Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer is running slow and getting lots of pop-ups.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer is running slow and getting lots of pop-ups.

Unread postby coxyk » February 18th, 2013, 12:30 pm

Operating System is Windows XP.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_30
Run by Administrator at 10:22:44 on 2013-02-18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.964 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\system32\ibmpmsvc.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~1\AMSG\amsg.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\HP\Button Manager\BM.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\BSD\AppUpdater\BSDChecker.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\IBM\Lotus\Notes\ntmulti.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\lenovo\system update\suservice.exe
C:\WINDOWS\System32\TPHDEXLG.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Business-in-a-Box\BIBLauncher.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Application Data\SanDisk\SanDiskSecureAccess_Manager.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uProxyOverride = <local>;*.local
uURLSearchHooks: SocialSearchBar_App Toolbar: {2421d847-721c-404f-87b4-bbd2b95d1087} - c:\program files\socialsearchbar_app\prxtbSoc0.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: SocialSearchBar_App Toolbar: {2421d847-721c-404f-87b4-bbd2b95d1087} - c:\program files\socialsearchbar_app\prxtbSoc0.dll
BHO: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\program files\imesh applications\mediabar\datamngr\toolbar\imeshdtxmltbpi.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: UnfriendApp: {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - c:\program files\unfriendapp\ie\common.dll
BHO: UrlHelper Class: {474597C5-AB09-49d6-A4D5-2E8D7341384E} - c:\program files\imesh applications\mediabar\datamngr\IEBHO.dll
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\yontoo layers client for internet explorer\YontooIEClient.dll
TB: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: SocialSearchBar_App Toolbar: {2421D847-721C-404F-87B4-BBD2B95D1087} - c:\program files\socialsearchbar_app\prxtbSoc0.dll
TB: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\program files\imesh applications\mediabar\datamngr\toolbar\imeshdtxmltbpi.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: SocialSearchBar_App Toolbar: {2421d847-721c-404f-87b4-bbd2b95d1087} - c:\program files\socialsearchbar_app\prxtbSoc0.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [EPSON WorkForce 610 Series] c:\windows\system32\spool\drivers\w32x86\3\1\e_fatifja.exe /fu "c:\windows\temp\E_S134.tmp" /EF "HKCU"
uRun: [WorkForce 610(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatifja.exe /fu "c:\windows\temp\E_S98.tmp" /EF "HKCU"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BIBLauncher] c:\program files\business-in-a-box\BIBLauncher.exe
uRun: [SanDiskSecureAccess_Manager.exe] c:\documents and settings\administrator\application data\sandisk\SanDiskSecureAccess_Manager.exe
uRun: [lime pro] "c:\program files\lime pro\LimePro.exe" -h
uRun: [Facebook Update] "c:\documents and settings\administrator\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [WorkForce 610(Network) (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatifja.exe /fu "c:\windows\temp\E_S7D.tmp" /EF "HKCU"
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
mRun: [BLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BatLogEx.DLL,StartBattLog
mRun: [TPFNF7] c:\program files\lenovo\npdirect\TPFNF7SP.exe /r
mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [TpShocks] TpShocks.exe
mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [AwaySch] c:\program files\lenovo\awaytask\AwaySch.EXE
mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe
mRun: [AMSG] c:\progra~1\thinkv~1\amsg\amsg.exe
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [BMISR] c:\program files\hp\button manager\BM.exe
mRun: [CarboniteSetupLite] "c:\program files\carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe
mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe"
mRun: [BSDAppUpdater] c:\program files\common files\bsd\appupdater\BSDChecker.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [DATAMNGR] c:\progra~1\imesha~1\mediabar\datamngr\DATAMN~1.EXE
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ISUSScheduler] "c:\progra~1\common~1\instal~1\update~1\issch.exe" -start
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.ico
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/200 ... oader5.cab
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
DPF: {2DAD3559-2923-4935-AD49-B673D2539944} - hxxps://www-307.ibm.com/pc/support/acce ... /AcpIR.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/200 ... ader55.cab
DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} - hxxp://community.weightwatchers.com/Scr ... oader6.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{11F03486-21BD-480C-B4C1-A95F466E22BE} : DHCPNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
Notify: tpfnf2 - c:\program files\lenovo\hotkey\notifyf2.dll
Notify: tphotkey - c:\program files\lenovo\hotkey\tphklock.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\pk0un51g.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/result ... EF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.imesh.com/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ff ... temid=1&q=
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\pk0un51g.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\components\dtTransparency.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\pk0un51g.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\components\dtTransparency3.5.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\pk0un51g.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\components\dtTransparency3.6.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\program files\imesh applications\mediabar\datamngr\firefoxextension\components\DataMngrHlpFF3.dll
FF - plugin: c:\documents and settings\administrator\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: 2013-01-05 07:22; {34712C68-7391-4c47-94F3-8F88D49AD632}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: !HIDDEN! 2009-07-10 05:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
.
============= SERVICES / DRIVERS ===============
.
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-3-2 19760]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-4-8 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2010-7-13 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-7-13 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-7-13 20696]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-7-13 44768]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-6-25 304464]
R2 PMEM ;PMEM ;c:\windows\system32\drivers\pmemnt.sys [2006-8-30 7168]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-6-25 20952]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 Normandy;Normandy SR2; [x]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-02-11 14:00:51 74096 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-11 14:00:51 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-26 03:55:44 552448 ------w- c:\windows\system32\oleaut32.dll
2013-01-07 01:19:45 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37:01 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16:29 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16:28 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16:28 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40:59 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH: 10:23:52.57 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/30/2006 2:19:45 AM
System Uptime: 2/18/2013 9:51:37 AM (1 hours ago)
.
Motherboard: LENOVO | | 8932CTO
Processor: Intel(R) Core(TM)2 Duo CPU T5450 @ 1.66GHz | None | 1662/167mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 106 GiB total, 0.951 GiB free.
D: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP931: 1/14/2013 11:04:56 AM - System Checkpoint
RP932: 1/15/2013 3:00:18 AM - Software Distribution Service 3.0
RP933: 1/16/2013 3:36:33 AM - System Checkpoint
RP934: 1/17/2013 3:39:03 AM - System Checkpoint
RP935: 1/18/2013 4:28:48 AM - System Checkpoint
RP936: 1/19/2013 5:28:45 AM - System Checkpoint
RP937: 1/20/2013 6:28:52 AM - System Checkpoint
RP938: 1/21/2013 7:28:43 AM - System Checkpoint
RP939: 1/22/2013 8:28:42 AM - System Checkpoint
RP940: 1/23/2013 9:28:26 AM - System Checkpoint
RP941: 1/24/2013 10:10:43 AM - System Checkpoint
RP942: 1/25/2013 1:35:22 PM - System Checkpoint
RP943: 1/26/2013 1:42:12 PM - System Checkpoint
RP944: 1/27/2013 4:38:14 PM - System Checkpoint
RP945: 1/31/2013 7:42:56 AM - System Checkpoint
RP946: 2/1/2013 9:47:30 PM - System Checkpoint
RP947: 2/7/2013 9:28:58 PM - System Checkpoint
RP948: 2/11/2013 6:58:22 AM - System Checkpoint
RP949: 2/13/2013 3:00:36 AM - Software Distribution Service 3.0
RP950: 2/14/2013 3:57:03 AM - System Checkpoint
RP951: 2/15/2013 4:11:26 AM - System Checkpoint
RP952: 2/16/2013 5:13:28 AM - System Checkpoint
RP953: 2/17/2013 5:22:38 AM - System Checkpoint
.
==== Installed Programs ======================
.
2007 Microsoft Office system
7-Zip 9.20
Access Help
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.5)
Amazon Unbox Video
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Magic-i 3
ArcSoft Panorama Maker 4
ArcSoft VideoImpression 2
Ask Toolbar
ASPCA Reminder V7F+AU by We-Care.com
avast! Pro Antivirus
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Bonjour
Business-in-a-Box
Business Contact Manager for Outlook 2007 SP2
Carbonite Online Backup Setup
CompanionLink
Conexant HD Audio
Critical Update for Windows Media Player 11 (KB959772)
Documents To Go Desktop for iPhone
Driver Detective
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
EPSON Printer Software
EPSON Scan
EPSON WorkForce 610 Series Printer Uninstall
EpsonNet Print
EpsonNet Setup
Evernote v. 4.1
Facebook Video Calling 1.2.0.287
File Uploader
Film Factory
FoxTab Video Converter (remove only)
Glary Utilities 2.28.0.1011
Google Chrome
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
Help Center
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format 11 SDK (KB939209)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Button Manager
HP Image Capture
HP Photosmart Essential 2.0
HP Photosmart Essential2.5
HP Webcam User’s Guide
IBM Lotus Domino Access for Microsoft Outlook
IBM Lotus EasySync Pro
iCloud
iLike Sidebar
iMesh
Integrated Camera
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless Software
InterVideo Register Manager
InterVideo WinDVD
InterVideo WinDVD Creator 3
iTunes
Java Auto Updater
Java(TM) 6 Update 30
KhalInstallWrapper
Lotus Notes 8.0.2 (Basic)
Maintenance Manager
Malwarebytes' Anti-Malware
mCore
mDriver
MediaBar
MediaWidget 6.0
Memeo AutoBackup
Memeo AutoSync
Message Center
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
mMHouse
MobileMe Control Panel
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
mPfMgr
mProSafe
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
mWlsSafe
Nikon Message Center
Nikon Transfer
OGA Notifier 2.0.0048.0
On Screen Display
Orca
palmOne
Picasa 3
Picture Control Utility
Presentation Director
Productivity Center Supplement for ThinkPad
PSSWCORE
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
RecordNow Audio
RecordNow Copy
RecordNow Data
Remove Multimedia Center
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
Rotate_Video 1.1.9
Safari
SanDiskSecureAccess_Manager.exe
Search Toolbar
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Simplify Media
Skype web features
Skype™ 5.10
SocialSearchBar_App Toolbar
Sonic DLA
Sonic Express Labeler
Sonic Icons for Lenovo
Sonic Update Manager
System Migration Assistant
System Update
ThinkPad EasyEject Utility
ThinkPad FullScreen Magnifier
ThinkPad PC Card Power Policy
ThinkPad Power Management Driver
ThinkPad Power Manager
ThinkPad UltraNav Driver
ThinkPad UltraNav Utility
ThinkVantage Active Protection System
ThinkVantage Productivity Center
ThinkVantage Technologies Welcome Message
UnfriendApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
ViewNX
Wallpapers
WD Diagnostics
WebFldrs XP
WePrint
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Search 4.0
Windows XP Service Pack 3
WinPatrol
XP Themes
Yahoo! Messenger
Yontoo Layers Client for Internet Explorer 1.03.02
ZapNotes
.
==== Event Viewer Messages From Past Week ========
.
2/13/2013 3:37:57 AM, error: Service Control Manager [7016] - The MgiSvr service has reported an invalid current state 32.
.
==== End Of File ===========================
coxyk
Active Member
 
Posts: 12
Joined: December 31st, 2011, 3:07 pm
Advertisement
Register to Remove

Re: Computer is running slow and getting lots of pop-ups.

Unread postby deltalima » February 18th, 2013, 3:33 pm

checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Computer is running slow and getting lots of pop-ups.

Unread postby deltalima » February 18th, 2013, 3:36 pm

Hi coxyk,

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

CKScanner

  • Please download CKScanner from here to your Desktop.
  • Make sure that CKScanner.exe is on the your Desktop before running the application!
  • Double-click on CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved
  • Double-click on the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Next

  • Please download this tool from Microsoft.
  • Double click on MGADiag.exe to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.

codecheck

  • Please download codecheck from here to your Desktop.
  • Make sure that codecheck.exe is on the your Desktop before running the application!
  • Double-click on codecheck.exe.
  • After a very short time a codecheck.txt icon will appear on your Desktop
  • Double-click on the codecheck.txt icon on your Desktop and copy/paste the contents in your next reply.

Please let me know if the computer is used for business in any way.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Computer is running slow and getting lots of pop-ups.

Unread postby coxyk » February 21st, 2013, 3:03 am

No, this computer is not used for business purposes at all.

CKScanner 2.1 - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.XXNAVQ
----- EOF -----

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-RY7BM-HM3KT-BKVRW
Windows Product Key Hash: 6994t4LQCbvkXhtNbqQCL4+auQs=
Windows Product ID: 76487-OEM-2211906-00107
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {7529DB72-6CE0-4061-9151-D4F913731994}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.40.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.9.40.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: 2.0.48.0
OGAExec.exe Signed By: Microsoft
OGAAddin.dll Signed By: Microsoft

OGA Data-->
Office Status: 100 Genuine
2007 Microsoft Office system - 100 Genuine
OGA Version: Registered, 2.0.48.0
Signed By: Microsoft
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_70AFE6BE-656-80070057_E2AD56EA-815-80070057

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\WINDOWS\system32\oembios.bin[Hr = 0x800b0003]
File Mismatch: C:\WINDOWS\system32\oembios.dat[Hr = 0x800b0003]
File Mismatch: C:\WINDOWS\system32\oembios.sig[Hr = 0x800b0003]

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{7529DB72-6CE0-4061-9151-D4F913731994}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-BKVRW</PKey><PID>76487-OEM-2211906-00107</PID><PIDType>2</PIDType><SID>S-1-5-21-3848440319-2639254245-2021335420</SID><SYSTEM><Manufacturer>LENOVO</Manufacturer><Model>8932CTO</Model></SYSTEM><BIOS><Manufacturer>LENOVO</Manufacturer><Version>7OET24WW (1.03 )</Version><SMBIOSVersion major="2" minor="4"/><Date>20070628000000.000000+000</Date><SLPBIOS>LENOVO,LENOVO</SLPBIOS></BIOS><HWID>FB053A07018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Lenovo</name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.9.40.0"/><File Name="WgaLogon.dll" Version="1.9.40.0"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-0031-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>2007 Microsoft Office system</Name><Ver>12</Ver><Val>5A12C967EB96968</Val><Hash>hm2WkU+MC02eZKNvwYAcVlEqcRM=</Hash><Pid>89451-OEM-6618025-87876</Pid><PidType>4</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 14217:IBM|0028:Lenovo
Marker string from OEMBIOS.DAT: LENOVO,LENOVO

OEM Activation 2.0 Data-->
N/A

Codecheck Version 1.0

02021
coxyk
Active Member
 
Posts: 12
Joined: December 31st, 2011, 3:07 pm

Re: Computer is running slow and getting lots of pop-ups.

Unread postby deltalima » February 21st, 2013, 6:23 am

Hi coxyk,

Please uninstall the following

Ask Toolbar
Search Toolbar


Image Please download Junkware Removal Tool and save it to your desktop.
  • Shut down your protection software as shown in This topic now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Please post the contents of JRT.txt into your next reply.

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Please download GMER Rootkit Scanner from here.
  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the "Scan" and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE
Important! Please do not select the "Show all" checkbox during the scan..

Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Computer is running slow and getting lots of pop-ups.

Unread postby deltalima » February 24th, 2013, 7:25 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 60 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware