Hi Dave,
First and foremost, thank you very much for taking time to help me out. I really appreciate this no matter what the result. It's very nice of you to share your expertise and your time with people like me that you don't even know.
I've downloaded and run the various scans as you have asked and the logs are posted below. One problem I had was that SuperAntiSpyware looked a little different than what you described in your instructions but I followed along with your instructions as best I could. I missed the selection to do a complete system scan and did a quick scan by accident (which was the default). I then ran a complete scan and attached both logs. MBAM and DDS followed. One last thing was that I downloaded and installed Adobe Flash and Adobe Reader today.....maybe that wasn't a great idea in retrospect but I won't make any more changes while your helping me.
Here are the logs:
The first one.....
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 10/02/2011 at 03:44 PM
Application Version : 5.0.1128
Core Rules Database Version : 7746
Trace Rules Database Version: 5558
Scan type : Quick Scan
Total Scan Time : 00:12:43
Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator
Memory items scanned : 520
Memory threats detected : 0
Registry items scanned : 32090
Registry threats detected : 0
File items scanned : 16128
File threats detected : 38
Adware.Tracking Cookie
C:\Documents and Settings\owner\Cookies\
[email protected][2].txt [ /ads.undertone ]
C:\Documents and Settings\owner\Cookies\owner@findlaw[1].txt [ /findlaw ]
C:\Documents and Settings\owner\Cookies\
[email protected][1].txt [ /lawyers.findlaw ]
C:\Documents and Settings\owner\Cookies\owner@lucidmedia[1].txt [ /lucidmedia ]
C:\Documents and Settings\owner\Cookies\
[email protected][1].txt [ /pview.findlaw ]
C:\Documents and Settings\owner\Cookies\owner@specificmedia[2].txt [ /specificmedia ]
C:\Documents and Settings\owner\Cookies\797SN7LQ.txt [ /essexsteamtrain.com ]
C:\Documents and Settings\owner\Cookies\92WWO2L4.txt [ /r1-ads.ace.advertising.com ]
C:\Documents and Settings\owner\Cookies\QMROZMD1.txt [ /advertising.com ]
C:\Documents and Settings\owner\Cookies\SX9A37RU.txt [ /imrworldwide.com ]
C:\Documents and Settings\owner\Cookies\RBLAZX9G.txt [ /www.peoplefinders.com ]
C:\Documents and Settings\owner\Cookies\8084RE9V.txt [ /ad.wsod.com ]
C:\Documents and Settings\owner\Cookies\Q1QT2F7R.txt [ /adxpose.com ]
C:\Documents and Settings\owner\Cookies\7QNZIYPU.txt [ /media6degrees.com ]
C:\Documents and Settings\owner\Cookies\EIZTVG9X.txt [ /peoplefinders.com ]
C:\Documents and Settings\owner\Cookies\FF3B37WZ.txt [ /fastclick.net ]
C:\Documents and Settings\owner\Cookies\11Y7K3ZA.txt [ /legolas-media.com ]
C:\Documents and Settings\owner\Cookies\JYP7XPLB.txt [ /accountonline.com ]
stats.finra.org [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D8WS3NFR.DEFAULT\COOKIES.SQLITE ]
.accountonline.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D8WS3NFR.DEFAULT\COOKIES.SQLITE ]
www.accountonline.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D8WS3NFR.DEFAULT\COOKIES.SQLITE ]
C:\Documents and Settings\owner\Cookies\9GCHU16R.txt [ /interclick.com ]
C:\Documents and Settings\owner\Cookies\STLXK1RY.txt [ /revsci.net ]
C:\Documents and Settings\owner\Cookies\T3NNCKZQ.txt [ /atdmt.com ]
C:\Documents and Settings\owner\Cookies\CK5TIHAI.txt [ /yieldmanager.net ]
C:\Documents and Settings\owner\Cookies\LK3BYMOV.txt [ /statse.webtrendslive.com ]
C:\Documents and Settings\owner\Cookies\MJC8V4CW.txt [ /accounts.google.com ]
C:\Documents and Settings\owner\Cookies\DW0ORSEL.txt [ /casalemedia.com ]
C:\Documents and Settings\owner\Cookies\3BR0R8UD.txt [ /ru4.com ]
C:\Documents and Settings\owner\Cookies\AEGGXNTD.txt [ /doubleclick.net ]
C:\Documents and Settings\owner\Cookies\KJR91EOT.txt [ /ad.yieldmanager.com ]
.accountonline.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D8WS3NFR.DEFAULT\COOKIES.SQLITE ]
C:\Documents and Settings\owner\Cookies\75ND5OLY.txt [ /invitemedia.com ]
C:\Documents and Settings\owner\Cookies\T6525YVX.txt [ /www.googleadservices.com ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\D8WS3NFR.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\OWNER\Cookies\B4UH6TVL.txt [ Cookie:
[email protected]/accounts ]
C:\DOCUMENTS AND SETTINGS\OWNER\Cookies\E3BTUBXP.txt [ Cookie:
[email protected]/accounts/ ]
C:\DOCUMENTS AND SETTINGS\OWNER\Cookies\CZ9DLTFO.txt [ Cookie:
[email protected]/adserving ]
The second one....
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 10/02/2011 at 04:27 PM
Application Version : 5.0.1128
Core Rules Database Version : 7746
Trace Rules Database Version: 5558
Scan type : Complete Scan
Total Scan Time : 00:34:57
Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator
Memory items scanned : 495
Memory threats detected : 0
Registry items scanned : 38200
Registry threats detected : 0
File items scanned : 69097
File threats detected : 13
Adware.Tracking Cookie
accountonline.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
adsatt.espn.go.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
cdn.gotraffic.net [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
espn360.channelfinder.net [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
ia.media-imdb.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
insight.randomhouse.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
media.cnbc.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
media.mtvnservices.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
media10.washingtonpost.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
msnbcmedia.msn.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
s0.2mdn.net [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DK5D8FXP ]
MBAM LOG:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.orgDatabase version: 7849
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
10/2/2011 5:38:13 PM
mbam-log-2011-10-02 (17-38-13).txt
Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 248543
Time elapsed: 27 minute(s), 21 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
2 DDS LOGS:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Run by owner at 18:03:55 on 2011-10-02
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.214 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe
C:\WINDOWS\system32\xWCASbgnd.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.1.1.3\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.1.1.3\ips\IPSBHO.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.1.1.3\coIEPlg.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [XeroxScanUtility] c:\program files\xerox\scan_utility\xrxzipui.exe 1
mRun: [XeroxEndeavorBackgroundTask] c:\windows\system32\xWCASbgnd.exe 1
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [BrStsWnd] c:\program files\brownie\BrstsWnd.exe Autorun
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274550924781
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: DhcpNameServer = 167.206.251.130 167.206.251.129
TCP: Interfaces\{A0A2093A-3825-4A73-823B-4CD780C0334F} : DhcpNameServer = 167.206.251.130 167.206.251.129
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\d8ws3nfr.default\
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=
FF - prefs.js: keyword.enabled - false
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.6.0.29\coffplgn_2011_7_1_3\components\coFFPlgn.dll
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.6.0.29\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\d8ws3nfr.default\extensions\{343db173-0e5a-4f2a-b7bb-71a49085d70e}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\d8ws3nfr.default\extensions\
[email protected]\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\browser\nppdf32(2).dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1301010.003\SymDS.sys [2011-10-1 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1301010.003\SymEFA.sys [2011-10-1 897656]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\bashdefs\20110901.001\BHDrvx86.sys [2011-10-1 815736]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1301010.003\ccSetx86.sys [2011-10-1 132744]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1301010.003\Ironx86.sys [2011-10-1 149624]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2011-5-8 10448]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.1.1.3\ccSvcHst.exe [2011-10-1 138760]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2011-5-6 90112]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-8-3 105592]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\ipsdefs\20110726.001\IDSXpx86.sys [2011-10-1 356280]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2010-8-24 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2010-8-24 10448]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\virusdefs\20110930.033\naveng.sys [2011-10-1 86136]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\virusdefs\20110930.033\navex15.sys [2011-10-1 1576312]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S3 B-Service;B-Service;c:\documents and settings\owner\local settings\temporary internet files\content.ie5\g9yrchyb\b-service.exe --> c:\documents and settings\owner\local settings\temporary internet files\content.ie5\g9yrchyb\B-Service.exe [?]
.
=============== Created Last 30 ================
.
2011-10-02 21:09:21 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes
2011-10-02 21:05:56 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-10-02 21:05:53 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-02 21:05:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-02 19:26:37 -------- d-----w- c:\documents and settings\owner\application data\SUPERAntiSpyware.com
2011-10-02 19:22:15 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-10-02 19:22:15 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-10-02 17:30:01 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-01 23:57:41 -------- d-----w- c:\documents and settings\owner\application data\EMCO
2011-10-01 23:57:11 -------- d-----w- c:\program files\EMCO
2011-10-01 19:28:30 897656 ----a-r- c:\windows\system32\drivers\nis\1301010.003\SymEFA.sys
2011-10-01 19:28:30 566904 ----a-r- c:\windows\system32\drivers\nis\1301010.003\srtsp.sys
2011-10-01 19:28:30 387192 ----a-r- c:\windows\system32\drivers\nis\1301010.003\symtdi.sys
2011-10-01 19:28:30 344184 ----a-r- c:\windows\system32\drivers\nis\1301010.003\symtdiv.sys
2011-10-01 19:28:30 340088 ----a-r- c:\windows\system32\drivers\nis\1301010.003\SymDS.sys
2011-10-01 19:28:30 31864 ----a-r- c:\windows\system32\drivers\nis\1301010.003\srtspx.sys
2011-10-01 19:28:30 314488 ----a-r- c:\windows\system32\drivers\nis\1301010.003\symnets.sys
2011-10-01 19:28:30 149624 ----a-r- c:\windows\system32\drivers\nis\1301010.003\Ironx86.sys
2011-10-01 19:28:30 132744 ----a-r- c:\windows\system32\drivers\nis\1301010.003\ccSetx86.sys
2011-10-01 19:28:22 2801 ----a-r- c:\windows\system32\drivers\nis\1301010.003\SymVTcer.dat
2011-10-01 19:28:22 -------- d-----w- c:\windows\system32\drivers\nis\1301010.003
2011-09-21 14:15:02 13983976 ----a-w- c:\program files\mozilla firefox\Firefox Setup 6.0.2.exe
2011-09-05 17:04:56 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-09-05 17:04:56 183696 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2011-09-03 10:17:37 599040 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
==================== Find3M ====================
.
2011-10-01 19:28:47 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2011-10-01 19:28:47 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
.
============= FINISH: 18:04:27.79 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 5/22/2010 12:18:56 PM
System Uptime: 10/2/2011 3:48:48 PM (3 hours ago)
.
Motherboard: Dell Inc. | | 0MH651
Processor: Intel(R) Pentium(R) D CPU 3.40GHz | Microprocessor | 3400/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 124.161 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP401: 7/3/2011 5:03:52 AM - System Checkpoint
RP402: 7/4/2011 6:03:52 AM - System Checkpoint
RP403: 7/5/2011 7:03:52 AM - System Checkpoint
RP404: 7/6/2011 8:04:57 AM - System Checkpoint
RP405: 7/7/2011 8:47:15 AM - System Checkpoint
RP406: 7/8/2011 10:51:55 AM - System Checkpoint
RP407: 7/9/2011 11:03:53 AM - System Checkpoint
RP408: 7/10/2011 12:03:52 PM - System Checkpoint
RP409: 7/11/2011 12:42:03 PM - System Checkpoint
RP410: 7/12/2011 12:43:35 PM - System Checkpoint
RP411: 7/13/2011 3:00:16 AM - Software Distribution Service 3.0
RP412: 7/14/2011 3:03:53 AM - System Checkpoint
RP413: 7/15/2011 4:03:53 AM - System Checkpoint
RP414: 7/16/2011 5:03:50 AM - System Checkpoint
RP415: 7/17/2011 6:03:50 AM - System Checkpoint
RP416: 7/18/2011 7:03:53 AM - System Checkpoint
RP417: 7/19/2011 8:03:54 AM - System Checkpoint
RP418: 7/20/2011 10:46:32 AM - System Checkpoint
RP419: 7/21/2011 3:17:48 PM - System Checkpoint
RP420: 7/22/2011 4:34:28 PM - System Checkpoint
RP421: 7/23/2011 5:03:53 PM - System Checkpoint
RP422: 7/25/2011 1:16:10 AM - System Checkpoint
RP423: 7/26/2011 2:03:55 AM - System Checkpoint
RP424: 7/27/2011 3:03:54 AM - System Checkpoint
RP425: 7/28/2011 4:03:52 AM - System Checkpoint
RP426: 7/29/2011 5:03:44 AM - System Checkpoint
RP427: 7/30/2011 6:03:43 AM - System Checkpoint
RP428: 7/31/2011 7:03:44 AM - System Checkpoint
RP429: 8/1/2011 8:03:44 AM - System Checkpoint
RP430: 8/2/2011 9:03:44 AM - System Checkpoint
RP431: 8/3/2011 10:03:45 AM - System Checkpoint
RP432: 8/3/2011 7:34:27 PM - Restore Operation
RP433: 8/3/2011 7:39:31 PM - Restore Operation
RP434: 8/3/2011 7:44:00 PM - Restore Operation
RP435: 8/3/2011 7:46:38 PM - Restore Operation
RP436: 8/3/2011 8:26:17 PM - Restore Operation
RP437: 8/3/2011 8:29:35 PM - Restore Operation
RP438: 8/3/2011 8:37:49 PM - Removed VIPRE Antivirus.
RP439: 8/3/2011 8:41:08 PM - Restore Operation
RP440: 8/3/2011 8:48:40 PM - Restore Operation
RP441: 8/3/2011 9:14:39 PM - Removed VIPRE Antivirus.
RP442: 8/5/2011 10:44:16 AM - System Checkpoint
RP443: 8/5/2011 4:52:57 PM - Restore Operation
RP444: 8/5/2011 4:59:31 PM - Restore Operation
RP445: 8/5/2011 5:18:23 PM - Restore Operation
RP446: 8/5/2011 5:35:03 PM - Removed VIPRE Antivirus.
RP447: 8/8/2011 1:52:54 PM - System Checkpoint
RP448: 8/9/2011 2:46:15 PM - System Checkpoint
RP449: 8/10/2011 2:53:33 PM - System Checkpoint
RP450: 8/11/2011 8:02:00 PM - Software Distribution Service 3.0
RP451: 8/13/2011 11:04:59 AM - System Checkpoint
RP452: 8/14/2011 8:21:51 PM - System Checkpoint
RP453: 8/15/2011 9:13:03 PM - System Checkpoint
RP454: 8/17/2011 11:14:15 AM - System Checkpoint
RP455: 8/18/2011 12:36:37 PM - System Checkpoint
RP456: 8/19/2011 1:46:09 PM - System Checkpoint
RP457: 8/22/2011 11:33:36 AM - System Checkpoint
RP458: 8/23/2011 11:46:44 AM - System Checkpoint
RP459: 8/24/2011 11:59:37 AM - System Checkpoint
RP460: 8/26/2011 11:32:11 AM - System Checkpoint
RP461: 8/27/2011 12:19:01 PM - System Checkpoint
RP462: 8/29/2011 11:15:11 AM - System Checkpoint
RP463: 8/30/2011 2:32:36 PM - System Checkpoint
RP464: 8/31/2011 2:47:20 PM - System Checkpoint
RP465: 9/1/2011 5:10:22 PM - System Checkpoint
RP466: 9/2/2011 5:13:39 PM - System Checkpoint
RP467: 9/5/2011 1:18:55 PM - Software Distribution Service 3.0
RP468: 9/6/2011 2:43:03 PM - System Checkpoint
RP469: 9/7/2011 2:53:35 PM - System Checkpoint
RP470: 9/8/2011 2:56:56 PM - System Checkpoint
RP471: 9/9/2011 4:43:45 PM - System Checkpoint
RP472: 9/12/2011 11:06:11 AM - System Checkpoint
RP473: 9/13/2011 1:10:13 PM - System Checkpoint
RP474: 9/14/2011 8:27:19 AM - Software Distribution Service 3.0
RP475: 9/15/2011 11:02:36 AM - System Checkpoint
RP476: 9/16/2011 11:25:15 AM - System Checkpoint
RP477: 9/18/2011 7:46:33 PM - System Checkpoint
RP478: 9/19/2011 10:13:34 PM - System Checkpoint
RP479: 9/21/2011 10:09:38 AM - System Checkpoint
RP480: 9/21/2011 10:46:46 AM - Software Distribution Service 3.0
RP481: 9/22/2011 12:38:49 PM - System Checkpoint
RP482: 9/23/2011 1:18:05 PM - System Checkpoint
RP483: 9/26/2011 4:56:09 PM - System Checkpoint
RP484: 9/27/2011 6:05:59 PM - System Checkpoint
RP485: 9/28/2011 6:31:03 PM - System Checkpoint
RP486: 9/28/2011 9:12:54 PM - Software Distribution Service 3.0
RP487: 9/30/2011 11:11:08 AM - System Checkpoint
RP488: 9/30/2011 1:02:50 PM - Restore Operation
RP489: 9/30/2011 2:13:52 PM - Restore Operation
RP490: 9/30/2011 2:20:03 PM - Restore Operation
RP491: 9/30/2011 2:30:15 PM - Restore Operation
RP492: 9/30/2011 2:45:01 PM - Restore Operation
RP493: 9/30/2011 2:53:51 PM - Restore Operation
RP494: 9/30/2011 3:11:26 PM - Restore Operation
RP495: 9/30/2011 3:21:26 PM - Restore Operation
RP496: 9/30/2011 3:28:53 PM - Restore Operation
RP497: 9/30/2011 3:35:29 PM - Restore Operation
RP498: 9/30/2011 3:38:07 PM - Restore Operation
RP499: 10/1/2011 1:42:25 PM - Sat 10-1-11
RP500: 10/1/2011 2:39:16 PM - Restore Operation
.
==== Installed Programs ======================
.
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.1)
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Software Update
ATI Display Driver
Brother HL-5370DW
Compatibility Pack for the 2007 Office system
Custody X Change 3.56
EMCO MoveOnBoot 2.2
eReg
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Java Auto Updater
Java(TM) 6 Update 20
Logitech SetPoint 6.22
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office XP Professional
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox 7.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NAVIGON Fresh 3.3.1
NetX360
Norton Internet Security
QuickBooks
QuickBooks Pro 2010
Quicken 2010
QuickTime
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sony Ericsson PC Suite 6.011.00
SUPERAntiSpyware
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB980182)
VLC media player 1.1.11
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
9/30/2011 3:32:24 PM, error: System Error [1003] - Error code 10000050, parameter1 e1d27fe6, parameter2 00000000, parameter3 f72bed73, parameter4 00000001.
9/30/2011 3:06:40 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
9/30/2011 2:44:58 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
9/30/2011 2:43:17 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/30/2011 2:42:14 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
9/30/2011 2:40:58 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SBRE SRTSPX SymIRON SYMTDI Tcpip
9/30/2011 2:40:58 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
9/30/2011 2:40:58 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/30/2011 2:40:58 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/30/2011 2:40:58 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
10/1/2011 2:44:56 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000034' while processing the file '_filelst.cfg' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
10/1/2011 2:39:11 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000003A' while processing the file '_filelst.cfg' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
10/1/2011 12:44:56 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Sony Ericsson OMSI download service service to connect.
10/1/2011 12:44:56 PM, error: Service Control Manager [7000] - The Sony Ericsson OMSI download service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
Thanks again Dave, let me know what you think.