Inactive PC is busy doing something else.

thudpucker · 2010/10/19

[Inactive] PC is busy doing something else.

I have arrived here from instructions from the XP board.
The Condition is real bad some times, and not bad other times. I cant link it to anything I did, but my Grandaughter get's her Homework done on my PC.

So I went to the site I was told to, got the two files on my Desktop.
And now here they are in this posting. I dont know about Zip! Sorry.

This is the first of Two logs:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-10-10.03)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 3/2/2009 3:27:25 PM
System Uptime: 10/16/2010 7:44:35 PM (55 hours ago)

Motherboard: ASUSTeK Computer INC. | | M2N-MX
Processor: AMD Athlon(tm) 64 Processor 3800+ | CPU 1 | 2410/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 105.671 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP599: 7/21/2010 8:51:21 AM - Avg Update
RP600: 7/22/2010 9:54:14 AM - System Checkpoint
RP601: 7/23/2010 1:40:49 AM - Installed Windows Media Player 11
RP602: 7/24/2010 1:42:39 AM - System Checkpoint
RP603: 7/25/2010 1:54:11 AM - System Checkpoint
RP604: 7/26/2010 4:46:56 AM - System Checkpoint
RP605: 7/26/2010 5:14:45 PM - Software Distribution Service 3.0
RP606: 7/27/2010 5:39:59 PM - System Checkpoint
RP607: 7/28/2010 6:05:08 PM - System Checkpoint
RP608: 7/29/2010 7:10:54 PM - System Checkpoint
RP609: 7/30/2010 7:33:36 PM - System Checkpoint
RP610: 7/31/2010 8:33:36 PM - System Checkpoint
RP611: 8/1/2010 9:37:41 AM - Software Distribution Service 3.0
RP612: 8/2/2010 9:39:05 AM - System Checkpoint
RP613: 8/3/2010 10:37:57 AM - System Checkpoint
RP614: 8/4/2010 2:58:08 PM - System Checkpoint
RP615: 8/5/2010 3:08:56 PM - System Checkpoint
RP616: 8/6/2010 3:57:48 PM - System Checkpoint
RP617: 8/7/2010 1:08:53 PM - Software Distribution Service 3.0
RP618: 8/8/2010 1:10:47 PM - System Checkpoint
RP619: 8/9/2010 2:53:39 PM - System Checkpoint
RP620: 8/10/2010 3:55:03 PM - System Checkpoint
RP621: 8/11/2010 11:15:49 AM - Software Distribution Service 3.0
RP622: 8/12/2010 11:19:50 AM - System Checkpoint
RP623: 8/13/2010 12:19:49 PM - System Checkpoint
RP624: 8/14/2010 12:36:03 PM - System Checkpoint
RP625: 8/14/2010 7:02:50 PM - Removed Google SketchUp Pro 7
RP626: 8/14/2010 7:05:18 PM - Removed WeatherBug
RP627: 8/14/2010 8:40:42 PM - Removed hp psc 1200 series
RP628: 8/14/2010 9:36:04 PM - Installed Google SketchUp
RP629: 8/14/2010 9:37:24 PM - Configured Google SketchUp
RP630: 8/14/2010 9:49:52 PM - Installed hp psc 1200 series
RP631: 8/15/2010 4:08:11 AM - Installed Google SketchUp 7
RP632: 8/15/2010 9:11:41 PM - Software Distribution Service 3.0
RP633: 8/16/2010 10:03:42 PM - System Checkpoint
RP634: 8/17/2010 10:41:53 PM - System Checkpoint
RP635: 8/18/2010 11:19:03 PM - System Checkpoint
RP636: 8/20/2010 1:35:59 AM - System Checkpoint
RP637: 8/21/2010 2:38:08 AM - System Checkpoint
RP638: 8/22/2010 6:17:48 AM - System Checkpoint
RP639: 8/23/2010 4:20:34 AM - Installed Windows Media Player 11
RP640: 8/24/2010 5:02:04 AM - System Checkpoint
RP641: 8/25/2010 6:02:00 AM - System Checkpoint
RP642: 8/26/2010 12:30:46 PM - System Checkpoint
RP643: 8/27/2010 1:28:15 PM - System Checkpoint
RP644: 8/28/2010 2:54:59 PM - System Checkpoint
RP645: 8/29/2010 3:02:33 PM - System Checkpoint
RP646: 8/30/2010 4:02:36 PM - System Checkpoint
RP647: 8/31/2010 4:08:06 PM - System Checkpoint
RP648: 9/1/2010 8:01:49 PM - System Checkpoint
RP649: 9/2/2010 9:29:53 PM - System Checkpoint
RP650: 9/3/2010 10:41:34 PM - System Checkpoint
RP651: 9/4/2010 11:23:59 PM - System Checkpoint
RP652: 9/6/2010 12:44:56 AM - System Checkpoint
RP653: 9/7/2010 3:59:44 AM - System Checkpoint
RP654: 9/8/2010 5:23:11 AM - System Checkpoint
RP655: 9/8/2010 10:46:11 PM - Avg Update
RP656: 9/9/2010 11:23:58 PM - System Checkpoint
RP657: 9/10/2010 11:57:12 PM - System Checkpoint
RP658: 9/11/2010 7:05:44 PM - Software Distribution Service 3.0
RP659: 9/12/2010 7:38:03 PM - System Checkpoint
RP660: 9/13/2010 8:36:53 PM - System Checkpoint
RP661: 9/14/2010 8:57:42 PM - System Checkpoint
RP662: 9/15/2010 9:27:15 PM - System Checkpoint
RP663: 9/16/2010 11:06:03 PM - System Checkpoint
RP664: 9/17/2010 11:27:17 PM - System Checkpoint
RP665: 9/18/2010 12:12:44 PM - Software Distribution Service 3.0
RP666: 9/19/2010 12:20:32 PM - System Checkpoint
RP667: 9/20/2010 12:25:40 PM - System Checkpoint
RP668: 9/21/2010 3:01:46 PM - System Checkpoint
RP669: 9/22/2010 3:54:38 PM - System Checkpoint
RP670: 9/23/2010 9:07:45 AM - Avg Update
RP671: 9/23/2010 9:09:29 AM - Avg Update
RP672: 9/24/2010 9:54:38 AM - System Checkpoint
RP673: 9/25/2010 10:54:25 AM - System Checkpoint
RP674: 9/26/2010 12:30:01 PM - System Checkpoint
RP675: 9/27/2010 12:45:40 PM - System Checkpoint
RP676: 9/27/2010 2:09:00 PM - Installed Registry Reviver.
RP677: 9/28/2010 2:46:48 PM - System Checkpoint
RP678: 9/29/2010 3:45:43 PM - System Checkpoint
RP679: 9/30/2010 4:37:31 PM - System Checkpoint
RP680: 10/1/2010 5:12:57 PM - System Checkpoint
RP681: 10/3/2010 12:05:24 AM - System Checkpoint
RP682: 10/4/2010 1:05:29 AM - System Checkpoint
RP683: 10/5/2010 1:56:27 AM - System Checkpoint
RP684: 10/5/2010 8:40:29 AM - Avg Update
RP685: 10/6/2010 9:12:52 AM - System Checkpoint
RP686: 10/7/2010 10:12:55 AM - System Checkpoint
RP687: 10/8/2010 11:12:54 AM - System Checkpoint
RP688: 10/9/2010 12:40:33 PM - System Checkpoint
RP689: 10/10/2010 12:50:09 PM - System Checkpoint
RP690: 10/11/2010 2:19:34 PM - System Checkpoint
RP691: 10/12/2010 3:47:24 PM - System Checkpoint
RP692: 10/13/2010 4:47:09 PM - System Checkpoint
RP693: 10/14/2010 5:12:24 PM - System Checkpoint
RP694: 10/15/2010 4:50:52 PM - Installed Java(TM) 6 Update 22
RP695: 10/15/2010 4:51:31 PM - Installed Java Runtime Environment
RP696: 10/15/2010 4:52:10 PM - Software Distribution Service 3.0
RP697: 10/16/2010 5:11:10 PM - System Checkpoint
RP698: 10/17/2010 6:14:52 PM - System Checkpoint
RP699: 10/18/2010 6:50:17 PM - System Checkpoint

==== Installed Programs ======================

Acrobat.com
Adobe AIR
Adobe Color Common Settings
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.0
Adobe Setup
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Athlon 64 Processor Driver
AusLogics Disk Defrag
AVG Free 9.0
Belarc Advisor 8.1
Bonjour
Carbonite Online Backup Setup
CoreAAC
Free Training via AppDev OnDemand 2.4.3.0
Gimp 2.6.2 Debug
Google Earth Plug-in
Google SketchUp
Google SketchUp 7
Google Update Helper
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB945282)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946040)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946308)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946344)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947540)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947789)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB948127)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB951708)
Hotfix for Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU (KB945282)
Hotfix for Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU (KB946040)
Hotfix for Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU (KB946308)
Hotfix for Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU (KB946344)
Hotfix for Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU (KB946581)
Hotfix for Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU (KB947540)
Hotfix for Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU (KB947789)
Hotfix for Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU (KB951708)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
HP Memories Disc
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 1200 series
hp psc 1200 series
Indeo® Software
iTunes
J2SE Runtime Environment 5.0 Update 17
Java Auto Updater
Java(TM) 6 Update 22
Junk Mail filter update
K-Lite Codec Pack 3.2.0 Full
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Image Composite Editor
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft Search Enhancement Pack
Microsoft Security Assessment Tool 4.0
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Management Objects
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files (English)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server Database Publishing Wizard 1.3
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual Studio Web Authoring Component
Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU
Microsoft Web Platform Installer 2.0
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Web - enu
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
MobileMe Control Panel
Mozilla Firefox (3.6.10)
MSN
MSN Toolbar
MSVCRT
MSXML 6.0 Parser (KB933579)
Nero Suite
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
OpenOffice.org 3.2
PIXresizer 2.0.4
PowerDVD
QuickTime
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Segoe UI
SIW version 2009.10.22
SoundMAX
Sql Server Customer Experience Improvement Program
SQL Server System CLR Types
Uniblue RegistryBooster 2010
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Visual Studio Web Authoring Component (KB945140)
Update for Outlook 2007 Junk Email Filter (kb2410711)
WebFldrs XP
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WinPatrol 2009
XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages From Past Week ========

10/16/2010 8:45:28 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
10/15/2010 4:38:16 PM, error: DCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

==== End Of File ===========================

this is the other log.

DDS (Ver_10-10-10.03) - NTFSx86
Run by Dick Hopkins at 2:42:34.43 on Tue 10/19/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.895.97 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ActiveArmor Firewall *disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\freecell.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Gimp-2.0\bin\gimp-2.6.exe
C:\Program Files\Gimp-2.0\lib\gimp\2.0\plug-ins\script-fu.exe
C:\Documents and Settings\Dick Hopkins\Desktop\drawing n 3D programs\pencil-0.4.4b-win\Pencil.exe
C:\Program Files\AVG\AVG9\avgscanx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Documents and Settings\Dick Hopkins\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://mail.google.com/mail/#inbox
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com/ie
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [InCD] c:\program files\ahead\incd\InCD.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe "
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc1~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpohmr08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\dickho~1\applic~1\mozilla\firefox\profiles\a2l61bav.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-USfficial
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbaam7a8h ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-3-3 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-3-3 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-3-3 243024]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-3-12 308136]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-7-16 54760]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-2 136176]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-10 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-10 369688]

=============== Created Last 30 ================

2010-10-15 21:51:37 -------- d-----w- c:\program files\Carbonite
2010-09-27 18:51:42 -------- d-----w- c:\docume~1\dickho~1\locals~1\applic~1\OpenCandy
2010-09-27 18:51:27 -------- d-----w- c:\docume~1\dickho~1\applic~1\OpenCandy
2010-09-27 18:51:25 -------- d-----w- c:\program files\SIW
2010-09-26 17:09:59 -------- d-----w- c:\program files\iPod
2010-09-26 17:04:09 -------- d-----w- c:\program files\Bonjour
2010-09-22 23:10:52 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2010-09-22 23:10:52 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

==================== Find3M ====================

2010-09-15 09:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 07:29:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-08 16:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 16:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-08-16 02:15:08 8573648 ----a-w- C:\Firefox Setup 3.6.8.exe
2010-07-27 23:44:10 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 23:44:10 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-27 03:34:20 33850672 ----a-w- C:\QuickTimeInstaller.exe
2010-04-23 03:13:57 24446752 -c--a-w- c:\program files\gimp-help-2-2.6.0-en-setup.exe

============= FINISH: 2:43:49.92 ===============

broni · 2010/10/20

STEP 1. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam.php to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
Alternative downloads:
- http://majorgeeks.com/GMER_d5198.html
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
Do NOT use the computer while GMER is running!
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

STEP 3. Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

thudpucker · 2010/10/20

OK, before I do any of that, I should tell you that I think I did that before, a few months ago, and the Log from that episode may still be in my PC somewhere.

So should I proceed with the instructions, or try something else first?

broni · 2010/10/20

Any old log won't do. We need to rescan your computer.

Log in or Sign up

Inactive PC is busy doing something else.

thudpucker Inactive Thread Starter

broni Moderator Malware Analyst

thudpucker Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Inactive PC is busy doing something else.

thudpucker Inactive Thread Starter

broni Moderator Malware Analyst

thudpucker Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches