1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

computer freezes and shuts down runs slow and is going to die soon NEED HELP FAST lol

Discussion in 'Virus & Other Malware Removal' started by deebrown331, Jan 9, 2011.

Thread Status:
Not open for further replies.
  1. deebrown331

    deebrown331 Thread Starter

    Joined:
    Jan 8, 2011
    Messages:
    5
    My computer has been running slow for months just getting worse. I have to reboot to unfreeze it. 3 days ago I ran a scan with a free programs it said I had over 3000 problems. Late at night something flashes across my screen called preato so I went to add remove programs but when it came up I waited for it to load the programs but it never did it stayed blank. I used an old program I love called go back by Norton and then it showed the programs but the preato did not come up. Trying to get the info you ask us to get before contacting you my computer rebooted itself 3 times and I had to reboot it 4 times myself. i tried to get the gmer report but it ran for 30 mins and shut down the computer then when i brought it back up i cannot get it to run again it freezes up and i have to reboot. Please help me I am disabled and have not left my house since Katrina in 2005 so this is my only contact with people and I cannot afford to buy a new one. Thanks in advance…Dianne Brown

    SYSTEM INFO

    Tech Support Guy System Info Utility version 1.0.0.1
    OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
    Processor: AMD Athlon(tm) 64 Processor 3200+, x86 Family 15 Model 12 Stepping 0
    Processor Count: 1
    RAM: 894 Mb
    Graphics Card: MSI RADEON XPRESS 200 Series, 128 Mb
    Hard Drives: C: Total - 149526 MB, Free - 86727 MB; D: Total - 3092 MB, Free - 1090 MB;
    Motherboard: MICRO-STAR, MS-7145, , MS-7145B0507057499
    Antivirus: McAfee Anti-Virus and Anti-Spyware, Updated: Yes, On-Demand Scanner: Enabled


    hijackthis


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:00:43 PM, on 1/8/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\WINDOWS\system32\E_S00RP1.EXE
    C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\mfevtps.exe
    C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
    C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
    C:\WINDOWS\system32\SAgent4.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Webroot\Washer\WasherSvc.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\WINDOWS\system32\AutoChkbin.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    C:\Program Files\Webroot\Washer\wwDisp.exe
    C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Documents and Settings\Owner\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - (no file)
    R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110107022605.dll
    O2 - BHO: TwcToolbarBhoApp Class - {AA1F9DDB-E605-4ba6-81D4-E427DEE012AD} - C:\WINDOWS\system32\TwcToolbarBho.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: ToolbarDesigner - {5b084ff8-5ce4-43dd-9319-55fbb4dddea3} - C:\Program Files\CrackSearch\toolbar.dll (file missing)
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Microsoft Spooler] "C:\Documents and Settings\Owner\Local Settings\Application Data\lspool.exe"
    O4 - HKLM\..\Run: [Auto Check Utility] "C:\WINDOWS\system32\AutoChkbin.exe"
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /M "Stylus CX4600" /EF "HKCU"
    O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [Microsoft Spooler] "C:\Documents and Settings\Owner\Local Settings\Application Data\lspool.exe"
    O4 - HKCU\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Owner"
    O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
    O4 - Global Startup: WhiteSmoke Translator.lnk = C:\Documents and Settings\Owner\Desktop\WhiteSmokeWriterGeo5002_en.exe
    O8 - Extra context menu item: &IE Toolbar search - res://C:\Program Files\CrackSearch\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKxdm015RAUS
    O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
    O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
    O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)
    O9 - Extra 'Tools' menuitem: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Generate - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
    O9 - Extra 'Tools' menuitem: Password Generator - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
    O16 - DPF: {1CDFA4E8-3396-439D-8C9D-AD0E32DE94B6} (CPlayFirsttastyplanetControl Object) - http://games.bigfishgames.com/en_tastyplanet/online/tastyplanet.1.0.0.4.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
    O16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatierControl Object) - http://www.playfirst.com/play/game/chocolatier/ChocolatierWeb.1.0.0.13.cab
    O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://www.bigfishgames.com/online/trijinx/TriJinx.1.0.0.55.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {38A5F6F0-0B64-421B-A553-3D49A76ECDCD} (CPlayFirstMythicMarblesControl Object) - http://games.bigfishgames.com/en_mythic-marbles/online/MythicMarbles.1.0.0.2.cab
    O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
    O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - http://games.king.com/ctl/kingcomie.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9} (LightSurfUploadCtl Class) - http://pictures.sprintpcs.com/activex/LightSurfUploadControl.cab
    O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148115383062
    O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.bigfishgames.com/online/luxor2/mjolauncher.cab
    O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
    O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} (ZPA_WheelOfFortune Object) - http://zone.msn.com/bingame/zpagames/zpa_wof.cab55579.cab
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/1452/ftp.coupons.com/r3302/cpbrkpie.cab
    O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) - http://www.worldwinner.com/games/v57/cubis/cubis.cab
    O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://www.worldwinner.com/games/v41/hangman/hangman.cab
    O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://games.bigfishgames.com/en_burger-shop/online/GoBitGamesPlayer_v4.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
    O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://games.bigfishgames.com/en_feedingfrenzy/online/Game/SproutLauncher.cab
    O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.playfirst.com/play/game/zuma/popcaploader_v10.cab
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://acddirect.webex.com/client/T23L/webex/ieatgpc.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} (CPlayFirstSweetopiaControl Object) - http://www.bigfishgames.com/online/sweetopia/Sweetopia.1.0.0.20.cab
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
    O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)
    O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
    O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
    O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
    O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
    O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
    O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
    O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 20418 bytes



    DDS

    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Owner at 19:04:35.51 on Sat 01/08/2011
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.291 [GMT -5:00]

    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
    FW: Norton AntiVirus *Enabled*
    FW: McAfee Firewall *Disabled*

    ============== Running Processes ===============

    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\WINDOWS\system32\E_S00RP1.EXE
    C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\mfevtps.exe
    C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
    C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
    C:\WINDOWS\system32\SAgent4.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Webroot\Washer\WasherSvc.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\WINDOWS\system32\AutoChkbin.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    C:\Program Files\Webroot\Washer\wwDisp.exe
    C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Documents and Settings\Owner\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uSearch Bar =
    uStart Page = hxxp://www.yahoo.com/
    uSearch Page =
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
    uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe"
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
    mSearchAssistant =
    uURLSearchHooks: H - No File
    uURLSearchHooks: H - No File
    uURLSearchHooks: H - No File
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
    BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
    BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
    BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110107022605.dll
    BHO: TwcToolbarBhoApp Class: {aa1f9ddb-e605-4ba6-81d4-e427dee012ad} - c:\windows\system32\TwcToolbarBho.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
    TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
    TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
    TB: The Weather Channel Toolbar: {2e5e800e-6ac0-411e-940a-369530a35e43} - c:\windows\system32\TwcToolbarIe7.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
    TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB: ToolbarDesigner: {5b084ff8-5ce4-43dd-9319-55fbb4dddea3} - c:\program files\cracksearch\toolbar.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
    TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
    TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
    TB: {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
    TB: {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - No File
    TB: {E92BEFBA-E79D-4F41-9733-68DA49C4492B} - No File
    TB: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No File
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
    TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
    TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL
    TB: {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - No File
    uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c
    uRun: [EPSON Stylus CX4600 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /M "Stylus CX4600" /EF "HKCU"
    uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
    uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
    uRun: [Window Washer] c:\program files\webroot\washer\wwDisp.exe
    uRun: [ares] "c:\program files\ares\Ares.exe" -h
    uRun: [Microsoft Spooler] "c:\documents and settings\owner\local settings\application data\lspool.exe"
    uRunOnce: [Index Washer] c:\program files\webroot\washer\WashIdx.exe "Owner"
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\2.bin\m3SrchMn.exe" /m=2 /w
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [Microsoft Spooler] "c:\documents and settings\owner\local settings\application data\lspool.exe"
    mRun: [Auto Check Utility] "c:\windows\system32\AutoChkbin.exe"
    mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\norton~1.lnk - c:\program files\norton systemworks\norton goback\GBTray.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\whites~1.lnk - c:\documents and settings\owner\desktop\WhiteSmokeWriterGeo5002_en.exe
    uPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableLUA = 0 (0x0)
    IE: &Add animation to IncrediMail Style Box
    IE: &IE Toolbar search - c:\program files\cracksearch\toolbar.dll/SEARCH.HTML
    IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
    IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKxdm015RAUS
    IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
    IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
    IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM
    IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM
    IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
    IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
    IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
    IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F50} - c:\program files\siber systems\ai roboform\RoboFormComPasswordGenerator.html
    IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
    IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\owner\start menu\programs\imvu\Run IMVU.lnk
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - c:\program files\yahoo!\messenger\YahooMessenger.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2E5E800E-6AC0-411E-940A-369530A35E43} - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB}
    IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    Trusted Zone: acddirect.com\www
    Trusted Zone: callswithoutwalls.com\www
    Trusted Zone: callswithoutwalls.com\www2
    Trusted Zone: microsoft.com\office
    Trusted Zone: vacd.biz
    DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
    DPF: {1CDFA4E8-3396-439D-8C9D-AD0E32DE94B6} - hxxp://games.bigfishgames.com/en_tastyplanet/online/tastyplanet.1.0.0.4.cab
    DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
    DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://www.playfirst.com/play/game/chocolatier/ChocolatierWeb.1.0.0.13.cab
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
    DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://www.bigfishgames.com/online/trijinx/TriJinx.1.0.0.55.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {38A5F6F0-0B64-421B-A553-3D49A76ECDCD} - hxxp://games.bigfishgames.com/en_mythic-marbles/online/MythicMarbles.1.0.0.2.cab
    DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
    DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo.walgreens.com/WalgreensActivia.cab
    DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://games.king.com/ctl/kingcomie.cab
    DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9} - hxxp://pictures.sprintpcs.com/activex/LightSurfUploadControl.cab
    DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
    DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148115383062
    DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://www.bigfishgames.com/online/luxor2/mjolauncher.cab
    DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} - hxxp://zone.msn.com/bingame/zpagames/zpa_wof.cab55579.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - hxxp://a19.g.akamai.net/7/19/7125/1452/ftp.coupons.com/r3302/cpbrkpie.cab
    DPF: {97438FE9-D361-4279-BA82-98CC0877A717} - hxxp://www.worldwinner.com/games/v57/cubis/cubis.cab
    DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} - hxxp://www.worldwinner.com/games/v41/hangman/hangman.cab
    DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://games.bigfishgames.com/en_burger-shop/online/GoBitGamesPlayer_v4.cab
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
    DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} - hxxp://games.bigfishgames.com/en_feedingfrenzy/online/Game/SproutLauncher.cab
    DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab55579.cab
    DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.playfirst.com/play/game/zuma/popcaploader_v10.cab
    DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://acddirect.webex.com/client/T23L/webex/ieatgpc.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} - hxxp://www.bigfishgames.com/online/sweetopia/Sweetopia.1.0.0.20.cab
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\vreo1juy.default\
    FF - prefs.js: browser.search.selectedEngine - Yahoo
    FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=PCAFSI1190&p=
    FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\vreo1juy.default\extensions\{22e03916-85c5-44b0-8dc9-1830c11238d9}\components\RadioWMPCoreGecko19.dll
    FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\vreo1juy.default\extensions\{b80f591e-fe9a-46cf-a13e-180377240586}\components\RadioWMPCoreGecko19.dll
    FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\vreo1juy.default\extensions\[email protected]\components\RadioWMPCoreGecko19.dll
    FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
    FF - component: c:\program files\siber systems\ai roboform\firefox\components\rfproxy_31.dll
    FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\NPMyWebS.dll
    FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - Ext: ChaCha Guide App Toolbar: [email protected] - %profile%\extensions\[email protected]
    FF - Ext: Conduit Engine : [email protected] - %profile%\extensions\[email protected]
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Elf 1 Community Toolbar: {22e03916-85c5-44b0-8dc9-1830c11238d9} - %profile%\extensions\{22e03916-85c5-44b0-8dc9-1830c11238d9}
    FF - Ext: Elf 1.13 Community Toolbar: {b80f591e-fe9a-46cf-a13e-180377240586} - %profile%\extensions\{b80f591e-fe9a-46cf-a13e-180377240586}
    FF - Ext: Java Quick Starter: j[email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: AI Roboform Toolbar for Firefox: {22119944-ED35-4ab1-910B-E619EA06A115} - c:\program files\siber systems\ai roboform\Firefox
    FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor

    ============= SERVICES / DRIVERS ===============

    R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-1-7 386840]
    R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-1-7 84072]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2011-1-6 206112]
    R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2011-1-7 271480]
    R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2011-1-7 271480]
    R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2011-1-7 271480]
    R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-1-7 171168]
    R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-1-7 188136]
    R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-1-7 141792]
    R2 wwEngineSvc;Window Washer Engine;c:\program files\webroot\washer\WasherSvc.exe [2010-12-7 598856]
    R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-1-7 55840]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-5-30 101936]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-1-7 152960]
    R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-1-7 52104]
    R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-1-7 313288]
    R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2011-1-7 88544]
    S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\shldrv51.sys --> c:\windows\system32\drivers\ShlDrv51.sys [?]
    S2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\2.bin\mwssvc.exe [2009-2-25 28762]
    S2 PavProc;Panda Process Protection Driver;\??\c:\windows\system32\drivers\pavproc.sys --> c:\windows\system32\drivers\PavProc.sys [?]
    S2 PavPrSrv;Panda Process Protection Service;"c:\program files\common files\panda software\pavshld\pavprsrv.exe" --> c:\program files\common files\panda software\pavshld\pavprsrv.exe [?]
    S3 EuDisk;EASEUS Disk Enumerator;c:\windows\system32\drivers\EuDisk.sys [2009-11-18 122504]
    S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2011-1-7 88544]
    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-1-7 84264]

    =============== Created Last 30 ================

    2011-01-07 07:26:05 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
    2011-01-07 07:26:05 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
    2011-01-07 07:25:55 141792 ----a-w- c:\windows\system32\mfevtps.exe
    2011-01-07 07:25:53 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
    2011-01-07 07:25:53 88544 ----a-w- c:\windows\system32\drivers\mfendisk.sys
    2011-01-07 07:25:53 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys
    2011-01-07 07:25:53 84072 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
    2011-01-07 07:25:53 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys
    2011-01-07 07:25:53 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys
    2011-01-07 07:25:53 386840 ----a-w- c:\windows\system32\drivers\mfehidk.sys
    2011-01-07 07:25:53 313288 ----a-w- c:\windows\system32\drivers\mfefirek.sys
    2011-01-07 07:25:53 152960 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
    2011-01-07 01:13:49 75303 ---h--w- c:\windows\system32\AutoChkbin.exe
    2011-01-07 01:13:49 75303 ---h--w- c:\program files\common files\autoconvsbin.exe
    2011-01-06 22:25:29 -------- d-----w- c:\program files\common files\McAfee
    2011-01-06 22:25:28 -------- d-----w- c:\program files\McAfee.com
    2011-01-06 22:25:02 -------- d-----w- c:\program files\McAfee
    2011-01-06 06:51:17 -------- d-----w- c:\docume~1\owner\applic~1\FixCleaner
    2011-01-06 06:50:58 -------- d-----w- c:\program files\FixCleaner
    2011-01-06 06:06:35 -------- d-----w- c:\docume~1\owner\applic~1\Usenet.nl
    2011-01-06 06:06:10 -------- d-----w- c:\program files\Usenet.nl
    2011-01-05 05:15:08 -------- d-----w- c:\program files\eMule
    2011-01-05 02:26:02 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Ares
    2011-01-05 02:10:30 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\BearShare
    2011-01-05 02:06:39 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\BitTorrentBar
    2010-12-26 22:03:51 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
    2010-12-26 22:03:51 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
    2010-12-26 22:03:51 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
    2010-12-26 22:03:51 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
    2010-12-26 22:03:51 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
    2010-12-26 22:03:38 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
    2010-12-26 22:03:37 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
    2010-12-25 07:11:46 -------- d-----w- c:\docume~1\owner\applic~1\ParetoLogic
    2010-12-15 00:28:44 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
    2010-12-15 00:27:39 45568 -c----w- c:\windows\system32\dllcache\wab.exe
    2010-12-10 20:52:54 -------- d-----w- c:\program files\CrackSearch

    ==================== Find3M ====================

    2011-01-06 21:53:49 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
    2010-11-18 18:12:44 81920 ------w- c:\windows\system32\isign32.dll
    2010-11-13 02:36:44 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
    2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-11-06 00:26:58 43520 ------w- c:\windows\system32\licmgr10.dll
    2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-11-03 12:25:54 385024 ------w- c:\windows\system32\html.iec
    2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
    2010-10-26 13:25:00 1853312 ------w- c:\windows\system32\win32k.sys
    2006-05-18 08:22:32 774144 ------w- c:\program files\RngInterstitial.dll

    =================== ROOTKIT ====================

    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
    Windows 5.1.2600

    device: opened successfully
    user: MBR read successfully

    Disk trace:
    called modules: ntkrnlpa.exe GoBack2K.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
    c:\windows\system32\drivers\GoBack2K.sys Symantec Corporation Norton GoBack
    1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x8556DAB8]
    3 CLASSPNP[0xF7590FD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\0000008f[0x85563948]
    5 ACPI[0xF73A7620] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP4T0L0-16[0x8558BD98]
    kernel: MBR read successfully
    _asm { CALL 0x56; }
    user != kernel MBR !!!

    ============= FINISH: 19:06:31.85 ===============




    ATTACHED


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 5/18/2006 7:03:08 AM
    System Uptime: 1/8/2011 5:15:25 PM (2 hours ago)

    Motherboard: MICRO-STAR | | MS-7145
    Processor: AMD Athlon(tm) 64 Processor 3200+ | Socket 754 | 2193/199mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 146 GiB total, 84.696 GiB free.
    D: is FIXED (FAT32) - 3 GiB total, 1.065 GiB free.
    E: is CDROM ()
    G: is Removable
    H: is Removable
    I: is Removable
    J: is Removable

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP1528: 10/9/2010 11:43:26 PM - System Checkpoint
    RP1529: 10/11/2010 12:37:19 AM - System Checkpoint
    RP1530: 10/12/2010 12:49:18 AM - System Checkpoint
    RP1531: 10/13/2010 1:07:01 AM - System Checkpoint
    RP1532: 10/14/2010 1:13:23 AM - System Checkpoint
    RP1533: 10/14/2010 6:05:00 PM - Installed Safari
    RP1534: 10/15/2010 4:29:40 AM - Software Distribution Service 3.0
    RP1535: 10/16/2010 2:40:16 PM - Installed AVG 2011
    RP1536: 10/16/2010 2:42:53 PM - Removed AVG Free 9.0
    RP1537: 10/16/2010 2:51:41 PM - Installed AVG 2011
    RP1538: 10/18/2010 10:38:57 AM - System Checkpoint
    RP1539: 10/19/2010 10:45:45 AM - System Checkpoint
    RP1540: 10/21/2010 12:10:35 AM - System Checkpoint
    RP1541: 10/22/2010 12:23:56 AM - System Checkpoint
    RP1542: 10/24/2010 2:40:37 PM - System Checkpoint
    RP1543: 10/25/2010 3:41:05 PM - System Checkpoint
    RP1544: 10/26/2010 4:52:35 PM - System Checkpoint
    RP1545: 10/29/2010 6:04:02 AM - System Checkpoint
    RP1546: 10/30/2010 1:00:32 PM - System Checkpoint
    RP1547: 10/31/2010 10:48:55 PM - System Checkpoint
    RP1548: 11/3/2010 2:14:06 AM - System Checkpoint
    RP1549: 11/4/2010 2:20:29 AM - System Checkpoint
    RP1550: 11/5/2010 3:15:07 PM - System Checkpoint
    RP1551: 11/6/2010 4:08:07 PM - System Checkpoint
    RP1552: 11/7/2010 4:06:27 PM - System Checkpoint
    RP1553: 11/8/2010 11:37:47 PM - System Checkpoint
    RP1554: 11/9/2010 11:43:17 PM - Software Distribution Service 3.0
    RP1555: 11/10/2010 1:23:26 AM - Software Distribution Service 3.0
    RP1556: 11/11/2010 1:30:17 AM - System Checkpoint
    RP1557: 11/11/2010 3:47:12 PM - Removed AVG 2011
    RP1558: 11/11/2010 3:48:18 PM - Removed AVG 2011
    RP1559: 11/12/2010 6:30:58 AM - Removed Skype Toolbars
    RP1560: 11/12/2010 6:31:38 AM - Removed Skype™ 4.2
    RP1561: 11/13/2010 6:51:37 AM - System Checkpoint
    RP1562: 11/15/2010 2:14:34 PM - System Checkpoint
    RP1563: 11/16/2010 3:52:43 PM - System Checkpoint
    RP1564: 11/17/2010 4:14:46 PM - System Checkpoint
    RP1565: 11/18/2010 5:26:44 PM - System Checkpoint
    RP1566: 11/19/2010 6:04:54 PM - System Checkpoint
    RP1567: 11/20/2010 7:13:24 PM - System Checkpoint
    RP1568: 11/21/2010 8:11:47 PM - System Checkpoint
    RP1569: 11/22/2010 8:21:04 PM - System Checkpoint
    RP1570: 11/23/2010 9:34:27 PM - System Checkpoint
    RP1571: 11/24/2010 11:40:44 PM - System Checkpoint
    RP1572: 11/26/2010 1:16:21 AM - System Checkpoint
    RP1573: 11/27/2010 1:29:06 AM - System Checkpoint
    RP1574: 11/28/2010 2:07:27 AM - System Checkpoint
    RP1575: 11/29/2010 3:05:29 AM - System Checkpoint
    RP1576: 11/30/2010 5:05:35 AM - System Checkpoint
    RP1577: 12/1/2010 7:05:39 AM - System Checkpoint
    RP1578: 12/2/2010 8:10:09 AM - System Checkpoint
    RP1579: 12/3/2010 9:23:07 AM - System Checkpoint
    RP1580: 12/4/2010 9:30:47 AM - System Checkpoint
    RP1581: 12/5/2010 10:09:49 AM - System Checkpoint
    RP1582: 12/6/2010 12:10:56 PM - System Checkpoint
    RP1583: 12/7/2010 4:07:27 PM - System Checkpoint
    RP1584: 12/8/2010 5:46:15 PM - System Checkpoint
    RP1585: 12/9/2010 6:09:39 PM - System Checkpoint
    RP1586: 12/10/2010 6:42:02 PM - System Checkpoint
    RP1587: 12/11/2010 7:18:26 PM - System Checkpoint
    RP1588: 12/12/2010 9:18:40 PM - System Checkpoint
    RP1589: 12/13/2010 9:21:55 PM - System Checkpoint
    RP1590: 12/14/2010 9:26:11 PM - System Checkpoint
    RP1591: 12/15/2010 3:01:08 AM - Software Distribution Service 3.0
    RP1592: 12/16/2010 4:56:22 AM - System Checkpoint
    RP1593: 12/17/2010 5:12:37 AM - System Checkpoint
    RP1594: 12/18/2010 7:12:38 AM - System Checkpoint
    RP1595: 12/19/2010 9:12:43 AM - System Checkpoint
    RP1596: 12/20/2010 9:36:03 AM - System Checkpoint
    RP1597: 12/21/2010 11:29:35 AM - System Checkpoint
    RP1598: 12/22/2010 1:13:34 PM - System Checkpoint
    RP1599: 12/23/2010 2:50:07 PM - System Checkpoint
    RP1600: 12/24/2010 3:36:38 PM - System Checkpoint
    RP1601: 12/25/2010 8:07:25 AM - PC Health Advisor Backup
    RP1602: 12/26/2010 8:34:20 AM - System Checkpoint
    RP1603: 12/27/2010 7:04:57 PM - System Checkpoint
    RP1604: 12/28/2010 8:26:13 PM - System Checkpoint
    RP1605: 12/29/2010 8:48:43 PM - System Checkpoint
    RP1606: 12/30/2010 11:20:50 PM - System Checkpoint
    RP1607: 1/1/2011 12:23:17 AM - System Checkpoint
    RP1608: 1/2/2011 1:28:56 AM - System Checkpoint
    RP1609: 1/3/2011 3:03:32 AM - System Checkpoint
    RP1610: 1/4/2011 3:43:04 AM - System Checkpoint
    RP1611: 1/5/2011 3:52:25 AM - System Checkpoint
    RP1612: 1/6/2011 1:50:58 AM - Installed FixCleaner
    RP1613: 1/6/2011 11:13:30 AM - Software Distribution Service 3.0
    RP1614: 1/6/2011 4:34:18 PM - Removed LiveUpdate (Symantec Corporation)
    RP1615: 1/6/2011 4:35:09 PM - Removed LiveUpdate Notice (Symantec Corporation)
    RP1616: 1/6/2011 4:42:03 PM - Removed TWC Customer Controls
    RP1617: 1/6/2011 4:59:51 PM - Removed LiveUpdate (Symantec Corporation)
    RP1618: 1/6/2011 6:15:43 PM - Removed FixCleaner
    RP1619: 1/6/2011 7:36:31 PM - Removed Safari
    RP1620: 1/6/2011 8:07:09 PM - Removed Bonjour

    ==== Installed Programs ======================


    20/20 v2.2
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.1
    Adobe Shockwave Player
    AI RoboForm (All Users)
    Apple Application Support
    Apple Software Update
    ArcSoft Software Suite
    ATI Display Driver
    AudibleManager
    Compatibility Pack for the 2007 Office system
    Creative Mass Storage Drivers
    Creative MediaSource
    Creative System Information
    Creative Zen Nano Plus
    Critical Update for Windows Media Player 11 (KB959772)
    Delicious Deluxe
    Digital Media Reader
    EPSON CardMonitor
    EPSON Copy Utility 3
    EPSON CX4600 Reference Guide
    EPSON PhotoCenter
    EPSON PhotoStarter3.2
    EPSON Printer Software
    EPSON Scan
    EPSON Smart Panel
    EPSON Web-To-Page
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Format SDK (KB902344)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    ieSpell
    IncrediMail
    iOrgSoft M4A Converter 1.6.0
    J2SE Runtime Environment 5.0 Update 2
    J2SE Runtime Environment 5.0 Update 7
    Jasc Animation Shop 3
    Jasc Animation Shop 3 20041030_07 Help file Patch
    Jasc Paint Shop Pro 9
    Jasc Paint Shop Pro 9 GDI+ Patch
    Jasc Paint Shop Pro 9.01 - (9.0.1.1)
    Jasc Paint Shop Pro 9.01 Patch
    Java(TM) 6 Update 13
    Java(TM) 6 Update 3
    Java(TM) 6 Update 5
    McAfee SecurityCenter
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Money 2005
    Microsoft National Language Support Downlevel APIs
    Microsoft Office FrontPage 2003
    Microsoft Office OneNote 2003
    Microsoft Office Professional Edition 2003
    Microsoft Office Project Professional 2003
    Microsoft Office Visio Professional 2003
    Microsoft Primary Interoperability Assemblies 2005
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Works
    Mozilla Firefox (3.6.13)
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Multimedia Samples
    My Web Search (Webfetti)
    Napster Burn Engine
    Nero BurnRights
    Nero OEM
    Norton GoBack 4.02 (Symantec Corporation)
    Paint Shop Pro 7
    QCP Converter
    QuickTime
    RealPlayer
    Realtek AC'97 Audio
    Recovery Software Suite eMachines
    Roxio Easy Media Creator 8 Content
    Roxio Easy Media Creator 8 Suite
    ScanToWeb
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    SoftV92 Data Fax Modem with SmartCP
    SolSuite 2007 v7.8
    the flux collection
    The Weather Channel Desktop 6
    The Weather Channel Toolbar
    Top Ten Solitaire (remove only)
    Tube Extractor 1.0
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB971930)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB953356)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Usenet.nl
    WEB Search Assistant 1.0
    WebEx
    WebFldrs XP
    Window Washer
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    WinRAR 4.00 beta 1 (32-bit)
    Yahoo! Browser Services
    Yahoo! Messenger
    Yahoo! Search Protection
    Yahoo! Software Update
    Yahoo! Toolbar

    ==== Event Viewer Messages From Past Week ========

    1/6/2011 7:01:53 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/6/2011 7:01:48 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
    1/6/2011 6:06:16 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the mcmscsvc service.
    1/6/2011 6:05:41 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ShldDrv
    1/6/2011 6:05:41 PM, error: Service Control Manager [7000] - The Panda Process Protection Service service failed to start due to the following error: The system cannot find the path specified.
    1/6/2011 6:05:41 PM, error: Service Control Manager [7000] - The Panda Process Protection Driver service failed to start due to the following error: The system cannot find the file specified.
    1/6/2011 5:45:18 PM, error: Service Control Manager [7034] - The BlackHole Remote Control Services service terminated unexpectedly. It has done this 1 time(s).
    1/6/2011 4:42:08 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
    1/6/2011 4:28:29 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
    1/6/2011 4:28:22 PM, error: Dhcp [1002] - The IP address lease 71.79.137.24 for the Network Card with network address 0013D32CF62B has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    1/6/2011 4:23:44 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Symantec Settings Manager service to connect.
    1/5/2011 5:22:38 PM, error: System Error [1003] - Error code 0000009c, parameter1 00000004, parameter2 80546e70, parameter3 b2000000, parameter4 00070f0f.
    1/5/2011 3:50:43 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Gwmsrv service.
    1/4/2011 8:07:01 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
    1/4/2011 8:06:49 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}

    ==== End Of File ===========================




    GMER
     
  2. deebrown331

    deebrown331 Thread Starter

    Joined:
    Jan 8, 2011
    Messages:
    5
    Just booting it back to the top
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/973538

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice