1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer stalls, video freezes

Discussion in 'Virus & Other Malware Removal' started by regularuser, Dec 29, 2012.

Thread Status:
Not open for further replies.
  1. regularuser

    regularuser Thread Starter

    Joined:
    Sep 10, 2004
    Messages:
    10
    Hi--

    I have an old computer I use mostly for playing/streaming videos. It was working fine until a few days ago, the computer started running very slowly. Now the video lags and freezes (while the audio works; this is true on several media players: MPC, VLC, WMP). It would play those same videos fine last week, and now it cannot. I checked several things: updating drivers, running various scans, removing old programs but nothing has fixed it. I suppose I picked up some malware somewhere. I would appreciate any assistance. My HJT, DDS, and GMER logs follow.

    Thanks.

    == Start HJT log ==

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:04:56 PM, on 12/28/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17115)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat_sl.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\PeerBlock\peerblock.exe
    C:\Program Files\Apoint\HidFind.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Documents and Settings\jmg49.BYU\Local Settings\Application Data\Google\Update\1.3.21.123\GoogleCrashHandler.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Documents and Settings\jmg49.BYU\Desktop\HijackThis.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroDist.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.byu.edu/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\jmg49.BYU\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1226527263875
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1227216820609
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = byu.local
    O17 - HKLM\Software\..\Telephony: DomainName = byu.local
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = byu.local
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

    --
    End of file - 9547 bytes

    == End HJT log ==

    == Start dds.txt log ==

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 7.0.6000.17115 BrowserJavaVersion: 10.9.2
    Run by jmg49 at 23:06:04 on 2012-12-28
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.548 [GMT -7:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    .
    ============== Running Processes ================
    .
    C:\WINDOWS\system32\Ati2evxx.exe
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\SCardSvr.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat_sl.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\PeerBlock\peerblock.exe
    C:\Program Files\Apoint\HidFind.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Documents and Settings\jmg49.BYU\Local Settings\Application Data\Google\Update\1.3.21.123\GoogleCrashHandler.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    c:\Program Files\Microsoft Security Client\MpCmdRun.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.byu.edu/
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
    EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
    uRun: [Google Update] "c:\documents and settings\jmg49.byu\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [PeerBlock] c:\program files\peerblock\peerblock.exe
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
    mRun: [Apoint] c:\program files\apoint\Apoint.exe
    mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
    mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
    mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    dRun: [ctfmon.exe] c:\windows\system32\CTFMON.EXE
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Windows\System: UserPolicyMode = dword:2
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1226527263875
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1227216820609
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{83B49EB2-C295-4379-8060-E18060F17D88} : DHCPNameServer = 192.168.1.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
    Notify: AtiExtEvent - Ati2evxx.dll
    Notify: PCANotify - PCANotify.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
    R1 MpKslb8be1da1;MpKslb8be1da1;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{78d498c3-a688-4e2c-abaf-c60ffd704fdd}\MpKslb8be1da1.sys [2012-12-28 29904]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
    R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2010-12-16 88192]
    R3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2011-5-2 19056]
    S0 vmscsi;vmscsi;c:\windows\system32\drivers\vmscsi.sys [2008-11-12 17968]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 vsdatant;vsdatant;\??\c:\windows\system32\vsdatant.sys --> c:\windows\system32\vsdatant.sys [?]
    S3 COH_Mon;COH_Mon;\??\c:\windows\system32\drivers\coh_mon.sys --> c:\windows\system32\drivers\COH_Mon.sys [?]
    S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-2-2 16472]
    S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-2-2 11104]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: Applications\notepad++.exe="c:\program files\notepad++\notepad++.exe" "%1" [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2012-12-29 06:05:13 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{78d498c3-a688-4e2c-abaf-c60ffd704fdd}\MpKslb8be1da1.sys
    2012-12-29 05:39:50 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{78d498c3-a688-4e2c-abaf-c60ffd704fdd}\mpengine.dll
    2012-12-29 05:21:53 -------- d-----w- c:\program files\ATI Technologies
    2012-12-29 05:21:01 221184 ------w- c:\program files\common files\installshield\iscript\IScript.dll
    2012-12-29 05:21:00 221184 ------w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
    2012-12-29 05:20:59 32768 ------w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
    2012-12-29 05:20:58 77824 ------w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
    2012-12-29 05:20:57 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
    2012-12-29 05:20:34 610436 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe
    2012-12-29 03:59:14 -------- d-----w- c:\program files\common files\DivX Shared
    2012-12-29 03:58:38 -------- d-----w- c:\program files\DivX
    2012-12-29 03:38:40 -------- d-----w- c:\program files\MPC-HC
    2012-12-29 02:01:19 -------- d-----w- c:\documents and settings\jmg49.byu\application data\SUPERAntiSpyware.com
    2012-12-29 02:00:10 -------- d-----w- c:\program files\SUPERAntiSpyware
    2012-12-29 02:00:10 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
    2012-12-28 23:52:00 -------- d-----w- c:\documents and settings\jmg49.byu\application data\Malwarebytes
    2012-12-28 23:51:39 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2012-12-28 23:51:30 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-12-28 23:51:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-12-28 22:30:48 -------- d-----w- c:\documents and settings\jmg49.byu\local settings\application data\WMTools Downloaded Files
    2012-12-28 05:56:25 6812136 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2012-12-28 04:49:02 -------- d-----w- c:\documents and settings\all users\application data\DivX
    2012-12-28 03:33:43 -------- d-----w- c:\program files\VS Revo Group
    2012-12-27 16:41:19 -------- d-----w- c:\documents and settings\jmg49.byu\application data\ElevatedDiagnostics
    2012-12-27 16:32:07 -------- d-----w- C:\MATS
    2012-12-27 05:54:33 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2012-12-27 05:54:33 -------- d-----w- c:\windows\system32\wbem\Repository
    2012-12-27 05:49:30 -------- d-----w- c:\program files\Microsoft Security Client
    2012-12-23 08:38:14 -------- d-----w- C:\ATI
    2012-12-23 01:02:03 -------- d-----w- c:\program files\Microsoft Security Client(2)
    .
    ==================== Find3M ====================
    .
    2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
    2012-11-13 20:29:04 354216 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
    2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
    2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
    2012-11-01 03:30:04 832512 ----a-w- c:\windows\system32\wininet.dll
    2012-11-01 03:30:04 78336 ----a-w- c:\windows\system32\ieencode.dll
    2012-11-01 03:30:04 1830912 ------w- c:\windows\system32\inetcpl.cpl
    2012-11-01 03:30:04 17408 ------w- c:\windows\system32\corpol.dll
    2012-10-25 10:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2012-10-25 10:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
    2010-12-21 23:52:58 747008 ----a-w- c:\program files\HEXEdit.exe
    .
    ============= FINISH: 23:10:08.93 ===============

    == End dds.txt log ==

    == Start DDS attach.txt log ==

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/16/2010 10:01:24 AM
    System Uptime: 12/28/2012 10:56:44 PM (1 hours ago)
    .
    Motherboard: Dell Inc. | |
    Processor: Intel(R) Pentium(R) M processor 2.00GHz | Microprocessor | 318/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 75 GiB total, 9.542 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP594: 11/21/2012 7:08:30 AM - System Checkpoint
    RP595: 11/21/2012 7:16:44 PM - Software Distribution Service 3.0
    RP596: 11/22/2012 7:16:35 PM - Software Distribution Service 3.0
    RP597: 11/23/2012 7:16:33 PM - Software Distribution Service 3.0
    RP598: 11/24/2012 7:16:39 PM - Software Distribution Service 3.0
    RP599: 11/25/2012 7:16:46 PM - Software Distribution Service 3.0
    RP600: 11/26/2012 2:57:17 AM - Software Distribution Service 3.0
    RP601: 11/26/2012 7:17:05 PM - Software Distribution Service 3.0
    RP602: 11/27/2012 7:16:18 PM - Software Distribution Service 3.0
    RP603: 11/28/2012 7:16:57 PM - Software Distribution Service 3.0
    RP604: 11/29/2012 7:17:03 PM - Software Distribution Service 3.0
    RP605: 11/30/2012 7:17:22 PM - Software Distribution Service 3.0
    RP606: 12/1/2012 3:43:16 PM - Software Distribution Service 3.0
    RP607: 12/1/2012 7:18:09 PM - Software Distribution Service 3.0
    RP608: 12/2/2012 7:17:19 PM - Software Distribution Service 3.0
    RP609: 12/3/2012 2:58:06 AM - Software Distribution Service 3.0
    RP610: 12/4/2012 3:50:14 AM - System Checkpoint
    RP611: 12/4/2012 6:58:14 PM - Software Distribution Service 3.0
    RP612: 12/5/2012 7:00:02 PM - Software Distribution Service 3.0
    RP613: 12/6/2012 6:58:20 PM - Software Distribution Service 3.0
    RP614: 12/7/2012 6:58:20 PM - Software Distribution Service 3.0
    RP615: 12/8/2012 7:00:04 PM - Software Distribution Service 3.0
    RP616: 12/9/2012 6:59:55 PM - Software Distribution Service 3.0
    RP617: 12/10/2012 2:32:48 AM - Software Distribution Service 3.0
    RP618: 12/10/2012 6:59:43 PM - Software Distribution Service 3.0
    RP619: 12/11/2012 6:59:40 PM - Software Distribution Service 3.0
    RP620: 12/12/2012 6:59:52 PM - Software Distribution Service 3.0
    RP621: 12/13/2012 7:00:11 PM - Software Distribution Service 3.0
    RP622: 12/14/2012 7:00:05 PM - Software Distribution Service 3.0
    RP623: 12/15/2012 7:00:14 PM - Software Distribution Service 3.0
    RP624: 12/17/2012 10:55:53 PM - Software Distribution Service 3.0
    RP625: 12/19/2012 12:29:24 AM - System Checkpoint
    RP626: 12/19/2012 8:09:25 AM - Software Distribution Service 3.0
    RP627: 12/20/2012 12:26:45 AM - Software Distribution Service 3.0
    RP628: 12/20/2012 6:11:02 PM - Software Distribution Service 3.0
    RP629: 12/21/2012 6:55:31 PM - System Checkpoint
    RP630: 12/22/2012 2:44:15 PM - Removed iTunes
    RP631: 12/22/2012 3:29:18 PM - Software Distribution Service 3.0
    RP632: 12/23/2012 2:19:14 AM - Software Distribution Service 3.0
    RP633: 12/23/2012 3:14:16 PM - Restore Operation
    RP634: 12/23/2012 3:55:01 PM - Software Distribution Service 3.0
    RP635: 12/24/2012 2:32:46 AM - Software Distribution Service 3.0
    RP636: 12/24/2012 4:04:01 PM - Software Distribution Service 3.0
    RP637: 12/25/2012 4:04:03 PM - Software Distribution Service 3.0
    RP638: 12/26/2012 4:31:12 PM - System Checkpoint
    RP639: 12/26/2012 10:40:42 PM - Restore Operation
    RP640: 12/27/2012 9:21:12 AM - Restore Point before Corrupt Patch Registry keys
    RP641: 12/27/2012 9:33:55 AM - Microsoft Security Client
    RP642: 12/27/2012 10:39:38 AM - Software Distribution Service 3.0
    RP643: 12/27/2012 4:07:07 PM - Software Distribution Service 3.0
    RP644: 12/27/2012 8:37:36 PM - Revo Uninstaller's restore point - K-Lite Codec Pack 6.6.8 (Standard)
    RP645: 12/27/2012 10:54:22 PM - Restore Operation
    RP646: 12/27/2012 11:14:29 PM - Restore Operation
    RP647: 12/28/2012 12:49:00 AM - Restore Operation
    RP648: 12/28/2012 1:22:10 AM - Restore Operation
    RP649: 12/28/2012 8:54:12 AM - Restore Operation
    RP650: 12/28/2012 9:45:47 AM - Restore Operation
    RP651: 12/28/2012 10:05:42 AM - Restore Operation
    RP652: 12/28/2012 10:37:17 AM - Software Distribution Service 3.0
    RP653: 12/28/2012 12:14:47 PM - Software Distribution Service 3.0
    RP654: 12/28/2012 12:30:54 PM - Revo Uninstaller's restore point - Free M4a to MP3 Converter 6.2
    RP655: 12/28/2012 12:46:23 PM - Revo Uninstaller's restore point - Free YouTube Downloader 3.5.128
    RP656: 12/28/2012 1:02:06 PM - Revo Uninstaller's restore point - Audacity 1.3.11 (Unicode)
    RP657: 12/28/2012 1:09:44 PM - Revo Uninstaller's restore point - Adobe Reader for Palm OS, 3.05
    RP658: 12/28/2012 1:16:19 PM - Revo Uninstaller's restore point - Mozilla Firefox 4.0 (x86 en-US)
    RP659: 12/28/2012 1:31:58 PM - Revo Uninstaller's restore point - iTunes
    RP660: 12/28/2012 1:36:24 PM - Removed iTunes
    RP661: 12/28/2012 1:54:27 PM - Revo Uninstaller's restore point - Bonjour
    RP662: 12/28/2012 2:01:46 PM - Removed Bonjour
    RP663: 12/28/2012 2:18:59 PM - Revo Uninstaller's restore point - Apple Mobile Device Support
    RP664: 12/28/2012 2:22:16 PM - Removed Apple Mobile Device Support
    RP665: 12/28/2012 2:31:36 PM - Revo Uninstaller's restore point - BYU AutoDiscover
    RP666: 12/28/2012 2:35:05 PM - Revo Uninstaller's restore point - Cisco Systems VPN Client 5.0.06.0160
    RP667: 12/28/2012 2:42:30 PM - Removed Cisco Systems VPN Client 5.0.06.0160
    RP668: 12/28/2012 2:49:58 PM - Revo Uninstaller's restore point - Paint.NET v3.5.5
    RP669: 12/28/2012 2:57:43 PM - Removed Paint.NET v3.5.5
    RP670: 12/28/2012 3:14:58 PM - Revo Uninstaller's restore point - Windows Migration Assistant
    RP671: 12/28/2012 3:16:30 PM - Removed Windows Migration Assistant
    RP672: 12/28/2012 3:23:18 PM - Revo Uninstaller's restore point - Real Alternative 2.0.1
    RP673: 12/28/2012 8:11:52 PM - Revo Uninstaller's restore point - MPC-HC 1.6.5.6366
    RP674: 12/28/2012 8:15:26 PM - Revo Uninstaller's restore point - DivX Setup
    .
    ==== Installed Programs ======================
    .
    ĀµTorrent
    32 Bit HP CIO Components Installer
    7-Zip 9.20
    Acronis*True*Image
    Adobe Acrobat 8 Professional
    Adobe Acrobat 8.3.1 - CPSID_83708
    Adobe Acrobat 8.3.1 Professional
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader X (10.1.4)
    Adobe Shockwave Player 11.5
    Adobe Shockwave Player 11.6
    ALPS Touch Pad Driver
    Apple Application Support
    Apple Software Update
    ATI - Software Uninstall Utility
    ATI Display Driver
    CCleaner
    Conexant D110 MDC V.92 Modem
    CutePDF Writer 2.8
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    DivX Setup
    Dropbox
    EndNote X4
    Google Chrome
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB2779562)
    Hotfix for Windows XP (KB915800-v4)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Intel(R) PRO Network Connections Drivers
    Java 7 Update 9
    Java Auto Updater
    Java(TM) 6 Update 29
    JavaFX 2.1.1
    Malwarebytes Anti-Malware version 1.70.0.1100
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656370)
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 14
    Microsoft Visual C++ 2005 Redistributable
    MPC-HC 1.6.5.6366
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Notepad++
    PeerBlock 1.1 (r518)
    PowerDVD
    QuickTime
    ResearchSoft Direct Export Helper
    Revo Uninstaller 1.94
    Roxio Creator Audio
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator DE 10.3
    Roxio Creator Tools
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
    Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
    Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
    Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
    Security Update for Windows Internet Explorer 7 (KB2183461)
    Security Update for Windows Internet Explorer 7 (KB2360131)
    Security Update for Windows Internet Explorer 7 (KB2416400)
    Security Update for Windows Internet Explorer 7 (KB2482017)
    Security Update for Windows Internet Explorer 7 (KB2497640)
    Security Update for Windows Internet Explorer 7 (KB2530548)
    Security Update for Windows Internet Explorer 7 (KB2544521)
    Security Update for Windows Internet Explorer 7 (KB2559049)
    Security Update for Windows Internet Explorer 7 (KB2586448)
    Security Update for Windows Internet Explorer 7 (KB2618444)
    Security Update for Windows Internet Explorer 7 (KB2647516)
    Security Update for Windows Internet Explorer 7 (KB2675157)
    Security Update for Windows Internet Explorer 7 (KB2699988)
    Security Update for Windows Internet Explorer 7 (KB2722913)
    Security Update for Windows Internet Explorer 7 (KB2744842)
    Security Update for Windows Internet Explorer 7 (KB2761465)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 7 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Search 4 - KB963093
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2753842-v2)
    Security Update for Windows XP (KB2758857)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB2770660)
    Security Update for Windows XP (KB2779030)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Software Management Solution Agent
    SUPERAntiSpyware
    swMSM
    Symantec_pcAnywhere_plugin_installer
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553092)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
    Update for Microsoft Windows (KB971513)
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 7 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2492386)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB971029)
    VC80CRTRedist - 8.0.50727.6195
    VLC media player 2.0.4
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 7
    Windows Management Framework Core
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Presentation Foundation
    Windows Search 4.0
    WordPerfect Office 12
    XML Paper Specification Shared Components Pack 1.0
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/28/2012 6:42:42 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: agp440 IntelIde
    12/28/2012 4:12:45 PM, error: Service Control Manager [7000] - The vsdatant service failed to start due to the following error: The system cannot find the file specified.
    12/27/2012 5:22:20 PM, error: PSched [14101] - QoS [Adapter {83B49EB2-C295-4379-8060-E18060F17D88}]: The netcard driver failed the query for OID_GEN_MAXIMUM_FRAME_SIZE.
    12/27/2012 4:00:29 PM, error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80508001 Error description: A problem is preventing the program from starting. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. Signature version: 1.141.2655.0;1.141.2655.0 Engine version: 1.1.9002.0
    12/26/2012 3:29:16 AM, error: Service Control Manager [7022] - The Windows Search service hung on starting.
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The Network Location Awareness (NLA) service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The Logical Disk Manager service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The Infrared Monitor service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The HID Input Service service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The Error Reporting Service service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 1 time(s).
    12/26/2012 11:30:32 PM, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
    12/26/2012 11:30:32 PM, error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    12/26/2012 11:00:48 PM, error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Backup Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 0.0.0.0;0.0.0.0 Engine version: 0.0.0.0
    12/26/2012 11:00:46 PM, error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.141.1961.0;1.141.1961.0 Engine version: 1.1.9002.0
    12/26/2012 11:00:27 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect.
    12/26/2012 11:00:27 PM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    12/26/2012 11:00:13 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    12/23/2012 3:52:35 PM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
    12/23/2012 3:52:35 PM, error: Service Control Manager [7023] - The Pml Driver HPZ12 service terminated with the following error: The system cannot find the file specified.
    12/23/2012 3:51:58 PM, error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Backup Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 0.0.0.0;0.0.0.0 Engine version: 0.0.0.0
    12/23/2012 3:51:54 PM, error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.141.1961.0;1.141.1961.0 Engine version: 1.1.9002.0
    12/23/2012 3:51:22 PM, error: NETLOGON [5719] - No Domain Controller is available for domain BYU due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
    12/23/2012 1:26:08 PM, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 0012F0889C24 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    12/22/2012 12:49:11 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2314.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    12/22/2012 12:21:37 AM, error: Service Control Manager [7034] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 3 time(s).
    12/22/2012 12:21:14 AM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
    12/22/2012 12:16:07 AM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
    .
    ==== End Of File ===========================

    == End DDS attach.txt log ==

    == Start GMER ark.txt log ==

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-12-29 00:46:49
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK8026GAX rev.PA002D
    Running: 7g0w9y4p.exe; Driver: C:\DOCUME~1\jmg49.BYU\LOCALS~1\Temp\pflyruoc.sys


    ---- System - GMER 1.0.15 ----

    SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xF299F640]

    ---- Kernel code sections - GMER 1.0.15 ----

    ? C:\DOCUME~1\jmg49.BYU\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 1.0.15 ----

    .text C:\WINDOWS\system32\SearchIndexer.exe[1692] kernel32.dll!WriteFile 7C8112FF 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
    .text C:\Program Files\PeerBlock\peerblock.exe[3184] kernel32.dll!SetUnhandledExceptionFilter 7C8449CD 5 Bytes JMP 004314E0 C:\Program Files\PeerBlock\peerblock.exe (PeerBlock/PeerBlock, LLC)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis)

    ---- EOF - GMER 1.0.15 ----

    == End GMER ark.txt log ==
     
  2. regularuser

    regularuser Thread Starter

    Joined:
    Sep 10, 2004
    Messages:
    10
    It's been a hectic week for everyone, but I'm still having trouble with my computer, so I'm replying to see if anyone might be able to figure out what is wrong.

    Thanks for your help.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1082835

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice