Hi Shaba,
Below is the Malware bytes log
Malwarebytes' Anti-Malware 1.40
Database version: 2679
Windows 5.1.2600 Service Pack 2
8/23/2009 12:38:48 AM
mbam-log-2009-08-23 (00-38-48).txt
Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 553898
Time elapsed: 2 hour(s), 53 minute(s), 28 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 3
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 3
Folders Infected: 2
Files Infected: 19
Memory Processes Infected:
C:\Program Files\PC_Antispyware2010\PC_Antispyware2010.exe (Rogue.Multiple) -> Unloaded process successfully.
Memory Modules Infected:
C:\Program Files\PC_Antispyware2010\htmlayout.dll (Rogue.AntiVirusPro2009) -> Delete on reboot.
C:\Program Files\PC_Antispyware2010\AVEngn.dll (Rogue.PC_Antispyware2010) -> Delete on reboot.
C:\Program Files\PC_Antispyware2010\pthreadVC2.dll (Rogue.PC_Antispyware2010) -> Delete on reboot.
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\braviax (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files\PC_Antispyware2010 (Rogue.PC_Antispyware2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Start Menu\Programs\PC_Antispyware2010 (Rogue.PC_Antispyware2010) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\PC_Antispyware2010\PC_Antispyware2010.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\PC_Antispyware2010\htmlayout.dll (Rogue.AntiVirusPro2009) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1644491937-343818398-839522115-1004\Dc1\htmlayout.dll (Rogue.AntiVirusPro2009) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1644491937-343818398-839522115-1004\Dc1\Uninstall.exe (Rogue.PC_Antispyware2010) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{824A244B-54D2-47C8-9487-AD335842AC03}\RP1\A0000068.exe (Rogue.PC_Antispyware2010) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{824A244B-54D2-47C8-9487-AD335842AC03}\RP2\A0000073.exe (Rogue.PC_Antispyware2010) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wisdstr.exe (Rogue.PC_Antispyware2010) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN25.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN27.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN2A.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\PC_Antispyware2010\AVEngn.dll (Rogue.PC_Antispyware2010) -> Quarantined and deleted successfully.
C:\Program Files\PC_Antispyware2010\pthreadVC2.dll (Rogue.PC_Antispyware2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Start Menu\Programs\PC_Antispyware2010\PC_Antispyware2010.lnk (Rogue.PC_Antispyware2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Start Menu\Programs\PC_Antispyware2010\Uninstall.lnk (Rogue.PC_Antispyware2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\muwuqobu.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\braviax.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN28.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN29.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Trace.Pandex) -> Quarantined and deleted successfully.
________________________
Below is the DDS.txt
DDS (Ver_09-07-30.01) - NTFSx86
Run by j1nguye at 15:50:04.93 on Sun 08/23/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1274 [GMT -5:00]
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\j1nguye\Desktop\dds(2).scr
============== Pseudo HJT Report ===============
mDefault_Search_URL =
hxxp://www.google.com/iemSearch Page =
hxxp://www.google.commStart Page =
hxxp://www.google.commSearchAssistant =
hxxp://www.google.comTB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 7\SnagItIEAddin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [nwiz] nwiz.exe /install
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [McAfee Backup] c:\program files\mcafee\mbk\McAfeeDataBackup.exe
mRun: [MBkLogOnHook] c:\program files\mcafee\mbk\LogOnHook.exe
dRun: [braviax]
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 5.0\distillr\AcroTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoca~1.lnk - c:\program files\common files\autodesk shared\acstart16.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: DirectAnimation Java Classes -
file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java -
file://c:\windows\java\classes\xmldso.cab
DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} -
hxxp://download.microsoft.com/download/ ... arth3D.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://download.macromedia.com/pub/shoc ... wflash.cabHandler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\puresp3.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\j1nguye\applic~1\mozilla\firefox\profiles\twm3vtdq.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.chron.com/FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
============= SERVICES / DRIVERS ===============
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-4-1 201320]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2009-4-1 359248]
R2 McShield;McAfee Real-time Scanner;c:\program files\mcafee\virusscan\Mcshield.exe [2009-4-1 144704]
R2 PD91Agent;PD91Agent;c:\program files\raxco\perfectdisk2008\PD91Agent.exe [2008-12-31 693512]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2009-4-1 695624]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-4-1 79304]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-4-1 35240]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-4-1 40488]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2007-4-18 176128]
S1 2125d059;2125d059;c:\windows\system32\drivers\2125d059.sys --> c:\windows\system32\drivers\2125d059.sys [?]
S2 gupdate1c98d788df37c4a;Google Update Service (gupdate1c98d788df37c4a);c:\program files\google\update\GoogleUpdate.exe [2009-2-12 133104]
S3 Cdeaogoac;Cdeaogoac; [x]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-4-1 33832]
S3 PciCon;PciCon;\??\e:\pcicon.sys --> e:\PciCon.sys [?]
S3 PD91Engine;PD91Engine;c:\program files\raxco\perfectdisk2008\PD91Engine.exe [2008-12-31 910600]
=============== Created Last 30 ================
2009-08-22 17:31 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-22 17:31 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-22 12:49 <DIR> --d----- c:\program files\Trend Micro
2009-08-20 17:47 19,433 a------- c:\docume~1\alluse~1\applic~1\nemysyko.reg
2009-08-20 17:47 19,174 a------- c:\windows\daciqy._sy
2009-08-20 17:47 18,464 a------- c:\docume~1\alluse~1\applic~1\lykusuj.reg
2009-08-20 17:47 14,268 a------- c:\windows\system32\cutikaqimy.sys
2009-08-20 17:47 13,727 a------- c:\program files\common files\bevuvomaso.reg
2009-08-20 17:47 11,091 a------- c:\windows\system32\zuriniwe.bat
2009-08-20 17:47 17,459 a------- c:\docume~1\alluse~1\applic~1\ojuvygut.reg
2009-08-20 17:47 17,196 a------- c:\docume~1\alluse~1\applic~1\ijihapibu.com
2009-08-20 17:47 15,955 a------- c:\windows\edibunar.dl
2009-08-20 17:47 15,903 a------- c:\windows\usabekyv.exe
2009-08-20 17:47 15,775 a------- c:\windows\qukate.db
2009-08-20 17:47 15,399 a------- c:\program files\common files\oguji.exe
2009-08-20 17:47 13,523 a------- c:\windows\xykefoz.dll
2009-08-20 17:47 13,352 a------- c:\windows\dobyne.sys
2009-08-20 17:47 11,713 a------- c:\windows\system32\jokorudec.inf
2009-08-20 17:47 11,153 a------- c:\docume~1\alluse~1\applic~1\atinu.bin
2009-08-19 00:22 47 a------- c:\windows\.snk
2009-08-18 23:54 <DIR> --d----- c:\program files\CCleaner
2009-08-18 23:48 <DIR> --d----- c:\docume~1\j1nguye\applic~1\McAfee
2009-08-18 23:07 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-18 23:07 73,728 a------- c:\windows\system32\javacpl.cpl
2009-08-18 22:06 19,132 a------- c:\docume~1\alluse~1\applic~1\yruza.bat
2009-08-18 22:06 19,059 a------- c:\windows\system32\qywokol.inf
2009-08-18 22:06 18,541 a------- c:\windows\nodumuvog.vbs
2009-08-18 22:06 17,039 a------- c:\windows\qybokokoqe.ban
2009-08-18 22:06 16,359 a------- c:\windows\wizase.com
2009-08-18 22:06 16,274 a------- c:\windows\system32\jygy.com
2009-08-18 22:06 14,766 a------- c:\windows\system32\wuxedozuf.sys
2009-08-18 22:06 14,446 a------- c:\windows\system32\fexexawem._dl
2009-08-18 22:06 14,079 a------- c:\program files\common files\odotajov.bin
2009-08-18 22:06 13,957 a------- c:\windows\rexisahu._dl
2009-08-18 22:06 11,769 a------- c:\windows\nuqojusur.com
2009-08-18 22:06 10,812 a------- c:\windows\system32\oqixa.sys
2009-08-18 21:24 <DIR> --d----- c:\docume~1\j1nguye\applic~1\Malwarebytes
2009-08-18 00:30 <DIR> --d----- c:\docume~1\j1nguye\applic~1\EAST Technologies
2009-08-18 00:26 <DIR> --d----- c:\documents and settings\j1nguye
2009-08-17 21:12 <DIR> --d----- c:\windows\system32\CatRoot_bak
2009-08-17 20:56 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-17 20:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-08-17 19:51 <DIR> --d----- c:\windows\ERUNT
2009-08-17 19:43 <DIR> --d----- C:\SDFix
2009-08-17 19:38 1,089,601 -c------ c:\windows\system32\dllcache\ntprint.cat
2009-08-17 01:55 <DIR> --d----- c:\windows\system32\XPSViewer
2009-08-17 01:55 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll
2009-08-17 01:55 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-17 01:55 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-17 01:55 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-17 01:55 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-08-17 01:55 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-08-17 01:55 117,760 -------- c:\windows\system32\prntvpt.dll
2009-08-17 01:48 <DIR> --d----- c:\program files\MSXML 6.0
2009-08-17 01:48 221,184 a------- c:\windows\system32\wmpns.dll
2009-08-17 01:23 1,871,872 -c------ c:\windows\system32\dllcache\mstscax.dll
2009-08-17 01:23 128,512 -c------ c:\windows\system32\dllcache\dhtmled.ocx
2009-08-17 01:22 283,648 -c------ c:\windows\system32\dllcache\pdh.dll
2009-08-17 01:22 60,416 -c------ c:\windows\system32\dllcache\colbact.dll
2009-08-17 01:22 714,752 -c------ c:\windows\system32\dllcache\ntdll.dll
2009-08-17 01:22 616,960 -c------ c:\windows\system32\dllcache\advapi32.dll
2009-08-17 01:22 473,088 -c------ c:\windows\system32\dllcache\fastprox.dll
2009-08-17 01:22 453,120 -c------ c:\windows\system32\dllcache\wmiprvsd.dll
2009-08-17 01:22 399,360 -c------ c:\windows\system32\dllcache\rpcss.dll
2009-08-17 01:22 227,840 -c------ c:\windows\system32\dllcache\wmiprvse.exe
2009-08-17 01:22 110,592 -c------ c:\windows\system32\dllcache\services.exe
2009-08-17 01:21 331,776 -c------ c:\windows\system32\dllcache\msadce.dll
2009-08-17 01:20 215,552 -c------ c:\windows\system32\dllcache\wordpad.exe
2009-08-17 01:18 31,768 a------- c:\windows\system32\wucltui.dll.mui
2009-08-17 01:18 18,456 a------- c:\windows\system32\wuaueng.dll.mui
2009-08-17 01:18 23,576 a------- c:\windows\system32\wuaucpl.cpl.mui
2009-08-17 01:18 23,576 a------- c:\windows\system32\wuapi.dll.mui
2009-08-16 23:48 1,596 a------- c:\windows\system32\tmp.reg
2009-08-16 23:42 90 a------- c:\windows\wininit.ini
2009-08-16 00:56 625,952 ac------ c:\windows\system32\dllcache\ntfs.sys
2009-08-05 04:11 204,800 -c------ c:\windows\system32\dllcache\mswebdvd.dll
2009-07-28 23:53 119,808 -c------ c:\windows\system32\dllcache\t2embed.dll
==================== Find3M ====================
2009-08-22 12:46 625,952 a------- c:\windows\system32\drivers\ntfs.sys
2009-08-18 22:06 17,558 a------- c:\program files\common files\yxawuwe.inf
2009-08-18 22:06 17,031 a------- c:\program files\common files\tysakydime.ban
2009-08-18 22:06 15,505 a------- c:\program files\common files\utovopyni._sy
2009-08-18 22:06 13,868 a------- c:\program files\common files\kylumam.db
2009-08-18 22:06 11,331 a------- c:\program files\common files\bulihimi.lib
2009-08-05 04:11 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-07-28 23:53 119,808 a------- c:\windows\system32\t2embed.dll
2009-07-28 23:53 82,432 a------- c:\windows\system32\fontsub.dll
2009-07-17 13:55 58,880 a------- c:\windows\system32\atl.dll
2009-07-13 10:08 286,720 a------- c:\windows\system32\wmpdxm.dll
2009-06-30 20:09 20,992 a------- c:\windows\jestertb.dll
2009-06-26 10:59 668,160 a------- c:\windows\system32\wininet.dll
2009-06-26 10:59 81,920 -------- c:\windows\system32\ieencode.dll
2009-06-25 13:36 661,504 a------- c:\windows\system32\mqqm.dll
2009-06-25 13:36 517,120 a------- c:\windows\system32\mqsnap.dll
2009-06-25 13:36 471,552 a------- c:\windows\system32\mqutil.dll
2009-06-25 13:36 225,280 a------- c:\windows\system32\mqoa.dll
2009-06-25 13:36 186,880 a------- c:\windows\system32\mqtrig.dll
2009-06-25 13:36 177,152 a------- c:\windows\system32\mqrt.dll
2009-06-25 13:36 138,240 a------- c:\windows\system32\mqad.dll
2009-06-25 13:36 123,392 a------- c:\windows\system32\mqrtdep.dll
2009-06-25 13:36 95,744 a------- c:\windows\system32\mqsec.dll
2009-06-25 13:36 48,640 a------- c:\windows\system32\mqupgrd.dll
2009-06-25 13:36 47,104 a------- c:\windows\system32\mqdscli.dll
2009-06-25 13:36 16,896 a------- c:\windows\system32\mqise.dll
2009-06-22 06:49 117,248 a------- c:\windows\system32\mqtgsvc.exe
2009-06-22 06:49 19,968 a------- c:\windows\system32\mqbkup.exe
2009-06-22 06:49 4,608 a------- c:\windows\system32\mqsvc.exe
2009-06-12 06:50 80,896 a------- c:\windows\system32\tlntsess.exe
2009-06-12 06:50 76,288 a------- c:\windows\system32\telnet.exe
2009-06-10 09:21 84,992 a------- c:\windows\system32\avifil32.dll
2009-06-10 01:32 132,096 a------- c:\windows\system32\wkssvc.dll
2009-06-09 10:06 1,871,872 a------- c:\windows\system32\mstscax.dll
2009-06-03 14:27 1,290,752 a------- c:\windows\system32\quartz.dll
============= FINISH: 15:50:44.96 ===============
---------------------
Below is Attach.txt
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-07-30.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/17/2007 9:32:21 PM
System Uptime: 8/23/2009 3:39:14 PM (0 hours ago)
Motherboard: ASUSTeK Computer INC. | | P5W DH Deluxe
Processor: Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz | LGA 775 | 2671/266mhz
Processor: Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz | LGA 775 | 2671/266mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 146 GiB total, 100.283 GiB free.
D: is FIXED (NTFS) - 86 GiB total, 21.055 GiB free.
E: is FIXED (FAT32) - 466 GiB total, 378.274 GiB free.
I: is CDROM ()
K: is CDROM ()
L: is Removable
M: is Removable
N: is Removable
O: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP1: 8/19/2009 9:14:34 PM - System Checkpoint
RP2: 8/22/2009 6:10:41 PM - System Checkpoint
==== Installed Programs ======================
2006 Flygt Waste Water Catalog
32 Bit HP CIO Components Installer
Adobe Acrobat 5.0
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color Common Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Reader 7.0.9
Adobe Setup
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AIO_Scan
AllToAVI v4 r5394
Anti Tracks 3.6.1
Apple Mobile Device Support
Apple Software Update
ASUS DH Remote
ASUS WiFi-AP Solo
ATX / Kleinrock Tax Products 2006 (Remove Only)
ATX / Kleinrock Tax Products 2007 (Remove Only)
Autodesk Civil Design 2006
Autodesk DWF Viewer
Autodesk Land Desktop 2006
Autodesk Survey 2006
AutoUpdate
Avidemux 2.4
AviSynth 2.5
Bentley MicroStation (V 07.01.04.07)
Bonjour
BufferChm
C7200
C7200_doccd
c7200_Help
CCH Small Firm Services 2008 (Remove Only)
CCleaner (remove only)
Copy
Creative MediaSource 5
Creative Software AutoUpdate
Creative System Information
Crystal Reports Basic Runtime for Visual Studio 2008
CustomerResearchQFolder
CutePDF Writer 2.3
Data Lifeguard Diagnostic for Windows
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
DocProc
DocProcQFolder
East-Tec Eraser 2008 Version 8.8
EOne Design Assistant 8.0
eSupportQFolder
Fax
ffdshow [rev 1425] [2007-08-17]
Flyps 3.1
Forté Agent
Google Earth
Google Update Helper
Guitar Pro 5.0
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB928388)
Hotfix for Windows XP (KB929120)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HP Customer Participation Program 9.0
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Smart Web Printing
HP Solution Center 9.0
HP Update
HPProductAssistant
HPSSupply
iTunes
Java(TM) 6 Update 16
K-Lite Codec Pack 2.53 Full
LCC
LightScribe Applications
Logitech iTouch Software
Logitech MouseWare 9.79.1
Malwarebytes' Anti-Malware
MarketResearch
Marvell Miniport Driver
McAfee SecurityCenter
Medic Patch 6.0.0.8
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Visio Professional 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
Mozilla Firefox (2.0.0.3)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
Multimedia Card Reader
Nero 7 Ultra Edition
Network Magic
NVIDIA Drivers
PanoStandAlone
PDF2Word v1.3
PerfectDisk 2008 Professional
PlayFLV
PowerCinema
PowerDVD
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_min
PSSWCORE
QuickPar 0.9
QuickTime
Real Alternative 1.52
RssBandit
Safari
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile Composite Device Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3
Scan
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917537)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
SFS W2/1099 Printer
Shop for HP Supplies
SnagIt 7
SolutionCenter
Sound Blaster X-Fi Xtreme Audio
Spybot - Search & Destroy
Status
Toolbox
TrayApp
UnloadSupport
Update for Windows XP (KB894391)
Update for Windows XP (KB896256)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB925876)
Update for Windows XP (KB929338)
Update for Windows XP (KB931836)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB973815)
USB Storage Driver
Videora iPhone Converter 4.07
VideoToolkit01
ViewSonic Monitor Drivers
Virtual Earth 3D (Beta)
WebFldrs XP
WebReg
WIDCOMM Bluetooth Software
Winamp
WinAVI Video Converter 9.0
WinAVIVideoConverter
Windows Driver Package - Pure Networks, Inc. Network Magic Device Discovery Driver (03/23/2007 4.1.7082.0)
Windows Driver Package - Pure Networks, Inc. Network Magic Wireless Driver (03/23/2007 4.1.7082.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Media Connect
Windows Media Format Runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
WinSCP 4.2.1 beta
WinVNKey for NT
WinZip
YouTube Downloader App 1.02
==== Event Viewer Messages From Past Week ========
8/19/2009 9:07:19 PM, error: atapi [9] - The device, \Device\Ide\IdePort3, did not respond within the timeout period.
8/19/2009 11:12:31 PM, error: sptd [4] - Driver detected an internal error in its data structures for .
8/18/2009 9:50:53 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
8/18/2009 8:56:10 PM, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: The system cannot find the file specified.
8/18/2009 8:56:03 PM, error: SRService [104] - The System Restore initialization process failed.
8/18/2009 8:42:07 PM, error: Service Control Manager [7031] - The McAfee SystemGuards service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/17/2009 9:11:12 PM, error: System Error [1003] - Error code 1000000a, parameter1 00000023, parameter2 00000002, parameter3 00000000, parameter4 804fa4b2.
8/17/2009 7:50:35 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Beep Fips intelppm IPSec mfehidk MPFP MRxSmb NetBIOS NetBT RasAcd Rdbss sptd StarOpen Tcpip
8/17/2009 7:50:20 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
8/17/2009 12:35:13 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
8/17/2009 12:32:32 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/17/2009 12:32:29 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
8/16/2009 11:59:46 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McShield with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
8/16/2009 11:59:46 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McNASvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
8/16/2009 11:57:08 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Beep Fips intelppm IPSec mfehidk MPFP MRxSmb NetBIOS NetBT RasAcd Rdbss StarOpen Tcpip
8/16/2009 11:57:08 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
8/16/2009 11:57:08 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/16/2009 11:57:08 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/16/2009 11:57:08 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
8/16/2009 11:57:08 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/16/2009 11:57:08 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/16/2009 11:43:03 PM, information: Windows File Protection [64005] - The protected system file beep.sys was not restored to its original, valid version because the Windows File Protection restoration process was cancelled by user interaction, user name is Administrator. The file version of the bad file is unknown.
==== End Of File ===========================