Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_14
Run by NOC at 12:01:48 on 2013-03-02
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.565 [GMT -5:00]
.
AV: Bitdefender Antivirus *Disabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Norton Security Online *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Bitdefender Firewall *Disabled*
FW: Norton Security Online *Enabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.cbc.ca/ottawa/
uInternet Connection Wizard,ShellNext = hxxp://register.hp.com/servlet/WebReg.s ... _YEAR=2007
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.1.0.10\AVG Secure Search_toolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.1.0.10\AVG Secure Search_toolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Share-to-Web Namespace Daemon] "c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe"
mRun: [IgfxTray] "c:\windows\system32\igfxtray.exe"
mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"
mRun: [Persistence] "c:\windows\system32\igfxpers.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [ISUSPM Startup] "c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [RogersServicepointAgent.exe] "c:\program files\rogers online protection\rogers servicepoint agent\RogersServicepointAgent.exe" /AUTORUN
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/wind ... 8977837421
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftup ... 9902427828
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/sh ... wflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{DD1B4F89-9B7B-4B22-A03A-3EA5D115202A} : DHCPNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.1.7\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 31952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 301920]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-23 33112]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 250080]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 41040]
S2 aswFsBlk;aswFsBlk; [x]
S2 avast! Antivirus;avast! Antivirus;"c:\program files\alwil software\avast5\avastsvc.exe" --> c:\program files\alwil software\avast5\AvastSvc.exe [?]
S2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2011-10-24 2398512]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-11-2 5174392]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
S2 HidCom;USB-HID -> COM Driver Service;c:\windows\system32\drivers\HidCom.sys [2005-11-9 21016]
S2 vToolbarUpdater14.1.7;vToolbarUpdater14.1.7;c:\program files\common files\avg secure search\vtoolbarupdater\14.1.7\ToolbarUpdater.exe [2013-2-17 965296]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 142176]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-3-2 40776]
.
=============== Created Last 30 ================
.
2013-03-02 15:09:57 -------- d-sha-r- C:\cmdcons
2013-03-02 15:06:52 98816 ----a-w- c:\windows\sed.exe
2013-03-02 15:06:52 256000 ----a-w- c:\windows\PEV.exe
2013-03-02 15:06:52 208896 ----a-w- c:\windows\MBR.exe
2013-03-02 14:56:47 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-02 14:52:41 -------- d-----w- c:\program files\xxxxxxx
2013-03-02 14:51:53 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-03-02 13:20:25 -------- d-----w- c:\documents and settings\noc\application data\BHOK IT Consulting
2013-03-02 13:10:00 -------- d-----w- c:\documents and settings\all users\application data\APN
.
==================== Find3M ====================
.
2013-02-17 12:38:03 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-12-10 08:28:36 142176 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2004-08-04 10:00:00 94784 --sh--w- c:\windows\twain.dll
2004-08-04 10:00:00 50688 --sh--w- c:\windows\twain_32.dll
2004-08-04 10:00:00 1028096 --sh--w- c:\windows\system32\mfc42.dll
2004-08-04 10:00:00 54784 --sh--w- c:\windows\system32\msvcirt.dll
2008-04-14 00:12:01 413696 --sha-w- c:\windows\system32\msvcp60(2).dll
2004-08-04 10:00:00 413696 --sh--w- c:\windows\system32\msvcp60.dll
2008-04-14 00:12:01 343040 --sha-w- c:\windows\system32\msvcrt(2).dll
2008-04-14 00:12:02 551936 --sha-w- c:\windows\system32\oleaut32(2).dll
2004-08-04 10:00:00 553472 --sha-w- c:\windows\system32\oleaut32.dll
2004-08-04 10:00:00 11776 --sh--w- c:\windows\system32\regsvr32.exe
.
============= FINISH: 12:02:23.60 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 6/26/07 8:31:56 PM
System Uptime: 3/02/13 11:55:08 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0JC474
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 146 GiB total, 45.271 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP376: 10/28/12 9:29:54 AM - System Checkpoint
RP377: 11/19/12 3:25:29 PM - System Checkpoint
RP378: 12/02/12 7:27:28 PM - System Checkpoint
RP379: 12/18/12 11:54:42 PM - System Checkpoint
RP380: 1/01/13 1:51:22 PM - System Checkpoint
RP381: 1/05/13 9:17:37 AM - System Checkpoint
RP382: 1/19/13 12:37:03 PM - System Checkpoint
RP383: 2/03/13 10:44:09 AM - System Checkpoint
RP384: 2/24/13 11:09:59 AM - System Checkpoint
RP385: 3/02/13 9:07:02 AM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.4
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
AVG 2012
AVG Security Toolbar
Bonjour
Camera Support Core Library
Camera Window DS
Camera Window DVC
Camera Window MC
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DS for ZoomBrowser EX
Canon Camera Window MC 5 for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon MP240 series MP Drivers
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities PhotoStitch 3.1
Canon ZoomBrowser EX
CCleaner (remove only)
Conexant D850 56K V.9x DFVc Modem
CutePDF Writer 2.8
Google Update Helper
HP Share-to-Web
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Java(TM) 6 Update 14
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft Application Error Reporting
Microsoft Automated Troubleshooting Services Shim
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 4.1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MovieEdit Task
Mozilla Firefox 4.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MySQL Connector/ODBC 3.51
PhotoStitch
QuickTime
RAW Image Task 2.1
Rogers Servicepoint Agent 2.0.21
Rogers Yahoo! Applications
RPS CRT
SigmaTel Audio
Simply Accounting by Sage 2009
Sonic Update Manager
StudioTax 2010
StudioTax 2011
TaxFreeway 2010
Terminal Services Web Client
Trivial Pursuit Digital Choice v1.3.0 for Windows XP/Vista
WebFldrs XP
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
3/02/13 8:00:12 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
3/02/13 11:57:08 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 aswRdr aswSnx aswSP aswTdi Avgldx86 Avgmfx86 Fips intelppm sptd
3/02/13 11:55:59 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/24/13 9:14:05 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 aswRdr aswSnx aswSP aswTdi sptd
2/24/13 9:14:02 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
2/24/13 9:14:02 AM, error: Service Control Manager [7001] - The avast! Antivirus service depends on the avast! Standard Shield Support service which failed to start because of the following error: The system cannot find the file specified.
2/24/13 9:14:02 AM, error: Service Control Manager [7000] - The Security Services Driver (x86) service failed to start due to the following error: The system cannot find the file specified.
2/24/13 9:14:02 AM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/24/13 9:14:02 AM, error: Service Control Manager [7000] - The BDRSDRV service failed to start due to the following error: The system cannot find the path specified.
2/24/13 9:14:02 AM, error: Service Control Manager [7000] - The avast! Standard Shield Support service failed to start due to the following error: The system cannot find the file specified.
2/24/13 9:14:02 AM, error: Service Control Manager [7000] - The aswFsBlk service failed to start due to the following error: The system cannot find the file specified.
2/24/13 9:13:40 AM, error: Dhcp [1002] - The IP address lease 192.168.0.12 for the Network Card with network address 001320E0A277 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
Unable to use Microsoft office or CD drives. All my malware and spyware programs have been disabled and I can't install new ones. I get an error while trying to install new software.