1.

Solve : Privacy Center malware!!! =/?

Answer»

ComboFix 09-06-26.02 - XP User 06/27/2009 19:01.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.502.227 [GMT -4:00]
Running from: c:\documents and settings\XP User\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.

((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-06-27 )))))))))))))))))))))))))))))))
.

2009-06-27 02:41 . 2009-06-27 02:41--------d-----w-c:\documents and settings\XP User\WINDOWS
2009-06-26 08:25 . 2009-06-26 08:25--------d-----w-c:\documents and settings\LocalService\Application Data\SACore
2009-06-26 02:25 . 2009-06-26 02:25--------d-----w-c:\program files\Windows Doctor
2009-06-26 01:39 . 2009-06-26 01:39--------d-----w-c:\documents and settings\All Users\Application Data\SiteAdvisor
2009-06-26 01:39 . 2009-06-26 01:39--------d-----w-c:\program files\SiteAdvisor
2009-06-26 01:31 . 2009-06-26 01:32--------d-----w-c:\program files\McAfee.com
2009-06-26 01:14 . 2009-06-27 02:39--------dc----w-c:\windows\system32\dllcache\cache
2009-06-25 23:26 . 2009-06-27 22:59--------d-----w-c:\windows\system32\CatRoot2
2009-06-25 22:28 . 2009-05-14 03:2540552----a-w-c:\windows\system32\DRIVERS\mfesmfk.sys
2009-06-25 22:28 . 2009-05-14 03:2579816----a-w-c:\windows\system32\drivers\mfeavfk.sys
2009-06-25 22:28 . 2009-05-14 03:2535272----a-w-c:\windows\system32\drivers\mfebopk.sys
2009-06-25 22:28 . 2009-04-09 18:23120136----a-w-c:\windows\system32\drivers\Mpfp.sys
2009-06-25 22:26 . 2009-06-26 01:32--------d-----w-c:\program files\Common Files\McAfee
2009-06-25 22:25 . 2009-06-26 01:38--------d-----w-c:\program files\McAfee
2009-06-25 22:24 . 2009-05-14 03:2434248----a-w-c:\windows\system32\drivers\mferkdk.sys
2009-06-25 22:21 . 2009-06-26 02:21--------d-----w-c:\documents and settings\All Users\Application Data\McAfee
2009-06-25 22:09 . 2009-06-25 22:09--------d-----w-c:\documents and settings\All Users\Application Data\Geek Squad

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-26 00:03 . 2008-07-13 02:27--------d-----w-c:\documents and settings\XP User\Application Data\LimeWire
2009-06-25 23:51 . 2008-07-13 02:02--------d-----w-c:\program files\Common Files\Symantec Shared
2009-06-25 23:50 . 2008-07-13 02:03--------d-----w-c:\program files\Symantec
2009-06-25 23:50 . 2008-07-13 02:02--------d-----w-c:\documents and settings\All Users\Application Data\Symantec
2009-06-25 23:18 . 2008-08-23 14:53--------d-----w-c:\program files\iTunes
2009-05-14 03:25 . 2008-06-27 10:08214024----a-w-c:\windows\system32\drivers\mfehidk.sys
2009-05-07 15:44 . 2004-08-10 12:00344064----a-w-c:\windows\system32\localspl.dll
2009-04-29 04:56 . 2004-08-10 12:00827392----a-w-c:\windows\system32\wininet.dll
2009-04-29 04:55 . 2004-08-10 12:0078336----a-w-c:\windows\system32\ieencode.dll
2009-04-17 09:58 . 2004-08-10 12:001846656----a-w-c:\windows\system32\win32k.sys
2009-04-15 15:11 . 2004-08-10 12:00584192----a-w-c:\windows\system32\rpcrt4.dll
2009-04-06 04:07 . 2008-07-12 20:4290112----a-w-c:\windows\DUMP62e0.tmp
.

((((((((((((((((((((((((((((( [emailprotected]_02.38.25 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-13 02:41 . 2007-11-30 12:3917272 c:\windows\system32\spmsg.dll
+ 2008-07-13 02:41 . 2008-07-09 07:3817272 c:\windows\system32\spmsg.dll
+ 2004-08-10 12:00 . 2009-04-29 04:5644544 c:\windows\system32\pngfilt.dll
- 2004-08-10 12:00 . 2009-02-20 18:0944544 c:\windows\system32\pngfilt.dll
+ 2004-08-10 12:00 . 2009-06-27 22:5946450 c:\windows\system32\perfc009.dat
- 2004-08-10 12:00 . 2009-06-27 02:3246450 c:\windows\system32\perfc009.dat
- 2007-08-13 22:54 . 2009-02-20 18:0952224 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 22:54 . 2009-04-29 04:5552224 c:\windows\system32\msfeedsbs.dll
+ 2004-08-10 12:00 . 2009-04-29 04:5527648 c:\windows\system32\jsproxy.dll
- 2004-08-10 12:00 . 2009-02-20 18:0927648 c:\windows\system32\jsproxy.dll
+ 2007-08-13 22:39 . 2009-04-28 09:0513824 c:\windows\system32\ieudinit.exe
- 2007-08-13 22:39 . 2009-02-20 10:2013824 c:\windows\system32\ieudinit.exe
- 2004-08-10 12:00 . 2009-02-20 18:0944544 c:\windows\system32\iernonce.dll
+ 2004-08-10 12:00 . 2009-04-29 04:5544544 c:\windows\system32\iernonce.dll
- 2004-08-10 12:00 . 2009-02-20 10:2070656 c:\windows\system32\ie4uinit.exe
+ 2004-08-10 12:00 . 2009-04-28 09:0570656 c:\windows\system32\ie4uinit.exe
+ 2007-08-13 22:36 . 2009-04-29 04:5563488 c:\windows\system32\icardie.dll
- 2007-08-13 22:36 . 2009-02-20 18:0963488 c:\windows\system32\icardie.dll
- 2004-08-10 12:00 . 2009-02-20 18:0944544 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-10 12:00 . 2009-04-29 04:5644544 c:\windows\system32\dllcache\pngfilt.dll
- 2008-07-30 21:22 . 2009-02-20 18:0952224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-07-30 21:22 . 2009-04-29 04:5552224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2004-08-10 12:00 . 2009-02-20 18:0927648 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-10 12:00 . 2009-04-29 04:5527648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-07-30 21:22 . 2009-02-20 10:2013824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-07-30 21:22 . 2009-04-28 09:0513824 c:\windows\system32\dllcache\ieudinit.exe
- 2004-08-10 12:00 . 2009-02-20 18:0944544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-10 12:00 . 2009-04-29 04:5544544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-10 12:00 . 2009-02-20 18:0978336 c:\windows\system32\dllcache\ieencode.dll
+ 2004-08-10 12:00 . 2009-04-29 04:5578336 c:\windows\system32\dllcache\ieencode.dll
- 2004-08-10 12:00 . 2009-02-20 10:2070656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-10 12:00 . 2009-04-28 09:0570656 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-07-30 21:22 . 2009-02-20 18:0963488 c:\windows\system32\dllcache\icardie.dll
+ 2008-07-30 21:22 . 2009-04-29 04:5563488 c:\windows\system32\dllcache\icardie.dll
+ 2009-06-27 02:39 . 2005-06-10 23:5357856 c:\windows\system32\dllcache\cache\spoolsv.exe
- 2009-06-26 02:24 . 2009-06-27 00:3232768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-26 02:24 . 2009-06-27 19:2332768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-26 02:24 . 2009-06-27 19:2316384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-06-26 02:24 . 2009-06-27 00:3216384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-06-26 02:24 . 2009-06-27 00:3232768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-06-26 02:24 . 2009-06-27 19:2332768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-06-27 19:30 . 2009-02-20 18:0944544 c:\windows\ie7updates\KB969897-IE7\pngfilt.dll
+ 2009-06-27 19:31 . 2009-02-20 18:0952224 c:\windows\ie7updates\KB969897-IE7\msfeedsbs.dll
+ 2009-06-27 19:31 . 2009-02-20 18:0927648 c:\windows\ie7updates\KB969897-IE7\jsproxy.dll
+ 2009-06-27 19:31 . 2009-02-20 10:2013824 c:\windows\ie7updates\KB969897-IE7\ieudinit.exe
+ 2009-06-27 19:31 . 2009-02-20 18:0944544 c:\windows\ie7updates\KB969897-IE7\iernonce.dll
+ 2009-06-27 19:31 . 2009-02-20 18:0978336 c:\windows\ie7updates\KB969897-IE7\ieencode.dll
+ 2009-06-27 19:31 . 2009-02-20 10:2070656 c:\windows\ie7updates\KB969897-IE7\ie4uinit.exe
+ 2009-06-27 19:31 . 2009-02-20 18:0963488 c:\windows\ie7updates\KB969897-IE7\icardie.dll
- 2006-10-16 10:21 . 2008-04-17 10:37351744 c:\windows\system32\xpsp3res.dll
+ 2006-10-16 10:21 . 2009-04-15 09:24351744 c:\windows\system32\xpsp3res.dll
- 2004-08-10 12:00 . 2009-02-20 18:09233472 c:\windows\system32\webcheck.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56233472 c:\windows\system32\webcheck.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56105984 c:\windows\system32\url.dll
- 2004-08-10 12:00 . 2009-02-20 18:09105984 c:\windows\system32\url.dll
- 2004-08-10 12:00 . 2009-06-27 02:32366876 c:\windows\system32\perfh009.dat
+ 2004-08-10 12:00 . 2009-06-27 22:59366876 c:\windows\system32\perfh009.dat
- 2004-08-10 12:00 . 2009-02-20 18:09102912 c:\windows\system32\occache.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56102912 c:\windows\system32\occache.dll
- 2004-08-10 12:00 . 2009-02-20 18:09671232 c:\windows\system32\mstime.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56671232 c:\windows\system32\mstime.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56193024 c:\windows\system32\msrating.dll
- 2004-08-10 12:00 . 2009-02-20 18:09193024 c:\windows\system32\msrating.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56477696 c:\windows\system32\mshtmled.dll
- 2004-08-10 12:00 . 2009-02-20 18:09477696 c:\windows\system32\mshtmled.dll
- 2007-08-13 22:54 . 2009-02-20 18:09459264 c:\windows\system32\msfeeds.dll
+ 2007-08-13 22:54 . 2009-04-29 04:55459264 c:\windows\system32\msfeeds.dll
- 2007-08-13 22:34 . 2009-02-20 18:09268288 c:\windows\system32\iertutil.dll
+ 2007-08-13 22:34 . 2009-04-29 04:55268288 c:\windows\system32\iertutil.dll
- 2004-08-10 12:00 . 2009-02-20 18:09385024 c:\windows\system32\iedkcs32.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55385024 c:\windows\system32\iedkcs32.dll
- 2007-07-11 16:27 . 2009-02-20 18:09383488 c:\windows\system32\ieapfltr.dll
+ 2007-07-11 16:27 . 2009-04-29 04:55383488 c:\windows\system32\ieapfltr.dll
- 2004-08-10 12:00 . 2009-02-20 05:14161792 c:\windows\system32\ieakui.dll
+ 2004-08-10 12:00 . 2009-04-25 05:26161792 c:\windows\system32\ieakui.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55230400 c:\windows\system32\ieaksie.dll
- 2004-08-10 12:00 . 2009-02-20 18:09230400 c:\windows\system32\ieaksie.dll
- 2004-08-10 12:00 . 2009-02-20 18:09153088 c:\windows\system32\ieakeng.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55153088 c:\windows\system32\ieakeng.dll
- 2008-07-12 20:51 . 2009-04-04 21:25112584 c:\windows\system32\FNTCACHE.DAT
+ 2008-07-12 20:51 . 2009-06-27 19:51112584 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-10 12:00 . 2009-04-29 04:55133120 c:\windows\system32\extmgr.dll
- 2004-08-10 12:00 . 2009-02-20 18:09133120 c:\windows\system32\extmgr.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55214528 c:\windows\system32\dxtrans.dll
- 2004-08-10 12:00 . 2009-02-20 18:09214528 c:\windows\system32\dxtrans.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55347136 c:\windows\system32\dxtmsft.dll
- 2004-08-10 12:00 . 2009-02-20 18:09347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56827392 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56233472 c:\windows\system32\dllcache\webcheck.dll
- 2004-08-10 12:00 . 2009-02-20 18:09233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56105984 c:\windows\system32\dllcache\url.dll
- 2004-08-10 12:00 . 2009-02-20 18:09105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-10 12:00 . 2009-04-15 15:11584192 c:\windows\system32\dllcache\rpcrt4.dll
- 2004-08-10 12:00 . 2007-07-09 13:09584192 c:\windows\system32\dllcache\rpcrt4.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56102912 c:\windows\system32\dllcache\occache.dll
- 2004-08-10 12:00 . 2009-02-20 18:09102912 c:\windows\system32\dllcache\occache.dll
- 2004-08-10 12:00 . 2009-02-20 18:09671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56671232 c:\windows\system32\dllcache\mstime.dll
- 2004-08-10 12:00 . 2009-02-20 18:09193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-10 12:00 . 2009-04-29 04:56477696 c:\windows\system32\dllcache\mshtmled.dll
- 2004-08-10 12:00 . 2009-02-20 18:09477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-07-30 21:22 . 2009-04-29 04:55459264 c:\windows\system32\dllcache\msfeeds.dll
- 2008-07-30 21:22 . 2009-02-20 18:09459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2004-08-10 12:00 . 2009-05-07 15:44344064 c:\windows\system32\dllcache\localspl.dll
+ 2008-07-13 01:24 . 2009-04-25 05:27636088 c:\windows\system32\dllcache\iexplore.exe
+ 2008-07-30 21:22 . 2009-04-29 04:55268288 c:\windows\system32\dllcache\iertutil.dll
- 2008-07-30 21:22 . 2009-02-20 18:09268288 c:\windows\system32\dllcache\iertutil.dll
- 2004-08-10 12:00 . 2009-02-20 18:09385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2008-07-30 21:22 . 2009-02-20 18:09383488 c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-07-30 21:22 . 2009-04-29 04:55383488 c:\windows\system32\dllcache\ieapfltr.dll
- 2004-08-10 12:00 . 2009-02-20 05:14161792 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-10 12:00 . 2009-04-25 05:26161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-10 12:00 . 2009-02-20 18:09230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55230400 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-10 12:00 . 2009-02-20 18:09153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-10 12:00 . 2009-02-20 18:09133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55133120 c:\windows\system32\dllcache\extmgr.dll
- 2004-08-10 12:00 . 2009-02-20 18:09214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55214528 c:\windows\system32\dllcache\dxtrans.dll
- 2004-08-10 12:00 . 2009-02-20 18:09347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2009-06-27 02:39 . 2008-04-14 00:12507904 c:\windows\system32\dllcache\cache\winlogon.exe
+ 2009-06-27 02:39 . 2007-03-08 15:36577536 c:\windows\system32\dllcache\cache\user32.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55124928 c:\windows\system32\dllcache\advpack.dll
- 2004-08-10 12:00 . 2009-02-20 18:09124928 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-10 12:00 . 2009-04-29 04:55124928 c:\windows\system32\advpack.dll
- 2004-08-10 12:00 . 2009-02-20 18:09124928 c:\windows\system32\advpack.dll
+ 2009-06-27 19:30 . 2009-03-03 00:18826368 c:\windows\ie7updates\KB969897-IE7\wininet.dll
+ 2009-06-27 19:30 . 2009-02-20 18:09233472 c:\windows\ie7updates\KB969897-IE7\webcheck.dll
+ 2009-06-27 19:30 . 2009-02-20 18:09105984 c:\windows\ie7updates\KB969897-IE7\url.dll
+ 2009-06-27 19:31 . 2008-07-09 07:38382840 c:\windows\ie7updates\KB969897-IE7\spuninst\updspapi.dll
+ 2009-06-27 19:31 . 2008-07-09 07:38231288 c:\windows\ie7updates\KB969897-IE7\spuninst\spuninst.exe
+ 2009-06-27 19:30 . 2009-02-20 18:09102912 c:\windows\ie7updates\KB969897-IE7\occache.dll
+ 2009-06-27 19:30 . 2009-02-20 18:09671232 c:\windows\ie7updates\KB969897-IE7\mstime.dll
+ 2009-06-27 19:30 . 2009-02-20 18:09193024 c:\windows\ie7updates\KB969897-IE7\msrating.dll
+ 2009-06-27 19:30 . 2009-02-20 18:09477696 c:\windows\ie7updates\KB969897-IE7\mshtmled.dll
+ 2009-06-27 19:31 . 2009-02-20 18:09459264 c:\windows\ie7updates\KB969897-IE7\msfeeds.dll
+ 2009-06-27 19:31 . 2009-02-28 04:54636072 c:\windows\ie7updates\KB969897-IE7\iexplore.exe
+ 2009-06-27 19:31 . 2009-02-20 18:09268288 c:\windows\ie7updates\KB969897-IE7\iertutil.dll
+ 2009-06-27 19:31 . 2009-02-20 18:09385024 c:\windows\ie7updates\KB969897-IE7\iedkcs32.dll
+ 2009-06-27 19:31 . 2009-02-20 18:09383488 c:\windows\ie7updates\KB969897-IE7\ieapfltr.dll
+ 2009-06-27 19:31 . 2009-02-20 05:14161792 c:\windows\ie7updates\KB969897-IE7\ieakui.dll
+ 2009-06-27 19:31 . 2009-02-20 18:09230400 c:\windows\ie7updates\KB969897-IE7\ieaksie.dll
+ 2009-06-27 19:31 . 2009-02-20 18:09153088 c:\windows\ie7updates\KB969897-IE7\ieakeng.dll
+ 2009-06-27 19:31 . 2009-02-20 18:09133120 c:\windows\ie7updates\KB969897-IE7\extmgr.dll
+ 2009-06-27 19:31 . 2009-02-20 18:09214528 c:\windows\ie7updates\KB969897-IE7\dxtrans.dll
+ 2009-06-27 19:31 . 2009-02-20 18:09347136 c:\windows\ie7updates\KB969897-IE7\dxtmsft.dll
+ 2009-06-27 19:31 . 2009-02-20 18:09124928 c:\windows\ie7updates\KB969897-IE7\advpack.dll
+ 2004-08-10 12:00 . 2009-04-29 04:561159680 c:\windows\system32\urlmon.dll
+ 2004-08-10 12:00 . 2009-04-29 04:563596288 c:\windows\system32\mshtml.dll
- 2007-08-13 22:54 . 2009-02-20 18:096066176 c:\windows\system32\ieframe.dll
+ 2007-08-13 22:54 . 2009-04-29 04:556066176 c:\windows\system32\ieframe.dll
+ 2004-08-10 12:00 . 2009-04-17 09:581846656 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-10 12:00 . 2009-04-29 04:561159680 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-10 12:00 . 2009-04-29 04:563596288 c:\windows\system32\dllcache\mshtml.dll
+ 2008-07-30 21:22 . 2009-04-29 04:556066176 c:\windows\system32\dllcache\ieframe.dll
- 2008-07-30 21:22 . 2009-02-20 18:096066176 c:\windows\system32\dllcache\ieframe.dll
+ 2009-06-27 02:39 . 2007-06-13 10:231033216 c:\windows\system32\dllcache\cache\explorer.exe
+ 2009-06-27 19:30 . 2009-02-20 18:091160192 c:\windows\ie7updates\KB969897-IE7\urlmon.dll
+ 2009-06-27 19:30 . 2009-02-20 18:093595264 c:\windows\ie7updates\KB969897-IE7\mshtml.dll
+ 2009-06-27 19:31 . 2009-02-20 18:096066176 c:\windows\ie7updates\KB969897-IE7\ieframe.dll
+ 2009-06-27 19:31 . 2008-07-09 14:252455488 c:\windows\ie7updates\KB969897-IE7\ieapfltr.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2005-02-08 159744]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-23 116040]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-05-01 645328]
"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-04-09 1176808]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-11-16 88209]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication PackagesREG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [6/25/2009 9:38 PM 203280]
S3 DCamUSBTP10;Cam IV;c:\windows\system32\drivers\TP6810.SYS [7/24/2008 3:52 PM 240584]
.
Contents of the 'Scheduled Tasks' folder

2008-09-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2009-06-26 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-26 12:57]

2009-06-26 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-26 12:57]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: {9E265649-6E0E-4EEA-9F49-DAE0801440CF} - hxxp://70.46.125.59/WebDiginet.CAB
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-27 19:06
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(4008)
c:\program files\McAfee\SiteAdvisor\saHook.dll
.
Completion time: 2009-06-27 19:10
ComboFix-quarantined-files.txt 2009-06-27 23:10
ComboFix2.txt 2009-06-26 01:15

Pre-Run: 67,797,995,520 bytes free
Post-Run: 67,864,244,224 bytes free

292--- E O F ---2009-06-27 19:58

    I don't see anything malware related now.

    How is the computer running?

    ----------

    • Click START then RUN
    • Now type Combofix /u in the runbox
    • Make sure there's a space between Combofix and /u
    • Then hit Enter.
    .
    • The above procedure will:
    • Delete the following:
    • ComboFix and its associated files and folders.
    • Reset the clock settings.
    • Hide file extensions, if required.
    • Hide System/Hidden files, if required.
    • Set a new, clean Restore Point.
    .
    ----------

Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
The computer seems to be running fine the only thing thats really irratating is that it keeps shutting off randomly! it's quite often too!Quote
computer keeps shutting off randomly

This could be any number of things causing that.

Have you INSTALLED any new hardware recently?Nopee no new software installed!Was it happening before the malware problems?

Quote
c:\program files\Windows Doctor

Is Windows Doctor still installed?



It wasnt happening before! and yes Windows Doctor is still installed! is that bad?If it isn't paid for then yes I would uninstall Windows Doctor. I've never heard of it and what I researched was conflicting information on it's trustworthiness.

Download DDS from |HERE| or |HERE| or |HERE| and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will OPEN two (2) logs.

1) DDS.txt
2) Attach.txt

* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply.

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.
DDS (Ver_09-06-26.01) - NTFSx86
Run by XP User at 2:35:17.00 on Mon 06/29/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.502.162 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\XP User\Desktop\dds.pif

============== Pseudo HJT Report ===============

uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\progra~1\mcafee\viruss~1\scriptsn.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {9E265649-6E0E-4EEA-9F49-DAE0801440CF} - hxxp://70.46.125.59/WebDiginet.CAB
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxsrvc.dll
LSA: Authentication Packages = msv1_0 nwprovau

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-6-27 214024]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-6-25 210216]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2009-6-25 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-6-25 144704]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-6-25 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-6-25 35272]
S3 DCamUSBTP10;Cam IV;c:\windows\system32\drivers\TP6810.SYS [2008-7-24 240584]
S3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2009-6-25 606736]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-6-25 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-6-25 40552]

=============== Created Last 30 ================

2009-06-27 20:00--ds----C:\ComboFix
2009-06-27 19:20--d-----C:\e3061928c59c400685fca2c6
2009-06-26 22:41--d-----c:\documents and settings\xp user\WINDOWS
2009-06-26 20:3113,712a-------c:\windows\system32\wpa.bak
2009-06-25 22:25--d-----c:\program files\Windows Doctor
2009-06-25 22:175,169a-------c:\windows\system32\Config.MPF
2009-06-25 21:39--d-----c:\program files\SiteAdvisor
2009-06-25 21:31--d-----c:\program files\McAfee.com
2009-06-25 21:14-cd-----c:\windows\system32\dllcache\cache
2009-06-25 20:51a-dshr--C:\cmdcons
2009-06-25 19:48--d-----c:\windows\system32\appmgmt
2009-06-25 19:26--d-----c:\windows\system32\CatRoot2
2009-06-25 18:2840,552a-------c:\windows\system32\drivers\mfesmfk.sys
2009-06-25 18:2879,816a-------c:\windows\system32\drivers\mfeavfk.sys
2009-06-25 18:2835,272a-------c:\windows\system32\drivers\mfebopk.sys
2009-06-25 18:28120,136a-------c:\windows\system32\drivers\Mpfp.sys
2009-06-25 18:26--d-----c:\program files\common files\McAfee
2009-06-25 18:25--d-----c:\program files\McAfee
2009-06-25 18:2434,248a-------c:\windows\system32\drivers\mferkdk.sys
2009-06-25 18:09--d-----c:\docume~1\alluse~1\applic~1\Geek Squad

==================== Find3M ====================

2009-05-13 23:25214,024a-------c:\windows\system32\drivers\mfehidk.sys
2009-05-07 11:44344,064a-------c:\windows\system32\localspl.dll
2009-04-29 00:56827,392a-------c:\windows\system32\wininet.dll
2009-04-29 00:5578,336a-------c:\windows\system32\ieencode.dll
2009-04-17 05:581,846,656a-------c:\windows\system32\win32k.sys
2009-04-15 11:11584,192a-------c:\windows\system32\rpcrt4.dll
2009-04-06 00:0790,112a-------c:\windows\DUMP62e0.tmp

============= FINISH: 2:36:57.28 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-06-26.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/12/2008 9:32:29 PM
System Uptime: 6/29/2009 2:32:49 AM (0 hours ago)

Motherboard: Hewlett-Packard | | 309D
Processor: Intel(R) Celeron(R) M processor 1.50GHz | U1 | 1496/400mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 75 GiB total, 63.419 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 6/27/2009 10:26:18 PM - System Checkpoint

==== Installed Programs ======================

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Agere Systems AC'97 Modem
ALPS Touch Pad Driver
Apple Mobile Device Support
Apple Software Update
Broadcom 802.11 Wireless LAN Adapter
Cam IV
GTOneCare
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB952287)
Intel(R) Graphics Media Accelerator Driver for Mobile
iTunes
Java(TM) 6 Update 3
Java(TM) 6 Update 7
LimeWire 4.16.6
LiveUpdate 3.1 (Symantec Corporation)
McAfee SecurityCenter
Microsoft .NET FRAMEWORK 1.0 Hotfix (KB930494)
Microsoft Application Error Reporting
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
PowerDVD
QuickTime
Safari
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
SoundMAX
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
WebFldrs XP
Windows Doctor 2.0
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893086

==== Event Viewer Messages From Past Week ========

6/27/2009 6:54:43 PM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 0014A57A06C4 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
6/27/2009 4:04:03 PM, error: DCOM [10005] - DCOM got error "%1450" attempting to start the service COMSysApp with arguments "" in ORDER to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
6/26/2009 7:54:58 PM, error: Service Control Manager [7034] - The McAfee Services service terminated unexpectedly. It has done this 3 time(s).
6/26/2009 7:54:58 PM, error: Service Control Manager [7034] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 3 time(s).
6/26/2009 7:54:58 PM, error: Service Control Manager [7034] - The McAfee Network Agent service terminated unexpectedly. It has done this 3 time(s).
6/26/2009 7:53:27 PM, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/26/2009 7:53:27 PM, error: Service Control Manager [7031] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/26/2009 7:53:27 PM, error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Run the configured recovery program.
6/26/2009 7:47:11 PM, error: Service Control Manager [7034] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s).
6/26/2009 7:47:11 PM, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/26/2009 7:47:11 PM, error: Service Control Manager [7031] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/26/2009 7:47:11 PM, error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Run the configured recovery program.
6/26/2009 7:47:11 PM, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/26/2009 5:21:23 PM, error: System Error [1003] - Error code 000000f4, parameter1 00000003, parameter2 81ec16e8, parameter3 81ec185c, parameter4 805c77ca.
6/25/2009 9:08:36 PM, error: Service Control Manager [7023] - The Automatic Updates service terminated with the following error: The specified module could not be found.
6/25/2009 8:54:25 PM, error: Service Control Manager [7034] - The McAfee Proxy Service service terminated unexpectedly. It has done this 3 time(s).
6/25/2009 8:53:08 PM, error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/25/2009 8:52:44 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PEVSystemStart service to connect.
6/25/2009 8:50:29 PM, error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/25/2009 8:17:50 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
6/25/2009 7:47:44 PM, error: Service Control Manager [7024] - The Symantec SPBBCSvc service terminated with service-specific error 4294967295 (0xFFFFFFFF).
6/25/2009 7:19:31 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/25/2009 7:18:06 PM, error: Service Control Manager [7034] - The Media Center Scheduler Service service terminated unexpectedly. It has done this 1 time(s).
6/25/2009 7:18:00 PM, error: Service Control Manager [7034] - The Media Center Receiver Service service terminated unexpectedly. It has done this 1 time(s).
6/25/2009 7:17:42 PM, error: Service Control Manager [7034] - The Symantec Event Manager service terminated unexpectedly. It has done this 1 time(s).
6/25/2009 7:17:36 PM, error: Service Control Manager [7034] - The Symantec Settings Manager service terminated unexpectedly. It has done this 1 time(s).
6/25/2009 7:17:20 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
6/25/2009 7:17:16 PM, error: Service Control Manager [7034] - The Symantec AntiVirus Definition Watcher service terminated unexpectedly. It has done this 1 time(s).
6/25/2009 7:17:04 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
6/25/2009 6:42:06 PM, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/25/2009 6:41:42 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
6/25/2009 6:32:00 PM, error: Service Control Manager [7031] - The Symantec AntiVirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
6/25/2009 6:13:42 PM, error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).
6/25/2009 4:40:58 PM, error: Service Control Manager [7031] - The Symantec AntiVirus service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

==== End Of File ===========================
Download Disable/Remove Windows Messenger to the Desktop to remove Windows Messenger.

Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Unzip the file on the Desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.

Exit out of MessengerDisable then delete the two files that were put on the Desktop.

----------

Your Java is out of date.

Older versions have vulnerabilities that malicious sites can use to infect your system.

First install the new Sun Java Runtime Environment

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close all browser windows before beginning the install.

Remove the old version(s)

Download JavaRa
* Unzip the file and open the JavaRa.exe
* Click Remove Older Versions
* JavaRa will search for and remove any outdated version of Java and remove any that are found.
* Click Additional Tasks
* Place a check next to Remove Useless JRE Files and click Go
* Exit JavaRa
* Delete the JavaRa files from the Desktop

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

----------

Download the Norton Removal Tool (SymNRT) to your desktop.

Once downloaded please close ALL open browsers, also save any work because this may require a restart.
  • Go to your desktop and double click on the 'Norton_Removal_Tool' and then click Setup.
  • Once open Click Next
  • Accept the license agreement and click Next
  • Type in the letters/numbers that you see into the text box then click Next.
  • Then click Next and the tool will start running.
  • Once finished restart the PC.
  • Delete the 'Norton_Removal_Tool' from your desktop.
.
----------

How is the computer running now?

.


Discussion

No Comment Found

Related InterviewSolutions