Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Growing file clouds_2048.tmp

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Growing file clouds_2048.tmp

Unread postby dpcofhwa » September 4th, 2012, 8:56 am

I apologize for misreading the rules of submission. Hopefully, I have done it right this time


I have been chasing this problem for about a week now. My hard drive began filling up in a matter of hours. I used treeview and tracked it to this one file. "clouds_2048.tmp" located in the "Documents and Settings - Primary User Name - Local Settings - Temp" folder.

I have run several spyware programs, changed antivirus programs three times and even made a clone of the hard drive and ran combofix on it. Several lesser things were found but this file remains. I can boot into safe mode and delete it but it reappears at reboot and will sit quietly for some hours then begin to fill up until it reaches the capacity of the drive's free space.

I am running out of ideas. I am assuming this is some kind of Trojan but so far no one has found it. I have scanned it normal and safe mode. I have deleted all restore points and dumped the pagefile but it still comes back and avoids detection with Superantispyware, malwarebytes, iobit, avg, avast, and Ashampoo anti-malware. I would really like to fix this without reformatting if possible.

If you are interested in the combofix log I can also send it on request


DDS LOG
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1
Run by David P. Clauss at 17:16:30 on 2012-09-03
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.794 [GMT -5:00]
.
AV: AVG Internet Security Business Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\Program Files\Zentimo\ZentimoService.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TightVNC\tvnserver.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Soluto\soluto.exe
C:\Program Files\MySoftware\MyInvoices\tracker.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\EASEUS\Todo Backup\bin\EuWatch.exe
C:\Program Files\EASEUS\Todo Backup\bin\TrayNotify.exe
C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\j2 Messenger 4.4\J2GDllCmd.exe
C:\Program Files\SensiGuard\SensiGuard.exe
C:\Program Files\CraveWorldClock\CWClock.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files\j2 Messenger 4.4\J2GTray.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ntvdm.exe
C:\Documents and Settings\David P. Clauss\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\David P. Clauss\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\David P. Clauss\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\David P. Clauss\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\David P. Clauss\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = 127.0.0.1
mWinlogon: UIHost=c:\windows\system32\logonuiX.exe
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\program files\autocompletepro\AutocompletePro.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: FlashCatchBHO Class: {88618a96-6d8a-42e7-b932-9073d5b2080f} - c:\program files\flashcatch\flashcatch.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: GOM Player + Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} -
TB: FireShot: {6e6e744e-4d20-4ce3-9a7a-26dfffe22f68} -
TB: FlashCatch: {10cecf4f-a96e-4803-8ac2-f565fb29ff47} - c:\program files\flashcatch\flashcatch.dll
TB: GOM Player + Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [j2 4.4] "c:\program files\j2 messenger 4.4\J2GDllCmd.exe" /R
uRun: [SensiGuard] "c:\program files\sensiguard\SensiGuard.exe" /m
uRun: [Crave World Clock] c:\program files\craveworldclock\CWClock.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Tracker] c:\program files\mysoftware\myinvoices\tracker.exe
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [EPSON Stylus Photo R300 Series on Paladin-3000 (from HWA-15)] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F1.EXE /P60 "EPSON Stylus Photo R300 Series on Paladin-3000 (from HWA-15)" /O5 "TS003" /M "Stylus Photo R300"
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ROC_roc_ssl_v12] "c:\program files\avg secure search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [EaseUs Watch] "c:\program files\easeus\todo backup\bin\EuWatch.exe"
mRun: [EaseUs Tray] "c:\program files\easeus\todo backup\bin\TrayNotify.exe"
mRun: [Ashampoo HDD Control Guard] "c:\program files\ashampoo\ashampoo hdd control\HDDControlGuard.exe"
mRun: [Print2PDF Print Monitor] "c:\program files\software602\print2pdf\Print2PDF.exe" /server
mRun: [tvncontrol] "c:\program files\tightvnc\tvnserver.exe" -controlservice -slave
mRun: [IObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
StartupFolder: c:\docume~1\davidp~1.cla\startm~1\programs\startup\jconne~1.lnk - c:\program files\j2 messenger 4.4\J2GTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mailwa~1.lnk - c:\program files\firetrust\mailwasher\MailWasherPro.exe
uPolicies-explorer: NoThumbnailCache = 1 (0x1)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {3437D640-C91A-458f-89F5-B9095EA4C28B} - {04F93351-81D2-4484-9982-0D55DEFFFAE6} - c:\program files\piclensie\cooliris.dll
Trusted Zone: txu.com
Trusted Zone: txu.com\www
Trusted Zone: yahoo.com\att.my
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://pcpitstop.com/pcpitstop/PCPitStop.CAB
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/stg_drm.ocx
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper20073151.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupda ... 1750772531
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - hxxp://www.cooliris.com/shared/plinstll.cab
TCP: DhcpNameServer = 68.94.156.1 68.94.157.1
TCP: Interfaces\{B35070AD-E2FD-4E7B-8580-CADDF64F0645} : DhcpNameServer = 68.94.156.1 68.94.157.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\david p. clauss\application data\mozilla\firefox\profiles\ynwp7op1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=DCF1DF&PC=DCF1&q=
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://att.my.yahoo.com/?_bc=1
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=113959 ... 076bf3f&q=
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\documents and settings\david p. clauss\application data\mozilla\firefox\profiles\ynwp7op1.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\platform\winnt_x86-msvc\components\SSSLauncher.dll
FF - component: c:\documents and settings\david p. clauss\application data\mozilla\firefox\profiles\ynwp7op1.default\extensions\{463f6ca5-ee3c-4be1-b7e6-7fee11953374}\platform\winnt\components\FoxyTunes.dll
FF - component: c:\documents and settings\david p. clauss\application data\mozilla\firefox\profiles\ynwp7op1.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - component: c:\program files\flashcatch\firefox\components\FlashCatch.dll
FF - component: c:\program files\flashcatch\firefox\components\FlashCatch191.dll
FF - component: c:\program files\flashcatch\firefox\components\FlashCatch192.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\david p. clauss\application data\mozilla\firefox\profiles\ynwp7op1.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\documents and settings\david p. clauss\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin101710.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\12.2.0\npsitesafety.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmirage.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\npwmsdrm.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113959&tt=280612_6_
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 24c4b6ea000000000000001e9076bf3f
FF - user.js: extensions.BabylonToolbar_i.hardId - 24c4b6ea000000000000001e9076bf3f
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15519
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:41:53
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2009-8-16 30600]
R0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2011-5-5 35720]
R0 EUFS;EUFS;c:\windows\system32\drivers\eufs.sys [2009-8-16 20744]
R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [2012-6-12 16064]
R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [2011-5-27 51144]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-9-2 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-9-2 355632]
R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2009-8-16 14216]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-9-2 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-9-2 44808]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2012-2-28 1373576]
R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2012-9-2 821592]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\program files\macrium\reflect\ReflectService.exe [2012-6-12 224960]
R2 SCRCAMHRDRV;ScreenCamera HR;c:\windows\system32\drivers\SCRCAMHRDRV.SYS [2011-2-11 74832]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\soluto\SolutoService.exe [2012-8-26 599568]
R2 tvnserver;TightVNC Server;c:\program files\tightvnc\tvnserver.exe [2012-6-26 1184312]
R2 ZentimoService;Zentimo Assistant;c:\program files\zentimo\ZentimoService.exe [2011-12-13 259072]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2012-4-26 16640]
R3 cpuz135;cpuz135;\??\c:\windows\temp\cpuz135\cpuz135_x32.sys --> c:\windows\temp\cpuz135\cpuz135_x32.sys [?]
R3 EuDisk;EASEUS Disk Enumerator;c:\windows\system32\drivers\eudisk.sys [2009-8-16 187528]
R3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\FileMonitor.sys [2012-9-2 246816]
R3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\RegFilter.sys [2012-9-2 30408]
R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [2012-7-19 31848]
R3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\UrlFilter.sys [2012-9-2 16248]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2012-4-7 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2012-4-7 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2012-4-7 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2012-4-7 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2012-4-7 25704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SSPORT;SSPORT; [x]
S3 602XML Updater;602Updater;c:\program files\common files\soft602\602updsvc\602updsvc.exe [2011-11-8 73728]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-6 250568]
S3 APL531;35mm Film Scanner;c:\windows\system32\drivers\FILMSCAN.SYS [2006-7-31 74832]
S3 CrossLoopService;CrossLoop Service;c:\documents and settings\david p. clauss\local settings\application data\crossloop\CrossLoopService.exe [2011-9-19 563216]
S3 DfSdkS;Defragmentation-Service;c:\program files\ashampoo\ashampoo winoptimizer 6\DfSdkS.exe [2011-2-19 406016]
S3 DigiartyVirtualCDBus;Digiarty Virtual Driver;c:\windows\system32\drivers\DigiartyVirtualCDBus.sys [2011-10-28 163008]
S3 EASEUS Agent;EASEUS Agent;c:\program files\easeus\todo backup\bin\Agent.exe [2011-5-5 56200]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-2-2 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-2-2 8456]
S3 gbridge;Gbridge Virtual Miniport;c:\windows\system32\drivers\GBRIDGE.SYS [2009-1-27 74832]
S3 hipeer20;Remobo Instant Private Network;c:\windows\system32\drivers\REMOBO32.SYS [2009-4-22 74832]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-27 113120]
S3 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-3-31 47128]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-4-23 2214504]
S3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [2012-6-12 53952]
S3 PsSdk31;PsSdk31;c:\windows\system32\drivers\pssdk31.drv [2009-3-2 30272]
S3 PsSdkLBF;PsSdkLBF;c:\windows\system32\drivers\pssdklbf.drv [2009-3-2 37440]
S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [2012-7-19 31848]
S3 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]
S3 VICAMUSB;3Com HomeConnect USB Camera; [x]
S3 wimmount;wimmount;c:\windows\system32\drivers\wimmount.sys [2009-7-13 19024]
S3 ZD1211U(WLAN);IEEE 802.11g USB Wireless LAN Driver(WLAN);c:\windows\system32\drivers\ZD1211U.SYS [2007-4-20 74832]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]
.
=============== File Associations ===============
.
.txt=NoteProTXT
.
=============== Created Last 30 ================
.
2012-09-02 13:48:14 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-09-02 13:46:04 41224 ----a-w- c:\windows\avastSS.scr
2012-09-02 13:45:27 -------- d-----w- c:\program files\AVAST Software
2012-09-02 13:45:27 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2012-09-02 06:06:22 -------- d-----w- c:\documents and settings\david p. clauss\application data\QuickScan
2012-09-02 05:24:13 -------- d-----w- c:\documents and settings\david p. clauss\application data\IObit
2012-09-02 05:24:07 -------- d-----w- c:\program files\IObit
2012-09-01 13:20:29 -------- d-----w- c:\documents and settings\david p. clauss\application data\SUPERAntiSpyware.com
2012-09-01 13:20:18 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-09-01 13:20:18 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2012-09-01 02:07:23 -------- d-----w- c:\documents and settings\david p. clauss\application data\ElevatedDiagnostics
2012-08-29 05:06:44 -------- d-----w- c:\program files\TightVNC
2012-08-29 05:06:44 -------- d-----w- c:\documents and settings\all users\application data\TightVNC
2012-08-28 05:40:11 -------- d-----w- c:\documents and settings\david p. clauss\application data\M8 Software
2012-08-28 05:37:57 -------- d-----w- c:\program files\Spartan
2012-08-27 21:52:42 -------- d-----w- c:\program files\Soluto
2012-08-26 06:02:35 -------- d-----w- c:\program files\CCleaner
2012-08-26 03:36:36 -------- d-----w- c:\documents and settings\david p. clauss\application data\JAM Software
2012-08-26 03:36:24 -------- d-----w- c:\program files\JAM Software
2012-08-26 03:15:33 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-22 12:59:42 129176 ----a-w- c:\program files\mozilla firefox\plugins\nprpplugin.dll
2012-08-14 16:36:27 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2012-08-14 16:36:27 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-08-14 16:36:25 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2012-08-14 16:36:25 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2012-08-14 16:36:15 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2012-08-14 16:36:15 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2012-08-13 13:08:13 -------- d-----w- c:\program files\SecCopy
.
==================== Find3M ====================
.
2012-08-26 22:29:08 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys
2012-08-23 23:05:22 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-23 23:05:22 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-22 12:59:28 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-08-22 12:59:28 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-07-20 04:21:19 39016 ----a-w- c:\windows\system32\drivers\tbhsd.sys
2012-07-20 04:21:13 31848 ----a-w- c:\windows\system32\drivers\rrnetcap.sys
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49:32 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49:32 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05:43 385024 ----a-w- c:\windows\system32\html.iec
2012-06-25 21:04:24 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-12 16:19:20 12992 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys
2012-06-12 16:19:08 16064 ----a-w- c:\windows\system32\drivers\pssnap.sys
2012-06-12 16:19:02 53952 ----a-w- c:\windows\system32\drivers\psmounter.sys
.
============= FINISH: 17:18:28.57 ===============


ATTACH LOG

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 9/18/2008 6:55:37 AM
System Uptime: 9/3/2012 4:30:08 PM (1 hours ago)
.
Motherboard: ELITEGROUP COMPUTER SYSTEM CO.,LTD. | | NFORCE6M-A
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4600+ | Socket AM2 | 2418/201mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 64.257 GiB free.
H: is CDROM ()
I: is CDROM ()
J: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E967-E325-11CE-BFC1-08002BE10318}
Description: WDC WD1600AAJS-22L7A0
Device ID: IDE\DISKWDC_WD1600AAJS-22L7A0___________________01.03E01\2020202057202D444D5756413933373531353636
Manufacturer: (Standard disk drives)
Name: WDC WD1600AAJS-22L7A0
PNP Device ID: IDE\DISKWDC_WD1600AAJS-22L7A0___________________01.03E01\2020202057202D444D5756413933373531353636
Service:
.
Class GUID:
Description:
Device ID: ROOT\LEGACY_AVGIDSDRIVER\SYSTEM
Manufacturer:
Name:
PNP Device ID: ROOT\LEGACY_AVGIDSDRIVER\SYSTEM
Service:
.
==== System Restore Points ===================
.
RP1: 9/3/2012 8:19:23 AM - System Checkpoint
.
==== Installed Programs ======================
.
1-abc.net Hard Drive Washer (Remove only)
1.0
123 Free Solitaire
2Wire Wireless Client
35mm Film Scanner X86
7-Zip 9.20
ABC Amber BlackBerry Converter
AC3Filter (remove only)
AC3Filter 1.63b
AcroPano Photo Stitcher, Panorama software
Active@ ISO Burner
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Advanced Task Scheduler Basic (Repair or Remove)
Aiseesoft Blu-ray to MKV Ripper 6.3.22
Aiseesoft Total Media Converter 5.2.30
Aiseesoft Total Media Converter Platinum 6.3.8
All My Movies 6.3 FULL (GOTD)
AllMedia Grabber
AllMySongs Database
Amazon Kindle
Amazon MP3 Downloader 1.0.17
Any Video Converter 2.7.1
AoA DVD Copy
AoA DVD Ripper
Apple Application Support
Apple Software Update
Applian Director
ArcSoft PhotoImpression 6
Ashampoo Burning Studio 2009 Advanced
Ashampoo HDD Control 1.12
Ashampoo Internet Accelerator 3 v.3.20
Ashampoo Movie Shrink & Burn 3 3.03
Ashampoo Photo Commander 6.40
Ashampoo Slideshow Studio 2010
Ashampoo Slideshow Studio Elements 2.0.1
Ashampoo WinOptimizer 2009 Advanced
Ashampoo WinOptimizer 6.60
Ask Toolbar
Aspi Installer
ATT-PRT22
Audials
Audiobook Downloader Pro 1.2
Auslogics BoostSpeed
AusLogics Disk Defrag
AutocompletePro
AV Music Morpher Gold
AV Video Morpher
Avanquest update
avast! Free Antivirus
Avery Wizard 3.1
AviSynth 2.5
Bamboo File Sync and Backup 3.0.9
Bandicam
Bandisoft MPEG-1 Decoder
Bass Audio Decoder (remove only)
BDlot DVD Clone Ultimate 3.1.2
Belarc Advisor 8.1
BiblePro
BufferChm
calibre
CAM UnZip 4.42
CamStudio
CCleaner
CD Audio Reader Filter (remove only)
CDRWIN 8
CinemaForge
Clonedir 2.6
Compatibility Pack for the 2007 Office system
ConvertXtoDVD 3.3.4.106e
Cooliris for Internet Explorer
CoreAAC
Corel Paint Shop Pro X
CPUID CPU-Z 1.53.1
Crave World Clock Pro 1.6
CrossLoop 2.80
CustomerResearchQFolder
CyberLink PhotoDirector 2011
d2mp
Data Lifeguard Tools
DCoder Image Source (remove only)
Dead Disk Doctor
Debut
Dell Driver Download Manager
DeviceDiscovery
Dexpot
DH Driver Cleaner Professional Edition
DiffDaff Version 1.0
DirectVobSub (remove only)
DivX Setup
DIY DataRecovery DiskPatch 3
dj_sf_software
DocLock
DriveImage XML (Private Edition)
Driver Whiz
DScaler 5 Mpeg Decoders
Duplicate Cleaner 1.4.7b
DVD Creator3
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDFab 8.0.6.8 (05/01/2011)
DVDSmith Movie Backup 1.0.4
e-Backup 1.42
EASEUS Partition Master 7.0.1 Professional
EASEUS Todo Backup Professional 2.5
easyQuizzy 2.0.421
EditGrid Sync
Elcomsoft Blackberry Backup Explorer
Endlesssoft Video Master
EPSON Printer Software
ExifCleaner 1.5
FBackup 4
FBReader for Windows
ffdshow [rev 2527] [2008-12-19]
FFMPEG Core Files (remove only)
FlashCatch
Floppy to CD Archiver 1.5.3
FlvRecorder
FotoBatch 5.1.3.0818
FoxyTunes for Firefox
Free Address Book
Free PDF to Word Doc Converter v1.1
Free PS Convert driver 8.15
Free YouTube Downloader Converter
Gabest MPEG Splitter (remove only)
GIMP 2.6.10
Glary Utilities Pro 2.41.0.1358
Golden Videos
GOM Player
Google Chrome
GPL Ghostscript 8.71
GPL MPEG-1/2 DirectShow Decoder Filter
Greeting Card Creator 32
Haali Media Splitter
HD Video Converter Factory Pro
HDClone 4 Free Edition
HiJackThis
Home Multimedia Library
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Windows Media Format 11 SDK (KB939209)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
HP Customer Participation Program 9.0
HP Imaging Device Functions 9.0
hp instant support
HP Memories Disc
HP Photo and Imaging 2.2 - Scanjet 3970 Series
HyperCam 3
IconConverter 2.0
ImgBurn
InstallIQ Updater
IObit Malware Fighter
IrfanView (remove only)
iSkysoft iMedia Converter(Build 3.0.3.0)
iSpring Presenter 5
j2 Messenger
Java Auto Updater
Java(TM) 6 Update 31
Java(TM) 6 Update 7
Java(TM) 7 Update 5
JavaFX 2.1.1
JPG To PDF 2.2.1
jZip
Kahlown
Larson VizEx Reader
LAV Filters (remove only)
Leawo PowerPoint to DVD Pro version 4.1.0.200
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
LogMeIn Hamachi
Macrium Reflect Free Edition
Magellan POI File Editor
Magnifier
Magnifier Powertoy for Windows XP
Mahjong Escape - Ancient Japan
MailWasherPro
Maintenance Samsung CLP-320 Series
Malwarebytes Anti-Malware version 1.62.0.1300
MarketResearch
mediAvatar DVD Converter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Premium
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Management Studio
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 Policies
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP1 Query Tools English
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ Run Time Lib Setup
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Web Platform Installer 2.0 RC
Modiac Blu-ray Ripper
Modiac DVD Ripper
Modiac Video Converter
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MPEG2 Codec(libmpeg2/mad)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
MSXML 6.0 Parser (KB933579)
MyInvoices & Estimates Deluxe
Myst Masterpiece Edition
NCH Toolbox Uninstall
NOOK for PC
NotePro
NVIDIA Drivers
NVIDIA Graphics Driver 275.33
NVIDIA nView 135.85
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Update 1.3.5
OGA Notifier 2.0.0048.0
OmniFormat
OnDVD
OpenOffice.org 3.1
OpenSource AVI Splitter (remove only)
OpenSource DTS/AC3/DD+ Source Filter (remove only)
OpenSource Flash Video Splitter (remove only)
PageBreeze Free HTML Editor
PanoStandAlone
Paragon Virtualization Manager™ 12 Compact
PCFriendly
PDF OCR 4.2
PDF reDirect (remove only)
Pdf995
PDFCreator
PDFlite 0.4
PE Builder 3.1.10a
PicturesToExe
PicturesToExe 5.0
PicturesToExe 6.5
PowerDVD
PPT To Flash Catalog Professional
Prism
ProfShutdown
QuickTime
RadioZilla 1.0
RealMedia (remove only)
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek AC'97 Audio
REALTEK GbE & FE Ethernet PCI-E NIC Driver
RealUpgrade 1.1
Reasonable NoClone 2010 Free
RedMon - Redirection Port Monitor
Registry Mechanic 8.0
Replay Converter 3
Replay Media Catcher 3.01
Replay Video Capture
Ringtone Media Studio
Scanitto Pro
Screen Recording Suite V2.4.8
ScreenCamera version 2.2.3.11
SDFormatter
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows XP (KB2124261)
Security Update for Windows XP (KB2290570)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB976323)
Send To Toys v2.5
SensiGuard 3.2
Service Pack 1 for SQL Server 2008 (KB968369)
ShareIns
Sibelius Scorch (Firefox, Opera, Netscape only)
SigmaTel Audio
SofeEject
SofStuf BerBible (remove only)
SoftOrbits Flash Drive Recovery 1.3
Software602 Print2PDF
Soluto
Sony DVD Architect Studio 3.0
Sony Vegas Movie Studio Platinum 6.0
Sophisticated Rename
Spartan
SpiceMASTER 2.5 TFX for Vegas
Sql Server Customer Experience Improvement Program
Status
STOMP Backup MyPC
STOMP Backup MyPC Update Manager
StompSoft Privacy Protector
SUPERAntiSpyware
SureThing CD Labeler
Switch Uninstall
SwordBible
SwordSearcher 4.01 Deluxe
System Requirements Lab
TBS WMP Plug-in
The Print Shop Brochures, Newsletters and More!
TightVNC
Total Recorder 6.1
TransferBigFiles Desktop Client
TrayApp
TreeSize Free V2.7
True Launch Bar (Giveaway of the Day)
Tweak UI
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
uRex DVD Ripper Platinum
VC80CRTRedist - 8.0.50727.4053
Video Converter Professional 4.0.0.0
Vivitar Experience Image Manager
VNC Free Edition 4.1.2
VobSub v2.23 (Remove Only)
Webcast
WebFldrs XP
WebUpdate
Windows Automated Installation Kit
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
WinPcap 4.0.2
WinUtilities 10.01 Professional Edition
WinX DVD Author 5.9
WinX DVD Copy Pro 3.0.0
WinX DVD Ripper Platinum 6.3.1
Wise PC Engineer 6.3.3
Wondershare DVD Slideshow Builder Standard(Build 6.1.6.55)
Wondershare PDF Converter (Build 2.6.2)
Word to FlippingBook
Worship Extreme
XP Codec Pack
XviD MPEG4 Video Codec (remove only)
Xvid Video Codec
XYplorer 4.50
YouTubeGet 5.9.1
Zentimo PRO 1.4
Zoner Photo Studio 14
.
==== Event Viewer Messages From Past Week ========
.
9/3/2012 9:33:33 AM, error: Service Control Manager [7000] - The Soluto service failed to start due to the following error: A device attached to the system is not functioning.
9/3/2012 9:28:37 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Soluto
9/3/2012 5:18:24 PM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\D.
9/3/2012 4:49:23 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer HWA-12 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D783742E-0F75-49EB-82. The master browser is stopping or an election is being forced.
9/3/2012 2:47:56 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD AmdPPM AswRdr aswSnx aswSP aswTdi BANTExt EUDSKACS Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Soluto sptd StarOpen Tcpip
9/3/2012 2:38:34 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AmdPPM aswSnx aswSP aswTdi BANTExt EUDSKACS Fips SASDIFSV SASKUTIL Soluto sptd StarOpen
9/3/2012 1:39:22 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AmdPPM aswSnx aswSP aswTdi BANTExt EUDSKACS Fips SASDIFSV SASKUTIL Soluto StarOpen
9/2/2012 12:54:05 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AmdPPM aswSP aswTdi BANTExt EUDSKACS Fips SASDIFSV SASKUTIL Soluto sptd StarOpen
9/2/2012 1:15:33 PM, error: EventLog [6004] - A driver packet received from the I/O subsystem was invalid. The data is the packet.
9/1/2012 8:00:20 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdPPM Avgldx86 Avgmfx86 Avgtdix BANTExt EUDSKACS Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Soluto sptd StarOpen Tcpip
9/1/2012 8:00:20 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
9/1/2012 8:00:20 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/1/2012 8:00:20 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/1/2012 8:00:20 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
9/1/2012 7:59:45 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
9/1/2012 7:59:33 AM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/1/2012 12:44:55 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdPPM Avgldx86 Avgmfx86 BANTExt EUDSKACS Fips Soluto sptd StarOpen
9/1/2012 12:16:23 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdPPM Avgldx86 Avgmfx86 BANTExt EUDSKACS Fips Soluto StarOpen
9/1/2012 11:55:50 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Soluto PCGenome Core Service service to connect.
9/1/2012 11:55:50 PM, error: Service Control Manager [7000] - The Soluto PCGenome Core Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/1/2012 1:10:47 AM, error: Service Control Manager [7034] - The Ashampoo Anti-Malware Service service terminated unexpectedly. It has done this 1 time(s).
8/31/2012 9:11:13 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/31/2012 9:00:09 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
8/31/2012 8:58:37 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdPPM Avgldx86 Avgmfx86 BANTExt EUDSKACS Fips SASDIFSV SASKUTIL Soluto sptd StarOpen
8/31/2012 8:58:37 PM, error: Service Control Manager [7001] - The World Wide Web Publishing service depends on the IIS Admin service which failed to start because of the following error: The dependency service or group failed to start.
8/31/2012 8:58:37 PM, error: Service Control Manager [7001] - The Simple Mail Transfer Protocol (SMTP) service depends on the IIS Admin service which failed to start because of the following error: The dependency service or group failed to start.
8/31/2012 8:57:40 PM, error: sptd [4] - Driver detected an internal error in its data structures for .
8/31/2012 7:00:32 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
8/31/2012 6:34:07 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdPPM Avgldx86 Avgmfx86 BANTExt EUDSKACS Fips SASDIFSV SASKUTIL Soluto StarOpen
8/31/2012 5:02:02 PM, error: Service Control Manager [7022] - The AVGIDSAgent service hung on starting.
8/31/2012 10:15:49 PM, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified.
8/31/2012 10:15:49 PM, error: Service Control Manager [7000] - The NetBEUI Protocol service failed to start due to the following error: The system cannot find the file specified.
8/31/2012 10:15:49 PM, error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the file specified.
8/29/2012 9:47:36 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer HWA-16 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D783742E-0F75-49EB-82. The master browser is stopping or an election is being forced.
8/29/2012 1:31:37 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000007F' while processing the file 'emssrv.cfg' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
8/27/2012 8:01:03 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer HWA-15 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D783742E-0F75-49EB-82. The master browser is stopping or an election is being forced.
8/27/2012 10:10:03 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: nvatabus nv_agp
.
==== End Of File ===========================
dpcofhwa
Active Member
 
Posts: 2
Joined: September 3rd, 2012, 6:13 pm
Advertisement
Register to Remove

Re: Growing file clouds_2048.tmp

Unread postby Cypher » September 5th, 2012, 5:20 am

Posting at multiple forums

You have requested help with this problem at another forum:
http://www.bleepingcomputer.com/forums/topic467365.html

May I draw your attention to the ALL USERS OF THIS FORUM MUST READ THIS FIRST topic, which you should have read before posting for help.
See the section here where we tell you why this is not a good idea.


This topic is now closed
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 39 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware