1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Virus

Discussion in 'Virus & Other Malware Removal' started by scoobiee96, Aug 23, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. scoobiee96

    scoobiee96 Thread Starter

    Joined:
    Aug 23, 2011
    Messages:
    1
    I may have a backdoor trojan virus on my desktop. I received an instant message yesterday on Facebook and instead of asking what it was I clicked on it. I have Norton and are unable to open it. It tells me "Enhanced Protection Mode, Attention! Norton Antivirus operates under enhanced protection mode. This is a temporary measure necessary for immediate response to the threat from virus. No action is required from you." Can anyone help me get this fixed? I am running Windows XP. Here are the logs.

    .
    DDS (Ver_2011-06-23.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_25
    Run by Kim at 14:19:27 on 2011-08-23
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1380 [GMT -7:00]
    .
    AV: Norton Security Suite *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    FW: Norton Security Suite *Enabled*
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    C:\WINDOWS\4274775183:1880830977.exe
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\update.7.1\svchostdriver.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\update.5.0\svchost.exe srv
    "C:\WINDOWS\update.5.0\svchost.exe" stand
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\WINDOWS\sysdriver32.exe
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    D:\Program Files\iTunes\iTunesHelper.exe
    "C:\WINDOWS\update.tray-10-0\svchost.exe"
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    "C:\WINDOWS\update.tray-14-0\svchost.exe"
    C:\WINDOWS\systemup.exe
    C:\WINDOWS\l1rezerv.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\update.2\svchost.exe srv
    "C:\WINDOWS\update.2\svchost.exe" stand
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
    uDefault_Page_URL = hxxp://www.msn.com
    mSearch Bar = hxxp://www.mirarsearch.com/?useie5=1&q=
    uInternet Settings,ProxyOverride = *.local
    mSearchAssistant =
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Gamevance: {0ed403e8-470a-4a8a-85a4-d7688cfe39a3} - c:\program files\gamevance\gamevancelib32.dll
    BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - AskBar BHO
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\5.1.0.29\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\5.1.0.29\ips\IPSBHO.DLL
    BHO: WitBHO Class: {75ed56af-4dc9-4243-a30c-4ef4dd0ca28f} - c:\program files\chameleontom\wit4ie.dll
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
    BHO: Gamevance Text: {beac7dc8-e106-4c6a-931e-5a42e7362883} - c:\program files\gamevance\gvtl.dll
    BHO: chameleontom: {d0ce0667-388b-78e6-55cc-08a026664f57} - c:\windows\system32\hed1gc-F.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: {276B1E14-03AA-464C-BEAE-421231A77C11} - No File
    TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} -
    TB: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - No File
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\5.1.0.29\coIEPlg.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    TB: {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
    TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
    mRun: [ehTray] c:\windows\ehome\ehtray.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
    mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    mRun: [SigmatelSysTrayApp] stsystra.exe
    mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd.exe"
    mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe
    mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "d:\program files\itunes\iTunesHelper.exe"
    mRun: [wxpdrv] c:\windows\services32.exe
    mRun: [tray_ico]
    mRun: [tray_ico0] c:\windows\update.tray-10-0\svchost.exe
    mRun: [tray_ico1] c:\windows\update.tray-14-0\svchost.exe
    mRun: [tray_ico2]
    mRun: [tray_ico3]
    mRun: [tray_ico4]
    mRun: [8833644.exe] "c:\windows\temp\8833644.exe"
    mRun: [sysdriver32.exe] "c:\windows\sysdriver32.exe" rezerv
    mRun: [sysdriver32_.exe] "c:\windows\sysdriver32_.exe" rezerv
    mRun: [systemup] "c:\windows\systemup.exe" stand
    mRun: [32402066-loader2.exe] "c:\windows\temp\32402066-loader2.exe"
    mRun: [520933.exe] "c:\windows\temp\520933.exe"
    mRun: [l1rezerv.exe] "c:\windows\l1rezerv.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [9239806.exe] "c:\windows\temp\9239806.exe"
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableSecureUIAPaths = 0 (0x0)
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    LSP: mswsock.dll
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1247001522515
    DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
    DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://employee.bnsf.com/dana-cached/setup/JuniperSetupSP1.cab
    DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{AD861C21-749E-4AB6-B17E-643E49632DB0} : DhcpNameServer = 192.168.1.1
    Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\kim\application data\mozilla\firefox\profiles\5bmvcrsr.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2559647&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxp://my.msn.com/
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z015&form=ZGAADF&q=
    FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\coffplgn\components\coFFPlgn.dll
    FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\ipsffplgn\components\IPSFFPl.dll
    FF - component: c:\documents and settings\kim\application data\mozilla\firefox\profiles\5bmvcrsr.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\kim\application data\mozilla\firefox\profiles\5bmvcrsr.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
    FF - component: c:\documents and settings\kim\application data\mozilla\firefox\profiles\5bmvcrsr.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\kim\application data\mozilla\firefox\profiles\5bmvcrsr.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\components\RadioWMPCore.dll
    FF - plugin: c:\documents and settings\kim\application data\move networks\plugins\npqmp071504000001.dll
    FF - plugin: c:\documents and settings\kim\application data\mozilla\firefox\profiles\5bmvcrsr.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
    FF - plugin: c:\documents and settings\kim\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
    FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: d:\program files\itunes\mozilla plugins\npitunes.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false
    FF - user.js: google.toolbar.linkdoctor.enabled - false
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0501000.01d\symds.sys [2011-6-17 340088]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0501000.01d\symefa.sys [2011-6-17 744568]
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
    R2 ddservice;ddservice;c:\windows\update.7.1\svchostdriver.exe srv --> c:\windows\update.7.1\svchostdriver.exe srv [?]
    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-7-8 54752]
    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    R2 srvbtcclient;srvbtcclient;c:\windows\update.5.0\svchost.exe srv --> c:\windows\update.5.0\svchost.exe srv [?]
    R2 srviecheck;srviecheck;c:\windows\update.2\svchost.exe srv --> c:\windows\update.2\svchost.exe srv [?]
    R2 srvsysdriver32;srvsysdriver32;c:\windows\sysdriver32.exe srv --> c:\windows\sysdriver32.exe srv [?]
    S1 BHDrvx86;BHDrvx86;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20110812.001\bhdrvx86.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20110812.001\BHDrvx86.sys [?]
    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0501000.01d\ironx86.sys [2011-6-17 136312]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-23 136176]
    S2 N360;Norton Security Suite;"c:\program files\norton security suite\engine\5.1.0.29\ccsvchst.exe" /s "n360" /m "c:\program files\norton security suite\engine\5.1.0.29\dimaster.dll" /prefetch:1 --> c:\program files\norton security suite\engine\5.1.0.29\ccSvcHst.exe [?]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-8-10 105592]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-23 136176]
    S3 IDSxpx86;IDSxpx86;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20110819.030\idsxpx86.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20110819.030\IDSxpx86.sys [?]
    S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-7-8 79816]
    S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-7-8 35272]
    S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-7-8 34248]
    S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-7-8 40552]
    S3 NAVENG;NAVENG;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs\20110821.003\naveng.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs\20110821.003\NAVENG.SYS [?]
    S3 NAVEX15;NAVEX15;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs\20110821.003\navex15.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\virusdefs\20110821.003\NAVEX15.SYS [?]
    S3 WlanUIG;2Wire 802.11g USB Driver;c:\windows\system32\drivers\WlanUIG.sys [2009-7-8 347648]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2011-08-22 23:40:49 -------- d--h--w- c:\windows\update.tray-14-0-lnk
    2011-08-22 23:40:49 -------- d--h--w- c:\windows\update.tray-14-0
    2011-08-22 23:38:45 -------- d-----w- c:\program files\Microsoft Security Client
    2011-08-22 23:12:08 -------- d-----w- c:\documents and settings\kim\application data\Malwarebytes
    2011-08-22 23:12:01 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-08-22 23:12:00 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2011-08-22 23:11:57 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-08-22 23:11:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-08-22 19:15:47 -------- d-----w- c:\windows\av_ico
    2011-08-22 18:48:13 235520 ----a-w- c:\windows\l1rezerv.exe
    2011-08-22 18:44:05 -------- d--h--w- c:\windows\update.7.1
    2011-08-22 18:42:46 -------- d--h--w- c:\windows\update.2
    2011-08-22 18:41:26 -------- d-----w- c:\windows\ufa
    2011-08-22 18:41:26 -------- d-----w- c:\windows\rpcminer
    2011-08-22 18:41:26 -------- d-----w- c:\windows\phoenix
    2011-08-22 18:37:59 -------- d--h--w- c:\windows\update.5.0
    2011-08-22 18:36:24 142336 ----a-w- c:\windows\systemup.exe
    2011-08-22 18:25:21 246272 ----a-w- c:\windows\unrar.exe
    2011-08-22 18:24:53 258048 ----a-w- c:\windows\sysdriver32_.exe
    2011-08-22 18:24:39 263680 ----a-w- c:\windows\sysdriver32.exe
    2011-08-22 18:12:44 -------- d--h--w- c:\windows\update.1
    2011-08-22 18:12:34 -------- d--h--w- c:\windows\update.tray-10-0-lnk
    2011-08-22 18:12:34 -------- d--h--w- c:\windows\update.tray-10-0
    2011-08-22 18:01:47 1213440 ----a-w- c:\windows\services32.exe
    2011-08-19 19:28:34 -------- d-----w- c:\documents and settings\kim\application data\Garmin
    2011-08-17 20:05:51 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2011-08-17 20:05:50 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
    2011-08-17 20:05:50 785368 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
    2011-08-17 20:05:50 478168 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
    2011-08-17 20:05:50 1846232 ----a-w- c:\program files\mozilla firefox\mozjs.dll
    2011-08-17 20:05:50 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
    2011-08-17 20:05:49 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
    2011-08-17 20:05:49 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
    2011-08-10 23:14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
    2011-08-10 23:13:58 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
    2011-08-09 05:45:28 -------- d-----w- c:\program files\iPod
    2011-08-09 05:42:31 -------- d-----w- c:\program files\Bonjour
    .
    ==================== Find3M ====================
    .
    2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-07-12 18:20:54 83816 ----a-w- c:\windows\system32\dns-sd.exe
    2011-07-12 18:20:54 73064 ----a-w- c:\windows\system32\dnssd.dll
    2011-07-12 18:20:54 50536 ----a-w- c:\windows\system32\jdns_sd.dll
    2011-07-12 18:20:54 178536 ----a-w- c:\windows\system32\dnssdX.dll
    2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
    2011-07-06 01:37:00 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2011-07-06 01:37:00 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll
    2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-06-23 18:36:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec
    2011-06-22 01:15:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
    2011-06-18 04:41:24 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
    2011-06-18 04:41:24 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
    .
    ============= FINISH: 14:20:18.75 ===============
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-06-23.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 7/7/2009 12:32:57 PM
    System Uptime: 8/23/2011 2:09:41 PM (0 hours ago)
    .
    Motherboard: Dell Inc. | | 0FJ030
    Processor: Intel(R) Pentium(R) D CPU 2.80GHz | Microprocessor | 2793/800mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 49 GiB total, 13.175 GiB free.
    D: is FIXED (NTFS) - 100 GiB total, 45.295 GiB free.
    E: is CDROM ()
    F: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP786: 8/22/2011 11:51:43 AM - System Checkpoint
    RP787: 8/23/2011 12:37:04 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    1300
    1300_Help
    1300Tour
    1300Trb
    Actiontec Gateway
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 8.3.0
    Adobe Shockwave Player 11.5
    AiO_Scan
    AIOMinimal
    AiOSoftware
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Bonjour
    CO_GMU
    Critical Update for Windows Media Player 11 (KB959772)
    Dell Driver Download Manager
    Dell Resource CD
    Fax
    Google Update Helper
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB954708)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP PSC & OfficeJet 3.5
    HP Software Update
    HP Unload DLL Patch
    Intel Matrix Storage Manager
    Intel(R) PRO Network Connections Drivers
    iTunes
    Java Auto Updater
    Java DB 10.6.2.1
    Java(TM) 6 Update 25
    Juniper Networks Cache Cleaner 6.1.0
    Juniper Networks Host Checker
    Juniper Networks Setup Client Activex Control
    Juniper Networks, Inc. Setup Client
    Junk Mail filter update
    LoudMo Contextual Ad Assistant
    Malwarebytes' Anti-Malware version 1.51.1.1800
    MathPlayer
    Memories Disc Creator 2.0
    Microsoft .NET Framework 1.0 Hotfix (KB953295)
    Microsoft .NET Framework 1.0 Hotfix (KB979904)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Antimalware
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Office 2000 Disc 2
    Microsoft Office 2000 Premium
    Microsoft Picture It! Express 7.0
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft UI Engine
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 8.0 Support DLLs
    Microsoft Web Publishing Wizard 1.52
    Mirar
    MobileMe Control Panel
    Move Media Player
    Mozilla Firefox 6.0 (x86 en-US)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Norton Security Suite
    NVIDIA Drivers
    Octoshape add-in for Adobe Flash Player
    Otto
    overland
    Palringo
    Photo Organizer
    PrintScreen
    QuickConnect
    QuickTime
    Qwest eChat Support Tools
    Readme
    Safari
    Scan
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2497640)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969897)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Segoe UI
    SigmaTel Audio
    Sonic Encoders
    Steam
    System Requirements Lab
    Unity Web Player
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB971930)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    WebFldrs XP
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Windows Media Format 11 runtime
    Windows Media Player Firefox Plugin
    Windows XP Media Center Edition 2005 KB2502898
    Windows XP Media Center Edition 2005 KB925766
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    WLTB Custom Buttons
    WordPerfect Office 12
    .
    ==== Event Viewer Messages From Past Week ========
    .
    8/23/2011 7:05:40 AM, error: Srv [2019] - The server was unable to allocate from the system nonpaged pool because the pool was empty.
    8/23/2011 2:10:09 PM, error: Microsoft Antimalware [5101] - Microsoft Antimalware grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled. Expiration Reason: Windows Activation Technologies genuine validation failed Expiration Date (UTC): 8/23/2011 9:10:09 PM Error Code: 0x80092003 Error Description: An error occurred while reading or writing to a file.
    8/22/2011 8:35:16 PM, error: Microsoft Antimalware [5101] - Microsoft Antimalware grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled. Expiration Reason: Windows Activation Technologies genuine validation failed Expiration Date (UTC): 8/23/2011 3:35:16 AM Error Code: 0x80092003 Error Description: An error occurred while reading or writing to a file.
    8/22/2011 5:03:47 PM, error: Microsoft Antimalware [5101] - Microsoft Antimalware grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled. Expiration Reason: Windows Activation Technologies genuine validation failed Expiration Date (UTC): 8/23/2011 12:03:47 AM Error Code: 0x80092003 Error Description: An error occurred while reading or writing to a file.
    8/22/2011 5:01:34 PM, error: Microsoft Antimalware [5101] - Microsoft Antimalware grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled. Expiration Reason: Windows Activation Technologies genuine validation failed Expiration Date (UTC): 8/23/2011 12:01:34 AM Error Code: 0x80092003 Error Description: An error occurred while reading or writing to a file.
    8/22/2011 4:59:58 PM, error: Microsoft Antimalware [5101] - Microsoft Antimalware grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled. Expiration Reason: Windows Activation Technologies genuine validation failed Expiration Date (UTC): 8/22/2011 11:59:58 PM Error Code: 0x80092003 Error Description: An error occurred while reading or writing to a file.
    8/22/2011 4:42:42 PM, error: Service Control Manager [7023] - The Microsoft Antimalware Service service terminated with the following error: %%2147949456
    8/22/2011 4:42:19 PM, error: Microsoft Antimalware [5101] - Microsoft Antimalware grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled. Expiration Reason: Windows Activation Technologies genuine validation failed Expiration Date (UTC): 8/22/2011 11:42:19 PM Error Code: 0x80092003 Error Description: An error occurred while reading or writing to a file.
    8/22/2011 4:27:36 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 eeCtrl Fips intelppm SRTSP SRTSPX SymIRON SYMTDI
    8/22/2011 3:51:53 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 SRTSP SymIRON
    8/22/2011 3:51:48 PM, error: SRTSP [5] - Error loading Symantec real time Anti-Virus driver.
    8/22/2011 3:51:48 PM, error: SRTSP [4] - Error loading virus definitions.
    8/22/2011 3:51:48 PM, error: Service Control Manager [7000] - The Norton Security Suite service failed to start due to the following error: The system cannot find the path specified.
    8/22/2011 3:50:42 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    8/22/2011 3:50:28 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    8/22/2011 3:49:40 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    8/22/2011 3:38:15 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
    8/22/2011 3:24:53 PM, error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
    8/22/2011 12:13:23 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'redbook.sys' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
    8/22/2011 11:14:02 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SRTSP SRTSPX SymIRON SYMTDI Tcpip
    8/22/2011 11:14:02 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
    8/22/2011 11:14:02 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    8/22/2011 11:14:02 AM, error: Service Control Manager [7001] - The fssfltr service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    8/22/2011 11:14:02 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    8/22/2011 11:14:02 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    8/22/2011 11:14:02 AM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    8/22/2011 11:14:02 AM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    .
    ==== End Of File ===========================
     
  2. km2357

    km2357 Malware Specialist

    Joined:
    Aug 9, 2007
    Messages:
    686
    Hello and welcome to Tech Support Guy.

    My name is km2357 and I will be helping you to remove any infection(s) that you may have.

    I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

    If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.

    Please do not start another thread or topic, I will assist you at this thread until we solve your problems.

    Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.

    Sorry for the delay in replying, the forum is very busy. If you still need help, please do the following:



    Step # 1 Download and run DDS

    Download DDS and save it to your desktop from here or here or here
    Disable any script blocker, and then double click dds.scr to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop. Post them back to your topic.


    Step # 2: Download and Run Gmer

    Please download gmer.zip from Gmer and save it to your desktop.

    ***Please close any open programs ***

    Double-click gmer.exe. The program will begin to run.

    **Caution**
    These types of scans can produce false positives. Do NOT take any action on any "<--- ROOTKIT" entries unless advised by a trained Security Analyst


    If possible rootkit activity is found, you will be asked if you would like to perform a full scan. Click No.

    If you do not receive notice about possible rootkit activity remain on the Rootkit/Malware tab & make sure that the 'Sections' button is ticked and the 'Show All' button is unticked.
    • Click the Scan button and let the program do its work. GMER will produce a log.
    • Once the scan is complete, you may receive another notice about rootkit activity.
    • Click OK.
    • GMER will produce a log. Click on the Save button, and save the log as gmer.txt somewhere you can easily find it, such as your desktop.

    DO NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !

    Please post the results from the GMER scan in your reply.


    In your next post/reply, I need to see the following:

    1. The two DDS Logs (DDS and Attach.txt)
    2. The GMER Log

    Use multiple posts if you can't fit everything into one post.
     
  3. km2357

    km2357 Malware Specialist

    Joined:
    Aug 9, 2007
    Messages:
    686
    scoobiee96? Do you still need help?
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1014021