Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Dell Inspiron B130 shuts down...

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Dell Inspiron B130 shuts down...

Unread postby tahoe94 » August 29th, 2010, 4:42 pm

Hi,

My laptop shuts down suddenly. It's getting more frequent lately.

HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:36:31 PM, on 8/29/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.rr.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Road Runner
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... 2010040309
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4113905203
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4111436174
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe

--
End of file - 6347 bytes

Uninstall:

10 Talismans
32 Bit HP CIO Components Installer
7 Wonders II
7 Wonders of the World
Adobe Flash Player 10 Plugin
Big Fish Games: Game Manager
Bingo Palace 4.4
Broadcom 440x 10/100 Integrated Controller
Canon Camera Access Library
Canon Camera Support Core Library
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Conexant HDA D110 MDC V.92 Modem
Dell Wireless WLAN Card
Dragon Empire
Foxit Reader
Hidden Wonders of the Depths
Hidden Wonders of the Depths 2
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 9.0
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.01
HP Solution Center 9.0
HP Update
HPSSupply
Intel(R) Graphics Media Accelerator Driver for Mobile
Java(TM) 6 Update 21
Jewel Craft
Jewel Quest
Jewel Quest III
Jewel Quest III (remove only)
Jewel Quest Mysteries: Curse of the Emerald Tear
Jewel Quest Mysteries: Trail of the Midnight Heart
Jewel Quest Solitaire II
Jigsaws Galore
Liong: The Lost Amulets
Lucky Clover
Mahjong Match
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Security Essentials
Microsoft Security Essentials
Microsoft Silverlight
Midnight Mysteries: The Edgar Allan Poe Conspiracy
Mozilla Firefox (3.6.8)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Web Search (Webfetti)
Mystery Case Files®: Dire Grove™
Mystic Diary: Haunted Island
Paradise Quest
Rainbow Web
Redemption Cemetery: Curse of the Raven Collector's Edition
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
SigmaTel Audio
Trial of the Gods: Ariadne's Fate
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB980302)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
Vault Cracker
VLC media player 1.0.3
Web Games Player Plugin
Windows Internet Explorer 8
Windows XP Service Pack 3
WorldWinner Games
Youda Legend: The Curse of the Amsterdam Diamond

Thank you.
tahoe94
Regular Member
 
Posts: 26
Joined: April 28th, 2009, 8:44 pm
Advertisement
Register to Remove

Re: Dell Inspiron B130 shuts down...

Unread postby askey127 » September 1st, 2010, 6:39 am

Hi tahoe94,
The sudden shutdowns may not be caused by any malware infection.
Many kinds of hardware failures (hard drive, etc.) can cause it as well.
I will try to get the software verified, and we will see where that leads.
-----------------------------------------------------------
Remove Registry items with HighjackThis. Start HijackThis.
Click Do System Scan Only. When the Scan is complete, Check the following entries:
(Some of these lines may be missing)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe

Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix Checked
Click the "X" in the upper right corner of the HiJackThis window to close it.
-----------------------------------------------------------
REBOOT(RESTART) Your Machine
-----------------------------------------------------------
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

My Web Search (Webfetti)

Take extra care in answering questions posed by any Uninstaller.
----------------------------------------------
Run Temp File Cleaner
Download Temp File Cleaner and save it to your desktop.
Double click to run it.
If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
When it's done, if it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.
After Restart, log back in to your usual account.
-----------------------------------------------
Run the RSIT Scanner
Please download the scanner from here and save it to your desktop. The icon will be named RSIT.exe
Doubleclick the RSIT icon.
When the scan is complete, two text files will open
log.txt <- this one will be maximized
info.txt <- this one will be minimized
( Both files will be saved here -> C:\rsit\ )
Copy/Paste the contents of both log.txt and info.txt into your next reply please. Use two replies if you prefer.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Dell Inspiron B130 shuts down...

Unread postby tahoe94 » September 2nd, 2010, 6:56 pm

Logfile of random's system information tool 1.08 (written by random/random)
Run by Laura at 2010-09-02 18:52:08
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 13 GB (23%) free of 57 GB
Total RAM: 2039 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:52:29 PM, on 9/2/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Laura\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Laura.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.rr.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Road Runner
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... 2010040309
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4113905203
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4111436174
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe

--
End of file - 5686 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-10-14 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-10-14 114688]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2007-03-16 1392640]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2010-04-03 32849]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Laura\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="C:\Documents and Settings\Laura\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-09-02 18:52:08 ----D---- C:\rsit
2010-08-29 16:34:51 ----D---- C:\Program Files\Trend Micro
2010-08-25 17:23:54 ----D---- C:\Program Files\Common Files\Java
2010-08-25 17:23:22 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-25 17:23:22 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-25 17:23:22 ----A---- C:\WINDOWS\system32\java.exe
2010-08-14 22:22:21 ----D---- C:\Documents and Settings\Laura\Application Data\SunRay Games
2010-08-14 22:20:41 ----D---- C:\Program Files\Mystic Diary - Haunted Island
2010-08-14 19:23:26 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-14 19:23:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-14 19:23:06 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-14 19:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-14 19:10:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-14 19:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-13 01:07:22 ----D---- C:\b35eaa8f3aae74eb248e209d
2010-08-13 01:07:14 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-13 01:07:01 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-03 21:38:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$

======List of files/folders modified in the last 1 months======

2010-09-02 18:52:17 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-02 18:51:49 ----D---- C:\WINDOWS\Prefetch
2010-09-02 18:51:24 ----D---- C:\WINDOWS\Temp
2010-09-02 18:47:47 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-02 18:47:33 ----D---- C:\WINDOWS\system32
2010-09-02 18:47:33 ----D---- C:\WINDOWS
2010-09-02 18:42:32 ----SD---- C:\WINDOWS\Tasks
2010-09-02 18:30:43 ----D---- C:\Documents and Settings\Laura\Application Data\HpUpdate
2010-09-02 18:30:03 ----SHD---- C:\WINDOWS\Installer
2010-09-02 18:30:03 ----HD---- C:\Config.Msi
2010-08-29 20:00:12 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-08-29 16:34:53 ----SD---- C:\Documents and Settings\Laura\Application Data\Microsoft
2010-08-29 16:34:51 ----RD---- C:\Program Files
2010-08-25 17:23:54 ----D---- C:\Program Files\Common Files
2010-08-25 17:23:16 ----D---- C:\Program Files\Java
2010-08-19 19:07:41 ----D---- C:\WINDOWS\system32\config
2010-08-19 19:07:23 ----D---- C:\WINDOWS\system32\wbem
2010-08-19 19:07:22 ----D---- C:\WINDOWS\Registration
2010-08-19 19:06:31 ----D---- C:\WINDOWS\system32\Restore
2010-08-15 14:26:16 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-15 14:26:08 ----RSD---- C:\WINDOWS\assembly
2010-08-14 19:23:31 ----HD---- C:\WINDOWS\inf
2010-08-14 19:23:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-14 19:23:29 ----D---- C:\WINDOWS\system32\drivers
2010-08-14 19:23:25 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-14 19:23:22 ----A---- C:\WINDOWS\imsins.BAK
2010-08-14 19:22:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-14 19:20:22 ----D---- C:\WINDOWS\WinSxS
2010-08-14 19:12:14 ----D---- C:\Program Files\Internet Explorer
2010-08-14 19:11:40 ----D---- C:\WINDOWS\ie8updates
2010-08-13 01:07:16 ----D---- C:\Program Files\Movie Maker
2010-08-12 13:07:30 ----D---- C:\Documents and Settings\Laura\Application Data\vlc
2010-08-03 14:09:31 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-03-16 604928]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-07-22 201600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952]
S0 cercsr6;cercsr6; C:\WINDOWS\system32\drivers\cercsr6.sys [2004-12-13 39904]
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-08-05 45312]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2010-04-03 28762]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 wltrysvc;Dell Wireless WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2007-03-16 20480]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.08 2010-09-02 18:52:33

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
10 Talismans-->"C:\Program Files\10 Talismans\Uninstall.exe"
32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
7 Wonders II-->"C:\Program Files\7 Wonders II\Uninstall.exe"
7 Wonders of the World-->"C:\Program Files\7 Wonders of the World\Uninstall.exe"
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Big Fish Games: Game Manager-->C:\Program Files\bfgclient\Uninstall.exe
Bingo Palace 4.4-->C:\Program Files\Bingo Palace\uninst.exe
Broadcom 440x 10/100 Integrated Controller-->MsiExec.exe /X{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}
Canon Camera Access Library-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon G.726 WMP-Decoder-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Utilities CameraWindow DC-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC\Uninst.ini"
Canon Utilities CameraWindow-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
Canon Utilities EOS Utility-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities MyCamera DC-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCameraDC\Uninst.ini"
Canon Utilities MyCamera-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini"
Conexant HDA D110 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028k.inf
Dell Wireless WLAN Card-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
Dragon Empire-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\f3f8466867f35aee13c28ade8b126f69.rguninst" "AddRemove"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Hidden Wonders of the Depths 2-->"C:\Program Files\Hidden Wonders of the Depths 2\Uninstall.exe"
Hidden Wonders of the Depths-->"C:\Program Files\Hidden Wonders of the Depths\Uninstall.exe"
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 9.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{B09BCBF6-87EE-4403-A336-3A9510856535}\setup\hpzscr01.exe -datfile hposcr15.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
Intel(R) Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216019FF}
Jewel Craft-->"C:\Program Files\Jewel Craft\Uninstall.exe"
Jewel Quest III (remove only)-->"C:\Program Files\iWin\Jewel Quest III\Uninstall.exe"
Jewel Quest III-->"C:\Program Files\Break For Games\Jewel Quest III\unins000.exe"
Jewel Quest Mysteries: Curse of the Emerald Tear-->"C:\Program Files\Jewel Quest Mysteries - Curse of the Emerald Tear\Uninstall.exe"
Jewel Quest Mysteries: Trail of the Midnight Heart-->"C:\Program Files\Jewel Quest Mysteries - Trail of the Midnight Heart\Uninstall.exe"
Jewel Quest Solitaire II-->"C:\Program Files\Jewel Quest Solitaire II\Uninstall.exe"
Jewel Quest-->"C:\Program Files\Jewel Quest\Uninstall.exe"
Jigsaws Galore-->"C:\Program Files\Jigsaws\unins000.exe"
Liong: The Lost Amulets-->"C:\Program Files\Liong - The Lost Amulets\Uninstall.exe"
Lucky Clover-->"C:\Program Files\Lucky Clover\Uninstall.exe"
Mahjong Match-->"C:\Program Files\Mahjong Match\Uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Antimalware-->MsiExec.exe /X{E62A1F01-07B7-4541-A835-EE5B0BF064C2}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
Microsoft Security Essentials-->MsiExec.exe /I{EF98A02A-1748-4762-9B7D-5ED1600520D5}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Midnight Mysteries: The Edgar Allan Poe Conspiracy-->"C:\Program Files\Midnight Mysteries - The Edgar Allan Poe Conspiracy\Uninstall.exe"
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
My Web Search (Webfetti)-->rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsbar.dll,O
Mystery Case Files&reg;: Dire Grove™-->"C:\Program Files\Mystery Case Files - Dire Grove\Uninstall.exe"
Mystic Diary: Haunted Island-->"C:\Program Files\Mystic Diary - Haunted Island\Uninstall.exe"
Paradise Quest-->"C:\Program Files\Paradise Quest\Uninstall.exe"
Rainbow Web-->"C:\Program Files\Rainbow Web\Uninstall.exe"
Redemption Cemetery: Curse of the Raven Collector's Edition-->"C:\Program Files\Redemption Cemetery - Curse of the Raven Collector's Edition\Uninstall.exe"
Security Update for Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Trial of the Gods: Ariadne's Fate-->"C:\Program Files\Trial of the Gods - Ariadnes Fate\Uninstall.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB980302)-->"C:\WINDOWS\ie8updates\KB980302-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update for Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe"
Vault Cracker-->"C:\Program Files\Vault Cracker\Uninstall.exe"
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Web Games Player Plugin-->"C:\Program Files\Zylom Games\UninstallPlugin.exe" --uninstall
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WorldWinner Games-->MsiExec.exe /X{230B9098-A165-491F-B499-8F41AA7139F6}
Youda Legend: The Curse of the Amsterdam Diamond-->"C:\Program Files\Youda Legend - The Curse of the Amsterdam Diamond\Uninstall.exe"

======Security center information======

AV: Microsoft Security Essentials

======System event log======

Computer Name: LAURA-LAPTOP
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 277
Source Name: Tcpip
Time Written: 20100716160213.000000-240
Event Type: warning
User:

Computer Name: LAURA-LAPTOP
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0016CE173496. The following
error occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 261
Source Name: Dhcp
Time Written: 20100716084015.000000-240
Event Type: warning
User:

Computer Name: LAURA-LAPTOP
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0016CE173496. The following
error occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 208
Source Name: Dhcp
Time Written: 20100714183011.000000-240
Event Type: warning
User:

Computer Name: LAURA-LAPTOP
Event Code: 3
Message: Printer Foxit PDF Printer was deleted.

Record Number: 25
Source Name: Print
Time Written: 20100711122731.000000-240
Event Type: warning
User: LAURA-LAPTOP\Laura

Computer Name: LAURA-LAPTOP
Event Code: 4
Message: Printer Foxit PDF Printer is pending deletion.

Record Number: 24
Source Name: Print
Time Written: 20100711122726.000000-240
Event Type: warning
User: LAURA-LAPTOP\Laura

=====Application event log=====

Computer Name: LAURA-LAPTOP
Event Code: 5000
Message: EventType avsubmit, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P2 2.0.6212.0, P3 timeout, P4 1.1.5406.0, P5 unspecified, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Record Number: 354
Source Name: MPSampleSubmission
Time Written: 20100221193321.000000-300
Event Type: error
User:

Computer Name: LAURA-LAPTOP
Event Code: 5000
Message: EventType avsubmit, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P2 2.0.6212.0, P3 timeout, P4 1.1.5406.0, P5 unspecified, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Record Number: 352
Source Name: MPSampleSubmission
Time Written: 20100221193122.000000-300
Event Type: error
User:

Computer Name: LAURA-LAPTOP
Event Code: 5000
Message: EventType avsubmit, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P2 2.0.6212.0, P3 timeout, P4 1.1.5406.0, P5 unspecified, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Record Number: 350
Source Name: MPSampleSubmission
Time Written: 20100221192909.000000-300
Event Type: error
User:

Computer Name: LAURA-LAPTOP
Event Code: 5000
Message: EventType avsubmit, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde), P2 2.0.6212.0, P3 timeout, P4 1.1.5406.0, P5 unspecified, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Record Number: 348
Source Name: MPSampleSubmission
Time Written: 20100221192553.000000-300
Event Type: error
User:

Computer Name: LAURA-LAPTOP
Event Code: 1000
Message: Faulting application hwd.exe, version 0.0.0.0, faulting module hwd.exe, version 0.0.0.0, fault address 0x000159a6.

Record Number: 346
Source Name: Application Error
Time Written: 20100221192110.000000-300
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
*NOTE: When I tried to remove My Web Search (Webfetti) I got the following message box:

RUNDLL

X Error loading C:\Progra~1\MYWEBS~1\bar\1.bin\mwsbar.dll

The specified module could not be found
OK
tahoe94
Regular Member
 
Posts: 26
Joined: April 28th, 2009, 8:44 pm

Re: Dell Inspiron B130 shuts down...

Unread postby askey127 » September 2nd, 2010, 7:17 pm

tahoe94,
-----------------------------------------------------------
Run a File Search
Press Start->Run, copy/paste the following command into the box and press OK:
cmd /c dir C:\*.* /L /A /B /S|Find "mywebsearch" >> "%userprofile%\desktop\look.txt"

A blank command window will open on your desktop, then close in a minute or two. This is normal.
A file called look.txt should appear on your Desktop. Please post the contents of this file.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Dell Inspiron B130 shuts down...

Unread postby tahoe94 » September 5th, 2010, 11:47 am

Thank you and here ya go:

c:\documents and settings\laura\cookies\laura@mywebsearch[2].txt
c:\documents and settings\laura\cookies\laura@mywebsearch[3].txt
c:\program files\mywebsearch
c:\program files\mywebsearch\bar
c:\program files\mywebsearch\bar\1.bin
c:\program files\mywebsearch\bar\avatar
c:\program files\mywebsearch\bar\cache
c:\program files\mywebsearch\bar\game
c:\program files\mywebsearch\bar\history
c:\program files\mywebsearch\bar\icons
c:\program files\mywebsearch\bar\message
c:\program files\mywebsearch\bar\notifier
c:\program files\mywebsearch\bar\settings
c:\program files\mywebsearch\bar\1.bin\chrome
c:\program files\mywebsearch\bar\1.bin\chrome.manifest
c:\program files\mywebsearch\bar\1.bin\f3bkgerr.jpg
c:\program files\mywebsearch\bar\1.bin\f3cjpeg.dll
c:\program files\mywebsearch\bar\1.bin\f3dtactl.dll
c:\program files\mywebsearch\bar\1.bin\f3histsw.dll
c:\program files\mywebsearch\bar\1.bin\f3hkstub.dll
c:\program files\mywebsearch\bar\1.bin\f3htmlmu.dll
c:\program files\mywebsearch\bar\1.bin\f3httpct.dll
c:\program files\mywebsearch\bar\1.bin\f3imstub.dll
c:\program files\mywebsearch\bar\1.bin\f3popswt.dll
c:\program files\mywebsearch\bar\1.bin\f3pssavr.scr
c:\program files\mywebsearch\bar\1.bin\f3reghk.dll
c:\program files\mywebsearch\bar\1.bin\f3reprox.dll
c:\program files\mywebsearch\bar\1.bin\f3restub.dll
c:\program files\mywebsearch\bar\1.bin\f3schmon.exe
c:\program files\mywebsearch\bar\1.bin\f3scrctr.dll
c:\program files\mywebsearch\bar\1.bin\f3spacer.wmv
c:\program files\mywebsearch\bar\1.bin\f3wallpp.dat
c:\program files\mywebsearch\bar\1.bin\f3wphook.dll
c:\program files\mywebsearch\bar\1.bin\fwpbuddy.png
c:\program files\mywebsearch\bar\1.bin\install.rdf
c:\program files\mywebsearch\bar\1.bin\m3auxstb.dll
c:\program files\mywebsearch\bar\1.bin\m3dlghk.dll
c:\program files\mywebsearch\bar\1.bin\m3highin.exe
c:\program files\mywebsearch\bar\1.bin\m3html.dll
c:\program files\mywebsearch\bar\1.bin\m3idle.dll
c:\program files\mywebsearch\bar\1.bin\m3impipe.exe
c:\program files\mywebsearch\bar\1.bin\m3medint.exe
c:\program files\mywebsearch\bar\1.bin\m3msg.dll
c:\program files\mywebsearch\bar\1.bin\m3outlcn.dll
c:\program files\mywebsearch\bar\1.bin\m3plugin.dll
c:\program files\mywebsearch\bar\1.bin\m3skin.dll
c:\program files\mywebsearch\bar\1.bin\m3skplay.exe
c:\program files\mywebsearch\bar\1.bin\m3slsrch.exe
c:\program files\mywebsearch\bar\1.bin\m3srchmn.exe
c:\program files\mywebsearch\bar\1.bin\mwsmlbtn.dll
c:\program files\mywebsearch\bar\1.bin\mwsoemon.exe
c:\program files\mywebsearch\bar\1.bin\mwsoeplg.dll
c:\program files\mywebsearch\bar\1.bin\mwsoestb.dll
c:\program files\mywebsearch\bar\1.bin\mwssvc.exe
c:\program files\mywebsearch\bar\1.bin\mwsuabtn.dll
c:\program files\mywebsearch\bar\1.bin\npmywebs.dll
c:\program files\mywebsearch\bar\1.bin\chrome\m3ffxtbr.jar
c:\program files\mywebsearch\bar\avatar\common.f3s
c:\program files\mywebsearch\bar\cache\0001270b.bin
c:\program files\mywebsearch\bar\cache\00012b51.bin
c:\program files\mywebsearch\bar\cache\0001315b.bin
c:\program files\mywebsearch\bar\cache\000133fb.bin
c:\program files\mywebsearch\bar\cache\0001483f.bin
c:\program files\mywebsearch\bar\cache\0023c97f
c:\program files\mywebsearch\bar\cache\0023d8f0.bin
c:\program files\mywebsearch\bar\cache\0023e40c.bin
c:\program files\mywebsearch\bar\cache\0023ecd6.bin
c:\program files\mywebsearch\bar\cache\0023f080.bin
c:\program files\mywebsearch\bar\cache\0023f429.bin
c:\program files\mywebsearch\bar\cache\0198c553.bin
c:\program files\mywebsearch\bar\cache\041c1271.bin
c:\program files\mywebsearch\bar\cache\08547a2f
c:\program files\mywebsearch\bar\cache\files.ini
c:\program files\mywebsearch\bar\game\checkers.f3s
c:\program files\mywebsearch\bar\game\chess.f3s
c:\program files\mywebsearch\bar\game\reversi.f3s
c:\program files\mywebsearch\bar\history\search3
c:\program files\mywebsearch\bar\icons\cm.ico
c:\program files\mywebsearch\bar\icons\mfc.ico
c:\program files\mywebsearch\bar\icons\pss.ico
c:\program files\mywebsearch\bar\icons\smiley.ico
c:\program files\mywebsearch\bar\icons\wb.ico
c:\program files\mywebsearch\bar\icons\zwinky.ico
c:\program files\mywebsearch\bar\message\common
c:\program files\mywebsearch\bar\message\common.f3s
c:\program files\mywebsearch\bar\message\common\8_step1.gif
c:\program files\mywebsearch\bar\message\common\autoup.gif
c:\program files\mywebsearch\bar\message\common\autoup.htm
c:\program files\mywebsearch\bar\message\common\bkez.jpg
c:\program files\mywebsearch\bar\message\common\bkgr.jpg
c:\program files\mywebsearch\bar\message\common\bkgs.jpg
c:\program files\mywebsearch\bar\message\common\bklf.jpg
c:\program files\mywebsearch\bar\message\common\bkrg.jpg
c:\program files\mywebsearch\bar\message\common\bkwebfet.jpg
c:\program files\mywebsearch\bar\message\common\bkzc.jpg
c:\program files\mywebsearch\bar\message\common\bkzl.jpg
c:\program files\mywebsearch\bar\message\common\bkzn.jpg
c:\program files\mywebsearch\bar\message\common\bkzq.jpg
c:\program files\mywebsearch\bar\message\common\bkzr.jpg
c:\program files\mywebsearch\bar\message\common\bkzu.jpg
c:\program files\mywebsearch\bar\message\common\bkzv.jpg
c:\program files\mywebsearch\bar\message\common\bkzw.jpg
c:\program files\mywebsearch\bar\message\common\bkzwinky.jpg
c:\program files\mywebsearch\bar\message\common\blubtn2d.png
c:\program files\mywebsearch\bar\message\common\blubtn2r.png
c:\program files\mywebsearch\bar\message\common\blubtn3d.png
c:\program files\mywebsearch\bar\message\common\blubtn3r.png
c:\program files\mywebsearch\bar\message\common\center.htm
c:\program files\mywebsearch\bar\message\common\index.htm
c:\program files\mywebsearch\bar\message\common\mid_dots.gif
c:\program files\mywebsearch\bar\message\common\protect.htm
c:\program files\mywebsearch\bar\message\common\rebut4.htm
c:\program files\mywebsearch\bar\message\common\rebut4b.htm
c:\program files\mywebsearch\bar\message\common\rebut4c.htm
c:\program files\mywebsearch\bar\message\common\shield.png
c:\program files\mywebsearch\bar\message\common\shocked.gif
c:\program files\mywebsearch\bar\message\common\stop.gif
c:\program files\mywebsearch\bar\message\common\systray.htm
c:\program files\mywebsearch\bar\message\common\systrayp.htm
c:\program files\mywebsearch\bar\message\common\tp_grad.gif
c:\program files\mywebsearch\bar\message\common\warn.gif
c:\program files\mywebsearch\bar\notifier\common.f3s
c:\program files\mywebsearch\bar\notifier\dog.f3s
c:\program files\mywebsearch\bar\notifier\fish.f3s
c:\program files\mywebsearch\bar\notifier\kungfu.f3s
c:\program files\mywebsearch\bar\notifier\lifegard.f3s
c:\program files\mywebsearch\bar\notifier\maid.f3s
c:\program files\mywebsearch\bar\notifier\mailbox.f3s
c:\program files\mywebsearch\bar\notifier\opera.f3s
c:\program files\mywebsearch\bar\notifier\robot.f3s
c:\program files\mywebsearch\bar\notifier\seduct.f3s
c:\program files\mywebsearch\bar\notifier\surfer.f3s
c:\program files\mywebsearch\bar\settings\prevcfg2.htm
c:\program files\mywebsearch\bar\settings\s_pid.dat
tahoe94
Regular Member
 
Posts: 26
Joined: April 28th, 2009, 8:44 pm

Re: Dell Inspiron B130 shuts down...

Unread postby askey127 » September 6th, 2010, 8:38 am

tahoe94,
------------------------------------------------------------
Please download OTM and save to your Desktop.
  • Please double-click OTM.exe to run it.
  • Copy the lines from the codebox to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy). Do NOT copy the word "Code" :
Code: Select all
:files
c:\program files\mywebsearch
c:\documents and settings\laura\cookies\laura@mywebsearch[2].txt
c:\documents and settings\laura\cookies\laura@mywebsearch[3].txt

:Commands
[emptytemp]
  • Return to OTM, right-click in the "Paste instructions for items to be moved" window (under the yellow bar) and choose Paste
  • Then click the red MoveIt! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of it and pressing CTRL + C (or, after highlighting, right-click and choose Copy), and paste it into your next Reply.
  • If OTM asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
  • Close OTM.
Note: the logs are saved in C:\_OTM\MovedFiles\ if you need to retrieve one.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Dell Inspiron B130 shuts down...

Unread postby tahoe94 » September 6th, 2010, 2:25 pm

Thank you.

First let me tell you what's happened since my last reply. The computer suddenly shut down again. I didn't turn it back on until a little while ago to respond to your reply. When it booted up it went straight to safe mode. I clicked on "Restore Active Desktop" and got an error message about a script not running. I tried clicking on yes and then no several times. Nothing worked. So I did a system restore to the latest restore point (9/5/10). Didn't help. I then did a system restore to the next most recent restore point (9/2/10). Again didn't work. I noticed that the script error had to do with Internet Explorer8 so I went to Control Panel and removed IE8. At that point I was able to restore the active desktop. Then I came here and did what you told me to. I'm now going to post what I got. It's in two files. I'll paste both here:

ccsP
tbf=00011141
mywebsearch.com/
1024
3172905472
30806718
898358608
30073302
*
UID
usucEy1D27YpKsO.ALdZ7A
mywebsearch.com/
1024
3172905472
30806718
898518608
30073302
*

ccsP
tbf=00011141
mywebsearch.com/
1024
2957287808
30806852
708050944
30073436
*
UID
usucEy1D27YpKsO.ALdZ7A
mywebsearch.com/
1024
2957287808
30806852
708050944
30073436
*
tahoe94
Regular Member
 
Posts: 26
Joined: April 28th, 2009, 8:44 pm

Re: Dell Inspiron B130 shuts down...

Unread postby askey127 » September 6th, 2010, 3:03 pm

tahoe94,
I mentioned in the beginning this may not be software.
The process below will likely run in either Safe Mode or Normal Mode.
-----------------------------------------------------------
Check Hard Disk For Errors
Press Start->Run, then type or copy/paste the following command into the box and press OK:
Code: Select all
cmd  /c  chkdsk  c:  |find  /v  "percent"  >> "%userprofile%\desktop\checkhd.txt"
A blank command window will open on your desktop, then close in a few minutes. This is normal.
A file and icon named checkhd.txt should appear on your Desktop. Please post the contents of this file.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Dell Inspiron B130 shuts down...

Unread postby tahoe94 » September 7th, 2010, 6:23 am

Thank you, askey127.

The type of the file system is NTFS.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
CHKDSK is verifying indexes (stage 2 of 3)...
CHKDSK is verifying security descriptors (stage 3 of 3)...
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
Correcting errors in the Volume Bitmap.
Windows found problems with the file system.
Run CHKDSK with the /F (fix) option to correct these.

58597055 KB total disk space.
45248496 KB in 58454 files.
19028 KB in 4989 indexes.
0 KB in bad sectors.
140203 KB in use by the system.
65536 KB occupied by the log file.
13189328 KB available on disk.

4096 bytes in each allocation unit.
14649263 total allocation units on disk.
3297332 allocation units available on disk.
tahoe94
Regular Member
 
Posts: 26
Joined: April 28th, 2009, 8:44 pm

Re: Dell Inspiron B130 shuts down...

Unread postby askey127 » September 7th, 2010, 7:37 am

tahoe94,
That result for the hard Drive is OK.

Does your system only shut down suddenly only when the charger is plugged in?
I have seen an instance of a loose charger socket on the laptop which had a short circuit, and would shut the machine down suddenly.
-----------------------------------------------------------
Download and Run ComboFix
IMPORTANT NOTE: ComboFix is a VERY POWERFUL tool. DO NOT use it without guidance.
ComboFix uses very forceful tactics to remove malware from your system. Your antivirus software may warn you about the file.
You will need to disable all your antivirus software BEFORE running ComboFix.
.
  • Download ComboFix from here
  • Rename it while saving the download to zzz.exe and save it to your Desktop. Do not try to rename it after it has been saved to your desktop, or the infection may prevent you from using it.
    **Note: It is important that it is saved directly to your desktop and run from the desktop, not from any other folder on your computer**
  • DISABLE MICROSOFT SECURITY ESSENTIALS
    Right click the green MS Security Essentials "schoolhouse" icon, and click "Open".
    Click the "Settings" tab and in the left pane, Click "Real Time Protection"
    In The Main Window UNCHECK the box for "Turn on real time protection(Recommended)"
    Then click "Save Changes"
  • Now start ComboFix (zzz.exe)
  • The tool will check whether the Recovery Console is present on your system. If it is not, ComboFix will prompt you whether you would like to install it. (You would).
  • If it is not, make sure you are connected to the internet as ComboFix needs to download a file. When you are connected to the internet, click Yes and follow the prompts. When asked whether to continue scanning or to exit, click Yes to continue scanning (no need to disconnect from the internet as ComboFix breaks your internet connection for you).
  • Do not touch the computer AT ALL while ComboFix is running.
  • When finished, the report will open. Post the log in your next reply, and then Reenable your protection software
A copy of the log will be located here if you need it-> C:\ComboFix.txt
If you cannot connect to the internet after running ComboFix, unplug the cable you use to connect to the internet and plug it back in.

The Recovery Console produces a brief (2 second) black screen at bootup which allows an additional technical resource for repair in case of a major failure. In regular operation, you can ignore it.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Dell Inspiron B130 shuts down...

Unread postby tahoe94 » September 7th, 2010, 4:32 pm

ComboFix 10-09-07.01 - Laura 09/07/2010 16:21:26.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1583 [GMT -4:00]
Running from: c:\documents and settings\Laura\Desktop\zzz.exe
AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\FunWebProducts
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\FunWebProducts\Shared\Cache\WebfettiBtn.html
c:\windows\system32\AutoRun.inf
c:\windows\system32\f3PSSavr.scr

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService


((((((((((((((((((((((((( Files Created from 2010-08-07 to 2010-09-07 )))))))))))))))))))))))))))))))
.

2010-09-06 18:13 . 2010-09-06 18:13 -------- d-----w- C:\_OTM
2010-09-06 17:55 . 2010-09-06 17:55 -------- d-----w- c:\windows\system32\wbem\Repository
2010-09-02 22:52 . 2010-09-02 22:52 -------- d-----w- C:\rsit
2010-08-29 20:34 . 2010-08-29 20:34 388096 ----a-r- c:\documents and settings\Laura\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-29 20:34 . 2010-09-02 22:52 -------- d-----w- c:\program files\Trend Micro
2010-08-25 21:23 . 2010-08-25 21:23 -------- d-----w- c:\program files\Common Files\Java
2010-08-15 02:22 . 2010-08-15 02:22 -------- d-----w- c:\documents and settings\Laura\Application Data\SunRay Games
2010-08-15 02:20 . 2010-08-15 02:21 -------- d-----w- c:\program files\Mystic Diary - Haunted Island
2010-08-15 02:11 . 2010-08-15 02:20 131275600 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\GameManager\GameDB\F5925T1L1\setup_gF5925T1L1_d995652857_l1_s1.exe
2010-08-13 05:07 . 2010-08-13 05:07 -------- d-----w- C:\b35eaa8f3aae74eb248e209d

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-05 16:04 . 2010-01-22 03:44 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-09-02 22:30 . 2010-06-29 14:01 -------- d-----w- c:\documents and settings\Laura\Application Data\HpUpdate
2010-08-25 21:23 . 2010-04-05 21:57 -------- d-----w- c:\program files\Java
2010-08-12 17:07 . 2010-01-22 00:37 -------- d-----w- c:\documents and settings\Laura\Application Data\vlc
2010-08-04 10:33 . 2010-08-04 10:33 503808 ----a-w- c:\documents and settings\Laura\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-76ed57f3-n\msvcp71.dll
2010-08-04 10:33 . 2010-08-04 10:33 499712 ----a-w- c:\documents and settings\Laura\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-76ed57f3-n\jmc.dll
2010-08-04 10:33 . 2010-08-04 10:33 348160 ----a-w- c:\documents and settings\Laura\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-76ed57f3-n\msvcr71.dll
2010-08-04 10:33 . 2010-08-04 10:33 61440 ----a-w- c:\documents and settings\Laura\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-299473a4-n\decora-sse.dll
2010-08-04 10:33 . 2010-08-04 10:33 12800 ----a-w- c:\documents and settings\Laura\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-299473a4-n\decora-d3d.dll
2010-08-02 22:27 . 2010-08-02 22:27 -------- d-----w- c:\documents and settings\Laura\Application Data\ERS Game Studios
2010-08-02 22:27 . 2010-08-02 22:25 -------- d-----w- c:\program files\Redemption Cemetery - Curse of the Raven Collector's Edition
2010-07-17 09:00 . 2010-06-25 02:17 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-15 19:48 . 2010-07-15 19:34 -------- d-----w- c:\program files\Bingo Palace
2010-07-15 19:48 . 2010-07-15 19:48 -------- d-----w- c:\program files\Common Files\SWF Studio
2010-07-11 16:27 . 2010-01-31 17:53 -------- d-----w- c:\program files\Foxit Software
2010-07-10 01:34 . 2010-07-10 01:34 401408 ----a-w- c:\documents and settings\All Users\Application Data\WorldWinner\swapit\swapit.dll
2010-07-10 01:34 . 2010-07-10 01:18 -------- d-----w- c:\documents and settings\All Users\Application Data\WorldWinner
2010-07-10 01:29 . 2010-07-10 01:29 532480 ----a-w- c:\documents and settings\All Users\Application Data\WorldWinner\bejeweled\bejeweled.dll
2010-07-10 01:18 . 2010-07-10 01:18 137216 ----a-w- c:\documents and settings\All Users\Application Data\WorldWinner\shared\fmod.dll
2010-07-10 01:18 . 2010-07-10 01:18 339968 ----a-w- c:\documents and settings\All Users\Application Data\WorldWinner\dealornodeal\dealornodeal.dll
2010-07-10 01:18 . 2010-07-10 01:18 -------- d-----w- c:\program files\WorldWinner.com, Inc
2010-07-10 01:18 . 2010-07-10 01:18 -------- d-----w- c:\documents and settings\Laura\Application Data\Worldwinner
2010-06-30 12:31 . 2004-08-04 10:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-30 04:13 . 2010-07-16 14:45 52224 ----a-w- c:\documents and settings\Laura\Application Data\Mozilla\Firefox\Profiles\zesyfg8s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
2010-06-30 04:13 . 2010-07-16 14:45 101376 ----a-w- c:\documents and settings\Laura\Application Data\Mozilla\Firefox\Profiles\zesyfg8s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
2010-06-25 02:17 . 2010-06-25 02:17 503808 -c--a-w- c:\documents and settings\Laura\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-50a7e262-n\msvcp71.dll
2010-06-25 02:17 . 2010-06-25 02:17 499712 -c--a-w- c:\documents and settings\Laura\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-50a7e262-n\jmc.dll
2010-06-25 02:17 . 2010-06-25 02:17 348160 -c--a-w- c:\documents and settings\Laura\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-50a7e262-n\msvcr71.dll
2010-06-25 02:17 . 2010-06-25 02:17 61440 -c--a-w- c:\documents and settings\Laura\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4b983daa-n\decora-sse.dll
2010-06-25 02:17 . 2010-06-25 02:17 12800 -c--a-w- c:\documents and settings\Laura\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4b983daa-n\decora-d3d.dll
2010-06-23 13:44 . 2004-08-04 10:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-04 10:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-04 10:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2010-01-21 20:31 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2004-08-04 10:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-10 22:00 . 2010-06-10 22:00 143360 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\Upgrade\stub\vaultcracker_s1_l1_gF5833T1L1_d948223945.exe
2010-06-10 22:00 . 2010-06-10 22:00 143360 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\Upgrade\stub\redemption-cemetery-curse-of-the-raven-ce_s1_l1_gF5897T1L1_d981756865.exe
2010-06-10 22:00 . 2010-06-10 22:00 143360 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\Upgrade\stub\mystic-diary-haunted-island_s1_l1_gF5925T1L1_d995652857.exe
2010-06-10 22:00 . 2010-06-10 22:00 143360 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\Upgrade\stub\mahjongmatch_s1_l1_gF952T1L1_d950434664.exe
2010-06-10 22:00 . 2010-06-10 22:00 143360 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\Upgrade\stub\bigfishgames_p76980021_s1_l1.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-16 1392640]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-09-07 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-26 01:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.facebook.com/
uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe"
FF - ProfilePath - c:\documents and settings\Laura\Application Data\Mozilla\Firefox\Profiles\zesyfg8s.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?#/?ref=home
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\Laura\Application Data\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\WorldWinner.com, Inc\WorldWinner Games\npwwload.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-07 16:26
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(604)
c:\windows\System32\BCMLogon.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Completion time: 2010-09-07 16:31:27 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-07 20:31

Pre-Run: 13,346,197,504 bytes free
Post-Run: 13,266,866,176 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - EC3D67635AEB1BC72E60EB0C6E7C64EB
tahoe94
Regular Member
 
Posts: 26
Joined: April 28th, 2009, 8:44 pm

Re: Dell Inspiron B130 shuts down...

Unread postby askey127 » September 7th, 2010, 6:01 pm

Looks good.
Tell me about the relevance of the charger plug, and tell me how it's running.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Dell Inspiron B130 shuts down...

Unread postby tahoe94 » September 7th, 2010, 6:11 pm

Thank you.

I don't really use it without the charger plugged in because the battery doesn't last very long. It shuts itself off much quicker when I'm playing a game and not just surfing. If I'm just surfing the net it'll last about twice as long before it shuts off. Would you like me to try each without the charger?
tahoe94
Regular Member
 
Posts: 26
Joined: April 28th, 2009, 8:44 pm

Re: Dell Inspiron B130 shuts down...

Unread postby askey127 » September 7th, 2010, 6:14 pm

The issue is this :
Does it shut off when you wiggle the charger cable?
If not, then my experience does not apply here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Dell Inspiron B130 shuts down...

Unread postby tahoe94 » September 9th, 2010, 4:43 pm

When I wiggle the charger plug the screen dims and brightens. It does not shut down.
tahoe94
Regular Member
 
Posts: 26
Joined: April 28th, 2009, 8:44 pm
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 294 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware