Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Malwarebytes, Spybot S&D will not run Google redirecting

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby bearmandan » September 2nd, 2010, 6:41 pm

Completed the tasks, and reviewed your topice of concern on reg cleaners and have a beter than average understand of how things work. I am however, at a loss with many of the new threats and rootkits that are becoming common place. What are your thoughts on the new microsoft offerings for virus protection (Microsoft Security Essentials).
Bearmandan

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4532

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

9/2/2010 18:27:25
mbam-log-2010-09-02 (18-27-25).txt

Scan type: Quick scan
Objects scanned: 154738
Time elapsed: 7 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XBV6RD5SZF (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


DDS (Ver_10-03-17.01) - NTFSx86
Run by Daniel Kiernan at 18:28:40.96 on Thu 09/02/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.1091 [GMT -4:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
E:\Backups\Gateway My Documents\My Downloads\dds(2).scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [EPSON Stylus CX3800 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\E_FATIACA.EXE /P35 "EPSON Stylus CX3800 Series (Copy 1)" /O6 "USB002" /M "Stylus CX3800"
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
IE: E&xport to Microsoft Excel
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
Trusted Zone: adecco.com\*.xpert
Trusted Zone: adecco.com\ak3.xpert
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {32505657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/ ... mvadvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 relog_ap

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\daniel~1\applic~1\mozilla\firefox\profiles\nuxnqc0c.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en&refresh=1
FF - prefs.js: keyword.URL - hxxp://bing.zugo.com/s/?src=FF-Address& ... -76-0-hduU\n&q=
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPFxViewer.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 10);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-6-13 64288]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2009-9-26 819600]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2009-9-23 447832]
R3 pnicII;Linksys Fast Ethernet PCI Card;c:\windows\system32\drivers\LNE100.SYS [2008-11-12 20573]
R3 sftfs;sftfs;c:\program files\microsoft application virtualization client\drivers\SftFSXP.sys [2009-9-23 543064]
R3 sftplay;sftplay;c:\program files\microsoft application virtualization client\drivers\sftplayxp.sys [2009-9-23 190312]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [2009-9-23 21864]
R3 sftvol;sftvol;c:\program files\microsoft application virtualization client\drivers\SftVolXP.sys [2009-9-23 14680]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2009-9-23 203608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-9-29 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-12-9 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-12-9 40552]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-9-26 4639136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 QuickBooksDB17;QuickBooksDB17;c:\progra~1\intuit\quickb~1\qbdbmgrn.exe -hvquickbooksdb17 --> c:\progra~1\intuit\quickb~1\QBDBMgrN.exe -hvQuickBooksDB17 [?]

=============== Created Last 30 ================

2010-09-01 23:32:14 0 d-sha-r- C:\cmdcons
2010-09-01 23:27:35 98816 ----a-w- c:\windows\sed.exe
2010-09-01 23:27:35 77312 ----a-w- c:\windows\MBR.exe
2010-09-01 23:27:35 256512 ----a-w- c:\windows\PEV.exe
2010-09-01 23:27:35 161792 ----a-w- c:\windows\SWREG.exe
2010-08-29 21:58:41 0 d-----w- c:\program files\RootkitRevealer
2010-08-28 13:11:27 0 d-----w- c:\program files\Trend Micro
2010-08-27 11:52:11 0 d-----w- c:\windows\CD95F661A5C444F5A6AAECDD91C240BB.TMP
2010-08-27 02:25:15 0 d-----w- c:\program files\GMER
2010-08-27 02:17:19 0 ----a-w- c:\documents and settings\daniel kiernan\defogger_reenable
2010-08-26 23:46:35 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-26 23:46:31 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-26 23:46:31 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-22 16:43:31 0 d-----w- c:\program files\Pro Imaging Powertoys
2010-08-22 16:43:31 0 d-----w- c:\program files\common files\Nikon
2010-08-22 16:37:06 0 d-----w- c:\windows\Downloaded Installations
2010-08-10 09:15:58 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-08-10 09:15:58 69632 ----a-w- c:\windows\system32\QuickTime.qts

==================== Find3M ====================

2010-07-27 06:30:35 8462336 ------w- c:\windows\system32\dllcache\shell32.dll
2010-07-17 09:00:04 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-30 12:31:35 149504 ------w- c:\windows\system32\dllcache\schannel.dll
2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 13:44:04 1851904 ------w- c:\windows\system32\dllcache\win32k.sys
2010-06-23 12:06:51 70656 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2010-06-23 12:06:51 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2010-06-21 15:27:11 354304 ------w- c:\windows\system32\dllcache\srv.sys
2010-06-18 13:36:12 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-06-17 15:12:57 634656 ------w- c:\windows\system32\dllcache\iexplore.exe
2010-06-17 15:11:25 161792 ------w- c:\windows\system32\dllcache\ieakui.dll
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31:20 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-06-14 09:40:12 93184 ----a-w- c:\windows\CARDFILE.EXE
2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-14 07:41:45 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
2010-06-13 20:39:36 15880 ----a-w- c:\windows\system32\lsdelete.exe

============= FINISH: 18:29:12.37 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/12/2008 21:23:10
System Uptime: 9/1/2010 21:40:06 (21 hours ago)

Motherboard: Gigabyte Technology Co., Ltd. | | 7VRX
Processor: AMD Athlon(tm) XP 2000+ | Socket-A | 1673/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 466 GiB total, 348.562 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 466 GiB total, 88.388 GiB free.
F: is Removable
G: is Removable
H: is Removable
I: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP114: 12/20/2009 18:18:58 - System Checkpoint
RP115: 12/21/2009 18:28:12 - System Checkpoint
RP116: 12/22/2009 21:20:40 - System Checkpoint
RP117: 12/23/2009 21:35:35 - System Checkpoint
RP118: 12/24/2009 22:21:26 - System Checkpoint
RP119: 12/26/2009 09:05:38 - Removed WinZip 12.1
RP120: 12/26/2009 09:08:39 - Installed WinZip 12.1
RP121: 12/26/2009 19:17:53 - Installed Windows Installer Clean Up
RP122: 12/26/2009 19:27:44 - Installed Microsoft Office Small Business Edition 2003
RP123: 12/26/2009 19:38:55 - Printer Driver Microsoft Office Document Image Writer Installed
RP124: 12/27/2009 20:53:01 - System Checkpoint
RP125: 12/28/2009 22:41:50 - System Checkpoint
RP126: 12/29/2009 23:31:48 - System Checkpoint
RP127: 12/31/2009 00:15:26 - System Checkpoint
RP128: 1/1/2010 01:29:16 - System Checkpoint
RP129: 1/2/2010 01:46:34 - System Checkpoint
RP130: 1/3/2010 02:57:21 - System Checkpoint
RP131: 1/4/2010 06:18:34 - System Checkpoint
RP132: 1/5/2010 09:05:08 - System Checkpoint
RP133: 1/6/2010 17:46:18 - System Checkpoint
RP134: 1/7/2010 17:53:23 - System Checkpoint
RP135: 1/8/2010 17:54:08 - System Checkpoint
RP136: 1/9/2010 18:24:34 - System Checkpoint
RP137: 1/10/2010 18:28:33 - System Checkpoint
RP138: 1/11/2010 20:17:41 - System Checkpoint
RP139: 1/12/2010 21:29:35 - System Checkpoint
RP140: 1/13/2010 20:30:47 - Software Distribution Service 3.0
RP141: 1/13/2010 20:35:29 - Installed Windows XP KB972270.
RP142: 1/13/2010 20:36:02 - Installed Windows XP KB955759.
RP143: 1/14/2010 21:11:45 - System Checkpoint
RP144: 1/15/2010 22:18:59 - System Checkpoint
RP145: 1/17/2010 00:00:58 - System Checkpoint
RP146: 1/18/2010 05:46:19 - System Checkpoint
RP147: 1/19/2010 07:21:25 - System Checkpoint
RP148: 1/20/2010 23:07:26 - System Checkpoint
RP149: 1/21/2010 18:28:27 - Software Distribution Service 3.0
RP150: 1/21/2010 18:29:15 - Installed Windows XP KB978207.
RP151: 1/22/2010 18:49:23 - System Checkpoint
RP152: 1/23/2010 20:11:54 - System Checkpoint
RP153: 1/24/2010 23:31:41 - System Checkpoint
RP154: 1/26/2010 08:47:09 - System Checkpoint
RP155: 1/26/2010 20:55:15 - Installed Java(TM) 6 Update 18
RP156: 1/27/2010 21:20:48 - System Checkpoint
RP157: 1/28/2010 22:09:36 - System Checkpoint
RP158: 1/29/2010 22:32:26 - System Checkpoint
RP159: 1/30/2010 22:39:05 - System Checkpoint
RP160: 2/1/2010 00:02:49 - System Checkpoint
RP161: 2/2/2010 01:38:55 - System Checkpoint
RP162: 2/3/2010 06:51:25 - System Checkpoint
RP163: 2/4/2010 06:54:30 - System Checkpoint
RP164: 2/4/2010 19:05:07 - Software Distribution Service 3.0
RP165: 2/4/2010 19:13:02 - Printer Driver Microsoft Office Document Image Writer Installed
RP166: 2/5/2010 19:34:10 - System Checkpoint
RP167: 2/6/2010 20:14:29 - System Checkpoint
RP168: 2/7/2010 22:23:55 - System Checkpoint
RP169: 2/9/2010 01:18:50 - System Checkpoint
RP170: 2/9/2010 17:41:25 - Software Distribution Service 3.0
RP171: 2/9/2010 17:42:11 - Installed Windows XP KB977165.
RP172: 2/9/2010 17:43:00 - Installed Windows XP KB978706.
RP173: 2/9/2010 17:45:06 - Installed Windows XP KB977914.
RP174: 2/9/2010 17:45:43 - Installed Windows XP KB975560.
RP175: 2/9/2010 17:46:10 - Installed Windows XP KB978251.
RP176: 2/9/2010 17:46:39 - Installed Windows XP KB975713.
RP177: 2/9/2010 17:47:06 - Installed Windows XP KB978037.
RP178: 2/9/2010 17:50:53 - Installed Windows XP KB971468.
RP179: 2/9/2010 17:52:16 - Installed Windows XP KB978262.
RP180: 2/10/2010 18:08:25 - System Checkpoint
RP181: 2/11/2010 18:21:40 - System Checkpoint
RP182: 2/12/2010 18:51:00 - System Checkpoint
RP183: 2/13/2010 19:20:35 - System Checkpoint
RP184: 2/14/2010 20:30:38 - System Checkpoint
RP185: 2/15/2010 21:27:41 - System Checkpoint
RP186: 2/16/2010 21:33:33 - System Checkpoint
RP187: 2/17/2010 22:00:23 - System Checkpoint
RP188: 2/18/2010 22:09:49 - System Checkpoint
RP189: 2/19/2010 23:15:58 - System Checkpoint
RP190: 2/20/2010 23:32:30 - System Checkpoint
RP191: 2/22/2010 00:00:25 - System Checkpoint
RP192: 2/23/2010 00:00:25 - System Checkpoint
RP193: 2/24/2010 00:13:55 - System Checkpoint
RP194: 2/24/2010 03:00:11 - Software Distribution Service 3.0
RP195: 2/24/2010 03:00:25 - Installed Windows XP KB979306.
RP196: 2/25/2010 03:00:25 - System Checkpoint
RP197: 2/26/2010 03:00:25 - System Checkpoint
RP198: 2/27/2010 03:28:25 - System Checkpoint
RP199: 2/28/2010 04:40:58 - System Checkpoint
RP200: 3/1/2010 04:41:13 - System Checkpoint
RP201: 3/2/2010 04:41:13 - System Checkpoint
RP202: 3/3/2010 06:17:45 - System Checkpoint
RP203: 3/4/2010 06:26:28 - System Checkpoint
RP204: 3/5/2010 08:29:15 - System Checkpoint
RP205: 3/6/2010 10:09:00 - System Checkpoint
RP206: 3/7/2010 10:53:21 - System Checkpoint
RP207: 3/8/2010 11:28:02 - System Checkpoint
RP208: 3/9/2010 12:28:02 - System Checkpoint
RP209: 3/10/2010 05:27:20 - Software Distribution Service 3.0
RP210: 3/10/2010 05:31:15 - Installed Windows XP KB975561.
RP211: 3/10/2010 05:34:00 - Printer Driver Microsoft Office Document Image Writer Installed
RP212: 3/11/2010 06:09:41 - System Checkpoint
RP213: 3/11/2010 17:13:29 - Installed Compatibility Pack for the 2007 Office system
RP214: 3/12/2010 03:00:12 - Software Distribution Service 3.0
RP215: 3/12/2010 15:10:42 - Software Distribution Service 3.0
RP216: 3/13/2010 09:00:58 - Software Distribution Service 3.0
RP217: 3/14/2010 12:08:30 - System Checkpoint
RP218: 3/15/2010 12:38:15 - System Checkpoint
RP219: 3/16/2010 13:38:15 - System Checkpoint
RP220: 3/17/2010 18:40:02 - System Checkpoint
RP221: 3/18/2010 19:08:13 - System Checkpoint
RP222: 3/19/2010 21:33:00 - System Checkpoint
RP223: 3/20/2010 22:09:41 - System Checkpoint
RP224: 3/22/2010 07:51:49 - System Checkpoint
RP225: 3/23/2010 08:41:02 - System Checkpoint
RP226: 3/24/2010 09:20:25 - System Checkpoint
RP227: 3/25/2010 10:50:32 - System Checkpoint
RP228: 3/26/2010 11:10:59 - System Checkpoint
RP229: 3/27/2010 14:42:28 - System Checkpoint
RP230: 3/28/2010 15:50:55 - System Checkpoint
RP231: 3/29/2010 19:03:41 - System Checkpoint
RP232: 3/30/2010 21:03:31 - System Checkpoint
RP233: 3/31/2010 03:00:12 - Software Distribution Service 3.0
RP234: 3/31/2010 03:01:04 - Installed Windows XP KB980182.
RP235: 4/1/2010 18:09:47 - System Checkpoint
RP236: 4/2/2010 20:53:14 - System Checkpoint
RP237: 4/3/2010 23:02:53 - System Checkpoint
RP238: 4/4/2010 23:23:11 - System Checkpoint
RP239: 4/5/2010 23:37:33 - System Checkpoint
RP240: 4/6/2010 23:43:44 - System Checkpoint
RP241: 4/8/2010 00:26:14 - System Checkpoint
RP242: 4/9/2010 01:43:10 - System Checkpoint
RP243: 4/10/2010 01:49:08 - System Checkpoint
RP244: 4/11/2010 09:06:38 - System Checkpoint
RP245: 4/12/2010 18:51:38 - System Checkpoint
RP246: 4/13/2010 19:54:11 - Software Distribution Service 3.0
RP247: 4/13/2010 19:55:14 - Installed Windows XP KB979309.
RP248: 4/13/2010 19:55:41 - Installed Windows XP KB978601.
RP249: 4/13/2010 19:56:39 - Installed Windows XP KB977816.
RP250: 4/13/2010 19:57:05 - Installed Windows XP KB978338.
RP251: 4/13/2010 19:57:34 - Installed Windows XP KB981349.
RP252: 4/13/2010 19:59:43 - Installed Windows Media Player KB979402.
RP253: 4/13/2010 20:00:14 - Installed Windows XP KB980232.
RP254: 4/13/2010 20:00:49 - Installed Windows XP KB979683.
RP255: 4/14/2010 21:35:56 - System Checkpoint
RP256: 4/16/2010 08:52:18 - System Checkpoint
RP257: 4/17/2010 19:02:58 - System Checkpoint
RP258: 4/18/2010 20:08:37 - System Checkpoint
RP259: 4/19/2010 21:42:59 - System Checkpoint
RP260: 4/21/2010 06:06:44 - System Checkpoint
RP261: 4/22/2010 17:16:54 - System Checkpoint
RP262: 4/23/2010 20:53:33 - System Checkpoint
RP263: 4/24/2010 21:20:58 - System Checkpoint
RP264: 4/25/2010 17:56:32 - Installed Windows Media Player 11
RP265: 4/25/2010 17:58:05 - Software Distribution Service 3.0
RP266: 4/25/2010 17:58:23 - Installed Windows Media Player 11
RP267: 4/25/2010 17:59:22 - Installed Windows XP Wudf01000.
RP268: 4/25/2010 18:02:16 - Installed Windows XP MSCompPackV1.
RP269: 4/25/2010 18:12:45 - Software Distribution Service 3.0
RP270: 4/25/2010 18:13:03 - Installed Windows Media Player KB952069.
RP271: 4/25/2010 18:13:18 - Installed Windows Media Player KB973540.
RP272: 4/25/2010 18:13:32 - Installed Windows Media Player KB954155.
RP273: 4/25/2010 18:13:43 - Installed Windows Media Player KB968816.
RP274: 4/26/2010 13:41:52 - Software Distribution Service 3.0
RP275: 4/26/2010 13:42:05 - Installed Windows Media Player 11 KB954154.
RP276: 4/26/2010 13:42:49 - Installed Windows Media Player 11 KB939683.
RP277: 4/26/2010 13:43:21 - Installed Windows Media Format 11 SDK KB929399.
RP278: 4/26/2010 13:44:05 - Installed Windows XP KB941569.
RP279: 4/27/2010 17:41:02 - System Checkpoint
RP280: 4/28/2010 18:20:30 - System Checkpoint
RP281: 4/29/2010 20:21:16 - System Checkpoint
RP282: 4/30/2010 21:31:11 - System Checkpoint
RP283: 5/2/2010 00:31:24 - System Checkpoint
RP284: 5/3/2010 03:17:12 - System Checkpoint
RP285: 5/4/2010 14:01:41 - System Checkpoint
RP286: 5/5/2010 18:41:53 - System Checkpoint
RP287: 5/6/2010 18:52:24 - System Checkpoint
RP288: 5/7/2010 19:18:48 - System Checkpoint
RP289: 5/8/2010 19:20:55 - System Checkpoint
RP290: 5/9/2010 23:16:43 - System Checkpoint
RP291: 5/10/2010 19:43:30 - Removed Java 2 Runtime Environment, SE v1.4.2_18
RP292: 5/10/2010 19:49:47 - Removed Windows Installer Clean Up
RP293: 5/10/2010 19:54:23 - Installed Windows Installer Clean Up
RP294: 5/10/2010 20:02:00 - Installed Java(TM) 6 Update 20
RP295: 5/11/2010 17:54:54 - Software Distribution Service 3.0
RP296: 5/11/2010 17:55:36 - Installed Windows XP KB978542.
RP297: 5/12/2010 20:19:18 - System Checkpoint
RP298: 5/14/2010 07:04:47 - System Checkpoint
RP299: 5/14/2010 15:48:29 - Printer Driver PrimoPDF Installed
RP300: 5/14/2010 16:15:24 - Installed %1 %2.
RP301: 5/14/2010 16:15:37 - Printer Driver Microsoft XPS Document Writer Installed
RP302: 5/14/2010 16:25:27 - Software Distribution Service 3.0
RP303: 5/14/2010 16:30:37 - Installed Windows KB954550-v5.
RP304: 5/14/2010 16:30:50 - Printer Driver Microsoft XPS Document Writer Installed
RP305: 5/14/2010 16:40:26 - Printer Driver Microsoft XPS Document Writer Installed
RP306: 5/14/2010 16:49:37 - Software Distribution Service 3.0
RP307: 5/14/2010 16:50:15 - Installed Windows XP KB961118.
RP308: 5/14/2010 17:22:30 - Printer Driver PrimoPDF Installed
RP309: 5/15/2010 20:18:47 - System Checkpoint
RP310: 5/16/2010 21:13:25 - System Checkpoint
RP311: 5/17/2010 21:32:11 - System Checkpoint
RP312: 5/18/2010 22:25:01 - System Checkpoint
RP313: 5/20/2010 16:38:52 - System Checkpoint
RP314: 5/22/2010 08:16:17 - System Checkpoint
RP315: 5/23/2010 08:49:35 - System Checkpoint
RP316: 5/24/2010 23:06:15 - System Checkpoint
RP317: 5/25/2010 15:41:20 - Software Distribution Service 3.0
RP318: 5/25/2010 15:41:38 - Installed Windows XP KB981793.
RP319: 5/26/2010 17:09:08 - System Checkpoint
RP320: 5/27/2010 17:52:51 - System Checkpoint
RP321: 5/28/2010 22:10:13 - System Checkpoint
RP322: 5/29/2010 22:28:43 - System Checkpoint
RP323: 5/31/2010 06:53:32 - System Checkpoint
RP324: 6/1/2010 16:10:19 - System Checkpoint
RP325: 6/1/2010 20:05:00 - Removed WinZip 12.1
RP326: 6/2/2010 21:09:41 - System Checkpoint
RP327: 6/3/2010 22:05:42 - System Checkpoint
RP328: 6/4/2010 23:13:07 - System Checkpoint
RP329: 6/6/2010 09:59:57 - System Checkpoint
RP330: 6/7/2010 19:07:49 - System Checkpoint
RP331: 6/8/2010 20:14:56 - System Checkpoint
RP332: 6/8/2010 21:06:35 - Software Distribution Service 3.0
RP333: 6/8/2010 21:08:27 - Installed Windows XP KB982381.
RP334: 6/8/2010 21:19:32 - Installed Windows XP KB975562.
RP335: 6/8/2010 21:20:23 - Installed Windows XP KB979482.
RP336: 6/8/2010 21:20:41 - Installed Windows Media Player KB978695.
RP337: 6/8/2010 21:23:46 - Installed Windows XP KB979559.
RP338: 6/8/2010 21:28:29 - Installed Windows XP KB980195.
RP339: 6/8/2010 21:30:47 - Printer Driver Microsoft Office Document Image Writer Installed
RP340: 6/8/2010 21:32:12 - Installed Windows XP KB980218.
RP341: 6/10/2010 17:12:54 - System Checkpoint
RP342: 6/12/2010 15:12:57 - System Checkpoint
RP343: 6/13/2010 16:02:49 - Software Distribution Service 3.0
RP344: 6/14/2010 16:45:46 - System Checkpoint
RP345: 6/15/2010 13:14:35 - Installed QuickBooks
RP346: 6/16/2010 06:43:48 - Software Distribution Service 3.0
RP347: 6/16/2010 06:51:16 - Software Distribution Service 3.0
RP348: 6/17/2010 13:16:31 - System Checkpoint
RP349: 6/18/2010 16:55:26 - System Checkpoint
RP350: 6/19/2010 22:27:03 - System Checkpoint
RP351: 6/20/2010 22:50:53 - System Checkpoint
RP352: 6/22/2010 07:05:02 - System Checkpoint
RP353: 6/23/2010 12:37:38 - Software Distribution Service 3.0
RP354: 6/24/2010 12:58:24 - System Checkpoint
RP355: 6/25/2010 15:06:40 - System Checkpoint
RP356: 6/26/2010 20:16:37 - System Checkpoint
RP357: 6/27/2010 21:59:12 - System Checkpoint
RP358: 6/29/2010 07:07:57 - System Checkpoint
RP359: 6/30/2010 21:13:22 - System Checkpoint
RP360: 7/2/2010 10:35:11 - System Checkpoint
RP361: 7/3/2010 12:41:51 - System Checkpoint
RP362: 7/4/2010 13:35:26 - System Checkpoint
RP363: 7/5/2010 16:46:19 - System Checkpoint
RP364: 7/6/2010 18:10:08 - System Checkpoint
RP365: 7/7/2010 19:10:50 - System Checkpoint
RP366: 7/8/2010 19:47:52 - System Checkpoint
RP367: 7/10/2010 09:37:05 - System Checkpoint
RP368: 7/11/2010 11:54:00 - System Checkpoint
RP369: 7/12/2010 19:06:41 - System Checkpoint
RP370: 7/13/2010 21:16:04 - System Checkpoint
RP371: 7/14/2010 03:01:53 - Software Distribution Service 3.0
RP372: 7/14/2010 03:07:19 - Installed Windows XP KB2229593.
RP373: 7/15/2010 07:59:10 - System Checkpoint
RP374: 7/16/2010 16:50:06 - System Checkpoint
RP375: 7/17/2010 21:09:43 - System Checkpoint
RP376: 7/18/2010 22:43:49 - System Checkpoint
RP377: 7/19/2010 23:11:25 - System Checkpoint
RP378: 7/21/2010 00:26:02 - System Checkpoint
RP379: 7/22/2010 10:10:14 - System Checkpoint
RP380: 7/23/2010 10:49:09 - System Checkpoint
RP381: 7/25/2010 13:25:02 - System Checkpoint
RP382: 7/26/2010 15:09:00 - System Checkpoint
RP383: 7/27/2010 16:27:55 - System Checkpoint
RP384: 7/28/2010 18:32:41 - System Checkpoint
RP385: 7/29/2010 20:30:15 - System Checkpoint
RP386: 7/30/2010 12:37:26 - Installed Microsoft Visual C++ 2005 Redistributable
RP387: 7/30/2010 12:39:13 - Installed SeaTools for Windows
RP388: 7/31/2010 12:05:27 - Software Distribution Service 3.0
RP389: 8/1/2010 14:13:31 - System Checkpoint
RP390: 8/2/2010 18:43:56 - System Checkpoint
RP391: 8/3/2010 08:15:09 - Software Distribution Service 3.0
RP392: 8/3/2010 08:16:43 - Installed Windows XP KB2286198.
RP393: 8/4/2010 10:02:23 - System Checkpoint
RP394: 8/5/2010 20:46:43 - System Checkpoint
RP395: 8/6/2010 22:59:05 - System Checkpoint
RP396: 8/7/2010 23:10:52 - System Checkpoint
RP397: 8/8/2010 23:11:12 - System Checkpoint
RP398: 8/10/2010 18:53:17 - System Checkpoint
RP399: 8/10/2010 19:06:48 - Installed Java(TM) 6 Update 21
RP400: 8/11/2010 20:31:25 - System Checkpoint
RP401: 8/12/2010 18:25:52 - Software Distribution Service 3.0
RP402: 8/12/2010 18:27:54 - Installed Windows XP KB982665.
RP403: 8/12/2010 18:30:03 - Installed Windows XP KB981997.
RP404: 8/12/2010 18:37:43 - Installed Windows XP KB980436.
RP405: 8/12/2010 18:40:05 - Installed Windows XP KB2160329.
RP406: 8/12/2010 18:52:57 - Installed Windows XP KB2079403.
RP407: 8/12/2010 18:55:13 - Installed Windows XP KB981852.
RP408: 8/12/2010 19:07:35 - Printer Driver Microsoft Office Document Image Writer Installed
RP409: 8/12/2010 19:10:13 - Installed Windows XP KB2115168.
RP410: 8/12/2010 19:11:46 - Installed Windows XP KB982214.
RP411: 8/12/2010 19:15:44 - Installed Windows XP KB2183461.
RP412: 8/13/2010 19:17:51 - System Checkpoint
RP413: 8/14/2010 20:40:27 - System Checkpoint
RP414: 8/16/2010 07:53:54 - System Checkpoint
RP415: 8/17/2010 08:58:04 - System Checkpoint
RP416: 8/18/2010 11:07:27 - System Checkpoint
RP417: 8/19/2010 18:51:48 - System Checkpoint
RP418: 8/20/2010 22:46:18 - System Checkpoint
RP419: 8/22/2010 09:19:00 - System Checkpoint
RP420: 8/22/2010 12:43:13 - Installed Microsoft RAW Image Thumbnailer and Viewer for Windows XP Version 1.0 (Build 50)
RP421: 8/23/2010 19:25:22 - System Checkpoint
RP422: 8/24/2010 20:38:30 - Software Distribution Service 3.0
RP423: 8/25/2010 22:37:46 - System Checkpoint
RP424: 8/27/2010 01:10:19 - System Checkpoint
RP425: 8/27/2010 07:53:21 - Installed WinZip 14.0
RP426: 8/28/2010 09:11:18 - Installed HiJackThis
RP427: 8/29/2010 09:39:27 - System Checkpoint
RP428: 8/30/2010 22:30:01 - System Checkpoint
RP429: 8/31/2010 22:43:18 - System Checkpoint
RP430: 9/1/2010 22:46:14 - System Checkpoint

==== Installed Programs ======================

Acrobat.com
Acronis True Image WD Edition
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Software Update
ArcSoft PhotoImpression 5
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Data Lifeguard Diagnostic for Windows
Data Lifeguard Tools
EPSON CX 3800 Guide
EPSON Printer Software
EPSON Scan
FxFoto by Triscape
Google Earth
Google Update Helper
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 21
Kensington MouseWorks
Logitech MouseWare 9.79.1
Malwarebytes' Anti-Malware
McAfee Virtual Technician
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Click-to-Run 2010 (Beta)
Microsoft Office Home and Business 2010 (Beta) - English
Microsoft Office Small Business Edition 2003
Microsoft RAW Image Thumbnailer and Viewer for Windows XP Version 1.0 (Build 50)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Windows XP Video Decoder Checkup Utility
Mozilla Firefox (3.6.4)
Mozilla Thunderbird (3.1.2)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MV RegClean 5.0 English
MV RegClean 5.9 English
Natural Color
Nero OEM
NVIDIA Display Driver
OGA Notifier 2.0.0048.0
OpenOffice.org Installer 1.0
PrimoPDF -- brought to you by Nitro PDF Software
QuickBooks Pro 2007
QuickBooks Product Listing Service
Quicken 2009
QuickTime
SeaTools for Windows
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
SupportSoft Assisted Service
System Requirements Lab
Triscape FxFoto
Unlocker 1.9.0
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages From Past Week ========

9/1/2010 21:25:28, error: PlugPlayManager [11] - The device Root\LEGACY_UNLOCKERDRIVER5\0000 disappeared from the system without first being prepared for removal.
9/1/2010 21:05:19, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK7 Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
9/1/2010 21:01:11, error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: The system cannot find the path specified.
9/1/2010 20:45:21, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
9/1/2010 20:41:47, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
9/1/2010 20:38:45, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
9/1/2010 20:32:37, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
9/1/2010 20:30:48, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
9/1/2010 20:27:22, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
9/1/2010 20:24:28, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK7 Fips IPSec mfehidk mfetdi2k MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
9/1/2010 20:24:28, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
9/1/2010 20:24:28, error: Service Control Manager [7001] - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
9/1/2010 20:24:28, error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
9/1/2010 20:24:28, error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
9/1/2010 20:24:28, error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
9/1/2010 20:24:28, error: Service Control Manager [7001] - The McAfee Network Agent service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
9/1/2010 20:24:28, error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
9/1/2010 20:24:28, error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
9/1/2010 20:24:28, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/1/2010 20:24:28, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/1/2010 20:24:28, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
9/1/2010 17:15:30, error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/1/2010 17:15:30, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/1/2010 17:15:30, error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/1/2010 17:15:30, error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/1/2010 17:15:30, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/1/2010 17:15:30, error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/1/2010 17:15:18, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).
8/28/2010 08:23:19, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
8/28/2010 08:21:36, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/28/2010 08:21:19, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK7 Fips
8/28/2010 08:21:19, error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
8/27/2010 07:53:43, error: Service Control Manager [7024] - The Java Quick Starter service terminated with service-specific error 1 (0x1).
8/27/2010 07:53:42, error: Service Control Manager [7034] - The McAfee Validation Trust Protection Service service terminated unexpectedly. It has done this 1 time(s).
8/26/2010 21:48:54, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
8/26/2010 21:48:54, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
8/26/2010 21:31:45, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/26/2010 19:56:36, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
8/26/2010 19:19:06, error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\D.
8/26/2010 19:13:23, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

==== End Of File ===========================
bearmandan
Regular Member
 
Posts: 15
Joined: August 28th, 2010, 9:02 am
Advertisement
Register to Remove

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby km2357 » September 2nd, 2010, 8:04 pm

What are your thoughts on the new microsoft offerings for virus protection (Microsoft Security Essentials).


I can't comment on it that much as I myself have never used it, though I have not really heard anything bad about it.

I see you haven't installed a new AntiVirus yet, whether you install one of the two AntiViruses I suggested earlier or you are looking at installing Microsoft Security Essentials, you do need to install an AV ASAP. :)

Your DDS Logs look good. :)


Step # 1: Run Kaspersky Online Scan

Please go to Kaspersky website and perform an online antivirus scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  5. Click on My Computer under Scan.
  6. Once the scan is complete, it will display the results. Click on View Scan Report.
  7. You will see a list of infected items there. Click on Save Report As....
  8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  9. Please post this log in your next reply.


In your next post/reply, I need to see the following:

1. Kaspersky Log
2. How is the computer doing, any problems?
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3204
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby bearmandan » September 3rd, 2010, 6:49 am

The fact that MalwareBytes ran is a major improvement. However, I have not been using the machine other than for the requested scans and have been keeping it off the internet, physically unplugging it when I can.
Please advise when I can reinstall McAfee, Spybot s&d, and AdAware, I have decided to reinstall McAfee for the remainder of my subscription while I investigate a replacement. The recommendation for the Microsoft product came from a weekly program I listen to on a local radio station http://www.computertalkwithtab.com/.
Bearmandan

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, September 3, 2010
Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Thursday, September 02, 2010 22:39:34
Records in database: 4181547
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
Q:\

Scan statistics:
Objects scanned: 161656
Threats found: 9
Infected objects found: 17
Suspicious objects found: 2
Scan duration: 06:11:09


File name / Threat / Threats count
C:\Documents and Settings\Daniel Kiernan\Application Data\Thunderbird\Profiles\hfa1le58.default\Mail\pop.att.yahoo-1.com\Inbox Infected: Trojan.Win32.Jorik.Oficla.bb 1
C:\Documents and Settings\Daniel Kiernan\Application Data\Thunderbird\Profiles\hfa1le58.default\Mail\pop.att.yahoo.com\Inbox Suspicious: Trojan-Spy.HTML.Fraud.gen 1
C:\Documents and Settings\Daniel Kiernan\Application Data\Thunderbird\Profiles\hfa1le58.default\Mail\pop.att.yahoo.com\Inbox Infected: Trojan.Win32.Agent.dtzb 1
C:\Documents and Settings\Daniel Kiernan\Application Data\Thunderbird\Profiles\hfa1le58.default\Mail\pop.att.yahoo.com\McAfee Anti-Spam Infected: Trojan-Spy.HTML.Fraud.bv 1
C:\Documents and Settings\Daniel Kiernan\Application Data\Thunderbird\Profiles\hfa1le58.default\Mail\pop.att.yahoo.com\McAfee Anti-Spam Suspicious: Trojan-Spy.HTML.Fraud.gen 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\i8042prt.sys.vir Infected: Virus.Win32.TDSS.b 1
C:\System Volume Information\_restore{95863965-8589-44E5-A0E4-13425D2D9675}\RP180\A0047603.dll Infected: not-a-virus:AdWare.Win32.EZula.eve 1
C:\System Volume Information\_restore{95863965-8589-44E5-A0E4-13425D2D9675}\RP426\A0069758.exe Infected: Packed.Win32.Katusha.n 1
C:\System Volume Information\_restore{95863965-8589-44E5-A0E4-13425D2D9675}\RP426\A0069759.exe Infected: Packed.Win32.Katusha.n 1
C:\System Volume Information\_restore{95863965-8589-44E5-A0E4-13425D2D9675}\RP426\A0069760.exe Infected: Packed.Win32.Katusha.n 1
C:\System Volume Information\_restore{95863965-8589-44E5-A0E4-13425D2D9675}\RP426\A0069761.sys Infected: Rootkit.Win32.TDSS.bk 1
C:\System Volume Information\_restore{95863965-8589-44E5-A0E4-13425D2D9675}\RP426\A0069762.sys Infected: Rootkit.Win32.TDSS.bk 1
C:\System Volume Information\_restore{95863965-8589-44E5-A0E4-13425D2D9675}\RP429\A0074900.sys Infected: Virus.Win32.TDSS.b 1
C:\WORK_Related\DKiernan\Backup c 02-02-09\My Downloads\couponprinter.exe Infected: not-a-virus:AdWare.Win32.Coupons 1
C:\WORK_Related\DKiernan\Backup c 12-11-08\My Downloads\couponprinter.exe Infected: not-a-virus:AdWare.Win32.Coupons 1
C:\WORK_Related\My Documents\My Downloads\couponprinter.exe Infected: not-a-virus:AdWare.Win32.Coupons 1
E:\WORK_Related\DKiernan\Backup c 02-02-09\My Downloads\couponprinter.exe Infected: not-a-virus:AdWare.Win32.Coupons 1
E:\WORK_Related\DKiernan\Backup c 12-11-08\My Downloads\couponprinter.exe Infected: not-a-virus:AdWare.Win32.Coupons 1
E:\WORK_Related\My Documents\My Downloads\couponprinter.exe Infected: not-a-virus:AdWare.Win32.Coupons 1

Selected area has been scanned.
bearmandan
Regular Member
 
Posts: 15
Joined: August 28th, 2010, 9:02 am

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby km2357 » September 3rd, 2010, 2:30 pm

Kaspersky found a file in the Qoobox folder which is where ComboFix keeps its quarantined files. I'll show you how to remove ComboFix in an upcoming post. Kaspersky also found some infected System Restore points. They are harmless where they are. I'll show you how to remove them and set a new, clean Restore point in an upcoming post as well.

I'd also like for you to open up Thunderbird and delete any e-mails you no longer need that are in your Inbox. Plus delete all e-mails in the Junk/Spam/Bulk/Trash folders.


However, I have not been using the machine other than for the requested scans and have been keeping it off the internet, physically unplugging it when I can.
Please advise when I can reinstall McAfee, Spybot s&d, and AdAware, I have decided to reinstall McAfee for the remainder of my subscription while I investigate a replacement.



Go ahead and reinstall McAfee, Spybot and AdAware. Then go ahead and use your computer as use normally would for the next couple of days. If your computer is fine (everything is running fine, no pop-ups or redirects) by Monday, let me know and we can finish up. :) If your computer is not fine or starts acting as it was before Monday, let me know.
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3204
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby bearmandan » September 6th, 2010, 9:29 am

KM2357
I have reinstalled all my protection products and have been using the machine all weekend and have not experienced any redirects and all the products I reinstalled are running just fine. As for pop-ups they have never been a problem or issue.
Thank you and let me know what I need to do the finish up with you and MalwareRemoval.
BearManDan
bearmandan
Regular Member
 
Posts: 15
Joined: August 28th, 2010, 9:02 am

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby km2357 » September 6th, 2010, 3:12 pm

Great to hear that everything is running great. :)

Since you report no more problems, you're good to go. :)


You can delete the following off of your computer:

DDS.scr
The two DDS Logs
GMER.zip
GMER.exe
The GMER Log


To remove ComboFix, do the following:

Go to Start > Run - type in ComboFix /Uninstall & click OK

Empty your Recycle Bin.


Please take the time to read my All Clean Post.

Please follow these simple steps in order to keep your computer clean and secure:

This is a good time to clear your existing system restore points and establish a new clean restore point

  • Go to Start > All Programs > Accessories > System Tools > System Restore
  • Select Create a restore point, and Ok it.
  • Next, go to Start > Run and type in cleanmgr
  • Make sure the C:\ drive is selected and click OK. If your computer's Hard Drive is not located on C:, change it to the correct drive letter then click OK.
  • Select the More options tab
  • Choose the option to clean up system restore and OK it.
  • This will remove all restore points except the new one you just created.
.

Clearing your restore points is not something you should do on a regular basis. Normally, this process only needs to be done after clearing out an infestation of malware.


Make your Internet Explorer more secure This can be done by following these simple instructions:
  1. From within Internet Explorer click on the Tools menu and then click on Options.
  2. Click once on the Security tab
  3. Click once on the Internet icon so it becomes highlighted.
  4. Click once on the Custom Level button.
    • Change the Download signed ActiveX controls to Prompt
    • Change the Download unsigned ActiveX controls to Disable
    • Change the Initialize and script ActiveX controls not marked as safe to Disable
    • Change the Installation of desktop items to Prompt
    • Change the Launching programs and files in an IFRAME to Prompt
    • Change the Navigate sub frames across different domains to Prompt
  5. When all these settings have been made, click on the OK button.
  6. If it asks you if you want to save the settings, press the Yes button.
  7. Next press the Apply button and then the OK to exit the Internet Properties page.
Set correct settings for files that should be hidden in Windows XP
  • Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
  • Under "Hidden files and folders" if necessary select Do not show hidden files and folders.
  • If unchecked please checkHide protected operating system files (Recommended)
  • If necessary check "Display content of system folders"
  • If necessary Uncheck Hide file extensions for known file types.
  • Click OK
  • Use An Antivirus Software and Keep It Updated - It is very important that your computer has an antivirus software running on your machine. This alone can save you a lot of trouble with malware in the future. It is imperative that you update your antivirus software at least once a day. If you do not update your antivirus software, then it will not be able to catch any of the new variants that may come out.
  • Visit Microsoft's Update Site Frequently It is important that you visit Microsoft Updates regularly. This will ensure your computer has the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  • Install SpywareBlaster SpywareBlaster will add a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. An article on anti-malware products with links for this program and others can be found here:
    Computer Safety on line Anti Malware
  • Use the hosts file: Every version of windows has a hosts file as part of them. In a very basic sense, they are used to locate web pages. We can customize a hosts file so that it blocks certain web pages. However, it can slow down certain computers. This is why using a hosts file is optional. Download mvps hosts file Make sure you read the instructions on how to install the hosts file. There is a good tutorial HERE If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:
    1. Click the start button on the task bar at the bottom of your screen
    2. Click run
    3. In the dialog box, type services.msc
    4. hit enter, then locate dns client
    5. Highlight it, then doubleclick it.
    6. On the dropdown box, change the setting from automatic to manual.
    7. Click ok..
  • Use an alternative instant messenger program.Trillian and Miranda IM These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
  • Please read Tony Klein's excellent article: How I got Infected in the First Place
  • Please read Understanding Spyware, Browser Hijackers, and Dialers
  • Please read Simple and easy ways to keep your computer safe and secure on the Internet
  • If you are using Internet Explorer, please consider using an alternate browser: Mozilla's Firefox or
    Opera.
    If you decide to use either FireFox or Opera, it is very important that you keep them up to date and check frequently for updates of the browser of your choice.
  • Update all these programs regularly Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
  • If your computer was infected by a website, a program, IM, MSN, or p2p, check this site because it is Time To Fight Back.
Follow these steps and your potential for being infected again will reduce dramatically.

Here's a good website to read about Malware prevention:

http://users.telenet.be/bluepatchy/miek ... ntion.html

If your computer is running slow, click here for instructions on how to help speed up your computer.

Good luck!

Please reply one last time so that I know you have read my post and this thread can be closed.
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3204
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby bearmandan » September 6th, 2010, 6:25 pm

I am unable to create a restore point, it encounters a problem and sends it to Microsoft. Any thoughts??

I have read through your post (will read threads on other boards during the week) and this is basically how I have been keeping things in order;
I do not use any Instant Messenger programs. Not even on Facebook.
As for a browser, I use Firefox and my email client is Thunderbird both are the latest and greatest.
I typically update Spybot S&D weekly and immunize the browser at the same time. Teatimer is always running. I update and run MalwareBytes weekly, AdAware is always runnibng, I have the free version and I'm running ver. 8.1.4 and I am unable to upgrade and have an active request for assistance on the Lavasoft fourm.
McAfee is always running with all the features (virus, email, firewall)
Automatic updates for Windows runs daily.

In your opinion am I good or are there things still to do???

BearManDan
bearmandan
Regular Member
 
Posts: 15
Joined: August 28th, 2010, 9:02 am

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby km2357 » September 6th, 2010, 8:05 pm

bearmandan wrote:I am unable to create a restore point, it encounters a problem and sends it to Microsoft. Any thoughts??


What does the exact error message say when your computer tries to create a Restore Point?

I have read through your post (will read threads on other boards during the week) and this is basically how I have been keeping things in order;
I do not use any Instant Messenger programs. Not even on Facebook.
As for a browser, I use Firefox and my email client is Thunderbird both are the latest and greatest.
I typically update Spybot S&D weekly and immunize the browser at the same time. Teatimer is always running. I update and run MalwareBytes weekly, AdAware is always runnibng, I have the free version and I'm running ver. 8.1.4 and I am unable to upgrade and have an active request for assistance on the Lavasoft fourm.
McAfee is always running with all the features (virus, email, firewall)
Automatic updates for Windows runs daily.

In your opinion am I good or are there things still to do???


Concerning everything above, you're doing great on keeping your programs update and running/updating your anti-spyware programs like MalwareBytes' and Spybot S&D is great as well. :) Just follow my other steps listed in my All-Clean post and be careful where you surf on the Web and what you click/download from there and you'll be good. :)
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3204
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby bearmandan » September 7th, 2010, 7:23 am

Came home to no power, when things were restored, I attempted to re-boot and the machine ran chkdsk. Corrected about 30 sector errors then came up to point right after the Windows logo screen with the cursor against a black background. I left it and waited a half hour and then hit the the restart button and it rebooted into the "we apologize for the inconvenience" screen I selected safe mode and it loaded drivers and then rebooted again. I went through that three or four times. Then I selected Start windows Normally and it came up to a blue screen which went by to quickly read. I then went into recovery console and it came to the blue screen which stated UNMOUNTABLE_BOOT_VOLUME. I then put the windows install disk in and booted to recovery console attempted a chkdsk there and it reports multiple unrecoverable errors. Think I'll be buying a drive today. I feel like a black cat crossed my path!
bearmandan
Regular Member
 
Posts: 15
Joined: August 28th, 2010, 9:02 am

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby km2357 » September 7th, 2010, 2:41 pm

bearmandan wrote:Came home to no power, when things were restored, I attempted to re-boot and the machine ran chkdsk. Corrected about 30 sector errors then came up to point right after the Windows logo screen with the cursor against a black background. I left it and waited a half hour and then hit the the restart button and it rebooted into the "we apologize for the inconvenience" screen I selected safe mode and it loaded drivers and then rebooted again. I went through that three or four times. Then I selected Start windows Normally and it came up to a blue screen which went by to quickly read. I then went into recovery console and it came to the blue screen which stated UNMOUNTABLE_BOOT_VOLUME. I then put the windows install disk in and booted to recovery console attempted a chkdsk there and it reports multiple unrecoverable errors. Think I'll be buying a drive today. I feel like a black cat crossed my path!


That's a bummer. :(

Since it sounds like your Hard Drive got fried and since it sounds like you're buying a new one, if you no longer need my services, I'll have this thread closed. :)
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3204
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby bearmandan » September 7th, 2010, 6:49 pm

Close the thread and Thank your for all our efforts.
BearManDan
bearmandan
Regular Member
 
Posts: 15
Joined: August 28th, 2010, 9:02 am

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby km2357 » September 7th, 2010, 7:52 pm

You're welcome. I'm glad I was able to help you out. :)

Good luck and safe surfing!
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3204
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: Malwarebytes, Spybot S&D will not run Google redirecting

Unread postby jmw3 » September 7th, 2010, 9:21 pm

As your malware problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 296 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware