Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I have some malware and need help removing it

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I have some malware and need help removing it

Unread postby Tracys » April 9th, 2012, 4:42 pm

I first noticed it when my Window's fire wall started asking permission for programs that already had permission to be allowed to work. I am locked out of Window's Software Explorer. When I run an ad-aware scan I find numerous problems and even after ad-aware fixes them they still pop up.

DDS scan

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Samuel L Jackson at 16:25:06 on 2012-04-09
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1155 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\WINDOWS\svcs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.xfinity.com/customer/start/? ... te07202011
uURLSearchHooks: H - No File
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\adobe acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\adobe acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\adobe acrobat 6.0\acrobat\AcroIEFavClient.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
uRun: [Download] "c:\documents and settings\samuel l jackson\local settings\application data\supportsoft\ddoctorv2\samuel l jackson\ssGet.exe" 120 "http://pcmctbc.cmc.motive.com/motivedocs/EasySolveInstaller.exe" "EasySolveInstaller.exe"
mRun: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
mRun: [OrderReminder] c:\program files\hewlett-packard\orderreminder\OrderReminder.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [RunNarrator] Narrator.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6.5\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: mswsock.dll
Trusted Zone: aol.com\free
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2C66C77E-65B8-42F3-9EC4-D21819FEF2CB} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\samuel l jackson\application data\mozilla\firefox\profiles\7q0xmyic.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://helion.astroempires.com/
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_ ... v2&search=
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\bittorrent_dna\npbtdna.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-10-28 64512]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-10-7 14776]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-6 54752]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-8-18 2152152]
R2 NetworkLog;NetworkLog;c:\windows\svcs.exe [2012-4-1 584688]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2011-2-14 100368]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-8-18 15232]
S0 ABIT-IO;ABIT-IO;c:\windows\system32\drivers\abit-io.sys --> c:\windows\system32\drivers\ABIT-IO.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-29 253600]
S3 ctgame;Game Port;c:\windows\system32\drivers\ctgame.sys [2007-2-2 12160]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 imhidusb;Immersion's HID USB Driver;c:\windows\system32\drivers\imhidusb.sys [2007-2-22 30984]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2007-12-6 42112]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]
S3 UsbGps;LGE CDMA USB GPS NMEA Port;c:\windows\system32\drivers\lgusbgps.sys --> c:\windows\system32\drivers\lgusbgps.sys [?]
.
=============== Created Last 30 ================
.
2012-04-01 15:03:04 584688 ----a-w- c:\windows\svcs.exe
2012-04-01 03:32:59 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-03-30 20:45:56 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-03-30 19:05:46 6582328 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{efad12a9-11cc-4757-8c1a-fbbe6d638328}\mpengine.dll
2012-03-29 14:00:02 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-24 07:39:24 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
2012-03-24 07:39:24 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll
2012-03-17 01:15:56 -------- d-----w- C:\AMD
.
==================== Find3M ====================
.
2012-03-29 14:17:21 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 13:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-15 03:44:58 7585792 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2012-02-15 03:41:52 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2012-02-15 03:09:30 19611648 ----a-w- c:\windows\system32\atioglxx.dll
2012-02-15 02:56:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-02-15 02:55:12 305152 ----a-w- c:\windows\system32\ati2dvag.dll
2012-02-15 02:52:08 5358080 ----a-w- c:\windows\system32\ati3duag.dll
2012-02-15 02:43:02 956160 ----a-w- c:\windows\system32\ativvamv.dll
2012-02-15 02:34:32 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2012-02-15 02:34:18 159744 ----a-w- c:\windows\system32\Oemdspif.dll
2012-02-15 02:34:10 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2012-02-15 02:34:02 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-02-15 02:33:50 192512 ----a-w- c:\windows\system32\ati2evxx.dll
2012-02-15 02:32:36 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2012-02-15 02:31:52 4155648 ----a-w- c:\windows\system32\ativvaxx.dll
2012-02-15 02:31:16 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2012-02-15 02:29:38 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-02-15 02:25:10 847872 ----a-w- c:\windows\system32\atikvmag.dll
2012-02-15 02:21:52 634880 ----a-w- c:\windows\system32\atiok3x2.dll
2012-02-15 02:20:04 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2012-02-15 02:19:40 17408 ----a-w- c:\windows\system32\atitvo32.dll
2012-02-15 02:13:44 909312 ----a-w- c:\windows\system32\ati2cqag.dll
2012-02-15 02:12:50 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-02-15 02:12:34 65024 ----a-w- c:\windows\system32\atimpc32.dll
2012-02-15 02:12:34 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll
.
============= FINISH: 16:26:53.42 ===============

Thank you for your help!

Tracy
Tracys
Active Member
 
Posts: 6
Joined: April 9th, 2012, 4:37 pm
Advertisement
Register to Remove

Re: I have some malware and need help removing it

Unread postby mambass » April 10th, 2012, 6:49 pm

Hi Tracy, :)

Welcome to the forum.

My nickname is mambass and I'll be helping you with any malware problems.

Before we begin...please read and follow these important guidelines so things will proceed smoothly.

  1. If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. Please read all instructions carefully before executing them and perform the steps in the order given.
    lf you have any questions or problems executing these instructions then <<STOP>> do not proceed but rather post back with the question or problem.
  4. Your security programs may give warnings for some of the tools I will ask you to use. Be assured that any links I give are safe.
  5. You must have Administrator rights permissions for this computer.
  6. DO NOT run any other fix or removal tools unless instructed to do so!
  7. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  8. Only post your problem at one (1) help site. Applying fixes from multiple help sites can cause problems.
  9. Only reply to this thread. Do not start another thread.
  10. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  11. You might want to place a link to this thread in your Favorites/Bookmarks for easy access.
  12. No Reply Within 3 Days Will Result In Your Topic Being Closed! Please let me know in advance if you will not be able to reply within this time limit.
  13. The logs I request can take a while to research so please be patient.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection. I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system or to necessitate you taking your computer to a repair shop.

Because of this I advise you to backup any personal files and folders before you start.

How to back up or transfer your data on a Windows-based computer

-----------------------------------------------------------

Please post the contents of the Attach.txt log produced by DDS. You can run DDS again if you are unable to find the log that was produced previously.

Thanks,

mambass
User avatar
mambass
Retired Graduate
 
Posts: 826
Joined: April 23rd, 2010, 9:26 am

Re: I have some malware and need help removing it

Unread postby Tracys » April 10th, 2012, 7:24 pm

Since my first post I updated my ad aware and did a new scan I am posting a new DDS.txt as well as Attach.txt. Sorry if this causes a problem.

I really appreciate the help here.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Samuel L Jackson at 19:15:39 on 2012-04-10
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1166 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
svchost.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Ad-Aware Antivirus\Engine\SBAMSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.xfinity.com/customer/start/? ... te07202011
uURLSearchHooks: H - No File
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\adobe acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\adobe acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\adobe acrobat 6.0\acrobat\AcroIEFavClient.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
uRun: [Download] "c:\documents and settings\samuel l jackson\local settings\application data\supportsoft\ddoctorv2\samuel l jackson\ssGet.exe" 120 "http://pcmctbc.cmc.motive.com/motivedocs/EasySolveInstaller.exe" "EasySolveInstaller.exe"
mRun: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
mRun: [OrderReminder] c:\program files\hewlett-packard\orderreminder\OrderReminder.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe"
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
mRun: [SBRegRebootCleaner] "c:\program files\ad-aware antivirus\engine\SBRC.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [RunNarrator] Narrator.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6.5\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: mswsock.dll
Trusted Zone: aol.com\free
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2C66C77E-65B8-42F3-9EC4-D21819FEF2CB} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\samuel l jackson\application data\mozilla\firefox\profiles\7q0xmyic.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://helion.astroempires.com/
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_ ... v2&search=
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\bittorrent_dna\npbtdna.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-10-7 14776]
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2012-4-10 21592]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2012-4-10 332248]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2010-10-28 101720]
R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2012-4-10 212568]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-3-29 1161072]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-6 54752]
R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\engine\SBAMSvc.exe [2011-5-17 2804280]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2012-4-10 74968]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2011-2-14 100368]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2012-4-10 69208]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2012-4-10 94040]
S0 ABIT-IO;ABIT-IO;c:\windows\system32\drivers\abit-io.sys --> c:\windows\system32\drivers\ABIT-IO.sys [?]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S2 antivirscheduler;Tunmp;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 avgascln;Ifp800;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 avgtdi;Sis315;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 awhost32;W200bus;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 axinstsv;Sdcplh;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 ccsetmgr;PCDCODEC;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 ikfilesec;SSHDRV61;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 mbr;Prfldsvc;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 mksupdateint;NETw3x32;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 mksvirmonsvc;Uphclean;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 ndasscsi;Msgsrvservice;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 pav_service;Adsservice;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 pavagente;Aavmker4;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 pctfw1;Vaiomediaplatform-integratedserver-http;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 Slpsvdr;Ovepstatusengine;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 symantecantibotwatcher;Machnm32;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 vet-filt;Pavprsrv;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-29 253600]
S3 ctgame;Game Port;c:\windows\system32\drivers\ctgame.sys [2007-2-2 12160]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 imhidusb;Immersion's HID USB Driver;c:\windows\system32\drivers\imhidusb.sys [2007-2-22 30984]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2007-12-6 42112]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]
S3 Rdtbtnbrnwp;Rdtbtnbrnwp;c:\windows\system32\drivers\flpydisk.sys [2004-8-4 20480]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2012-4-10 69208]
S3 UsbGps;LGE CDMA USB GPS NMEA Port;c:\windows\system32\drivers\lgusbgps.sys --> c:\windows\system32\drivers\lgusbgps.sys [?]
.
=============== Created Last 30 ================
.
2012-04-10 18:24:47 -------- d-----w- c:\documents and settings\samuel l jackson\local settings\application data\adaware
2012-04-10 18:24:14 74968 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2012-04-10 18:24:13 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-04-10 18:24:13 21592 ----a-w- c:\windows\system32\drivers\sbaphd.sys
2012-04-10 18:24:12 212568 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-04-10 18:24:02 69208 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-04-10 18:23:59 332248 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-04-10 18:23:50 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-04-10 18:21:36 -------- d-----w- c:\documents and settings\samuel l jackson\local settings\application data\adawarebp
2012-04-10 18:21:23 -------- d-----w- c:\documents and settings\samuel l jackson\application data\adawaretb
2012-04-10 18:21:22 -------- d-----w- c:\program files\adawaretb
2012-04-10 18:09:19 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Browsing Protection
2012-04-10 18:09:16 -------- d-----w- c:\program files\Toolbar Cleaner
2012-04-10 18:04:36 -------- d-----w- c:\documents and settings\samuel l jackson\application data\Ad-Aware Antivirus
2012-03-30 20:45:56 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-03-30 19:05:46 6582328 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{efad12a9-11cc-4757-8c1a-fbbe6d638328}\mpengine.dll
2012-03-29 14:00:02 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-24 07:39:24 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
2012-03-24 07:39:24 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll
2012-03-17 01:15:56 -------- d-----w- C:\AMD
.
==================== Find3M ====================
.
2012-03-29 14:17:21 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 13:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-15 03:44:58 7585792 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2012-02-15 03:41:52 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2012-02-15 03:09:30 19611648 ----a-w- c:\windows\system32\atioglxx.dll
2012-02-15 02:56:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-02-15 02:55:12 305152 ----a-w- c:\windows\system32\ati2dvag.dll
2012-02-15 02:52:08 5358080 ----a-w- c:\windows\system32\ati3duag.dll
2012-02-15 02:43:02 956160 ----a-w- c:\windows\system32\ativvamv.dll
2012-02-15 02:34:32 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2012-02-15 02:34:18 159744 ----a-w- c:\windows\system32\Oemdspif.dll
2012-02-15 02:34:10 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2012-02-15 02:34:02 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-02-15 02:33:50 192512 ----a-w- c:\windows\system32\ati2evxx.dll
2012-02-15 02:32:36 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2012-02-15 02:31:52 4155648 ----a-w- c:\windows\system32\ativvaxx.dll
2012-02-15 02:31:16 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2012-02-15 02:29:38 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-02-15 02:25:10 847872 ----a-w- c:\windows\system32\atikvmag.dll
2012-02-15 02:21:52 634880 ----a-w- c:\windows\system32\atiok3x2.dll
2012-02-15 02:20:04 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2012-02-15 02:19:40 17408 ----a-w- c:\windows\system32\atitvo32.dll
2012-02-15 02:13:44 909312 ----a-w- c:\windows\system32\ati2cqag.dll
2012-02-15 02:12:50 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-02-15 02:12:34 65024 ----a-w- c:\windows\system32\atimpc32.dll
2012-02-15 02:12:34 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 19:19:00.64 ===============


Now the Attached.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 2/2/2007 2:21:20 AM
System Uptime: 4/10/2012 2:31:13 PM (5 hours ago)
.
Motherboard: http://www.abit.com.tw/ | | KN9 Series(NF-CK804)
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ | Socket M2 | 1999/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 112 GiB total, 37.992 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP457: 1/12/2012 3:00:21 AM - Software Distribution Service 3.0
RP458: 1/13/2012 9:15:09 AM - System Checkpoint
RP459: 1/13/2012 4:53:47 PM - Software Distribution Service 3.0
RP460: 1/14/2012 6:30:50 PM - System Checkpoint
RP461: 1/15/2012 7:09:10 PM - System Checkpoint
RP462: 1/16/2012 7:17:48 PM - System Checkpoint
RP463: 1/17/2012 1:51:44 AM - Software Distribution Service 3.0
RP464: 1/18/2012 1:38:33 PM - System Checkpoint
RP465: 1/19/2012 5:43:35 PM - System Checkpoint
RP466: 1/20/2012 5:00:54 AM - Software Distribution Service 3.0
RP467: 1/21/2012 7:16:15 AM - System Checkpoint
RP468: 1/22/2012 11:50:39 AM - System Checkpoint
RP469: 1/23/2012 5:16:14 PM - System Checkpoint
RP470: 1/24/2012 10:43:13 AM - Software Distribution Service 3.0
RP471: 1/25/2012 12:19:35 PM - System Checkpoint
RP472: 1/26/2012 5:06:24 PM - System Checkpoint
RP473: 1/27/2012 3:45:58 PM - Software Distribution Service 3.0
RP474: 1/28/2012 5:29:18 PM - System Checkpoint
RP475: 1/29/2012 5:52:21 PM - System Checkpoint
RP476: 1/31/2012 8:49:38 AM - Software Distribution Service 3.0
RP477: 2/1/2012 12:11:06 PM - System Checkpoint
RP478: 2/2/2012 1:49:55 PM - System Checkpoint
RP479: 2/3/2012 3:37:25 PM - System Checkpoint
RP480: 2/3/2012 4:34:21 PM - Software Distribution Service 3.0
RP481: 2/4/2012 5:24:25 PM - System Checkpoint
RP482: 2/5/2012 6:10:00 PM - System Checkpoint
RP483: 2/7/2012 7:50:11 AM - Software Distribution Service 3.0
RP484: 2/8/2012 9:50:30 AM - System Checkpoint
RP485: 2/8/2012 2:26:34 PM - Software Distribution Service 3.0
RP486: 2/9/2012 12:06:39 AM - Removed Comcast Desktop Software (v1.2.0.9)
RP487: 2/9/2012 12:07:44 AM - Removed Desktop Doctor
RP488: 2/10/2012 9:32:22 AM - Software Distribution Service 3.0
RP489: 2/11/2012 4:45:02 PM - System Checkpoint
RP490: 2/12/2012 5:08:15 PM - System Checkpoint
RP491: 2/13/2012 10:39:44 PM - System Checkpoint
RP492: 2/14/2012 7:43:09 PM - Software Distribution Service 3.0
RP493: 2/15/2012 3:00:16 AM - Software Distribution Service 3.0
RP494: 2/15/2012 8:41:18 AM - Software Distribution Service 3.0
RP495: 2/16/2012 11:13:18 AM - System Checkpoint
RP496: 2/17/2012 8:53:32 AM - Software Distribution Service 3.0
RP497: 2/18/2012 11:52:42 AM - System Checkpoint
RP498: 2/19/2012 6:51:33 PM - System Checkpoint
RP499: 2/20/2012 8:53:32 PM - System Checkpoint
RP500: 2/21/2012 7:40:24 AM - Software Distribution Service 3.0
RP501: 2/22/2012 10:07:15 AM - System Checkpoint
RP502: 2/23/2012 4:01:23 PM - System Checkpoint
RP503: 2/24/2012 5:18:23 PM - System Checkpoint
RP504: 2/24/2012 7:28:36 PM - Software Distribution Service 3.0
RP505: 2/25/2012 7:54:50 PM - System Checkpoint
RP506: 2/26/2012 8:22:41 PM - System Checkpoint
RP507: 2/27/2012 9:39:27 PM - System Checkpoint
RP508: 2/28/2012 7:29:32 AM - Software Distribution Service 3.0
RP509: 2/29/2012 2:46:22 PM - System Checkpoint
RP510: 3/1/2012 4:07:14 PM - System Checkpoint
RP511: 3/2/2012 10:28:12 AM - Software Distribution Service 3.0
RP512: 3/3/2012 12:52:32 PM - System Checkpoint
RP513: 3/4/2012 1:30:55 PM - System Checkpoint
RP514: 3/5/2012 1:45:38 PM - System Checkpoint
RP515: 3/6/2012 12:26:44 PM - Software Distribution Service 3.0
RP516: 3/7/2012 1:38:11 PM - System Checkpoint
RP517: 3/8/2012 3:32:40 PM - System Checkpoint
RP518: 3/9/2012 3:04:12 PM - Software Distribution Service 3.0
RP519: 3/10/2012 3:40:42 PM - System Checkpoint
RP520: 3/11/2012 6:35:16 PM - System Checkpoint
RP521: 3/12/2012 8:24:08 PM - System Checkpoint
RP522: 3/13/2012 3:50:01 PM - Software Distribution Service 3.0
RP523: 3/14/2012 4:39:53 PM - Software Distribution Service 3.0
RP524: 3/15/2012 7:32:38 PM - System Checkpoint
RP525: 3/16/2012 3:50:17 PM - Software Distribution Service 3.0
RP526: 3/17/2012 4:51:30 PM - System Checkpoint
RP527: 3/18/2012 5:25:33 PM - System Checkpoint
RP528: 3/19/2012 6:39:03 PM - System Checkpoint
RP529: 3/20/2012 9:55:07 AM - Software Distribution Service 3.0
RP530: 3/21/2012 9:55:34 AM - System Checkpoint
RP531: 3/22/2012 10:47:42 AM - System Checkpoint
RP532: 3/23/2012 1:47:05 AM - Software Distribution Service 3.0
RP533: 3/24/2012 10:45:15 AM - System Checkpoint
RP534: 3/25/2012 5:38:47 PM - System Checkpoint
RP535: 3/26/2012 10:20:59 PM - System Checkpoint
RP536: 3/27/2012 2:25:25 PM - Software Distribution Service 3.0
RP537: 3/28/2012 2:49:55 PM - System Checkpoint
RP538: 3/29/2012 4:05:48 PM - System Checkpoint
RP539: 3/30/2012 3:05:43 PM - Software Distribution Service 3.0
RP540: 3/31/2012 3:19:37 PM - Software Distribution Service 3.0
RP541: 3/31/2012 11:15:36 PM - Installed Ad-Aware
RP542: 4/2/2012 5:00:09 AM - System Checkpoint
RP543: 4/3/2012 1:26:05 PM - System Checkpoint
RP544: 4/4/2012 1:30:22 PM - System Checkpoint
RP545: 4/5/2012 4:47:07 PM - System Checkpoint
RP546: 4/6/2012 5:25:16 PM - System Checkpoint
RP547: 4/7/2012 6:04:59 PM - System Checkpoint
RP548: 4/9/2012 10:23:23 AM - System Checkpoint
RP549: 4/10/2012 11:35:20 AM - System Checkpoint
.
==== Installed Programs ======================
.
7-Zip 4.44 beta
Acrobat.com
Ad-Aware Antivirus
Ad-Aware Browsing Protection
Ad-Aware Security Toolbar
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 6.0.1 Professional
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Acrobat and Reader 6.0.5 Update
Adobe Acrobat and Reader 6.0.6 Update
Adobe AIR
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Creative Suite
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.0
Adobe Shockwave Player 11.6
AMD APP SDK Runtime
AMD Catalyst Install Manager
Apple Application Support
Apple Software Update
ATI AVIVO Codecs
ATI Catalyst Registration
Audacity 1.2.6
AutoUnpack 4.4.4
AVIConverter 3.0
AVS Audio Converter version 5.1
AVS Audio Editor version 4.1
AVS DVDMenu Editor 1.2.1.19
AVS Video Converter 6
AVS Video Editor 3.5
AVS4YOU Software Navigator 1.2
BitTorrent 6.0
BitTorrent DNA
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera WIA Driver
Canon EOS 10D WIA Driver
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility
CCC Help Chinese Standard
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Critical Update for Windows Media Player 11 (KB959772)
DivX Setup
DreamStation DXi2
Driver Detective
DVD Decoder Pak for Windows XP
eFile Express 2007
File Renamer - Basic
Flash Saver Maker 1.68
FLV Player 2.0, build 23
H&R Block Deluxe + Efile + State 2009
H&R Block Deluxe + Efile + State 2010
H&R Block Michigan 2009
H&R Block Michigan 2010
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
ICQ6.5
ImageMixer 3 SE
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
LaserJet 1020 series
LeapFrog Connect
LeapFrog My Pals Plugin
LeechFTP
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Calculator Plus
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 7.1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Windows Media Video 9 VCM
Microsoft Windows XP Video Decoder Checkup Utility
mIRC
Mozilla Firefox 11.0 (x86 en-US)
Mozilla Firefox 4.0b7 (x86 en-US)
Mozilla Thunderbird 10.0.2 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My.Freeze.com NetAssistant
Need For Speed™ World
Nero Digital
Nero Media Player
Nero OEM
NewsLeecher v3.9 Beta 11
NVIDIA Drivers
OpenOffice.org 2.1
OrderReminder HP LaserJet 1020
Pdf995 (installed by TaxCut)
PdfEdit995 (installed by TaxCut)
Picasa 2
PokerStars
QuickTime
RayV
Realtek AC'97 Audio
Saitek Configuration Software
Saitek NT Controller Drivers
SeaMonkey (1.1.17)
SeaMonkey (2.8)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Skype™ 4.2
Smart Defrag 2
SpeechRedist
Spotify
Spybot - Search & Destroy
swMSM
TaxCut Premium + Efile 2008
TaxCut Premium 2007
TeamSpeak 3 Client
The Lord of the Rings FREE Trial
TUGZip 3.4
Turbo Lister 2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
VC80CRTRedist - 8.0.50727.4053
Ventrilo Client
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
WIBU-KEY Setup (WIBU-KEY Remove)
Windows Defender
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
World of Tanks closed Beta v.0.6.3.8
Xfire (remove only)
Yahoo! Messenger
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
4/10/2012 7:18:56 PM, error: Service Control Manager [7023] - The WmBEnum service terminated with the following error: Access is denied.
4/10/2012 7:17:56 PM, error: Service Control Manager [7023] - The Nwcworkstation service terminated with the following error: Access is denied.
4/10/2012 7:16:57 PM, error: Service Control Manager [7023] - The Nabtsfec service terminated with the following error: Access is denied.
4/10/2012 7:15:57 PM, error: Service Control Manager [7023] - The Mindrepair service terminated with the following error: Access is denied.
4/10/2012 7:14:57 PM, error: Service Control Manager [7023] - The Smartwiservice service terminated with the following error: The specified module could not be found.
4/10/2012 7:13:56 PM, error: Service Control Manager [7023] - The UNDPX2A service terminated with the following error: Access is denied.
4/10/2012 7:12:56 PM, error: Service Control Manager [7023] - The S217mdm service terminated with the following error: The specified module could not be found.
4/10/2012 7:11:57 PM, error: Service Control Manager [7023] - The Webrootspysweeperservice service terminated with the following error: Access is denied.
4/10/2012 7:10:57 PM, error: Service Control Manager [7023] - The Sqlserveragent service terminated with the following error: Access is denied.
4/10/2012 7:09:57 PM, error: Service Control Manager [7023] - The Blueservice service terminated with the following error: The specified module could not be found.
4/10/2012 7:08:57 PM, error: Service Control Manager [7023] - The ELmou service terminated with the following error: The specified module could not be found.
4/10/2012 7:07:57 PM, error: Service Control Manager [7023] - The U3sHlpDr service terminated with the following error: The specified module could not be found.
4/10/2012 7:06:57 PM, error: Service Control Manager [7023] - The Backupexecagentbrowser service terminated with the following error: Access is denied.
4/10/2012 7:05:56 PM, error: Service Control Manager [7023] - The Quickbooksdb service terminated with the following error: Access is denied.
4/10/2012 7:04:57 PM, error: Service Control Manager [7023] - The Usbatapi2000 service terminated with the following error: Access is denied.
4/10/2012 7:03:56 PM, error: Service Control Manager [7023] - The ASUSVRC service terminated with the following error: Access is denied.
4/10/2012 7:02:57 PM, error: Service Control Manager [7023] - The {eda5f5d3-9e0f-4f4d-8a13-1d1cf469c9cc} service terminated with the following error: The specified module could not be found.
4/10/2012 7:01:56 PM, error: Service Control Manager [7023] - The NWFILTER service terminated with the following error: Access is denied.
4/10/2012 7:00:56 PM, error: Service Control Manager [7023] - The Bc_ngn service terminated with the following error: Access is denied.
4/10/2012 7:00:00 PM, error: Service Control Manager [7023] - The Sp_rssrv service terminated with the following error: The specified module could not be found.
4/10/2012 6:58:56 PM, error: Service Control Manager [7023] - The Aracpi service terminated with the following error: Access is denied.
4/10/2012 6:57:56 PM, error: Service Control Manager [7023] - The Rnadiagreceiver service terminated with the following error: Access is denied.
4/10/2012 6:56:56 PM, error: Service Control Manager [7023] - The VAIOMediaPlatform-PhotoServer-UPnP service terminated with the following error: Access is denied.
4/10/2012 6:55:56 PM, error: Service Control Manager [7023] - The NETw3x32 service terminated with the following error: Access is denied.
4/10/2012 6:54:56 PM, error: Service Control Manager [7023] - The Igateway service terminated with the following error: Access is denied.
4/10/2012 6:53:57 PM, error: Service Control Manager [7023] - The Scarddrv service terminated with the following error: The specified module could not be found.
4/10/2012 6:52:56 PM, error: Service Control Manager [7023] - The Klif service terminated with the following error: The specified module could not be found.
4/10/2012 6:51:56 PM, error: Service Control Manager [7023] - The Nipsvc service terminated with the following error: Access is denied.
4/10/2012 6:50:57 PM, error: Service Control Manager [7023] - The Bdrsdrv service terminated with the following error: The specified module could not be found.
4/10/2012 6:49:56 PM, error: Service Control Manager [7023] - The Netrcacm service terminated with the following error: Access is denied.
4/10/2012 6:48:56 PM, error: Service Control Manager [7023] - The ProcObsrv service terminated with the following error: The specified module could not be found.
4/10/2012 6:47:56 PM, error: Service Control Manager [7023] - The L8042pr2 service terminated with the following error: Access is denied.
4/10/2012 6:46:56 PM, error: Service Control Manager [7023] - The Fshttps service terminated with the following error: Access is denied.
4/10/2012 6:45:58 PM, error: Service Control Manager [7023] - The SNP2STD service terminated with the following error: Access is denied.
4/10/2012 6:44:56 PM, error: Service Control Manager [7023] - The Pageserver service terminated with the following error: Access is denied.
4/10/2012 6:43:56 PM, error: Service Control Manager [7023] - The YMIDUSB service terminated with the following error: The specified module could not be found.
4/10/2012 6:42:56 PM, error: Service Control Manager [7023] - The W200bus service terminated with the following error: Access is denied.
4/10/2012 6:41:55 PM, error: Service Control Manager [7023] - The Mcp service terminated with the following error: The specified module could not be found.
4/10/2012 6:40:55 PM, error: Service Control Manager [7023] - The K750mdfl service terminated with the following error: Access is denied.
4/10/2012 6:39:55 PM, error: Service Control Manager [7023] - The Rtl8187Se service terminated with the following error: Access is denied.
4/10/2012 6:38:55 PM, error: Service Control Manager [7023] - The Thpsrv service terminated with the following error: Access is denied.
4/10/2012 6:37:56 PM, error: Service Control Manager [7023] - The Ithsgt service terminated with the following error: The specified module could not be found.
4/10/2012 6:36:57 PM, error: Service Control Manager [7023] - The VHidMinidrv service terminated with the following error: Access is denied.
4/10/2012 6:36:03 PM, error: Service Control Manager [7023] - The Lvselsus service terminated with the following error: The specified module could not be found.
4/10/2012 6:34:53 PM, error: Service Control Manager [7023] - The Adpu320 service terminated with the following error: Access is denied.
4/10/2012 6:33:53 PM, error: Service Control Manager [7023] - The Whoisd32 service terminated with the following error: Access is denied.
4/10/2012 6:32:53 PM, error: Service Control Manager [7023] - The Pdlnacom service terminated with the following error: Access is denied.
4/10/2012 6:31:53 PM, error: Service Control Manager [7023] - The Lsdiorw service terminated with the following error: Access is denied.
4/10/2012 6:30:53 PM, error: Service Control Manager [7023] - The BRCMDECO service terminated with the following error: The specified module could not be found.
4/10/2012 6:29:53 PM, error: Service Control Manager [7023] - The SE2Cobex service terminated with the following error: Access is denied.
4/10/2012 6:28:53 PM, error: Service Control Manager [7023] - The Df5serv service terminated with the following error: Access is denied.
4/10/2012 6:27:53 PM, error: Service Control Manager [7023] - The BrSerIf service terminated with the following error: The specified module could not be found.
4/10/2012 6:26:53 PM, error: Service Control Manager [7023] - The Lexbces service terminated with the following error: Access is denied.
4/10/2012 6:25:53 PM, error: Service Control Manager [7023] - The WcesComm service terminated with the following error: Access is denied.
4/10/2012 6:24:53 PM, error: Service Control Manager [7023] - The Vxd service terminated with the following error: The specified module could not be found.
4/10/2012 6:23:53 PM, error: Service Control Manager [7023] - The St330service service terminated with the following error: Access is denied.
4/10/2012 6:22:53 PM, error: Service Control Manager [7023] - The CTMSHD service terminated with the following error: The specified module could not be found.
4/10/2012 6:21:53 PM, error: Service Control Manager [7023] - The MegaSR service terminated with the following error: Access is denied.
4/10/2012 6:20:53 PM, error: Service Control Manager [7023] - The Ccflic0 service terminated with the following error: Access is denied.
4/10/2012 6:19:53 PM, error: Service Control Manager [7023] - The Ibmfilter service terminated with the following error: The specified module could not be found.
4/10/2012 6:18:53 PM, error: Service Control Manager [7023] - The Dpc_srv_webcast service terminated with the following error: Access is denied.
4/10/2012 6:17:53 PM, error: Service Control Manager [7023] - The VX3000 service terminated with the following error: Access is denied.
4/10/2012 6:16:53 PM, error: Service Control Manager [7023] - The Gdrv service terminated with the following error: Access is denied.
4/10/2012 6:15:52 PM, error: Service Control Manager [7023] - The Serenum service terminated with the following error: Access is denied.
4/10/2012 6:14:53 PM, error: Service Control Manager [7023] - The Gmer service terminated with the following error: Access is denied.
4/10/2012 6:13:52 PM, error: Service Control Manager [7023] - The Vaiomediaplatform-integratedserver-http service terminated with the following error: Access is denied.
4/10/2012 6:12:52 PM, error: Service Control Manager [7023] - The Webupdate service terminated with the following error: Access is denied.
4/10/2012 6:11:52 PM, error: Service Control Manager [7023] - The Int15.sys service terminated with the following error: The specified module could not be found.
4/10/2012 6:10:53 PM, error: Service Control Manager [7023] - The Ppped service terminated with the following error: Access is denied.
4/10/2012 6:09:52 PM, error: Service Control Manager [7023] - The OEM02Vfx service terminated with the following error: Access is denied.
4/10/2012 6:08:53 PM, error: Service Control Manager [7023] - The Bcm43xx service terminated with the following error: The specified module could not be found.
4/10/2012 6:07:52 PM, error: Service Control Manager [7023] - The Mafwboot service terminated with the following error: Access is denied.
4/10/2012 6:06:52 PM, error: Service Control Manager [7023] - The A016mgmt service terminated with the following error: Access is denied.
4/10/2012 6:05:52 PM, error: Service Control Manager [7023] - The P3 service terminated with the following error: The specified module could not be found.
4/10/2012 6:04:52 PM, error: Service Control Manager [7023] - The Vaiomediaplatform-integratedserver-appserver service terminated with the following error: Access is denied.
4/10/2012 6:03:52 PM, error: Service Control Manager [7023] - The AN983 service terminated with the following error: Access is denied.
4/10/2012 6:02:52 PM, error: Service Control Manager [7023] - The Bthidmgr service terminated with the following error: The specified module could not be found.
4/10/2012 6:01:52 PM, error: Service Control Manager [7023] - The VX1000 service terminated with the following error: Access is denied.
4/10/2012 6:00:52 PM, error: Service Control Manager [7023] - The CrystalSysInfo service terminated with the following error: Access is denied.
4/10/2012 5:59:52 PM, error: Service Control Manager [7023] - The Iastor service terminated with the following error: Access is denied.
4/10/2012 5:58:52 PM, error: Service Control Manager [7023] - The EAWDMFD service terminated with the following error: Access is denied.
4/10/2012 5:57:52 PM, error: Service Control Manager [7023] - The Blueletaudio service terminated with the following error: Access is denied.
4/10/2012 5:56:52 PM, error: Service Control Manager [7023] - The CBTNDIS5 service terminated with the following error: The specified module could not be found.
4/10/2012 5:55:52 PM, error: Service Control Manager [7023] - The Rbfilter service terminated with the following error: Access is denied.
4/10/2012 5:54:52 PM, error: Service Control Manager [7023] - The Flashcom service terminated with the following error: Access is denied.
4/10/2012 5:53:52 PM, error: Service Control Manager [7023] - The MSMQTriggers service terminated with the following error: The specified module could not be found.
4/10/2012 5:52:52 PM, error: Service Control Manager [7023] - The Odclientservice service terminated with the following error: Access is denied.
4/10/2012 5:51:52 PM, error: Service Control Manager [7023] - The Rt61 service terminated with the following error: Access is denied.
4/10/2012 5:50:52 PM, error: Service Control Manager [7023] - The Spsslm service terminated with the following error: Access is denied.
4/10/2012 5:49:52 PM, error: Service Control Manager [7023] - The ADIDTSFiltService service terminated with the following error: Access is denied.
4/10/2012 5:48:52 PM, error: Service Control Manager [7023] - The SymIM service terminated with the following error: Access is denied.
4/10/2012 5:47:52 PM, error: Service Control Manager [7023] - The Avgarcln service terminated with the following error: Access is denied.
4/10/2012 5:46:52 PM, error: Service Control Manager [7023] - The NETMDUSB service terminated with the following error: Access is denied.
4/10/2012 5:45:52 PM, error: Service Control Manager [7023] - The FINEPIX_PCC service terminated with the following error: Access is denied.
4/10/2012 5:44:52 PM, error: Service Control Manager [7023] - The Icam4usb service terminated with the following error: Access is denied.
4/10/2012 5:43:52 PM, error: Service Control Manager [7023] - The SlNtHal service terminated with the following error: Access is denied.
4/10/2012 5:42:52 PM, error: Service Control Manager [7023] - The Tunnelguardservice service terminated with the following error: The specified module could not be found.
4/10/2012 5:41:52 PM, error: Service Control Manager [7023] - The CnxTrLan service terminated with the following error: Access is denied.
4/10/2012 5:40:51 PM, error: Service Control Manager [7023] - The Dot4scan service terminated with the following error: The specified module could not be found.
4/10/2012 5:39:51 PM, error: Service Control Manager [7023] - The S616bus service terminated with the following error: Access is denied.
4/10/2012 5:38:51 PM, error: Service Control Manager [7023] - The Sbp2port service terminated with the following error: Access is denied.
4/10/2012 5:37:51 PM, error: Service Control Manager [7023] - The Rdnaoflsvc service terminated with the following error: The specified module could not be found.
4/10/2012 5:36:51 PM, error: Service Control Manager [7023] - The Asp.net service terminated with the following error: Access is denied.
4/10/2012 5:35:51 PM, error: Service Control Manager [7023] - The EKECioCtl service terminated with the following error: Access is denied.
4/10/2012 5:34:51 PM, error: Service Control Manager [7023] - The Cidaemon service terminated with the following error: The specified module could not be found.
4/10/2012 5:33:51 PM, error: Service Control Manager [7023] - The Vmkbd2 service terminated with the following error: Access is denied.
4/10/2012 5:32:51 PM, error: Service Control Manager [7023] - The Ovepstatusengine service terminated with the following error: Access is denied.
4/10/2012 5:31:51 PM, error: Service Control Manager [7023] - The Cpntsrv service terminated with the following error: Access is denied.
4/10/2012 5:30:51 PM, error: Service Control Manager [7023] - The HabuFltr service terminated with the following error: Access is denied.
4/10/2012 5:29:51 PM, error: Service Control Manager [7023] - The Arrayssl_vpn_service3,0,1,9 service terminated with the following error: The specified module could not be found.
4/10/2012 5:28:51 PM, error: Service Control Manager [7023] - The TSHWMDTCP service terminated with the following error: Access is denied.
4/10/2012 5:27:50 PM, error: Service Control Manager [7023] - The ACDaemon service terminated with the following error: Access is denied.
4/10/2012 5:26:51 PM, error: Service Control Manager [7023] - The GoProto service terminated with the following error: The specified module could not be found.
4/10/2012 5:25:50 PM, error: Service Control Manager [7023] - The Se45unic service terminated with the following error: Access is denied.
4/10/2012 5:24:50 PM, error: Service Control Manager [7023] - The Jsdaemon service terminated with the following error: Access is denied.
4/10/2012 5:23:50 PM, error: Service Control Manager [7023] - The Eventclientmultiplexer service terminated with the following error: The specified module could not be found.
4/10/2012 5:22:50 PM, error: Service Control Manager [7023] - The MA_CMIDI service terminated with the following error: Access is denied.
4/10/2012 5:21:50 PM, error: Service Control Manager [7023] - The Btcsrusb service terminated with the following error: The specified module could not be found.
4/10/2012 5:20:50 PM, error: Service Control Manager [7023] - The Tnidriver service terminated with the following error: Access is denied.
4/10/2012 5:19:50 PM, error: Service Control Manager [7023] - The Mrobeservice service terminated with the following error: Access is denied.
4/10/2012 5:18:50 PM, error: Service Control Manager [7023] - The Acermemusagecheckservice service terminated with the following error: The specified module could not be found.
4/10/2012 5:17:50 PM, error: Service Control Manager [7023] - The Scdemu service terminated with the following error: Access is denied.
4/10/2012 5:16:50 PM, error: Service Control Manager [7023] - The Ifp800 service terminated with the following error: Access is denied.
4/10/2012 5:15:51 PM, error: Service Control Manager [7023] - The Nocashio service terminated with the following error: The specified module could not be found.
4/10/2012 5:14:50 PM, error: Service Control Manager [7023] - The WmiAcpi service terminated with the following error: Access is denied.
4/10/2012 5:13:50 PM, error: Service Control Manager [7023] - The U81xmgmt service terminated with the following error: Access is denied.
4/10/2012 5:12:50 PM, error: Service Control Manager [7023] - The FVNETusb service terminated with the following error: The specified module could not be found.
4/10/2012 5:11:50 PM, error: Service Control Manager [7023] - The Msgsrvservice service terminated with the following error: Access is denied.
4/10/2012 5:10:50 PM, error: Service Control Manager [7023] - The Winpower service terminated with the following error: The specified module could not be found.
4/10/2012 5:09:50 PM, error: Service Control Manager [7023] - The Starwindserviceae service terminated with the following error: Access is denied.
4/10/2012 5:08:47 PM, error: Service Control Manager [7023] - The Pktfilter service terminated with the following error: The specified module could not be found.
4/10/2012 5:07:47 PM, error: Service Control Manager [7023] - The ICAM5USB service terminated with the following error: Access is denied.
4/10/2012 5:06:47 PM, error: Service Control Manager [7023] - The VC6SecS service terminated with the following error: Access is denied.
4/10/2012 5:05:48 PM, error: Service Control Manager [7023] - The Atiavaiw service terminated with the following error: The specified module could not be found.
4/10/2012 5:04:47 PM, error: Service Control Manager [7023] - The Vcommmgr service terminated with the following error: Access is denied.
4/10/2012 5:03:47 PM, error: Service Control Manager [7023] - The Nwdls service terminated with the following error: Access is denied.
4/10/2012 5:02:47 PM, error: Service Control Manager [7023] - The Anydlc service terminated with the following error: Access is denied.
4/10/2012 5:01:47 PM, error: Service Control Manager [7023] - The U81xobex service terminated with the following error: Access is denied.
4/10/2012 5:00:47 PM, error: Service Control Manager [7023] - The Machnm32 service terminated with the following error: Access is denied.
4/10/2012 4:59:47 PM, error: Service Control Manager [7023] - The SSHDRV61 service terminated with the following error: The specified module could not be found.
4/10/2012 4:58:47 PM, error: Service Control Manager [7023] - The Ggsemc service terminated with the following error: Access is denied.
4/10/2012 4:57:47 PM, error: Service Control Manager [7023] - The Mcvsrte service terminated with the following error: Access is denied.
4/10/2012 4:56:47 PM, error: Service Control Manager [7023] - The CnxTrUsb service terminated with the following error: The specified module could not be found.
4/10/2012 4:55:47 PM, error: Service Control Manager [7023] - The Sndsrvc service terminated with the following error: Access is denied.
4/10/2012 4:54:47 PM, error: Service Control Manager [7023] - The StreamDispatcher service terminated with the following error: Access is denied.
4/10/2012 4:53:47 PM, error: Service Control Manager [7023] - The IAimFP5 service terminated with the following error: The specified module could not be found.
4/10/2012 4:52:46 PM, error: Service Control Manager [7023] - The AeLookupSvc service terminated with the following error: Access is denied.
4/10/2012 4:51:46 PM, error: Service Control Manager [7023] - The Rimvserport service terminated with the following error: The specified module could not be found.
4/10/2012 4:50:45 PM, error: Service Control Manager [7023] - The Cfgwzsvc service terminated with the following error: The specified module could not be found.
4/10/2012 4:49:46 PM, error: Service Control Manager [7023] - The Plsremotesvc service terminated with the following error: Access is denied.
4/10/2012 4:48:45 PM, error: Service Control Manager [7023] - The Lxbs_device service terminated with the following error: Access is denied.
4/10/2012 4:47:45 PM, error: Service Control Manager [7023] - The EPOWER service terminated with the following error: Access is denied.
4/10/2012 4:46:46 PM, error: Service Control Manager [7023] - The CdaC15BA service terminated with the following error: Access is denied.
4/10/2012 4:45:45 PM, error: Service Control Manager [7023] - The Mfeapfk service terminated with the following error: Access is denied.
4/10/2012 4:44:45 PM, error: Service Control Manager [7023] - The Brmfbags service terminated with the following error: Access is denied.
4/10/2012 4:43:45 PM, error: Service Control Manager [7023] - The Nbf service terminated with the following error: Access is denied.
4/10/2012 4:42:46 PM, error: Service Control Manager [7023] - The Transactional service terminated with the following error: Access is denied.
4/10/2012 4:41:46 PM, error: Service Control Manager [7023] - The Websenselogserver service terminated with the following error: The specified module could not be found.
4/10/2012 4:40:48 PM, error: Service Control Manager [7023] - The Aavmker4 service terminated with the following error: Access is denied.
4/10/2012 4:39:49 PM, error: Service Control Manager [7023] - The Tfsnopio service terminated with the following error: Access is denied.
4/10/2012 4:38:46 PM, error: Service Control Manager [7023] - The Adsservice service terminated with the following error: The specified module could not be found.
4/10/2012 4:37:45 PM, error: Service Control Manager [7023] - The Pccsmcfd service terminated with the following error: Access is denied.
4/10/2012 4:36:45 PM, error: Service Control Manager [7023] - The EL2000 service terminated with the following error: The specified module could not be found.
4/10/2012 4:35:45 PM, error: Service Control Manager [7023] - The KS0108 service terminated with the following error: Access is denied.
4/10/2012 4:34:45 PM, error: Service Control Manager [7023] - The XAudio service terminated with the following error: Access is denied.
4/10/2012 4:33:45 PM, error: Service Control Manager [7023] - The Ashampoodefragservice service terminated with the following error: Access is denied.
4/10/2012 4:32:46 PM, error: Service Control Manager [7023] - The Stylexphelper service terminated with the following error: The specified module could not be found.
4/10/2012 4:31:45 PM, error: Service Control Manager [7023] - The Cfsvcs service terminated with the following error: Access is denied.
4/10/2012 4:30:46 PM, error: Service Control Manager [7023] - The Citrixxteserver service terminated with the following error: Access is denied.
4/10/2012 4:29:46 PM, error: Service Control Manager [7023] - The Prfldsvc service terminated with the following error: Access is denied.
4/10/2012 4:28:45 PM, error: Service Control Manager [7023] - The Purgeieservice service terminated with the following error: The specified module could not be found.
4/10/2012 4:27:45 PM, error: Service Control Manager [7023] - The Niorbk service terminated with the following error: Access is denied.
4/10/2012 4:26:45 PM, error: Service Control Manager [7023] - The Incdrm service terminated with the following error: Access is denied.
4/10/2012 4:25:45 PM, error: Service Control Manager [7023] - The SE2Emdm service terminated with the following error: Access is denied.
4/10/2012 4:24:45 PM, error: Service Control Manager [7023] - The Wanatw service terminated with the following error: Access is denied.
4/10/2012 4:23:45 PM, error: Service Control Manager [7023] - The Roxupnpserver service terminated with the following error: Access is denied.
4/10/2012 4:22:45 PM, error: Service Control Manager [7023] - The IJPLMSVC service terminated with the following error: Access is denied.
4/10/2012 4:21:45 PM, error: Service Control Manager [7023] - The Bdss service terminated with the following error: Access is denied.
4/10/2012 4:20:45 PM, error: Service Control Manager [7023] - The Qhwscsvc service terminated with the following error: Access is denied.
4/10/2012 4:19:45 PM, error: Service Control Manager [7023] - The AVCSTRM service terminated with the following error: Access is denied.
4/10/2012 4:18:45 PM, error: Service Control Manager [7023] - The DVDRC service terminated with the following error: Access is denied.
4/10/2012 4:17:45 PM, error: Service Control Manager [7023] - The Mbmiodrvr service terminated with the following error: Access is denied.
4/10/2012 4:16:45 PM, error: Service Control Manager [7023] - The Wwnetdde service terminated with the following error: Access is denied.
4/10/2012 4:15:45 PM, error: Service Control Manager [7023] - The SunkFilt39 service terminated with the following error: Access is denied.
4/10/2012 4:14:45 PM, error: Service Control Manager [7023] - The Zebrmdmc service terminated with the following error: Access is denied.
4/10/2012 4:13:45 PM, error: Service Control Manager [7023] - The Zfdwm service terminated with the following error: Access is denied.
4/10/2012 4:12:45 PM, error: Service Control Manager [7023] - The Crystaloutputfileserver service terminated with the following error: Access is denied.
4/10/2012 4:11:45 PM, error: Service Control Manager [7023] - The PCDCODEC service terminated with the following error: The specified module could not be found.
4/10/2012 4:10:45 PM, error: Service Control Manager [7023] - The Adiloader service terminated with the following error: Access is denied.
4/10/2012 4:09:45 PM, error: Service Control Manager [7023] - The Nuvvid2 service terminated with the following error: Access is denied.
4/10/2012 4:08:45 PM, error: Service Control Manager [7023] - The Lemsgt service terminated with the following error: Access is denied.
4/10/2012 4:07:45 PM, error: Service Control Manager [7023] - The Sdcplh service terminated with the following error: Access is denied.
4/10/2012 4:06:46 PM, error: Service Control Manager [7023] - The Oracleformsserver-forms60server-oraform service terminated with the following error: The specified module could not be found.
4/10/2012 4:05:45 PM, error: Service Control Manager [7023] - The Kbstuff service terminated with the following error: Access is denied.
4/10/2012 4:04:45 PM, error: Service Control Manager [7023] - The S117obex service terminated with the following error: The specified module could not be found.
4/10/2012 4:03:45 PM, error: Service Control Manager [7023] - The Dmprimer service terminated with the following error: Access is denied.
4/10/2012 4:02:45 PM, error: Service Control Manager [7023] - The HssTrayService service terminated with the following error: Access is denied.
4/10/2012 4:01:45 PM, error: Service Control Manager [7023] - The Cdfsvc service terminated with the following error: The specified module could not be found.
4/10/2012 4:00:45 PM, error: Service Control Manager [7023] - The Softfax service terminated with the following error: Access is denied.
4/10/2012 3:59:45 PM, error: Service Control Manager [7023] - The Apache service terminated with the following error: The specified module could not be found.
4/10/2012 3:58:45 PM, error: Service Control Manager [7023] - The Pavagente service terminated with the following error: Access is denied.
4/10/2012 3:57:45 PM, error: Service Control Manager [7023] - The Deventagent service terminated with the following error: The specified module could not be found.
4/10/2012 3:56:45 PM, error: Service Control Manager [7023] - The Mohfilt service terminated with the following error: The specified module could not be found.
4/10/2012 3:55:45 PM, error: Service Control Manager [7023] - The NITaggerService service terminated with the following error: Access is denied.
4/10/2012 3:54:45 PM, error: Service Control Manager [7023] - The NWUSBModem service terminated with the following error: Access is denied.
4/10/2012 3:53:45 PM, error: Service Control Manager [7023] - The PQNTDrv service terminated with the following error: Access is denied.
4/10/2012 3:52:45 PM, error: Service Control Manager [7023] - The Nscservice service terminated with the following error: Access is denied.
4/10/2012 3:51:45 PM, error: Service Control Manager [7023] - The EmAudio service terminated with the following error: Access is denied.
4/10/2012 3:50:45 PM, error: Service Control Manager [7023] - The Backuplauncher service terminated with the following error: The specified module could not be found.
4/10/2012 3:49:45 PM, error: Service Control Manager [7023] - The Mqdmbus service terminated with the following error: Access is denied.
4/10/2012 3:48:44 PM, error: Service Control Manager [7023] - The Tsircsrv service terminated with the following error: Access is denied.
4/10/2012 3:47:45 PM, error: Service Control Manager [7023] - The Lvusbsta service terminated with the following error: The specified module could not be found.
4/10/2012 3:46:45 PM, error: Service Control Manager [7023] - The Pcouffin service terminated with the following error: Access is denied.
4/10/2012 3:45:45 PM, error: Service Control Manager [7023] - The Se45mgmt service terminated with the following error: Access is denied.
4/10/2012 3:44:45 PM, error: Service Control Manager [7023] - The Mssqlserverolapservice service terminated with the following error: The specified module could not be found.
4/10/2012 3:43:46 PM, error: Service Control Manager [7023] - The Hpqwmiex service terminated with the following error: The specified module could not be found.
4/10/2012 3:42:45 PM, error: Service Control Manager [7023] - The IntelC52 service terminated with the following error: Access is denied.
4/10/2012 3:41:49 PM, error: Service Control Manager [7023] - The Appn service terminated with the following error: Access is denied.
4/10/2012 3:41:12 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
4/10/2012 3:40:47 PM, error: Service Control Manager [7023] - The Websensepolicyserver service terminated with the following error: Access is denied.
4/10/2012 3:39:47 PM, error: Service Control Manager [7023] - The Pavprsrv service terminated with the following error: Access is denied.
4/10/2012 3:38:47 PM, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: The specified module could not be found.
4/10/2012 3:37:45 PM, error: Service Control Manager [7023] - The MSFWHLPR service terminated with the following error: Access is denied.
4/10/2012 3:36:46 PM, error: Service Control Manager [7023] - The Ibmcicstransactiongateway service terminated with the following error: Access is denied.
4/10/2012 3:35:43 PM, error: Service Control Manager [7023] - The Megamonitorsrv service terminated with the following error: Access is denied.
4/10/2012 3:34:43 PM, error: Service Control Manager [7023] - The Cdrbsdrv service terminated with the following error: The specified module could not be found.
4/10/2012 3:33:44 PM, error: Service Control Manager [7023] - The Https-nassry service terminated with the following error: Access is denied.
4/10/2012 3:32:43 PM, error: Service Control Manager [7023] - The Sis315 service terminated with the following error: The specified module could not be found.
4/10/2012 3:31:43 PM, error: Service Control Manager [7023] - The ALYac_PZSrv service terminated with the following error: Access is denied.
4/10/2012 3:30:43 PM, error: Service Control Manager [7023] - The Clientservice service terminated with the following error: The specified module could not be found.
4/10/2012 3:29:42 PM, error: Service Control Manager [7023] - The CSDriver service terminated with the following error: Access is denied.
4/10/2012 3:28:42 PM, error: Service Control Manager [7023] - The Dlbx_device service terminated with the following error: Access is denied.
4/10/2012 3:27:43 PM, error: Service Control Manager [7023] - The Memctl service terminated with the following error: The specified module could not be found.
4/10/2012 3:26:42 PM, error: Service Control Manager [7023] - The FireHook service terminated with the following error: Access is denied.
4/10/2012 3:25:42 PM, error: Service Control Manager [7023] - The Phnxvcdservice service terminated with the following error: The specified module could not be found.
4/10/2012 3:24:41 PM, error: Service Control Manager [7023] - The Tzontservice service terminated with the following error: Access is denied.
4/10/2012 3:23:41 PM, error: Service Control Manager [7023] - The Sqlagent$sony_mediamgr service terminated with the following error: The specified module could not be found.
4/10/2012 3:22:41 PM, error: Service Control Manager [7023] - The Ppmoucls service terminated with the following error: Access is denied.
4/10/2012 3:21:41 PM, error: Service Control Manager [7023] - The Wintrust service terminated with the following error: The specified module could not be found.
4/10/2012 3:20:41 PM, error: Service Control Manager [7023] - The Authsyssvc service terminated with the following error: Access is denied.
4/10/2012 3:19:41 PM, error: Service Control Manager [7023] - The Kl1 service terminated with the following error: Access is denied.
4/10/2012 3:18:41 PM, error: Service Control Manager [7023] - The Pdlnatcm service terminated with the following error: The specified module could not be found.
4/10/2012 3:17:41 PM, error: Service Control Manager [7023] - The SaiNtBus service terminated with the following error: Access is denied.
4/10/2012 3:16:40 PM, error: Service Control Manager [7023] - The Schscnt service terminated with the following error: Access is denied.
4/10/2012 3:15:41 PM, error: Service Control Manager [7023] - The Eelogsvc service terminated with the following error: The specified module could not be found.
4/10/2012 3:14:40 PM, error: Service Control Manager [7023] - The Mksupdateint service terminated with the following error: The specified module could not be found.
4/10/2012 3:13:40 PM, error: Service Control Manager [7023] - The Alertservice service terminated with the following error: The specified module could not be found.
4/10/2012 3:12:40 PM, error: Service Control Manager [7023] - The Usbvideo service terminated with the following error: Access is denied.
4/10/2012 3:11:40 PM, error: Service Control Manager [7023] - The Ozoneinstallerservice service terminated with the following error: The specified module could not be found.
4/10/2012 3:10:40 PM, error: Service Control Manager [7023] - The Btwrchid service terminated with the following error: Access is denied.
4/10/2012 3:09:40 PM, error: Service Control Manager [7023] - The Uphclean service terminated with the following error: Access is denied.
4/10/2012 3:08:40 PM, error: Service Control Manager [7023] - The WscNetDr service terminated with the following error: The specified module could not be found.
4/10/2012 3:07:40 PM, error: Service Control Manager [7023] - The Vaiomediaplatform-photoserver-appserver service terminated with the following error: Access is denied.
4/10/2012 3:06:39 PM, error: Service Control Manager [7023] - The Viagfx service terminated with the following error: Access is denied.
4/10/2012 3:05:40 PM, error: Service Control Manager [7023] - The WDM_YAMAHAAC97 service terminated with the following error: Access is denied.
4/10/2012 3:04:40 PM, error: Service Control Manager [7023] - The Amon service terminated with the following error: Access is denied.
4/10/2012 3:03:40 PM, error: Service Control Manager [7023] - The Iolodmv service terminated with the following error: Access is denied.
4/10/2012 3:02:40 PM, error: Service Control Manager [7023] - The Se2Cunic service terminated with the following error: The specified module could not be found.
4/10/2012 3:01:40 PM, error: Service Control Manager [7023] - The Cpuz132 service terminated with the following error: Access is denied.
4/10/2012 3:00:40 PM, error: Service Control Manager [7023] - The Backupexecnotificationserver service terminated with the following error: Access is denied.
4/10/2012 2:59:42 PM, error: Service Control Manager [7023] - The Cqmgstor service terminated with the following error: The specified module could not be found.
4/10/2012 2:58:40 PM, error: Service Control Manager [7023] - The Prismxl service terminated with the following error: Access is denied.
4/10/2012 2:57:40 PM, error: Service Control Manager [7023] - The Transarcafsdaemon service terminated with the following error: Access is denied.
4/10/2012 2:56:40 PM, error: Service Control Manager [7023] - The DCFS2K service terminated with the following error: Access is denied.
4/10/2012 2:55:40 PM, error: Service Control Manager [7023] - The Kavsvc service terminated with the following error: Access is denied.
4/10/2012 2:54:39 PM, error: Service Control Manager [7023] - The Sisperf service terminated with the following error: The specified module could not be found.
4/10/2012 2:53:39 PM, error: Service Control Manager [7023] - The BTSLBCSP service terminated with the following error: Access is denied.
4/10/2012 2:52:39 PM, error: Service Control Manager [7023] - The Mclogmanagerservice service terminated with the following error: Access is denied.
4/10/2012 2:51:39 PM, error: Service Control Manager [7023] - The Iviregmgr service terminated with the following error: The specified module could not be found.
4/10/2012 2:50:39 PM, error: Service Control Manager [7023] - The Tunmp service terminated with the following error: Access is denied.
4/10/2012 2:49:39 PM, error: Service Control Manager [7023] - The Vaiomediaplatform-mobile-gateway service terminated with the following error: Access is denied.
4/10/2012 2:48:38 PM, error: Service Control Manager [7023] - The Rnadirmultiplexor service terminated with the following error: The specified module could not be found.
4/10/2012 2:47:38 PM, error: Service Control Manager [7023] - The VideX32 service terminated with the following error: The specified module could not be found.
4/10/2012 2:46:37 PM, error: Service Control Manager [7023] - The ATIBTCAP service terminated with the following error: The specified module could not be found.
4/10/2012 2:45:38 PM, error: Service Control Manager [7023] - The Websensecpmcommunicationagent service terminated with the following error: The specified module could not be found.
4/10/2012 2:44:37 PM, error: Service Control Manager [7023] - The Pwd_2K service terminated with the following error: Access is denied.
4/10/2012 2:43:37 PM, error: Service Control Manager [7023] - The GBFSHook service terminated with the following error: The specified module could not be found.
4/10/2012 2:42:37 PM, error: Service Control Manager [7023] - The Btnetfilter service terminated with the following error: The specified module could not be found.
4/10/2012 2:41:37 PM, error: Service Control Manager [7023] - The Ino_fltr service terminated with the following error: Access is denied.
4/10/2012 2:34:04 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ABIT-IO Lbd
4/10/2012 2:33:12 PM, error: Service Control Manager [7023] - The S117nd5 service terminated with the following error: The specified module could not be found.
4/10/2012 2:28:49 PM, error: Service Control Manager [7034] - The NetworkLog service terminated unexpectedly. It has done this 1 time(s).
4/10/2012 2:11:10 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ABIT-IO
4/10/2012 2:09:40 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/10/2012 2:09:26 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
4/10/2012 2:06:57 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ABIT-IO AmdK8 Fips
4/10/2012 2:06:36 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00508D977705 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
4/10/2012 2:03:26 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
4/10/2012 2:02:28 PM, error: Service Control Manager [7034] - The System Restore Service service terminated unexpectedly. It has done this 1 time(s).
4/10/2012 2:02:28 PM, error: Service Control Manager [7034] - The CryptSvc service terminated unexpectedly. It has done this 1 time(s).
4/10/2012 2:02:28 PM, error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/10/2012 2:02:28 PM, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
4/10/2012 2:02:28 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ABIT-IO AFD AmdK8 Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip WS2IFSL
4/10/2012 2:02:28 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
4/10/2012 2:02:28 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/10/2012 2:02:28 PM, error: Service Control Manager [7001] - The fssfltr service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/10/2012 2:02:28 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/10/2012 2:02:28 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
.
==== End Of File ===========================
Tracys
Active Member
 
Posts: 6
Joined: April 9th, 2012, 4:37 pm

Re: I have some malware and need help removing it

Unread postby mambass » April 10th, 2012, 10:03 pm

Hi Tracy, :)

  1. MGADiag
    1. Click here to download MGADiag.exe from Microsoft and save it to your Desktop.
    2. Double-click on MGADiag.exe to run it.
    3. Click Continue. The program will run. It takes a while to finish the diagnosis, please be patient.
    4. Click the Copy button once the scan is done.
    5. Open Notepad and paste the contents in its window.
    6. Save this file and post it in your next reply.

  2. CKScanner
    1. Click here to download CKScanner © askey127 and save to your Desktop.
    2. Double-click on CKScanner.exe and then click Search For Files.
      Note: It's important that you run this program only one time.
    3. Click Save List To File after a very short time when the cursor hourglass disappears.
    4. Click OK when prompted.
    5. Post the contents of file ckfiles.txt on your Desktop in your reply.

  3. WVCheck
    1. Click here to download WVCheck.exe and save it to your Desktop.
    2. Double-click WVCheck.exe to run the program.
    3. Read the comments on the screen and then press Enter.
      The scan can take a while, depending on the size of your hard drive.
    4. Once the program is done, Notepad will open with the scan report. Save the report to your Desktop.
    5. Please copy and paste the contents of the Notepad scan report in your next reply.


Please include in your reply:
  1. The text of any error messages and/or a description of any problems you encountered while performing these steps.
  2. The contents of the MGADiag log.
  3. The contents of the CKScanner log.
  4. The contents of the WVCheck log.


mambass
User avatar
mambass
Retired Graduate
 
Posts: 826
Joined: April 23rd, 2010, 9:26 am

Re: I have some malware and need help removing it

Unread postby Tracys » April 11th, 2012, 1:11 am

Here are the three reports. No errors came up. The only thing that I noticed was that the MGADIAG.exe ran fast where you said it will take a while and the CKScanner took a while where you said it would be a short time. I don't know if this is worth mentioning but did anyway.

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-GYJDR-K67VQ-7C6W7
Windows Product Key Hash: D3fzfdE6jGgY9nwaf6BnclXN0mE=
Windows Product ID: 76475-017-7505783-21039
Windows Product ID Type: 5
Windows License Type: Retail
Windows OS version: 5.1.2600.2.00010300.3.0.hom
ID: {B3E44FAB-CE09-4086-8D3E-E8110678412D}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.7.18.5
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.7.18.5
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{B3E44FAB-CE09-4086-8D3E-E8110678412D}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010300.3.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-7C6W7</PKey><PID>76475-017-7505783-21039</PID><PIDType>5</PIDType><SID>S-1-5-21-220523388-484061587-725345543</SID><SYSTEM><Manufacturer>NVIDIA</Manufacturer><Model>AWRDACPI</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="2"/><Date>20060922000000.000000+000</Date></BIOS><HWID>E2FC3BD701844078</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.18.5"/><File Name="WgaLogon.dll" Version="1.7.18.5"/></GANotification></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: no
Marker string from BIOS: N/A
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A

Here is the CKFiles.txt

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.SBNAWW
----- EOF -----


Here is the WVCheck log.

Windows Validation Check
Version: 1.9.12.5
Log Created On: 0103_11-04-2012
-----------------------

Windows Information
-----------------------
Windows Version: Windows XP Service Pack 3
Windows Mode: Normal
Systemroot Path: C:\WINDOWS

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
-----------------------
Last Success Time for Update Detection: 2012-04-10 15:20:29
Last Success Time for Update Download: 2012-03-31 14:16:38
Last Success Time for Update Installation: 2012-03-31 19:21:59


WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------


WVCheck's File Dump
-----------------------
WVCheck found no known bad files.


WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.


WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.


WVCheck's MBAM Quarantine Check
-----------------------
There were no bad files quarantined by MBAM.


WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.


WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - b26b135ff1b9f60c9388b4a7d16f600b


-------- End of File, program close at 0106_11-04-2012 --------
Tracys
Active Member
 
Posts: 6
Joined: April 9th, 2012, 4:37 pm

Re: I have some malware and need help removing it

Unread postby mambass » April 11th, 2012, 6:39 pm

Hi Tracy,

  1. Zero Access infection
    Your DDS logs show that you have a Zero Access rootkit infection. This infection has remote access capabilities. The initial DDS log also indicated the presence of a keylogger which is very good at stealing passwords; this software had been on your system since at least April 1 but did not appear in the second set of DDS logs.

    You should do the following:
    1. Disconnect the infected computer from the Internet and from any networked computers until the computer can be cleaned.

    2. Call all of your banks, credit card companies, and financial institutions. Inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.

    3. From a clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.

      Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.

    If you use your computer for online banking or for any other financial transactions, you should seriously consider reformatting your hard drive and reinstalling Windows.

    Some versions of this infection are extremely difficult to remove, and if you opt for us to clean your computer there is a possibility that you may lose connection to the internet, in which case you'll need to have access to another computer so you can contact us. We will of course attempt to resolve the connection issues if they happen, but I can give no guarantee that you may not have to reformat after all.

    Please let me know how you would like to proceed.

  2. Peer-To-Peer (P2P) software detected
    Please Note Our Policy on the Use of P2P (Person to Person / Peer to Peer) file sharing programs posted here.

    It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, Frostwire, Vuze, Shareaza, Bitlord. Criminals have "planted" thousands upon thousands of infections in the "free" shared files. Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".

    As a condition of receiving our help, if you choose to have us help you clean your computer, it will be necessary for you to remove the following software:

    BitTorrent 6.0
    BitTorrent DNA

    I strongly recommend that you uninstall the programs identified above
    however that choice is up to you.
    • If you choose NOT to remove these programs, please indicate that in your next reply.
    • If you choose to remove these programs then perform the following steps:
      1. Click Start > Settings > Control Panel or Start > Control Panel then double-click Add/Remove Programs.
      2. One by one, highlight each Entry shown above and choose Remove
        Take extra care in answering questions posed by any Uninstaller.
      3. Reboot (restart) your computer after all of the identified programs have been removed.
      4. Run DDS again and include the contents of the new DDS.txt and Attach.txt log in your reply.


Please include in your reply:
  1. The text of any error messages and/or a description of any problems you encountered while performing these steps.
  2. A statement indicating your decision concerning whether to reinstall the operating system or have us help you clean your computer.
  3. If you choose not to remove the identified P2P software then include a statement to that effect.
  4. If you choose to remove the identified P2P software then include the contents of the new DDS.txt and Attach.txt logs.


mambass
User avatar
mambass
Retired Graduate
 
Posts: 826
Joined: April 23rd, 2010, 9:26 am

Re: I have some malware and need help removing it

Unread postby Tracys » April 11th, 2012, 9:24 pm

I have a second computer to access the internet with. I am using that computer now. Can the keylogger get stored passwords?
I will remove all the programs as you asked and have no problem doing that. I actually never use any of them anyway.

I won't be able to proceed with that until I get home from the hospital. I had an episode at 4:30 am Wednesday morning and will be here tonight (wed) and tomorrow night as they are implanting a defibrillator device. It kicks starts my heat if I become arrhythmic again. I guess that ends my meth carrier. :)

Thanks for the help and I will get too it as soon as I get home.

p.s. I may end up backing up the kids pictures and just wiping it all clean. Maybe even trying to find a cheap upgrade to the operating system.
Tracys
Active Member
 
Posts: 6
Joined: April 9th, 2012, 4:37 pm

Re: I have some malware and need help removing it

Unread postby mambass » April 12th, 2012, 9:00 am

Hi Tracy,

Tracy wrote:Thanks for the help
You're quite welcome. :)

Tracy wrote:I won't be able to proceed with that until I get home from the hospital.
That's no problem. Focus on getting better and we'll be here when you get home. I am however glad that they let you have a computer in the hospital. It sure beats having to watch daytime TV.


Tracy wrote:Can the keylogger get stored passwords?
The primary function of a keylogger is to monitor keyboard activity. It is, however, executable code that can do anything that the author wants it to do. The good thing about passwords is that they can be changed from a clean computer. I'd assume that all passwords have been compromised and that they all need to be changed. That way you don't have to wonder if you missed one that they got.


Tracy wrote:I may end up backing up the kids pictures and just wiping it all clean. Maybe even trying to find a cheap upgrade to the operating system.
If you choose to wipe your system clean and reinstall the current operating system (OS) or install a new OS then there are a few things to keep in mind.
  1. If your computer has a recovery partition then you should be able to use that to restore your computer to its original out-of-the-box configuration. Otherwise you will need to reformat your disk before installing the new operating system. Simply upgrading to a new OS will not remove your current infection.
  2. Reformatting the disk or using the recovery partition will cause you to lose not only files such as your pictures but also application data such as e-mails stored on your computer, calendar entries, contact lists, browser favorites/bookmarks, shortcuts, etc. Don't forget to backup that data as well. Do not however transfer any executable code to the new system.
  3. The Attach.txt log produced by DDS contains a list of applications installed on your system. You might want to print that for future reference.
  4. You will also need to reinstall any software that you installed. Furthermore, if you reformat your disk you will also need to reinstall any application software that was originally installed on the computer when you purchased it so you'll want to find the installation disks for that software.
  5. You will need to bring the (re)installed OS up-to-date with respect to all security patches before using the system. Be sure to also install antivirus software and bring its virus definitions database up-to-date after installing the OS and before doing anything else with your system. You will then need to install application software and bring that software up-to-date with respect to all available security patches. You can then transfer data files back to the system and then run a full antivirus scan to make sure that nothing bad came along for the ride.
  6. If you're thinking about upgrading to Windows 7 then you might want to visit Microsoft's Windows 7 Upgrade Advisor to make sure that Windows 7 will run on your computer before purchasing the OS.

Just let me know how you'd like to proceed once you get home. :)


mambass
User avatar
mambass
Retired Graduate
 
Posts: 826
Joined: April 23rd, 2010, 9:26 am

Re: I have some malware and need help removing it

Unread postby Tracys » April 13th, 2012, 11:10 am

I have a question regarding upgrading to windows 7. My windows xp is an upgrade, so if I buy the windows 7 upgrade do I have to install 98 then install xp and then install the win 7 upgrade? Or is it something where I can install the win 7 software and then just put the xp disk in when prompted to to prove that I have it?

Thanks

Tracy
Tracys
Active Member
 
Posts: 6
Joined: April 9th, 2012, 4:37 pm

Re: I have some malware and need help removing it

Unread postby mambass » April 13th, 2012, 12:08 pm

Hi Tracy,

I hope you're at home now and feeling better. :)

Tracy wrote: I have a question regarding upgrading to windows 7. My windows xp is an upgrade, so if I buy the windows 7 upgrade do I have to install 98 then install xp and then install the win 7 upgrade? Or is it something where I can install the win 7 software and then just put the xp disk in when prompted to to prove that I have it?
You may find Microsoft's Upgrading from Windows XP to Windows 7 tutorial to be useful. Step 1 in that process, Make sure that your programs and devices will work with Windows 7, will have you run the Upgrade Advisor that I mentioned in my previous post. I would suggest that you do that now. I have two computers that came with XP installed and neither meet the hardware requirements for the upgrade. I strongly suspect that yours will not either if it originally had Windows 98 installed. Let me know what it tells you.

mambass
User avatar
mambass
Retired Graduate
 
Posts: 826
Joined: April 23rd, 2010, 9:26 am

Re: I have some malware and need help removing it

Unread postby Tracys » April 14th, 2012, 3:26 pm

I am now home and feeling fine except for a little pain where they cut my chest open enough to fit the defibrillator in. My hardware is advanced enough for win 7 but it looks like I would have to repurchase new versions of old programs like photoshop and I am not going to shell out the money.

I was running ad-aware and teatimer but this Trojan still got in. What else should I run for protection?
Tracys
Active Member
 
Posts: 6
Joined: April 9th, 2012, 4:37 pm

Re: I have some malware and need help removing it

Unread postby mambass » April 16th, 2012, 10:16 pm

Hi Tracy, :)

I apologize for the delay in getting back to you.

Tracy wrote: I was running ad-aware and teatimer but this Trojan still got in. What else should I run for protection?
I have included below my standard post for when either malware has been removed from a system or the decision has been made to reinstall the operating system. In particular, the Computer Security – A Short Guide to Staying Safer Online provides a detailed answer to your question. Note that, as stated in the Guide, you should always have one and only one anti-virus package installed.

More specific to the Zero Access (ZA) infection that you have, a senior member here has the following good advice as to how you may have become infected and the best ways to prevent that in the future.
ZA is primarily distributed using 2 methods .....

1. Drive by infections, where a poisoned link is surreptitiously added to a legit site, and the malware loader utilises an "exploit" to install.

2. Social engineering, where the User is conned into downloading something which turns out to be other than what they actually expected.

To avoid the first it's important for users to keep Windows and all their programs up to date, so to minimise the number of exploits they are vulnerable to.

To avoid the second, Users should stop looking for free lunches, and be more selective about where they download things from. ZA often gets round the problem of UA prompts by using a genuine install of Flash as a "stalking horse" for the loader, so that the User thinks they are allowing an update of Flash, when in fact they are actually allowing privilege escalation for ZA.

Because of this, I would strongly advise people, that when prompted by a pop-up to update Flash, that they check at Adobe to make sure there actually is a new update, and if there is, to manually update Downloading direct from the link at Adobe.

----------------------------

The important thing now is to actively do things that will help keep you from getting infected in the future.

  1. Keep Antivirus and applications updated
    This is the MOST IMPORTANT thing that you can do to keep from becoming infected.
    • Keep Microsoft products up-to-date with the latest security patches. Either
      • Enable some level of Automatic Updates
        • Click Start > Control Panel. The Control Panel window will be displayed.
        • Double-click the System icon/entry. The System Properties window will be displayed.
        • Click the Automatic Updates tab.
        • Select the option which best fits your needs.
      • Or use Internet Explorer (not Firefox) to visit the Microsoft Update site on a regular basis.

    • I personally use and recommend the free Secunia Personal Software Inspector (PSI). This program will keep you aware of software that is installed on your computer that contains security vulnerabilities for which security patches exist. I have mine set to automatically scan my computer weekly.

    • All updates are important but pay particular attention to updates for all browsers as well as Microsoft, Java and Adobe products. These are widely-used products that Malware writers frequently target.

  2. Read and stay informed!

    To help minimize the chances of becoming re-infected, please read.
    Computer Security - a short guide to staying safer online

    If your computer is running slowly after your clean up, please read.
    What to do if your Computer is running slowly

----------------------------

My hardware is advanced enough for win 7 but it looks like I would have to repurchase new versions of old programs like photoshop and I am not going to shell out the money.
I take it then that you plan to reinstall Windows XP. Is that correct?

Please also understand that, per Microsoft's Windows Lifecycle Fact Sheet, support for Windows XP SP3 is scheduled to end on April 8, 2014. As of the date when support is no longer provided, regular security updates will no longer be supplied and the system will become more susceptible to infection every day thereafter. As such, please be aware that XP will only be viable on that computer for another 2 years. I'm not suggesting that you change your mind about reinstalling XP but rather just wanted you to be aware that XP will be unsupported in 2 years in case that has any bearing on your decision.

Please let me know if you have any additional questions and how you would like to proceed. :)

mambass
User avatar
mambass
Retired Graduate
 
Posts: 826
Joined: April 23rd, 2010, 9:26 am

Re: I have some malware and need help removing it

Unread postby mambass » April 20th, 2012, 2:05 pm

Hi Tracy, :)

I haven't heard back from you concerning my previous post. I just wanted to check back one more time before closing this thread to see if you have any additional questions and how you would like to proceed.

Thank you. :)

mambass
User avatar
mambass
Retired Graduate
 
Posts: 826
Joined: April 23rd, 2010, 9:26 am

Re: I have some malware and need help removing it

Unread postby deltalima » April 24th, 2012, 3:43 pm

As your problems appear to require a reformat, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 30 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware