Find your solution!

**Cookiegal** · 04-Nov-2009, 07:41 PM **#46**

Have you set up this user style sheet?

O19 - User stylesheet: C:\Documents and Settings\Administrator\My Documents\My Pictures\Sample Pictures.lnk

How are things running now?

Mike Kelly · 04-Nov-2009, 08:24 PM **#47**

Yes, I did. Things don't seem to be much different....new tabs keep opening and it locks up the computer. Constant slowdown.

**Cookiegal** · 05-Nov-2009, 07:21 PM **#48**

Open HijackThis and click on the Open Misc Tools section button. Click on the Open Uninstall Manager button. Click the Save List button. Save the list then copy and paste it here.

Mike Kelly · 05-Nov-2009, 07:32 PM **#49**

Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
Adobe Shockwave Player
Adobe® Photoshop® Album Starter Edition 3.0.1
Adobe® Photoshop® Album Starter Edition 3.2
AppCore
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
Bookworm (remove only)
Canon MP Drivers 6.0
Canon MP Navigator 1.0
Canon ScanGear Starter
Canon Utilities Easy-PhotoPrint
ccCommon
Component Framework
DAO 3.5
Digital Media Reader
Drivers Install For Linksys Easylink Advisor
Google Earth
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Image Resizer Powertoy for Windows XP
iTunes
J2SE Runtime Environment 5.0 Update 11
Java(TM) 6 Update 15
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Linksys EasyLink Advisor 1.6 (0032)
LiveUpdate (Symantec Corporation)
LiveUpdate (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Digital Image Starter Edition 2006
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Picture It! Express 2000
Microsoft PowerPoint Viewer 97
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft Works 2000
Microsoft Works 2000 Setup Launcher
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Multimedia Keyboard Driver
Napster Burn Engine
Norton AntiVirus
Norton AntiVirus Help
Norton Confidential Core
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
Norton Spyware Scan provided by Yahoo!
NVIDIA Drivers
OmniPage SE
PowerDVD
Presto! PageManager 6.03
Quicken Basic 2000
QuickTime
RealPlayer
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SoftV92 Data Fax Modem with SmartCP
SPBBC 32bit
Time and Chaos
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
USB Storage Adapter FX (MXO)
Windows Genuine Advantage v1.3.0254.0
Windows Imaging Component
Windows Internet Explorer 8
Windows Live installer
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 Hotfix - KB894476
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3

flavallee · 06-Nov-2009, 02:36 AM **#50**

Mike:

Go here and click the green icon to download Sun Java Runtime Environment 1.6.0.17(6 Update 17). Just download and save it and don't install it yet. Cookiegal will give you instructions from there.

--------------------------------------------------------------

Mike Kelly · 06-Nov-2009, 10:05 AM **#51**

Done. I don't know if I ever mentioned it but almost everytime I open a new file I get prompted to download Active X or many media file request me to open their files.

**Cookiegal** · 07-Nov-2009, 01:13 PM **#52**

Quote:

Originally Posted by Mike Kelly

Done. I don't know if I ever mentioned it but almost everytime I open a new file I get prompted to download Active X or many media file request me to open their files.

What type of file are you referring to? Can you give me an example?

**Cookiegal** · 07-Nov-2009, 01:16 PM **#53**

For the Java, please do the following:

Close any programs you may have running - especially your web browser.
Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment, JRE, J2SE or Java(TM) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version.

These are the older versions of Java that you need to remove:

J2SE Runtime Environment 5.0 Update 11
Java(TM) 6 Update 15
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7

Mike Kelly · 07-Nov-2009, 04:08 PM **#54**

I did all you requested with Java. Question: Once you upload an "update" of any file is it save to remove the older updates from your Control Panel?

**Cookiegal** · 07-Nov-2009, 06:00 PM **#55**

That depends on the program but if you're only referring to Java then yes, once you install the newest version you should delete the older one.

Please remove ComboFix by dragging it to the recycle bin and then download the latest version and post a new log.

Please visit Combofix Guide & Instructions for instructions for downloading and running ComboFix.

The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to puppy.exe please.

Post the log from ComboFix when you've accomplished that along with a new HijackThis log.

Mike Kelly · 08-Nov-2009, 03:31 PM **#56**

ComboFix 09-11-07.04 - Owner 11/08/2009 14:15.6.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.894.403 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\Downloads\puppy.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((( Files Created from 2009-10-08 to 2009-11-08 )))))))))))))))))))))))))))))))
.

2009-11-07 21:06 . 2009-11-07 21:06 -------- d-----w- c:\program files\Java
2009-11-07 18:51 . 2009-11-07 18:51 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-11-07 18:50 . 2009-11-07 21:05 152576 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-03 19:57 . 2009-11-03 19:57 -------- d-----w- c:\program files\iPod
2009-11-03 19:47 . 2009-11-03 19:47 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-01 23:49 . 2009-11-01 23:49 -------- d-----w- C:\_OTS
2009-10-20 23:44 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-20 23:44 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-20 23:44 . 2009-10-20 23:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-18 20:06 . 2009-10-18 21:38 -------- d-----w- c:\documents and settings\Owner\Application Data\Canon
2009-10-16 19:14 . 2000-01-21 08:18 41472 ----a-w- c:\windows\system32\IPROF32.DLL
2009-10-16 19:14 . 2000-01-21 08:18 193024 ----a-w- c:\windows\system32\QCON3216.EXE
2009-10-16 19:14 . 2000-01-21 08:18 225280 ----a-w- c:\windows\system32\QCON32.DLL
2009-10-16 19:14 . 2000-01-21 08:18 195968 ----a-w- c:\windows\system32\QCONNECT.DLL
2009-10-16 19:14 . 1999-07-14 19:44 6838 ----a-w- c:\windows\ICOADB32.DAT
2009-10-16 19:14 . 1999-07-13 19:54 57344 ----a-w- c:\windows\ICG32.DLL
2009-10-16 19:14 . 1999-11-05 23:43 66048 ----a-w- c:\windows\system32\MRTRATE.DLL
2009-10-16 19:14 . 1999-11-05 23:43 65024 ----a-w- c:\windows\system32\MRTMNGR.EXE
2009-10-16 19:14 . 1999-11-05 23:43 36404 ----a-w- c:\windows\system32\drivers\MRTRATE.SYS
2009-10-16 19:14 . 2000-01-21 08:17 73728 ----a-w- c:\windows\system32\Q_ENCLIB.DLL
2009-10-16 19:14 . 2000-01-21 08:17 51200 ----a-w- c:\windows\system32\Q_ENCUTL.DLL
2009-10-16 15:23 . 2009-10-16 15:23 148376 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-10-16 15:04 . 2009-10-01 15:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-16 03:16 . 2009-10-16 03:16 -------- d-----w- c:\documents and settings\Owner\ErrorLogs
2009-10-16 02:17 . 2009-10-16 02:17 -------- d-----w- c:\program files\Uniblue
2009-10-12 22:04 . 2009-10-12 22:04 -------- dc----w- C:\BJPrinter
2009-10-12 22:04 . 2004-06-14 20:00 7680 ----a-w- c:\windows\system32\CNMVS6y.DLL
2009-10-12 22:04 . 2004-06-14 20:00 116736 ----a-w- c:\windows\system32\CNMLM6y.DLL
2009-10-12 21:48 . 2001-08-23 23:58 266240 ----a-w- c:\windows\system32\ippsrw711.dll
2009-10-12 21:48 . 2001-08-23 23:58 1589248 ----a-w- c:\windows\system32\ippsw711.dll
2009-10-12 21:48 . 2001-08-23 23:58 77824 ----a-w- c:\windows\system32\ippsr11.dll
2009-10-12 21:48 . 2001-08-23 23:58 176128 ----a-w- c:\windows\system32\ipps11.dll
2009-10-12 21:48 . 2001-08-23 23:58 159744 ----a-w- c:\windows\system32\ippjw711.dll
2009-10-12 21:48 . 2001-08-23 23:58 2592768 ----a-w- c:\windows\system32\ippiw711.dll
2009-10-12 21:48 . 2001-08-23 23:58 466944 ----a-w- c:\windows\system32\ippcvw711.dll
2009-10-12 21:48 . 2001-08-23 23:58 94208 ----a-w- c:\windows\system32\ippcv11.dll
2009-10-12 21:48 . 2001-08-23 23:58 65536 ----a-w- c:\windows\system32\ippj11.dll
2009-10-12 21:48 . 2001-08-23 23:58 225280 ----a-w- c:\windows\system32\ippi11.dll
2009-10-12 21:48 . 2001-03-10 22:56 40960 ----a-w- c:\windows\system32\IPPCPUID.DLL
2009-10-12 21:47 . 1997-10-13 18:19 11776 ----a-w- c:\windows\system32\pmsbfn32.dll
2009-10-12 21:47 . 2009-10-12 21:47 -------- d-----w- c:\program files\NewSoft
2009-10-12 21:47 . 2009-10-12 21:47 -------- d-----w- c:\documents and settings\Owner\Application Data\NewSoft
2009-10-12 21:35 . 2009-10-12 21:36 -------- d-----w- c:\windows\MP780,750
2009-10-12 21:31 . 2009-10-12 21:31 -------- d-----w- c:\documents and settings\Owner\Application Data\ScanSoft
2009-10-12 21:31 . 2009-10-12 21:31 -------- d-----w- c:\documents and settings\All Users\Application Data\SSScanWizard
2009-10-12 21:31 . 2009-10-12 21:31 -------- d-----w- c:\documents and settings\All Users\Application Data\SSScanAppDataDir
2009-10-12 21:31 . 2009-10-12 21:44 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2009-10-12 21:31 . 2009-10-12 21:31 -------- d-----w- c:\program files\ScanSoft
2009-10-12 21:01 . 2009-10-12 21:01 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-12 21:00 . 2009-10-12 21:00 -------- d-----w- c:\program files\real

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2098-01-01 06:00 . 2007-12-22 15:27 9096 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\LiveUpdate\LuRegManifests\Static\LUTPReg.dll
2098-01-01 06:00 . 2007-08-25 03:51 9584 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\LiveUpdate\LuRegManifests\Static\IV20.dll
2098-01-01 06:00 . 2007-08-22 21:45 9048 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\LiveUpdate\LuRegManifests\Static\FWLUReg.dll
2009-11-08 20:14 . 2007-02-16 23:40 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-11-07 21:06 . 2008-12-21 15:34 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-07 15:56 . 2006-02-14 01:33 41192 ----a-w- c:\documents and settings\Owner\Application Data\wklnhst.dat
2009-11-03 19:58 . 2009-09-24 00:59 -------- d-----w- c:\program files\iTunes
2009-11-03 19:57 . 2008-05-04 23:47 -------- d-----w- c:\program files\Common Files\Apple
2009-10-28 01:28 . 2007-02-16 23:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-10-21 19:49 . 2006-02-12 22:58 -------- d-----w- c:\program files\CHAOS32
2009-10-21 16:08 . 2006-02-09 20:47 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-16 14:46 . 2007-10-13 16:27 -------- d-----w- c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com
2009-10-16 14:45 . 2006-02-14 21:16 -------- d-----w- c:\documents and settings\All Users\Application Data\RetroExp
2009-10-16 03:20 . 2006-02-09 20:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-16 02:19 . 2009-04-28 01:32 -------- d-----w- c:\documents and settings\Owner\Application Data\Uniblue
2009-10-14 19:58 . 2006-07-03 00:27 -------- d-----w- c:\program files\LimeWire
2009-10-14 19:28 . 2006-07-03 00:28 -------- d-----w- c:\documents and settings\Owner\Application Data\LimeWire
2009-10-12 21:42 . 2008-02-25 00:15 -------- d-----w- c:\program files\Canon
2009-10-12 21:01 . 2006-02-09 20:50 -------- d-----w- c:\program files\Common Files\Real
2009-10-12 21:00 . 2003-08-13 01:17 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-08 22:04 . 2007-10-13 16:27 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-09-30 19:58 . 2007-08-25 05:07 9576 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\LiveUpdate\LuRegManifests\Static\CCMSLLUM.DLL
2009-09-15 02:23 . 2006-07-23 20:57 -------- d-----w- c:\documents and settings\Owner\Application Data\Apple Computer
2009-09-15 02:07 . 2009-06-04 03:01 -------- d-----w- c:\program files\QuickTime
2009-09-15 02:07 . 2006-07-01 23:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-09-11 14:18 . 2006-02-09 20:18 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 01:19 . 2009-09-10 01:17 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-04 21:03 . 2006-02-09 20:18 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2006-02-09 20:19 916480 ------w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2006-02-09 20:19 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-11 23:58 . 2009-08-11 23:58 152576 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-10-18_22.38.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-08 20:08 . 2009-11-08 20:08 16384 c:\windows\TEMP\Perflib_Perfdata_6e4.dat
- 2004-10-28 00:52 . 2009-10-15 08:14 88730 c:\windows\system32\perfc009.dat
+ 2004-10-28 00:52 . 2009-11-03 02:15 88730 c:\windows\system32\perfc009.dat
+ 2009-07-12 07:12 . 2009-07-12 07:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 07:09 . 2009-07-12 07:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 07:08 . 2009-07-12 07:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
- 2004-10-28 00:52 . 2009-10-15 08:14 492744 c:\windows\system32\perfh009.dat
+ 2004-10-28 00:52 . 2009-11-03 02:15 492744 c:\windows\system32\perfh009.dat
- 2009-08-12 00:03 . 2009-07-25 10:23 149280 c:\windows\system32\javaws.exe
+ 2009-11-07 21:06 . 2009-11-07 21:06 149280 c:\windows\system32\javaws.exe
+ 2009-11-07 21:06 . 2009-11-07 21:06 145184 c:\windows\system32\javaw.exe
- 2009-08-12 00:03 . 2009-07-25 10:23 145184 c:\windows\system32\javaw.exe
+ 2009-11-07 21:06 . 2009-11-07 21:06 145184 c:\windows\system32\java.exe
- 2009-08-12 00:03 . 2009-07-25 10:23 145184 c:\windows\system32\java.exe
+ 2006-09-01 00:39 . 2009-11-08 20:09 234825 c:\windows\system32\inetsrv\MetaBase.bin
+ 2009-11-03 19:52 . 2009-11-03 19:52 796672 c:\windows\Installer\3c9148f.msi
+ 2009-11-03 19:58 . 2009-11-03 19:58 102400 c:\windows\Installer\{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}\iTunesIco.exe
+ 2009-11-05 01:03 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll
+ 2009-11-05 01:03 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe
+ 2006-11-20 16:04 . 2006-11-20 16:04 117088 c:\windows\Downloaded Program Files\PURen-us.dll
+ 2009-08-19 16:55 . 2009-08-19 16:55 829288 c:\windows\Downloaded Program Files\MsnPUpld.dll
+ 2006-02-09 20:18 . 2009-10-22 09:19 5939712 c:\windows\system32\mshtml.dll
+ 2006-05-19 15:06 . 2009-10-22 09:19 5939712 c:\windows\system32\dllcache\mshtml.dll
+ 2009-11-07 21:06 . 2009-11-07 21:06 1757696 c:\windows\Installer\874ba.msi
+ 2009-11-03 19:58 . 2009-11-03 19:58 4454912 c:\windows\Installer\3c91c35.msi
+ 2009-10-21 16:08 . 2009-10-21 16:08 3940352 c:\windows\Installer\38b203a.msi
+ 2009-11-05 01:03 . 2009-08-29 08:08 5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EasyLinkAdvisor"="c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe" [2007-03-16 454784]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-09-18 7204864]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-03 32768]
"readericon"="c:\program files\Digital Media Reader\readericon45G.exe" [2005-08-27 139264]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-09-18 86016]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2007-08-25 714608]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-07 149280]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-09-18 1519616]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-08 61952]
"CHotkey"="zHotkey.exe" - c:\windows\zHotkey.exe [2005-05-03 543232]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 18:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List]
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Glob allyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [10/10/2006 12:53 PM 5632]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/27/2007 11:39 AM 32256]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [8/24/2007 11:07 PM 149352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [8/30/2009 6:41 PM 102448]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [5/29/2007 2:55 PM 23888]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [11/12/2008 5:56 PM 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [11/12/2008 5:56 PM 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [11/16/2008 3:41 PM 40832]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/16/2006 4:51 PM 4096]
S4 mrtRate;mrtRate;c:\windows\system32\drivers\MRTRATE.SYS [10/16/2009 1:14 PM 36404]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST
*NewlyCreated* - MBR
*NewlyCreated* - PROCEXP113
*Deregistered* - mbr
*Deregistered* - PROCEXP113
.
Contents of the 'Scheduled Tasks' folder

2009-11-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2009-11-02 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Owner.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-27 01:19]

2009-11-08 c:\windows\Tasks\User_Feed_Synchronization-{631DC610-6066-44E4-808D-11E1D2038592}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://my.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: &eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: &Search
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-08 14:21
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(980)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(2588)
c:\windows\system32\WININET.dll
c:\program files\Common Files\Symantec Shared\NPC\2.0\NPCEXT.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
.
Completion time: 2009-11-08 14:24
ComboFix-quarantined-files.txt 2009-11-08 20:23
ComboFix2.txt 2009-10-18 22:42
ComboFix3.txt 2007-12-11 00:36

Pre-Run: 172,229,468,160 bytes free
Post-Run: 172,299,366,400 bytes free

- - End Of File - - CBC106105ADC402F482948825F53B350

--------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:31:45 PM, on 11/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlid...date?clid=1033
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [readericon] "C:\Program Files\Digital Media Reader\readericon45G.exe"
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/tech...bs/tgctlsr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1139523378234
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab
O19 - User stylesheet: C:\Documents and Settings\Administrator\My Documents\My Pictures\Sample Pictures.lnk
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 9856 bytes

Mike Kelly · 08-Nov-2009, 05:19 PM **#57**

Just curious....are we getting anywhere? It has been about 4 weeks since we started and I am still gettting new tabs opening at random and when I close one it usually closes all windows. Also, when I reopen IE it prompts me and asks do I want to open previous session. I do appreciate all you have done for me....I am just getting weary.

**Cookiegal** · 08-Nov-2009, 07:57 PM **#58**

Yes, I understand. We aren't finding much of anything. Are there other user profiles on this machine?

Also, please do this:

Please go to Start - Run - type in eventvwr.msc to open the event viewer. Look under both "Application" and "System" for recent (the last 48 hours or so) errors (shown in red) and if found, do this for each one.

Double-click the error to open it up and then click on the icon that looks like two pieces of paper. This will copy the full error. Then "paste" the error into Notepad. Do this for each one until you have them all listed in Notepad and then copy and paste the list in a reply here please.

Mike Kelly · 08-Nov-2009, 10:10 PM **#59**

Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 11/8/2009
Time: 3:19:09 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module flash10c.ocx, version 10.0.32.18, fault address 0x00231eaa.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 66 6c 61 73 in flas
0038: 68 31 30 63 2e 6f 63 78 h10c.ocx
0040: 20 31 30 2e 30 2e 33 32 10.0.32
0048: 2e 31 38 20 61 74 20 6f .18 at o
0050: 66 66 73 65 74 20 30 30 ffset 00
0058: 32 33 31 65 61 61 0d 0a 231eaa..

----------------
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 11/7/2009
Time: 3:44:58 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module flash10c.ocx, version 10.0.32.18, fault address 0x00231eaa.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 66 6c 61 73 in flas
0038: 68 31 30 63 2e 6f 63 78 h10c.ocx
0040: 20 31 30 2e 30 2e 33 32 10.0.32
0048: 2e 31 38 20 61 74 20 6f .18 at o
0050: 66 66 73 65 74 20 30 30 ffset 00
0058: 32 33 31 65 61 61 0d 0a 231eaa..
--------------------
Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 10005
Date: 11/7/2009
Time: 2:16:33 PM
User: YOUR-731F18CD3F\Owner
Computer: YOUR-731F18CD3F
Description:
Product: Java(TM) 6 Update 17 -- Error 25099. Unzipping core files failed.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 32 36 41 32 34 41 45 {26A24AE
0008: 34 2d 30 33 39 44 2d 34 4-039D-4
0010: 43 41 34 2d 38 37 42 34 CA4-87B4
0018: 2d 32 46 38 33 32 31 36 -2F83216
0020: 30 31 37 46 46 7d 017FF}
----------------
Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 10005
Date: 11/7/2009
Time: 12:53:54 PM
User: YOUR-731F18CD3F\Owner
Computer: YOUR-731F18CD3F
Description:
Product: Java(TM) 6 Update 17 -- Error 25099. Unzipping core files failed.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 32 36 41 32 34 41 45 {26A24AE
0008: 34 2d 30 33 39 44 2d 34 4-039D-4
0010: 43 41 34 2d 38 37 42 34 CA4-87B4
0018: 2d 32 46 38 33 32 31 36 -2F83216
0020: 30 31 37 46 46 7d 017FF}
-------------
Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 10005
Date: 11/7/2009
Time: 12:51:50 PM
User: YOUR-731F18CD3F\Owner
Computer: YOUR-731F18CD3F
Description:
Product: Java(TM) 6 Update 17 -- Error 25099. Unzipping core files failed.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 32 36 41 32 34 41 45 {26A24AE
0008: 34 2d 30 33 39 44 2d 34 4-039D-4
0010: 43 41 34 2d 38 37 42 34 CA4-87B4
0018: 2d 32 46 38 33 32 31 36 -2F83216
0020: 30 31 37 46 46 7d 017FF}
------------------
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 11/6/2009
Time: 3:54:23 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x00000017.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 75 6e 6b 6e in unkn
0038: 6f 77 6e 20 30 2e 30 2e own 0.0.
0040: 30 2e 30 20 61 74 20 6f 0.0 at o
0048: 66 66 73 65 74 20 30 30 ffset 00
0050: 30 30 30 30 31 37 0d 0a 000017..
----------------
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 11/5/2009
Time: 5:30:41 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ntdll.dll, version 5.1.2600.5755, fault address 0x0001b21a.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 6e 74 64 6c in ntdl
0038: 6c 2e 64 6c 6c 20 35 2e l.dll 5.
0040: 31 2e 32 36 30 30 2e 35 1.2600.5
0048: 37 35 35 20 61 74 20 6f 755 at o
0050: 66 66 73 65 74 20 30 30 ffset 00
0058: 30 31 62 32 31 61 0d 0a 01b21a..
-----------------------
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 11/4/2009
Time: 6:22:17 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module flash10c.ocx, version 10.0.32.18, fault address 0x00180f89.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 66 6c 61 73 in flas
0038: 68 31 30 63 2e 6f 63 78 h10c.ocx
0040: 20 31 30 2e 30 2e 33 32 10.0.32
0048: 2e 31 38 20 61 74 20 6f .18 at o
0050: 66 66 73 65 74 20 30 30 ffset 00
0058: 31 38 30 66 38 39 0d 0a 180f89..
---------------
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 11/3/2009
Time: 5:48:49 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x628e12b0.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 75 6e 6b 6e in unkn
0038: 6f 77 6e 20 30 2e 30 2e own 0.0.
0040: 30 2e 30 20 61 74 20 6f 0.0 at o
0048: 66 66 73 65 74 20 36 32 ffset 62
0050: 38 65 31 32 62 30 0d 0a 8e12b0..
-------------------

Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 11/2/2009
Time: 9:52:31 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0xfc9ee6e9.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 75 6e 6b 6e in unkn
0038: 6f 77 6e 20 30 2e 30 2e own 0.0.
0040: 30 2e 30 20 61 74 20 6f 0.0 at o
0048: 66 66 73 65 74 20 66 63 ffset fc
0050: 39 65 65 36 65 39 0d 0a 9ee6e9..
----------------
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 11/1/2009
Time: 7:48:02 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module flash10c.ocx, version 10.0.32.18, fault address 0x00180f89.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 66 6c 61 73 in flas
0038: 68 31 30 63 2e 6f 63 78 h10c.ocx
0040: 20 31 30 2e 30 2e 33 32 10.0.32
0048: 2e 31 38 20 61 74 20 6f .18 at o
0050: 66 66 73 65 74 20 30 30 ffset 00
0058: 31 38 30 66 38 39 0d 0a 180f89..
-------------
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 10/30/2009
Time: 10:31:00 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module flash10c.ocx, version 10.0.32.18, fault address 0x00231eaa.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 66 6c 61 73 in flas
0038: 68 31 30 63 2e 6f 63 78 h10c.ocx
0040: 20 31 30 2e 30 2e 33 32 10.0.32
0048: 2e 31 38 20 61 74 20 6f .18 at o
0050: 66 66 73 65 74 20 30 30 ffset 00
0058: 32 33 31 65 61 61 0d 0a 231eaa..
----------------
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 10/30/2009
Time: 9:44:10 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x900006c0.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 75 6e 6b 6e in unkn
0038: 6f 77 6e 20 30 2e 30 2e own 0.0.
0040: 30 2e 30 20 61 74 20 6f 0.0 at o
0048: 66 66 73 65 74 20 39 30 ffset 90
0050: 30 30 30 36 63 30 0d 0a 0006c0..
----------------------
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 10/29/2009
Time: 8:03:05 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Faulting application iexplore.exe, version 8.0.6001.18702, faulting module flash10c.ocx, version 10.0.32.18, fault address 0x00231eaa.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 38 2e 30 2e 36 30 e 8.0.60
0028: 30 31 2e 31 38 37 30 32 01.18702
0030: 20 69 6e 20 66 6c 61 73 in flas
0038: 68 31 30 63 2e 6f 63 78 h10c.ocx
0040: 20 31 30 2e 30 2e 33 32 10.0.32
0048: 2e 31 38 20 61 74 20 6f .18 at o
0050: 66 66 73 65 74 20 30 30 ffset 00
0058: 32 33 31 65 61 61 0d 0a 231eaa..
-----------
Event Type: Error
Event Source: Automatic LiveUpdate Scheduler
Event Category: Devices
Event ID: 101
Date: 10/27/2009
Time: 6:58:41 PM
User: NT AUTHORITY\SYSTEM
Computer: YOUR-731F18CD3F
Description:
Information Level: error

Initialization of the COM subsystem failed. Error code: 0x8007041D.
-------------
Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 1013
Date: 10/22/2009
Time: 3:50:41 PM
User: YOUR-731F18CD3F\Owner
Computer: YOUR-731F18CD3F
Description:
Product: Adobe Reader 7.0.7 -- Setup has detected that you already have a more functional product installed. Setup will now terminate.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 41 43 37 36 42 41 38 {AC76BA8
0008: 36 2d 37 41 44 37 2d 31 6-7AD7-1
0010: 30 33 33 2d 37 42 34 34 033-7B44
0018: 2d 41 37 30 37 30 30 30 -A707000
0020: 30 30 30 30 32 7d 00002}
-------------------

Mike Kelly · 08-Nov-2009, 10:36 PM **#60**

Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 17
Date: 10/23/2009
Time: 5:44:00 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7009
Date: 10/27/2009
Time: 6:59:19 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: Tcpip
Event Category: None
Event ID: 4226
Date: 11/1/2009
Time: 6:04:02 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 01 00 54 00 ......T.
0008: 00 00 00 00 82 10 00 80 ....‚..€
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 11/2/2009
Time: 9:11:18 AM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 11/2/2009
Time: 9:11:18 AM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 11/8/2009
Time: 2:09:46 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
-----------
Event Type: Error
Event Source: Print
Event Category: None
Event ID: 6161
Date: 11/8/2009
Time: 2:01:23 PM
User: YOUR-731F18CD3F\Owner
Computer: YOUR-731F18CD3F
Description:
The document http://www.bleepingcomputer.com/comb...o-use-combofix owned by Owner failed to print on printer Canon MP780 Series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 7864320. Number of bytes printed: 1971248. Total number of pages in the document: 9. Number of pages printed: 2. Client machine: \\YOUR-731F18CD3F. Win32 error code returned by the print processor: 122 (0x7a).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.as
p.
----------------
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 11/8/2009
Time: 9:10:55 AM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The time has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
----------------
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 11/7/2009
Time: 9:11:07 AM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
----------
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 11/6/2009
Time: 10:18:57 AM
User: NT AUTHORITY\SYSTEM
Computer: YOUR-731F18CD3F
Description:
The server {03E0E6C2-363B-11D3-B536-00902771A435} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
-----------------
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 11/6/2009
Time: 9:10:56 AM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---------
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 11/5/2009
Time: 9:10:50 AM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---------------
Event Type: Error
Event Source: NetBT
Event Category: None
Event ID: 4321
Date: 11/4/2009
Time: 7:30:40 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The name "MSHOME :1d" could not be registered on the Interface with IP address 192.168.1.102. The machine with the IP address 192.168.1.100 did not allow the name to be claimed by this machine.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 04 00 56 00 ......V.
0008: 00 00 00 00 e1 10 00 c0 ....á..À
0010: 01 01 00 00 01 00 00 c0 .......À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
-------------
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 11/4/2009
Time: 9:10:56 AM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
------------
Event Type: Warning
Event Source: Tcpip
Event Category: None
Event ID: 4226
Date: 11/3/2009
Time: 7:44:18 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 01 00 54 00 ......T.
0008: 00 00 00 00 82 10 00 80 ....‚..€
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
------------
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 11/3/2009
Time: 9:52:16 AM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 11/2/2009
Time: 8:07:11 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The iPod Service service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 11/2/2009
Time: 8:07:08 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The PrismXL service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 11/2/2009
Time: 8:07:08 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 11/2/2009
Time: 8:07:08 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
----
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 11/2/2009
Time: 8:07:08 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
----
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 11/2/2009
Time: 8:07:08 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The World Wide Web Publishing service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 11/2/2009
Time: 8:07:08 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The Simple Mail Transfer Protocol (SMTP) service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
----
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 11/2/2009
Time: 8:07:08 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The IIS Admin service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1 milliseconds: Run the configured recovery program.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 11/2/2009
Time: 8:07:08 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The Media Center Scheduler Service service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 11/2/2009
Time: 8:07:08 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The Media Center Receiver Service service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
----
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7034
Date: 11/2/2009
Time: 8:07:08 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 11/2/2009
Time: 8:07:07 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---
Event Type: Warning
Event Source: PlugPlayManager
Event Category: None
Event ID: 263
Date: 11/2/2009
Time: 8:06:58 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The service "ehRecvr" may not have unregistered for device event notifications before it was stopped.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
----
Event Type: Warning
Event Source: Tcpip
Event Category: None
Event ID: 4226
Date: 11/1/2009
Time: 8:27:49 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 01 00 54 00 ......T.
0008: 00 00 00 00 82 10 00 80 ....‚..€
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
----
Event Type: Warning
Event Source: Tcpip
Event Category: None
Event ID: 4226
Date: 11/1/2009
Time: 6:04:02 PM
User: N/A
Computer: YOUR-731F18CD3F
Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 01 00 54 00 ......T.
0008: 00 00 00 00 82 10 00 80 ....‚..€
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
---------
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 11/1/2009
Time: 9:11:12 AM
User: N/A
Computer: YOUR-731F18CD3F
Description:
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
----
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 10/31/2009
Time: 1:52:45 PM
User: NT AUTHORITY\SYSTEM
Computer: YOUR-731F18CD3F
Description:
The server {03E0E6C2-363B-11D3-B536-00902771A435} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
----

Tag Cloud
access audio blue screen boot bsod connection crash dell desktop driver dvd email error excel excel 2003 firefox hard drive hardware hijackthis internet keyboard laptop malware monitor motherboard network networking outlook problem processor ram recovery router screen slow sound spyware tdlwsp.dll trojan upgrade vba video virus vista vundo windows windows 7 windows vista windows xp wireless

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)