1.

Solve : hijacked DNS server..please help?

Answer»

I have the the scan from SUPERantispyware..I will post the results here..

Adware.Tracking Cookie
C:\Documents and Settings\Mr. and Mrs. Brown\Cookies\mr. and mrs. [emailprotected][1].txt
C:\Documents and Settings\Mr. and Mrs. Brown\Cookies\mr. and mrs. [emailprotected][1].txt
C:\Documents and Settings\Mr. and Mrs. Brown\Cookies\mr. and mrs. [emailprotected][1].txt
C:\Documents and Settings\Mr. and Mrs. Brown\Cookies\mr. and mrs. [emailprotected][1].txt
C:\Documents and Settings\Mr. and Mrs. Brown\Cookies\mr. and mrs. [emailprotected][1].txt
C:\Documents and Settings\Mr. and Mrs. Brown\Cookies\mr. and mrs. [emailprotected][1].txt
C:\Documents and Settings\Mr. and Mrs. Brown\Cookies\mr. and mrs. [emailprotected][1].txt

Trojan.DNS-Changer (Hi-Jacked DNS)
HKLM\SYSTEM\CONTROLSET002\SERVICES\TCPIP\PARAMETERS\INTERFACES\{01B9EC96-33F3-4402-9356-CD8F26129333} (NAMESERVER - 85.255.112.85,85.225.112.180)
HKLM\SYSTEM\CONTROLSET002\SERVICES\TCPIP\PARAMETERS\INTERFACES\{6AA2E2ED-535D-46E2-8FC3-734E236E4254
} (NAMESERVER - 85.255.112.85,85.225.112.180)
HKLM\SYSTEM\CONTROLSET003\SERVICES\TCPIP\PARAMETERS\INTERFACES\{01B9EC96-33F3-4402-9356-CD8F26129333} (NAMESERVER - 85.255.112.85,85.225.112.180)
HKLM\SYSTEM\CONTROLSET003\SERVICES\TCPIP\PARAMETERS\INTERFACES\{6AA2E2ED-535D-46E2-8FC3-734E236E4254
} (NAMESERVER - 85.255.112.85,85.225.112.180)


I quarantined these items, and now I have the option to remove them from my computer. I think I should, but need to make sure, thank you.

Also, here is a hijackthis log I made :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:16 AM, on 7/2/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\mdmcls32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SUPERAntiSpyware\b238f0d7-906d-4d14-acd0-35598b5dd481.exe
C:\Program Files\Trend Micro\HijackThis\sniper.exe.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071221
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (file missing)
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.85,85.255.112.180
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.112.85,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.85,85.255.112.180
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DellAMBrokerService - Unknown owner - C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WinSock Extention Manager - Unknown owner - C:\WINDOWS\system32\mdmcls32.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8041 bytes



Also, i forgot to add an important issue that I have been having. Every time I boot up my computer, the Data Execution Prevention box comes up saying..

To help protect your computer, Windows has closed this program.

Name: Userinit Logon Application

Publisher: Microsoft Corporation

So I click Close Message.. and then it tells me that Userinit Logon Application has encountered a problem and needs to close.

I don't even know what 'Userinit Logon Application' is.
Please Help!Download DDS from |HERE| or |HERE| or |HERE| and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.

1) DDS.txt
2) Attach.txt

* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply.

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.Here is the DDS file:


DDS (Ver_09-06-26.01) - NTFSx86 MINIMAL
Run by T Brown at 11:18:05.92 on Wed 07/08/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1022.772 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
F:\dds.pif

============== PSEUDO HJT Report ===============

uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3071221
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} -
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} -
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - AIM Toolbar Loader
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} -
uRun: [Aim6]
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
IE: &AIM Toolbar Search - c:\documents and settings\all users\application data\aim toolbar\ietoolbar\resources\en-us\local\search.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326}
LSP: winsflt.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - c:\windows\wc98pp.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\tbrown~1\applic~1\mozilla\firefox\profiles\ih8nvsnl.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www10.yoog.com/search.php?q=
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\scenecaster\version 3.11.16\NPSceneCaster.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www10.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true

============= SERVICES / DRIVERS ===============

R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-7-7 611664]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-30 325896]
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-12-27 27784]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-12-22 8944]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-12-22 55024]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-12-30 298776]
S2 datunidr;DellAutomatedPCTuneUp UniDriver;c:\windows\system32\drivers\datunidr.sys [2007-8-23 5376]
S2 Maxtor Sync Service;Maxtor Service;c:\program files\maxtor\sync\SyncServices.exe [2007-7-13 156976]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-12-28 24652]
S2 WinSock Extention Manager;WinSock Extention Manager;c:\windows\system32\mdmcls32.exe [2009-1-6 1032192]
S3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\system32\drivers\OEM02Dev.sys [2007-12-20 235520]
S3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\system32\drivers\OEM02Vfx.sys [2007-12-20 7424]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-12-22 7408]
UnknownUnknown RTLWUSB;RTLWUSB;



=============== Created Last 30 ================

2009-07-08 10:27--d-----c:\program files\Registry Winner
2009-07-05 20:5842,496a-------c:\windows\ld12.exe
2009-07-05 20:58154a-------c:\windows\567788.bat
2009-07-02 12:56-cd-----c:\docume~1\alluse~1\applic~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-06-30 14:11--dsh---c:\documents and settings\t brown\IECompatCache
2009-06-30 10:230a-------c:\windows\system32\19.tmp
2009-06-30 10:23360,320a-------c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-06-22 13:47--d-----c:\program files\BitLord
2009-06-18 23:38--d-----c:\program files\iPod
2009-06-18 23:38--d-----c:\program files\iTunes
2009-06-10 23:07--dsh---C:\Diskeeper
2009-06-10 21:28--d-----c:\program files\common files\Diskeeper Corporation
2009-06-10 21:28--d-----c:\docume~1\alluse~1\applic~1\Diskeeper Corporation
2009-06-10 21:27--d-----c:\program files\Diskeeper Corporation
2009-06-10 19:151,985,024--------c:\windows\system32\dllcache\iertutil.dll
2009-06-10 19:15246,272--------c:\windows\system32\dllcache\ieproxy.dll
2009-06-10 19:1512,800--------c:\windows\system32\dllcache\xpshims.dll
2009-06-10 19:1511,064,832--------c:\windows\system32\dllcache\ieframe.dll
2009-06-10 10:46--d-----c:\windows\Logs
2009-06-10 10:073,426,072a-------c:\windows\system32\d3dx9_32.dll
2009-06-10 10:07251,672a-------c:\windows\system32\xactengine2_5.dll
2009-06-10 10:07237,848a-------c:\windows\system32\xactengine2_4.dll
2009-06-10 10:0715,128a-------c:\windows\system32\x3daudio1_1.dll
2009-06-10 10:072,414,360a-------c:\windows\system32\d3dx9_31.dll
2009-06-10 10:07236,824a-------c:\windows\system32\xactengine2_3.dll
2009-06-10 10:0762,744a-------c:\windows\system32\xinput1_2.dll
2009-06-10 10:062,297,552a-------c:\windows\system32\d3dx9_26.dll

==================== Find3M ====================

2009-07-05 20:58360,320a-------c:\windows\system32\drivers\TCPIP.SYS
2009-07-05 20:58360,320a-------c:\windows\system32\dllcache\TCPIP.SYS
2009-06-30 13:4167,190a-------c:\windows\system32\nvModes.dat
2009-06-05 11:422,060,288a-------c:\windows\system32\usbaaplrc.dll
2009-06-05 11:4239,424a-------c:\windows\system32\drivers\usbaapl.sys
2009-05-25 09:5751,712a-------c:\windows\wc98pp.dll
2009-05-13 01:155,936,128a-------c:\windows\system32\dllcache\mshtml.dll
2009-05-13 01:15915,456a-------c:\windows\system32\wininet.dll
2009-05-13 01:15915,456a-------c:\windows\system32\dllcache\wininet.dll
2009-05-12 01:11102,912--------c:\windows\system32\dllcache\iecompat.dll
2009-05-11 19:3011,952a-------c:\windows\system32\avgrsstx.dll
2009-05-11 19:30325,896a-------c:\windows\system32\drivers\avgldx86.sys
2009-05-07 11:44344,064a-------c:\windows\system32\localspl.dll
2009-05-07 11:44344,064--------c:\windows\system32\dllcache\localspl.dll
2009-04-30 17:221,207,808a-------c:\windows\system32\dllcache\urlmon.dll
2009-04-30 17:2225,600a-------c:\windows\system32\dllcache\jsproxy.dll
2009-04-30 17:22385,536--------c:\windows\system32\dllcache\iedkcs32.dll
2009-04-30 07:21173,056--------c:\windows\system32\dllcache\ie4uinit.exe
2009-04-17 05:581,846,656a-------c:\windows\system32\win32k.sys
2009-04-17 05:581,846,656--------c:\windows\system32\dllcache\win32k.sys
2009-04-15 11:11584,192a-------c:\windows\system32\rpcrt4.dll
2009-04-15 11:11584,192--------c:\windows\system32\dllcache\rpcrt4.dll
2009-02-20 13:30208ac------c:\docume~1\tbrown~1\applic~1\wklnhst.dat
2008-12-31 13:4247,360ac------c:\docume~1\tbrown~1\applic~1\pcouffin.sys
1997-05-16 08:5232,528ac------c:\documents and settings\t brown\OLEPRO32.DLL
1997-05-16 08:52271,632ac------c:\documents and settings\t brown\MSVCRT.DLL
1997-05-16 08:52939,792a-------c:\documents and settings\t brown\MFC42U.DLL
1997-05-16 08:52941,840a-------c:\documents and settings\t brown\MFC42.DLL
1997-05-16 08:52352,016a-------c:\documents and settings\t brown\MSPAINT.EXE
2007-12-20 22:3476-c-shr--c:\windows\CT4CET.bin
2008-01-02 23:1410,240ac-sh---c:\windows\rnapxs\rnapxs.dat

============= FINISH: 11:19:48.50 ===============


and here is the attachment:


DDS (Ver_09-06-26.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 12/27/2007 11:33:22 AM
System Uptime: 7/8/2009 10:19:56 AM (1 hours ago)

Motherboard: Dell Inc. | |
Processor: Intel(R) Core(TM)2 Duo CPU T5270 @ 1.40GHz | Microprocessor | 1396/200mhz
Processor: Intel(R) Core(TM)2 Duo CPU T5270 @ 1.40GHz | Microprocessor | 1396/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 146 GiB total, 75.36 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP382: 6/30/2009 10:22:59 AM - Installed Java(TM) 6 Update 13
RP383: 6/30/2009 10:23:03 AM - System Checkpoint
RP384: 6/30/2009 10:23:10 AM - System Checkpoint
RP385: 6/30/2009 10:23:14 AM - System Checkpoint
RP386: 6/30/2009 10:23:17 AM - System Checkpoint
RP387: 6/30/2009 10:23:20 AM - System Checkpoint
RP388: 6/30/2009 10:23:25 AM - System Checkpoint
RP389: 6/30/2009 10:23:27 AM - System Checkpoint
RP390: 6/30/2009 10:23:28 AM - System Checkpoint
RP391: 6/30/2009 10:23:28 AM - System Checkpoint
RP392: 6/30/2009 10:23:30 AM - System Checkpoint
RP393: 6/30/2009 10:23:34 AM - System Checkpoint
RP394: 6/30/2009 10:23:34 AM - System Checkpoint
RP395: 6/30/2009 10:23:35 AM - Software Distribution Service 3.0
RP396: 6/30/2009 10:23:35 AM - Avg8 Update
RP397: 6/30/2009 10:23:36 AM - System Checkpoint
RP398: 6/30/2009 10:23:37 AM - System Checkpoint
RP399: 6/30/2009 10:23:37 AM - System Checkpoint
RP400: 4/20/2009 11:59:49 PM - System Checkpoint
RP401: 4/22/2009 12:52:09 AM - System Checkpoint
RP402: 4/23/2009 1:43:40 AM - System Checkpoint
RP403: 4/24/2009 2:26:31 AM - System Checkpoint
RP404: 4/25/2009 2:36:05 AM - System Checkpoint
RP405: 4/26/2009 10:49:42 AM - System Checkpoint
RP406: 4/27/2009 5:25:29 PM - System Checkpoint
RP407: 4/28/2009 7:40:59 PM - System Checkpoint
RP408: 4/29/2009 9:42:56 PM - System Checkpoint
RP409: 4/30/2009 11:08:56 PM - System Checkpoint
RP410: 5/1/2009 11:21:36 PM - System Checkpoint
RP411: 5/2/2009 11:33:57 PM - System Checkpoint
RP412: 5/3/2009 11:47:16 PM - System Checkpoint
RP413: 5/5/2009 12:32:42 AM - System Checkpoint
RP414: 5/6/2009 1:32:58 AM - System Checkpoint
RP415: 5/7/2009 2:13:03 AM - System Checkpoint
RP416: 5/8/2009 2:41:42 AM - System Checkpoint
RP417: 5/9/2009 3:39:53 AM - System Checkpoint
RP418: 5/10/2009 6:21:40 PM - System Checkpoint
RP419: 5/11/2009 7:29:17 PM - Avg8 Update
RP420: 5/11/2009 7:31:07 PM - Avg8 Update
RP421: 5/12/2009 11:05:52 PM - System Checkpoint
RP422: 5/13/2009 7:01:13 AM - Software Distribution Service 3.0
RP423: 5/14/2009 7:27:47 AM - System Checkpoint
RP424: 5/15/2009 5:26:26 PM - Avg8 Update
RP425: 5/17/2009 3:17:09 PM - System Checkpoint
RP426: 5/18/2009 5:10:12 PM - Avg8 Update
RP427: 5/18/2009 5:12:09 PM - Avg8 Update
RP428: 5/20/2009 12:01:34 AM - System Checkpoint
RP429: 5/21/2009 12:14:34 AM - System Checkpoint
RP430: 5/21/2009 9:49:14 AM - Installed Windows Media Format Runtime
RP431: 5/22/2009 11:15:01 AM - Software Distribution Service 3.0
RP432: 5/23/2009 11:15:34 AM - System Checkpoint
RP433: 5/24/2009 11:40:20 AM - System Checkpoint
RP434: 5/26/2009 7:59:08 PM - Removed LightScribe System Software 1.10.19.1.
RP435: 5/26/2009 8:00:32 PM - Removed LightScribe System Software 1.10.19.1.
RP436: 5/27/2009 8:44:58 PM - System Checkpoint
RP437: 5/28/2009 10:07:23 PM - Software Distribution Service 3.0
RP438: 5/29/2009 10:54:25 PM - System Checkpoint
RP439: 5/31/2009 9:51:52 PM - System Checkpoint
RP440: 6/2/2009 12:30:03 AM - System Checkpoint
RP441: 6/3/2009 12:42:22 AM - System Checkpoint
RP442: 6/4/2009 1:33:18 AM - System Checkpoint
RP443: 6/5/2009 2:38:38 AM - System Checkpoint
RP444: 6/6/2009 3:19:02 AM - System Checkpoint
RP445: 6/6/2009 9:21:52 AM - Installed Audiosurf.
RP446: 6/7/2009 11:41:16 PM - System Checkpoint
RP447: 6/8/2009 11:46:32 PM - System Checkpoint
RP448: 6/9/2009 11:48:30 PM - System Checkpoint
RP449: 6/10/2009 10:06:43 AM - Installed DirectX
RP450: 6/10/2009 9:27:52 PM - Installed Diskeeper 2009 Pro Premier.
RP451: 6/10/2009 9:43:15 PM - Software Distribution Service 3.0
RP452: 6/12/2009 1:13:36 AM - System Checkpoint
RP453: 6/13/2009 1:22:58 AM - System Checkpoint
RP454: 6/14/2009 2:23:10 AM - System Checkpoint
RP455: 6/15/2009 2:57:18 PM - System Checkpoint
RP456: 6/16/2009 3:21:45 PM - System Checkpoint
RP457: 6/17/2009 3:58:22 PM - System Checkpoint
RP458: 6/19/2009 1:12:16 AM - System Checkpoint
RP459: 6/21/2009 4:34:39 PM - System Checkpoint
RP460: 6/22/2009 5:33:43 PM - System Checkpoint
RP461: 6/23/2009 9:45:40 AM - Avg8 Update
RP462: 6/24/2009 9:51:06 AM - System Checkpoint
RP463: 6/25/2009 11:57:53 AM - System Checkpoint
RP464: 6/26/2009 12:18:36 PM - System Checkpoint

==== Installed Programs ======================

µTorrent
AC3Filter (remove only)
Ad-Aware
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe LINGUISTICS CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 8.1.5
Adobe Setup
Adobe Shockwave Player
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced Audio FX Engine
Advanced Video FX Engine
AIM 6
AltoMP3 Gold 5.20
Apple Mobile Device Support
Apple Software Update
Audiosurf
AVG Free 8.5
AVS DVD Copy version 1.3
Bonjour
Broadcom Management Programs
Browser Address Error Redirector
CCleaner (remove only)
Conexant HDA D330 MDC V.92 Modem
ConvertXtoDVD 2.2.3.258
COWON Media Center - jetAudio Basic
Critical Update for Windows Media Player 11 (KB959772)
Dell Automated PC TuneUp
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card Utility
Digital Line Detect
Diskeeper 2009 Pro Premier
Download Updater (AOL LLC)
eMusic Download Manager 3.0
GOM Player
Guitar Hero III
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
IntelliSonic Speech Enhancement
InterVideo Disc Master 2.5
InterVideo DVDCopy 2
InterVideo PhotoAlbum
InterVideo WinDVD
InterVideo WinDVD Creator 2
IrfanView (remove only)
iTunes
Java(TM) 6 Update 13
Laptop Integrated Webcam Driver (1.03.02.0719)
LimeWire 5.1.2
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Magic Video Converter Trial Version (English) 8.0.2.18
Malwarebytes' Anti-Malware
Maxtor Manager
MediaMonkey 3.0
Memeo AutoSync
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 5.5
Microsoft Office 97, Professional Edition
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XML Parser
MobileMe Control Panel
Mozilla Firefox (3.0.11)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
NavNet
Nero 8 Essentials
neroxml
NVIDIA Drivers
PCFriendly
PDF Settings
PeerGuardian 2.0
PowerISO
PureSight PC
QuickSet
QuickTime
Registry Winner 5.2
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Safari
SceneCaster
SearchAssist
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Skype™ 4.0
Sonic Activation Module
Sony ACID Music Studio 7.0
SUPERAntiSpyware Free Edition
Uniblue DriverScanner 2009
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB936357)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
VCRedistSetup
Viewpoint Media Player
WD Diagnostics
WebFldrs XP
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
WinRAR archiver
Xbox 360 Controller for Windows
Xvid 1.2.1 final uninstall

==== Event Viewer Messages From Past Week ========

7/8/2009 9:55:59 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
7/5/2009 8:28:17 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/5/2009 7:46:51 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 240 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/5/2009 4:46:51 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/5/2009 4:16:51 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/5/2009 4:01:51 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/5/2009 2:26:40 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/5/2009 12:32:17 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/5/2009 12:29:44 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
7/5/2009 12:27:00 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
7/5/2009 12:02:37 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPDRV AvgLdx86 AvgMfx86 Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SCDEmu Tcpip Tcpip6 WS2IFSL
7/5/2009 12:02:37 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
7/5/2009 12:02:37 PM, error: Service Control Manager [7001] - The IPv6 Helper Service service depends on the Microsoft IPv6 Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/5/2009 12:02:37 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/5/2009 12:02:37 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/5/2009 12:02:37 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
7/5/2009 12:02:37 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/5/2009 12:02:37 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/2/2009 6:08:21 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
7/2/2009 6:08:10 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
7/2/2009 6:06:51 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
7/2/2009 5:37:06 PM, error: NetBT [4307] - Initialization failed because the transport refused to open initial Addresses.
7/2/2009 1:04:29 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
7/2/2009 1:03:56 PM, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: The requested service provider could not be loaded or initialized.

==== End Of File ===========================


thank you!

Go to Add or Remove Programs and uninstall:

- Browser Address Error Redirector
- Registry Winner 5.2 <- See here
- SearchAssist
- Viewpoint Media Player

----------

  • Please download LSPFix
  • Run the LSPFix.exe that you have just finished downloading.
  • Check the I know what I'm doing box.
  • In the Keep box you should see one or more instances of winsflt.dll
  • Select every instance of winsflt.dll and move each one to the Remove box by clicking the &GT;> button.
  • If the winsflt.dll file only appears on the right side then just click fix checked and close the program.
  • When you are done click Finish>>
.
Important! Restart the computer.

----------

Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.

Link #1
Link #2

**Note: It is important that it is saved directly to your Desktop

DO NOT run it yet!

Note: the below instructions were created specifically for this user. If you are not this user, DO NOT follow these directions as they could damage the workings of your system

Delete these files/folders, as follows:

1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It MUST be Notepad, not Wordpad.
2. Copy the text in the below code box by highlighting all the text and pressing Ctrl+C

Code: [Select]KillAll::

Driver::
Viewpoint Manager Service

Folder::
c:\program files\viewpoint
c:\program files\Registry Winner

File::
c:\windows\system32\19.tmp

DDS::
uInternet Settings,ProxyOverride = *.local
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u

Firefox::
FF - ProfilePath - c:\docume~1\tbrown~1\applic~1\mozilla\firefox\profiles\ih8nvsnl.default\
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: keyword.URL - hxxp://www10.yoog.com/search.php?q=
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www10.yoog.com/search.php?q=

3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!



ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.

Note: Do not mouseclick ComboFix's window while it is running. That may cause your system to freeze
Due to only being able to access my computer in safe mode, only three of the four programs I was told to uninstall were able to be uninstalled.

The 'Browser Address Error Redirector' was unable to be uninstalled.

Regrettably, I was also unable to run ComboFix due to the safe mode option.

Any other advice would be greatly appreciated, thank you.Do you have a flash drive and another computer to transfer over the programs?

What about Safe Mode With Networking?


Discussion

No Comment Found

Related InterviewSolutions