1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Eratic Behavior, Sites Not Fully Loading

Discussion in 'Virus & Other Malware Removal' started by glass49, Jan 14, 2013.

Thread Status:
Not open for further replies.
  1. glass49

    glass49 Thread Starter

    Joined:
    Jun 23, 2005
    Messages:
    47
    Hi,
    Some of the usual sites I visit started to not fully load.
    They would display the banner across the top and that's all.
    Sometimes they would fully load but clicking on a link did nothing or hangs up.
    This happens in IE 7, Firefox 13 (or any version) and AOL
    I ran Spybot, AVG, Malware bytes, Super anti Spyware. They cleaned up some items
    but didn't help. I read that Java might be the problem and went back to ver 6
    win xp sp3
    Thanks, Angelo
    Here are the logs
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:07:18 PM, on 1/14/2013
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17115)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\Program Files\AVG\AVG10\AVGCHSVX.EXE
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
    C:\Program Files\AVG\AVG10\avgwdsvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\Program Files\AVG\AVG10\avgemcx.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Program Files\AVG\AVG10\AVGRSX.EXE
    C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Documents and Settings\owner\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comcast.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?prd=766&pver=9.0&plcid=0x409&clcid=0x409&ar=setup&sar=wm_privacy
    O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Desktop Software] "C:\Program Files\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Corel Family and Friends Reminders.LNK = C:\Corel\Print House Magic\cffrem.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1345577474593
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: DraftSight API Service - Dassault Systèmes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 7226 bytes

    DDS (Ver_2012-11-20.01) - FAT32_x86
    Internet Explorer: 7.0.6000.17115 BrowserJavaVersion: 1.6.0_38
    Run by angelo at 20:09:04 on 2013-01-14
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1409 [GMT -5:00]
    .
    AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .
    ============== Running Processes ================
    .
    \??\C:\Program Files\AVG\AVG10\AVGCHSVX.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
    C:\Program Files\AVG\AVG10\avgwdsvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\wdfmgr.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\Program Files\AVG\AVG10\avgemcx.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\WINDOWS\System32\alg.exe
    \??\C:\Program Files\AVG\AVG10\AVGRSX.EXE
    \??\C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://xfinity.comcast.net/
    BHO: HelperObject Class: {00C6482D-C502-44C8-8409-FCE54AD9C208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg10\avgssie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: SnagIt: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll
    uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe
    mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\corelf~1.lnk - c:\corel\print house magic\cffrem.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDriveAutoRun = dword:67108839
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1345577474593
    DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 75.75.76.76 75.75.75.75
    TCP: Interfaces\{7BF8E822-03E5-445C-AE38-58A08ACB1C83} : DHCPNameServer = 75.75.76.76 75.75.75.75
    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
    Notify: igfxcui - igfxdev.dll
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\t9t98sfr.default\
    FF - prefs.js: browser.startup.homepage - www.aol.com
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
    FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
    FF - plugin: c:\windows\system32\npDeployJava1.dll
    FF - plugin: c:\windows\system32\npptools.dll
    FF - plugin: c:\windows\system32\npwmsdrm.dll
    FF - ExtSQL: 2012-12-12 21:32; {1E73965B-8B48-48be-9C8D-68B920ABC1C4}; c:\program files\avg\avg10\Firefox4
    FF - ExtSQL: 2013-01-14 18:36; [email protected]; c:\documents and settings\owner\application data\mozilla\firefox\profiles\t9t98sfr.default\extensions\[email protected]
    FF - ExtSQL: 2013-01-14 18:39; {77b819fa-95ad-4f2c-ac7c-486b356188a9}; c:\documents and settings\owner\application data\mozilla\firefox\profiles\t9t98sfr.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
    FF - ExtSQL: 2013-01-14 19:36; [email protected]; c:\program files\java\jre6\lib\deploy\jqs\ff
    FF - ExtSQL: 2013-01-14 19:37; {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 22992]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
    R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [2010-1-28 4064]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 255968]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34896]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 297168]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134480]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24144]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 27216]
    S3 DraftSight API Service;DraftSight API Service;c:\program files\dassault systemes\draftsight\bin\dsHttpApiService.exe [2012-1-24 78336]
    S3 Normandy;Normandy SR2; [x]
    .
    =============== Created Last 30 ================
    .
    2013-01-15 00:37:11 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2013-01-09 20:02:29 106496 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin7.dll
    2013-01-09 20:02:29 106496 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
    2013-01-09 19:54:23 -------- d-----w- c:\documents and settings\owner\application data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    2012-12-31 20:36:38 -------- d-----w- c:\program files\GmailDefaultMaker
    2012-12-21 02:32:59 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2012-12-21 02:32:59 -------- d-----w- c:\windows\system32\wbem\Repository
    .
    ==================== Find3M ====================
    .
    2013-01-12 08:30:38 859552 ----a-w- c:\windows\system32\npDeployJava1.dll
    2013-01-12 08:30:34 780192 ----a-w- c:\windows\system32\deployJava1.dll
    2013-01-09 14:31:18 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-01-09 14:31:18 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-12-16 12:24:00 290560 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-14 21:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
    2012-11-12 09:47:48 255968 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2012-11-06 02:01:40 1371648 ------w- c:\windows\system32\msxml6.dll
    2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
    2012-11-01 03:30:04 832512 ----a-w- c:\windows\system32\wininet.dll
    2012-11-01 03:30:04 78336 ----a-w- c:\windows\system32\ieencode.dll
    2012-11-01 03:30:04 1830912 ------w- c:\windows\system32\inetcpl.cpl
    2012-11-01 03:30:04 17408 ----a-w- c:\windows\system32\corpol.dll
    .
    ============= FINISH: 20:09:49.79 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 1/27/2010 1:04:04 PM
    System Uptime: 1/14/2013 7:42:57 PM (1 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | P5GC-MX
    Processor: Intel(R) Pentium(R) D CPU 3.00GHz | LGA 775 | 3000/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (FAT32) - 233 GiB total, 200.105 GiB free.
    D: is CDROM ()
    E: is Removable
    F: is Removable
    G: is Removable
    H: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Realtek RTL8185 54M Wireless LAN Network Adapter
    Device ID: PCI\VEN_10EC&DEV_8185&SUBSYS_818510EC&REV_20\4&CF81C54&0&00F0
    Manufacturer: Realtek
    Name: Realtek RTL8185 54M Wireless LAN Network Adapter
    PNP Device ID: PCI\VEN_10EC&DEV_8185&SUBSYS_818510EC&REV_20\4&CF81C54&0&00F0
    Service: rtl8185
    .
    ==== System Restore Points ===================
    .
    RP621: 10/17/2012 3:45:19 PM - System Checkpoint
    RP622: 10/18/2012 3:56:23 PM - System Checkpoint
    RP623: 10/19/2012 7:32:01 PM - System Checkpoint
    RP624: 10/21/2012 2:22:08 PM - System Checkpoint
    RP625: 10/22/2012 3:02:54 PM - System Checkpoint
    RP626: 10/23/2012 3:31:02 PM - System Checkpoint
    RP627: 10/24/2012 4:40:07 PM - System Checkpoint
    RP628: 10/25/2012 5:08:11 PM - System Checkpoint
    RP629: 10/26/2012 5:55:52 PM - System Checkpoint
    RP630: 10/27/2012 5:58:25 PM - System Checkpoint
    RP631: 10/28/2012 4:31:17 PM - Installed Java 7 Update 9
    RP632: 10/29/2012 4:49:23 PM - System Checkpoint
    RP633: 10/31/2012 8:58:25 AM - System Checkpoint
    RP634: 11/1/2012 9:18:00 AM - System Checkpoint
    RP635: 11/2/2012 10:53:46 AM - System Checkpoint
    RP636: 11/3/2012 12:53:17 PM - System Checkpoint
    RP637: 11/4/2012 12:59:07 PM - System Checkpoint
    RP638: 11/6/2012 8:24:55 AM - System Checkpoint
    RP639: 11/7/2012 8:57:37 AM - System Checkpoint
    RP640: 11/8/2012 9:31:12 AM - System Checkpoint
    RP641: 11/9/2012 4:21:39 PM - System Checkpoint
    RP642: 11/10/2012 4:24:16 PM - System Checkpoint
    RP643: 11/12/2012 10:31:11 AM - System Checkpoint
    RP644: 11/13/2012 11:48:55 AM - System Checkpoint
    RP645: 11/14/2012 6:33:26 AM - Software Distribution Service 3.0
    RP646: 11/15/2012 6:58:16 AM - System Checkpoint
    RP647: 11/16/2012 9:25:19 AM - System Checkpoint
    RP648: 11/17/2012 1:27:34 PM - System Checkpoint
    RP649: 11/18/2012 1:36:31 PM - System Checkpoint
    RP650: 11/19/2012 2:15:13 PM - System Checkpoint
    RP651: 11/20/2012 2:40:00 PM - System Checkpoint
    RP652: 11/22/2012 7:20:26 AM - System Checkpoint
    RP653: 11/23/2012 9:34:47 AM - System Checkpoint
    RP654: 11/24/2012 11:11:59 AM - System Checkpoint
    RP655: 11/25/2012 1:17:01 PM - System Checkpoint
    RP656: 11/26/2012 1:51:26 PM - System Checkpoint
    RP657: 11/27/2012 2:26:29 PM - System Checkpoint
    RP658: 11/28/2012 2:33:58 PM - System Checkpoint
    RP659: 11/29/2012 4:42:39 PM - System Checkpoint
    RP660: 11/30/2012 5:15:35 PM - System Checkpoint
    RP661: 12/1/2012 7:12:03 PM - System Checkpoint
    RP662: 12/2/2012 7:29:32 PM - System Checkpoint
    RP663: 12/3/2012 7:57:01 PM - System Checkpoint
    RP664: 12/6/2012 8:10:45 AM - System Checkpoint
    RP665: 12/7/2012 9:01:23 AM - System Checkpoint
    RP666: 12/8/2012 11:20:50 AM - System Checkpoint
    RP667: 12/9/2012 1:18:30 PM - System Checkpoint
    RP668: 12/10/2012 1:35:49 PM - System Checkpoint
    RP669: 12/10/2012 6:29:48 PM - Software Distribution Service 3.0
    RP670: 12/11/2012 1:05:02 PM - Removed Adobe Reader X (10.1.3).
    RP671: 12/11/2012 1:07:13 PM - Installed Adobe Reader 9.
    RP672: 12/12/2012 9:37:37 PM - Software Distribution Service 3.0
    RP673: 12/14/2012 2:16:01 PM - System Checkpoint
    RP674: 12/15/2012 4:39:09 PM - System Checkpoint
    RP675: 12/17/2012 6:49:14 AM - System Checkpoint
    RP676: 12/18/2012 7:47:26 AM - System Checkpoint
    RP677: 12/20/2012 9:30:52 AM - Installed Java 7 Update 10
    RP678: 12/20/2012 9:31:15 PM - Restore Operation
    RP679: 12/20/2012 10:33:15 PM - Software Distribution Service 3.0
    RP680: 12/22/2012 11:58:51 AM - System Checkpoint
    RP681: 12/23/2012 12:23:26 PM - System Checkpoint
    RP682: 12/24/2012 7:08:25 AM - Removed JavaFX 2.1.1
    RP683: 12/24/2012 7:08:49 AM - Removed Java(TM) 6 Update 31
    RP684: 12/24/2012 7:10:44 AM - Installed Java 7 Update 10
    RP685: 12/25/2012 7:37:16 AM - System Checkpoint
    RP686: 12/26/2012 7:55:58 AM - System Checkpoint
    RP687: 12/27/2012 8:21:00 AM - System Checkpoint
    RP688: 12/28/2012 8:54:00 AM - System Checkpoint
    RP689: 12/29/2012 9:18:18 AM - System Checkpoint
    RP690: 12/30/2012 9:59:05 AM - System Checkpoint
    RP691: 12/31/2012 12:33:23 PM - System Checkpoint
    RP692: 1/1/2013 1:01:49 PM - System Checkpoint
    RP693: 1/2/2013 1:30:13 PM - System Checkpoint
    RP694: 1/3/2013 5:26:30 PM - System Checkpoint
    RP695: 1/4/2013 5:49:11 AM - Software Distribution Service 3.0
    RP696: 1/5/2013 12:46:56 PM - System Checkpoint
    RP697: 1/6/2013 1:42:20 PM - System Checkpoint
    RP698: 1/8/2013 7:14:07 AM - System Checkpoint
    RP699: 1/9/2013 12:43:24 AM - Software Distribution Service 3.0
    RP700: 1/10/2013 1:39:48 AM - System Checkpoint
    RP701: 1/11/2013 7:41:23 AM - System Checkpoint
    RP702: 1/12/2013 7:55:05 AM - System Checkpoint
    RP703: 1/13/2013 1:21:31 PM - System Checkpoint
    RP704: 1/13/2013 6:25:56 PM - Installed Java 7 Update 11
    RP705: 1/13/2013 7:39:29 PM - Installed Microsoft Fix it 50043
    RP706: 1/14/2013 7:20:06 PM - Removed Java 7 Update 7
    RP707: 1/14/2013 7:36:48 PM - Installed Java(TM) 6 Update 38
    .
    ==== Installed Programs ======================
    .
    Acrobat.com
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe PhotoDeluxe Home Edition 3.0
    Adobe Reader 9
    Adobe Shockwave Player 11.6
    Adobe Type Manager 4.0
    Agere Systems PCI Soft Modem
    AllyCAD 2011 Home Release 11
    America Online (Choose which version to remove)
    AOL Coach Version 1.0(Build:20030807.3)
    AVG 2011
    Belarc Advisor 8.1
    Brilliant Database WorkPlace Engine 51
    Canon MP Navigator EX 3.0
    Canon MP250 series MP Drivers
    Canon MP250 series User Registration
    Compatibility Pack for the 2007 Office system
    Corel Applications
    DesignPro 5.0 Limited Edition
    DraftSight
    FREE Hi-Q Recorder 1.95
    GmailDefaultMaker version 3.0.1.0
    Google Earth
    Google Update Helper
    High Definition Audio Driver Package - KB888111
    HijackThis 1.99.1
    Homespun Collection
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB2779562)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Icon Restore 1.0
    Image Resizer Powertoy for Windows XP
    Intel(R) Graphics Media Accelerator Driver
    Japanese Fonts Support For Adobe Reader 8
    Java Auto Updater
    Java(TM) 6 Update 38
    Learn2 Player (Uninstall Only)
    Malwarebytes Anti-Malware version 1.70.0.1100
    Marvell Miniport Driver
    MediaShow 3.0
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Professional Edition 2003
    Microsoft Office Project Professional 2003
    Microsoft Picture It! Photo 7.0
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Mozilla Firefox 13.0.1 (x86 en-US)
    Mozilla Thunderbird (2.0.0.18)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    PDF4Free 2.0
    Power2Go 4.0
    PowerDVD
    PowerProducer
    PowerStarter
    Print Artist 2003
    QuickTime
    RealPlayer Basic
    Realtek High Definition Audio Driver
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 7 (KB2544521)
    Security Update for Windows Internet Explorer 7 (KB2586448)
    Security Update for Windows Internet Explorer 7 (KB2618444)
    Security Update for Windows Internet Explorer 7 (KB2647516)
    Security Update for Windows Internet Explorer 7 (KB2675157)
    Security Update for Windows Internet Explorer 7 (KB2699988)
    Security Update for Windows Internet Explorer 7 (KB2722913)
    Security Update for Windows Internet Explorer 7 (KB2744842)
    Security Update for Windows Internet Explorer 7 (KB2761465)
    Security Update for Windows Internet Explorer 7 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360131)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2416400)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2482017)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2497640)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2530548)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544521)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2559049)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2586448)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2753842-v2)
    Security Update for Windows XP (KB2753842)
    Security Update for Windows XP (KB2757638)
    Security Update for Windows XP (KB2758857)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB2770660)
    Security Update for Windows XP (KB2779030)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982381)
    Security Update for Windows XP (KB982665)
    SierraAddressBook 3.0
    SnagIt 7
    SnagIt 8
    Spybot - Search & Destroy
    Sun ODF Plugin for Microsoft Office 3.1
    SUPERAntiSpyware
    swMSM
    TRENDnet TEW-421PC or TEW-423PI
    Tweak UI
    UnInstall Icon Restore 1.0
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2492386)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update for Windows XP (KB978207)
    Update for Windows XP (KB980182)
    Viewpoint Media Player
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 7
    Windows Media Format Runtime
    Windows XP Service Pack 3
    Yahoo! Detect
    .
    ==== End Of File ===========================

    GMER 2.0.18444 - http://www.gmer.net
    Rootkit scan 2013-01-14 20:16:10
    Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e WDC_WD2500AAJS-00RYA0 rev.12.01B01 232.89GB
    Running: 8hdkvrpr.exe; Driver: C:\DOCUME~1\owner\LOCALS~1\Temp\pxtdrpow.sys


    ---- System - GMER 2.0 ----

    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xF7800738]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xF78007DC]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xF7800878]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xF7800914]

    ---- Kernel code sections - GMER 2.0 ----

    ? C:\DOCUME~1\owner\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 2.0 ----

    .text C:\Program Files\Mozilla Firefox\firefox.exe[2396] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 0115FA35 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2396] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 014007C5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2396] kernel32.dll!MapViewOfFile 7C80B9A5 5 Bytes JMP 0140079E C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
    .text C:\Program Files\Mozilla Firefox\firefox.exe[2396] GDI32.dll!CreateDIBSection 77F19E19 5 Bytes JMP 01400728 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2628] USER32.dll!SetWindowLongA 7E42C29D 5 Bytes JMP 1066003B C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2628] USER32.dll!SetWindowLongW 7E42C2BB 5 Bytes JMP 1065FFCA C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2628] USER32.dll!GetWindowInfo 7E42C49C 5 Bytes JMP 1043AEF3 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
    .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2628] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 1043B50D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

    ---- Registry - GMER 2.0 ----

    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 15
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 10000
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] yes
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 90
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 10000
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]_DLLs 1

    ---- Disk sectors - GMER 2.0 ----

    Disk \Device\Harddisk0\DR0 malicious Win32:MBRoot code @ sector 488392068
    Disk \Device\Harddisk0\DR0 PE file @ sector 488392090

    ---- EOF - GMER 2.0 ----
     
  2. glass49

    glass49 Thread Starter

    Joined:
    Jun 23, 2005
    Messages:
    47
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Eratic Behavior Sites
  1. Alpha227
    Replies:
    0
    Views:
    226
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1085241

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice