security services\orsp client\fsorsp.exe [2011-3-26 61088]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-12 22216]
S1 SABKUTIL;SABKUTIL;\??\c:\documents and settings\darlene\local settings\temporary internet files\content.ie5\sooa4naj\saskutil.sys --> c:\documents and settings\darlene\local settings\temporary internet files\content.ie5\sooa4naj\SASKUTIL.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-19 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-10-22 1684736]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-7-19 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-9-12 41272]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\cogeco security services\anti-virus\win2k\fsfilter.sys [2011-3-26 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\cogeco security services\anti-virus\win2k\fsrec.sys [2011-3-26 25184]
.
=============== Created Last 30 ================
.
2011-09-14 01:43:38   709968   ----a-w-   c:\windows\isRS-000.tmp
2011-09-13 19:00:25   7152464   ----a-w-   c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{d49da1d4-9035-47c2-a70b-6d9cc4863102}\mpengine.dll
2011-09-12 20:26:07   --------   d-----w-   c:\program files\ACW
2011-09-12 19:45:28   --------   d-----w-   c:\documents and settings\darlene\application data\CBS Interactive
2011-09-12 19:41:25   41272   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-12 19:41:16   22216   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-09-09 20:00:22   --------   d-----w-   c:\program files\File Type Assistant
2011-09-09 19:59:16   --------   d-----w-   c:\program files\Free Offers from Freeze.com
2011-09-06 19:01:19   --------   d-----w-   c:\program files\CCleaner
2011-09-06 18:00:44   7152464   ----a-w-   c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-09-06 18:00:40   222080   ------w-   c:\windows\system32\MpSigStub.exe
2011-09-03 15:44:02   --------   d-----w-   c:\documents and settings\darlene\application data\VirtualStore
2011-08-29 04:31:44   5632   ----a-w-   c:\windows\system32\ptpusb.dll
2011-08-29 04:31:43   159232   ----a-w-   c:\windows\system32\ptpusd.dll
2011-08-24 02:36:25   --------   d-----w-   c:\program files\iPod
2011-08-24 02:36:23   --------   d-----w-   c:\program files\iTunes
2011-08-24 02:33:23   4517664   ----a-w-   c:\windows\system32\usbaaplrc.dll
2011-08-24 02:33:23   42496   ----a-w-   c:\windows\system32\drivers\usbaapl.sys
2011-08-24 02:33:04   --------   d-----w-   c:\program files\Bonjour
2011-08-24 02:29:51   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-08-24 02:29:51   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-08-24 02:29:51   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-08-24 02:29:50   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-08-24 02:29:50   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-08-24 02:29:50   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-08-24 02:29:50   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin.dll
2011-08-23 00:50:01   --------   d-----w-   c:\program files\SecondLifeViewer2
.
==================== Find3M ====================
.
2011-09-09 09:12:13   599040   ----a-w-   c:\windows\system32\crypt32.dll
2011-09-02 02:55:43   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-17 21:17:18   42672   ----a-w-   c:\windows\system32\drivers\fsbts.sys
2011-07-19 09:05:24   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2011-07-19 06:40:05   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2011-07-15 13:29:31   456320   ----a-w-   c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 15:20:54   83816   ----a-w-   c:\windows\system32\dns-sd.exe
2011-07-12 15:20:54   73064   ----a-w-   c:\windows\system32\dnssd.dll
2011-07-12 15:20:54   50536   ----a-w-   c:\windows\system32\jdns_sd.dll
2011-07-12 15:20:54   178536   ----a-w-   c:\windows\system32\dnssdX.dll
2011-07-08 14:02:00   10496   ----a-w-   c:\windows\system32\drivers\ndistapi.sys
2011-07-05 22:37:00   94208   ----a-w-   c:\windows\system32\QuickTimeVR.qtx
2011-07-05 22:37:00   69632   ----a-w-   c:\windows\system32\QuickTime.qts
2011-06-24 14:10:36   139656   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30   916480   ----a-w-   c:\windows\system32\wininet.dll
2011-06-23 18:36:30   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13   385024   ----a-w-   c:\windows\system32\html.iec
2011-06-20 17:44:52   293376   ----a-w-   c:\windows\system32\winsrv.dll
2011-06-08 04:20:53   11363664   ----a-w-   c:\program files\SUPERAntiSpywarePro.exe
2011-06-08 03:48:23   7109120   ----a-w-   c:\program files\registrybooster.exe
2011-06-01 03:24:00   9352392   ----a-w-   c:\program files\Install_MSN_Messenger
2011-05-07 06:07:09   440   ----a-w-   c:\program files\050720112070929.bat
2011-04-28 02:33:05   9013888   ----a-w-   c:\program files\MSNOIE8_ENCA_XPL.EXE
2011-02-22 02:06:51   442   -c--a-w-   c:\program files\0221201121065109.bat
2011-01-31 02:03:58   5095264   ----a-w-   c:\program files\FLVPlayerSetup.exe
2011-01-21 20:06:58   208072   ----a-w-   c:\program files\bigfishgamesRainbowWEb2.exe
2011-01-21 18:37:54   208072   ----a-w-   c:\program files\bigfishgamesSUperGRanny.exe
2010-10-19 21:18:43   554280   ----a-w-   c:\program files\Mats_Run.AudioPlayback.exe
2010-10-18 15:18:11   554264   ----a-w-   c:\program files\Mats_Run.IEAddon.exe
2010-09-11 02:04:42   441   ----a-w-   c:\program files\0910201022044203.bat
2010-06-13 04:02:46   6153352   ----a-w-   c:\program files\mbam-setup-1.46.exe
2010-05-10 18:56:58   299864   ----a-w-   c:\program files\dxwebsetup.exe
2010-05-01 04:02:58   24099296   ----a-w-   c:\program files\Second_Life_2-0-1-203797_Setup.exe
2010-04-29 20:59:53   252564   ----a-w-   c:\program files\FHSetup.exe
2010-04-29 02:40:18   22080360   ----a-w-   c:\program files\NDP30SP2-KB976570-x64.exe
2010-04-26 19:40:13   3774872   ----a-w-   c:\program files\rcsetup137.exe
2010-04-26 19:39:55   4165768   ----a-w-   c:\program files\dfsetup118.exe
2010-04-26 19:39:28   3382520   ----a-w-   c:\program files\ccsetup231.exe
2010-04-24 18:04:16   82045688   ----a-w-   c:\program files\197.45_desktop_winxp_32bit_english_whql.exe
2010-04-24 17:53:13   921376   ----a-w-   c:\program files\JavaSetup6u20.exe
.
============= FINISH: 21:57:22.57 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/20/2009 2:32:55 AM
System Uptime: 9/13/2011 9:46:03 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M2N68-AM
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ | AM2 | 2600/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 203.013 GiB free.
D: is Removable
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP457: 6/15/2011 9:01:25 PM - Software Distribution Service 3.0
RP458: 6/17/2011 4:30:39 PM - System Checkpoint
RP459: 6/19/2011 11:46:00 AM - System Checkpoint
RP460: 6/20/2011 6:28:59 PM - System Checkpoint
RP461: 6/23/2011 5:56:11 PM - System Checkpoint
RP462: 6/26/2011 9:40:53 AM - System Checkpoint
RP463: 6/26/2011 6:44:09 PM - Installed Digital LifeSupport.
RP464: 6/26/2011 6:46:52 PM - Removed Digital LifeSupport.
RP465: 6/26/2011 11:19:12 PM - Removed InstallIQ Updater
RP466: 6/27/2011 11:50:14 PM - Software Distribution Service 3.0
RP467: 6/28/2011 8:47:41 PM - Software Distribution Service 3.0
RP468: 6/30/2011 6:17:35 PM - System Checkpoint
RP469: 7/4/2011 5:30:12 PM - System Checkpoint
RP470: 7/6/2011 5:04:01 PM - Installed Wizard101
RP471: 7/7/2011 7:48:41 PM - System Checkpoint
RP472: 7/8/2011 10:25:12 PM - System Checkpoint
RP473: 7/9/2011 10:36:29 PM - System Checkpoint
RP474: 7/10/2011 11:15:48 PM - System Checkpoint
RP475: 7/12/2011 8:46:49 PM - Software Distribution Service 3.0
RP476: 7/15/2011 12:45:30 AM - System Checkpoint
RP477: 7/16/2011 3:13:16 PM - System Checkpoint
RP478: 7/19/2011 12:48:18 PM - System Checkpoint
RP479: 7/21/2011 4:25:56 PM - System Checkpoint
RP480: 7/23/2011 12:20:36 PM - System Checkpoint
RP481: 7/25/2011 2:20:51 PM - System Checkpoint
RP482: 8/2/2011 8:36:41 AM - System Checkpoint
RP483: 8/4/2011 5:11:57 PM - System Checkpoint
RP484: 8/7/2011 2:02:31 PM - System Checkpoint
RP485: 8/9/2011 9:14:39 PM - System Checkpoint
RP486: 8/10/2011 12:32:58 AM - Software Distribution Service 3.0
RP487: 8/11/2011 10:38:04 PM - System Checkpoint
RP488: 8/13/2011 1:01:32 PM - System Checkpoint
RP489: 8/14/2011 1:02:55 PM - System Checkpoint
RP490: 8/16/2011 2:45:00 PM - System Checkpoint
RP491: 8/19/2011 8:37:37 AM - System Checkpoint
RP492: 8/20/2011 11:08:23 AM - System Checkpoint
RP493: 8/22/2011 10:44:05 PM - System Checkpoint
RP494: 8/23/2011 10:37:57 PM - Software Distribution Service 3.0
RP495: 8/24/2011 10:42:34 PM - System Checkpoint
RP496: 8/26/2011 10:51:25 PM - System Checkpoint
RP497: 8/29/2011 8:45:47 AM - System Checkpoint
RP498: 8/30/2011 5:52:17 PM - System Checkpoint
RP499: 8/31/2011 6:07:59 PM - System Checkpoint
RP500: 9/1/2011 11:27:15 PM - System Checkpoint
RP501: 9/3/2011 12:22:45 AM - System Checkpoint
RP502: 9/4/2011 7:59:45 AM - System Checkpoint
RP503: 9/5/2011 8:41:14 PM - System Checkpoint
RP504: 9/6/2011 1:59:47 PM - Installed Windows Defender
RP505: 9/6/2011 2:00:32 PM - Software Distribution Service 3.0
RP506: 9/6/2011 3:44:11 PM - Software Distribution Service 3.0
RP507: 9/6/2011 3:49:31 PM - Windows Defender Checkpoint
RP508: 9/7/2011 5:55:10 PM - System Checkpoint
RP509: 9/8/2011 9:35:29 PM - System Checkpoint
RP510: 9/9/2011 4:16:40 PM - Removed Digital LifeSupport.
RP511: 9/9/2011 6:14:56 PM - Software Distribution Service 3.0
RP512: 9/11/2011 11:26:18 AM - System Checkpoint
RP513: 9/12/2011 2:02:09 PM - System Checkpoint
RP514: 9/12/2011 3:58:31 PM - Installed Java(TM) 6 Update 27
RP515: 9/13/2011 3:00:21 PM - Software Distribution Service 3.0
RP516: 9/13/2011 9:00:16 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.0)
Adobe Shockwave Player 11.5
Amazon MP3 Downloader 1.0.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVSDK5
Big Fish Games: Game Manager
Bonjour
CCleaner
CNET TechTracker
COGECO Security Services
Critical Update for Windows Media Player 11 (KB959772)
Defraggler
DevalVR plugin for Internet Explorer (remove)
Driver Whiz
EZ Lyrics (remove only)
F-Secure PSC Prerequisites
Farm Frenzy
File Type Assistant
FLV Player
Free File Opener v2011.6.0.4
Glary Registry Repair 3.0
Glary Undelete 1.3
Glary Utilities 2.10.0.622
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Internet Explorer (Enable DEP)
IrfanView (remove only)
iTunes
Java Auto Updater
Java(TM) 6 Update 27
Java(TM) 6 Update 7
Junk Mail filter update
Kalydo Player 3.10.04
Lexmark 4300 Series
Lexmark Fax Solutions
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows XP Video Decoder Checkup Utility
MSN
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyDefrag v4.3.1
MyPoints Point Finder
Nord
NVIDIA Drivers
NVIDIA nView Desktop Manager
QuickTime
Rainbow Web 2
Rainbow Web II
Realtek High Definition Audio Driver
Recuva
SecondLifeViewer2 (remove only)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Speccy
Super Granny 3
SUPERAntiSpyware
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB980302)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebEx
WebFldrs XP
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0 MUI pack
Windows Search 4.0
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
9/6/2011 9:03:29 AM, error: BROWSER [8009] - The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is MEGAN-PC.
9/6/2011 9:03:28 AM, error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the Interface with IP address 192.168.1.100. The machine with the IP address 192.168.1.101 did not allow the name to be claimed by this machine.
.
==== End Of File ===========================

disabled AV, ran these scans again

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Darlene at 22:05:26 on 2011-09-13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1919.1122 [GMT -4:00]
.
AV: COGECO Security Services 9.01 *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: COGECO Security Services 9.01 *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsgk32st.exe
C:\Program Files\COGECO Security Services\Common\FSMA32.EXE
C:\Program Files\COGECO Security Services\Anti-Virus\FSGK32.EXE
C:\Program Files\COGECO Security Services\Common\FSHDLL32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\tlntsvr.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fssm32.exe
C:\Program Files\COGECO Security Services\FWES\Program\fsdfwd.exe
C:\Program Files\COGECO Security Services\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\COGECO Security Services\Common\FSM32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Darlene\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.computerhope.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
uURLSearchHooks: H - No File
uURLSearchHooks: FCToolbarURLSearchHook Class: {96b985b7-3cf9-456a-9db6-791710e60f5f} - c:\program files\mypoints point finder\Helper.dll
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: MyPoints Point Finder BHO: {614bda1f-9bef-4cd1-bde4-fa4804929b4a} - c:\program files\mypoints point finder\Toolbar.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files\cogeco security services\nrs\iescript\baselitmus.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MyPoints Point Finder: {89a2510a-b4b6-4683-bec9-1b96700bc7f1} - c:\program files\mypoints point finder\Toolbar.dll
TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files\cogeco security services\nrs\iescript\baselitmus.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [lxcemon.exe] "c:\program files\lexmark 4300 series\lxcemon.exe"
mRun: [EzPrint] "c:\program files\lexmark 4300 series\ezprint.exe"
mRun: [LXCECATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCEtime.dll,_RunDLLEntry@16
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [F-Secure Manager] "c:\program files\cogeco security services\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "c:\program files\cogeco security services\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRunOnce: [WUAppSetup] c:\program files\common files\logishrd\WUApp32.exe -v 0x046d -p 0x08b5 -f video -m logitech -d 10.5.1.2023
StartupFolder: c:\docume~1\darlene\startm~1\programs\startup\cnette~1.lnk - c:\documents and settings\darlene\application data\cbs interactive\cnet techtracker\TechTracker.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB}
Trusted Zone: facebook.com\www
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/common/asusTek_sys_ctrl.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} - hxxps://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
DPF: {5D2CF9D0-113A-476B-986F-288B54571614} - hxxp://www.devalvr.com/instalacion/plugin/devalvrplugin.php
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237576997218
DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} - hxxp://zone.msn.com/bingame/zpagames/zpa_wof.cab55579.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} - hxxp://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab
DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} - hxxp://zone.msn.com/binGame/ZAxRcMgr.cab
DPF: {A4110378-789B-455F-AE86-3A1BFC402853} - hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} - hxxp://www.worldwinner.com/games/v42/tilecity/tilecity.cab
DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} - hxxp://www.worldwinner.com/games/v43/paint/paint.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553550000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.98.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://linksyssupport.webex.com/client/T27L10NSP11EP13-5395-linksyssupport/support/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} - hxxp://zone.msn.com/bingame/swet/default/Sweetopia.1.0.0.46.cab
DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} - hxxp://zone.msn.com/bingame/zpagames/ZPA_Backgammon.cab64162.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
LSA: Authentication Packages = msv1_0 nwprovau
Hosts: 127.0.0.1   www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2011-3-26 42672]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-3-26 82120]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\cogeco security services\hips\drivers\fshs.sys [2011-3-26 68064]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-5-4 116608]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files\cogeco security services\anti-virus\fsgk32st.exe [2011-3-26 215648]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-12 366152]
R2 vseamps;vseamps;c:\program files\common files\authentium\antivirus5\vseamps.exe [2010-4-8 117288]
R2 vsedsps;vsedsps;c:\program files\common files\authentium\antivirus5\vsedsps.exe [2010-4-8 117288]
R2 vseqrts;vseqrts;c:\program files\common files\authentium\antivirus5\vseqrts.exe [2010-4-8 154152]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\cogeco security services\anti-virus\minifilter\fsgk.sys [2011-3-26 148632]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\cogeco security services\orsp client\fsorsp.exe [2011-3-26 61088]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-12 22216]
S1 SABKUTIL;SABKUTIL;\??\c:\documents and settings\darlene\local settings\temporary internet files\content.ie5\sooa4naj\saskutil.sys --> c:\documents and settings\darlene\local settings\temporary internet files\content.ie5\sooa4naj\SASKUTIL.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-19 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-10-22 1684736]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-7-19 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-9-12 41272]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\cogeco security services\anti-virus\win2k\fsfilter.sys [2011-3-26 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\cogeco security services\anti-virus\win2k\fsrec.sys [2011-3-26 25184]
.
=============== Created Last 30 ================
.
2011-09-14 01:43:38   709968   ----a-w-   c:\windows\isRS-000.tmp
2011-09-13 19:00:25   7152464   ----a-w-   c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{d49da1d4-9035-47c2-a70b-6d9cc4863102}\mpengine.dll
2011-09-12 20:26:07   --------   d-----w-   c:\program files\ACW
2011-09-12 19:45:28   --------   d-----w-   c:\documents and settings\darlene\application data\CBS Interactive
2011-09-12 19:41:25   41272   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-12 19:41:16   22216   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-09-09 20:00:22   --------   d-----w-   c:\program files\File Type Assistant
2011-09-09 19:59:16   --------   d-----w-   c:\program files\Free Offers from Freeze.com
2011-09-06 19:01:19   --------   d-----w-   c:\program files\CCleaner
2011-09-06 18:00:44   7152464   ----a-w-   c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-09-06 18:00:40   222080   ------w-   c:\windows\system32\MpSigStub.exe
2011-09-03 15:44:02   --------   d-----w-   c:\documents and settings\darlene\application data\VirtualStore
2011-08-29 04:31:44   5632   ----a-w-   c:\windows\system32\ptpusb.dll
2011-08-29 04:31:43   159232   ----a-w-   c:\windows\system32\ptpusd.dll
2011-08-24 02:36:25   --------   d-----w-   c:\program files\iPod
2011-08-24 02:36:23   --------   d-----w-   c:\program files\iTunes
2011-08-24 02:33:23   4517664   ----a-w-   c:\windows\system32\usbaaplrc.dll
2011-08-24 02:33:23   42496   ----a-w-   c:\windows\system32\drivers\usbaapl.sys
2011-08-24 02:33:04   --------   d-----w-   c:\program files\Bonjour
2011-08-24 02:29:51   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-08-24 02:29:51   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-08-24 02:29:51   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-08-24 02:29:50   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-08-24 02:29:50   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-08-24 02:29:50   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-08-24 02:29:50   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin.dll
2011-08-23 00:50:01   --------   d-----w-   c:\program files\SecondLifeViewer2
.
==================== Find3M ====================
.
2011-09-09 09:12:13   599040   ----a-w-   c:\windows\system32\crypt32.dll
2011-09-02 02:55:43   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-17 21:17:18   42672   ----a-w-   c:\windows\system32\drivers\fsbts.sys
2011-07-19 09:05:24   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2011-07-19 06:40:05   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2011-07-15 13:29:31   456320   ----a-w-   c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 15:20:54   83816   ----a-w-   c:\windows\system32\dns-sd.exe
2011-07-12 15:20:54   73064   ----a-w-   c:\windows\system32\dnssd.dll
2011-07-12 15:20:54   50536   ----a-w-   c:\windows\system32\jdns_sd.dll
2011-07-12 15:20:54   178536   ----a-w-   c:\windows\system32\dnssdX.dll
2011-07-08 14:02:00   10496   ----a-w-   c:\windows\system32\drivers\ndistapi.sys
2011-07-05 22:37:00   94208   ----a-w-   c:\windows\system32\QuickTimeVR.qtx
2011-07-05 22:37:00   69632   ----a-w-   c:\windows\system32\QuickTime.qts
2011-06-24 14:10:36   139656   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30   916480   ----a-w-   c:\windows\system32\wininet.dll
2011-06-23 18:36:30   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13   385024   ----a-w-   c:\windows\system32\html.iec
2011-06-20 17:44:52   293376   ----a-w-   c:\windows\system32\winsrv.dll
2011-06-08 04:20:53   11363664   ----a-w-   c:\program files\SUPERAntiSpywarePro.exe
2011-06-08 03:48:23   7109120   ----a-w-   c:\program files\registrybooster.exe
2011-06-01 03:24:00   9352392   ----a-w-   c:\program files\Install_MSN_Messenger
2011-05-07 06:07:09   440   ----a-w-   c:\program files\050720112070929.bat
2011-04-28 02:33:05   9013888   ----a-w-   c:\program files\MSNOIE8_ENCA_XPL.EXE
2011-02-22 02:06:51   442   -c--a-w-   c:\program files\0221201121065109.bat
2011-01-31 02:03:58   5095264   ----a-w-   c:\program files\FLVPlayerSetup.exe
2011-01-21 20:06:58   208072   ----a-w-   c:\program files\bigfishgamesRainbowWEb2.exe
2011-01-21 18:37:54   208072   ----a-w-   c:\program files\bigfishgamesSUperGRanny.exe
2010-10-19 21:18:43   554280   ----a-w-   c:\program files\Mats_Run.AudioPlayback.exe
2010-10-18 15:18:11   554264   ----a-w-   c:\program files\Mats_Run.IEAddon.exe
2010-09-11 02:04:42   441   ----a-w-   c:\program files\0910201022044203.bat
2010-06-13 04:02:46   6153352   ----a-w-   c:\program files\mbam-setup-1.46.exe
2010-05-10 18:56:58   299864   ----a-w-   c:\program files\dxwebsetup.exe
2010-05-01 04:02:58   24099296   ----a-w-   c:\program files\Second_Life_2-0-1-203797_Setup.exe
2010-04-29 20:59:53   252564   ----a-w-   c:\program files\FHSetup.exe
2010-04-29 02:40:18   22080360   ----a-w-   c:\program files\NDP30SP2-KB976570-x64.exe
2010-04-26 19:40:13   3774872   ----a-w-   c:\program files\rcsetup137.exe
2010-04-26 19:39:55   4165768   ----a-w-   c:\program files\dfsetup118.exe
2010-04-26 19:39:28   3382520   ----a-w-   c:\program files\ccsetup231.exe
2010-04-24 18:04:16   82045688   ----a-w-   c:\program files\197.45_desktop_winxp_32bit_english_whql.exe
2010-04-24 17:53:13   921376   ----a-w-   c:\program files\JavaSetup6u20.exe
.
============= FINISH: 22:05:40.62 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/20/2009 2:32:55 AM
System Uptime: 9/13/2011 9:46:03 PM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M2N68-AM
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ | AM2 | 2600/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 203.015 GiB free.
D: is Removable
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce Networking Controller
Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV054C\4&68FE5E4&0&00
Manufacturer: NVIDIA
Name: NVIDIA nForce 10/100/1000 Mbps Ethernet
PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV054C\4&68FE5E4&0&00
Service: NVENETFD
.
==== System Restore Points ===================
.
RP457: 6/15/2011 9:01:25 PM - Software Distribution Service 3.0
RP458: 6/17/2011 4:30:39 PM - System Checkpoint
RP459: 6/19/2011 11:46:00 AM - System Checkpoint
RP460: 6/20/2011 6:28:59 PM - System Checkpoint
RP461: 6/23/2011 5:56:11 PM - System Checkpoint
RP462: 6/26/2011 9:40:53 AM - System Checkpoint
RP463: 6/26/2011 6:44:09 PM - Installed Digital LifeSupport.
RP464: 6/26/2011 6:46:52 PM - Removed Digital LifeSupport.
RP465: 6/26/2011 11:19:12 PM - Removed InstallIQ Updater
RP466: 6/27/2011 11:50:14 PM - Software Distribution Service 3.0
RP467: 6/28/2011 8:47:41 PM - Software Distribution Service 3.0
RP468: 6/30/2011 6:17:35 PM - System Checkpoint
RP469: 7/4/2011 5:30:12 PM - System Checkpoint
RP470: 7/6/2011 5:04:01 PM - Installed Wizard101
RP471: 7/7/2011 7:48:41 PM - System Checkpoint
RP472: 7/8/2011 10:25:12 PM - System Checkpoint
RP473: 7/9/2011 10:36:29 PM - System Checkpoint
RP474: 7/10/2011 11:15:48 PM - System Checkpoint
RP475: 7/12/2011 8:46:49 PM - Software Distribution Service 3.0
RP476: 7/15/2011 12:45:30 AM - System Checkpoint
RP477: 7/16/2011 3:13:16 PM - System Checkpoint
RP478: 7/19/2011 12:48:18 PM - System Checkpoint
RP479: 7/21/2011 4:25:56 PM - System Checkpoint
RP480: 7/23/2011 12:20:36 PM - System Checkpoint
RP481: 7/25/2011 2:20:51 PM - System Checkpoint
RP482: 8/2/2011 8:36:41 AM - System Checkpoint
RP483: 8/4/2011 5:11:57 PM - System Checkpoint
RP484: 8/7/2011 2:02:31 PM - System Checkpoint
RP485: 8/9/2011 9:14:39 PM - System Checkpoint
RP486: 8/10/2011 12:32:58 AM - Software Distribution Service 3.0
RP487: 8/11/2011 10:38:04 PM - System Checkpoint
RP488: 8/13/2011 1:01:32 PM - System Checkpoint
RP489: 8/14/2011 1:02:55 PM - System Checkpoint
RP490: 8/16/2011 2:45:00 PM - System Checkpoint
RP491: 8/19/2011 8:37:37 AM - System Checkpoint
RP492: 8/20/2011 11:08:23 AM - System Checkpoint
RP493: 8/22/2011 10:44:05 PM - System Checkpoint
RP494: 8/23/2011 10:37:57 PM - Software Distribution Service 3.0
RP495: 8/24/2011 10:42:34 PM - System Checkpoint
RP496: 8/26/2011 10:51:25 PM - System Checkpoint
RP497: 8/29/2011 8:45:47 AM - System Checkpoint
RP498: 8/30/2011 5:52:17 PM - System Checkpoint
RP499: 8/31/2011 6:07:59 PM - System Checkpoint
RP500: 9/1/2011 11:27:15 PM - System Checkpoint
RP501: 9/3/2011 12:22:45 AM - System Checkpoint
RP502: 9/4/2011 7:59:45 AM - System Checkpoint
RP503: 9/5/2011 8:41:14 PM - System Checkpoint
RP504: 9/6/2011 1:59:47 PM - Installed Windows Defender

Computer Hope Forum

News:

Author Topic: relevant knowledge and atdm (Read 41816 times)

darcomputer

darcomputer

Quantos

Allan

darcomputer

Allan

darcomputer

Quantos

darcomputer

Allan

darcomputer

darcomputer

Allan

SuperDave

darcomputer

SuperDave

darcomputer

SuperDave

darcomputer

SuperDave

darcomputer

darcomputer

darcomputer

SuperDave

darcomputer

SuperDave

darcomputer

darcomputer

SuperDave

darcomputer

darcomputer

SuperDave

darcomputer

SuperDave

darcomputer

darcomputer

darcomputer

darcomputer

SuperDave

darcomputer

darcomputer

SuperDave