Computer running slow

[om343]

I have the free version. Is there *any* way I can do any repairs from here?

 

Or do I have to spring for the PRO version (which is the indication I get from the program)? If so, this software ain't free, and the advertizing hype is just that.

 

I'm new here and not sure if this is the right place to post. I bought the license and ran the software but my system still takes forever to do anything. I disabled most startup items, uninstalled some software, got rid of desktop icons, and waited over 16 hours for defrag. Until 2 weeks ago this computer ran like a clock then for some reason slowed down to a snails pace. I've tried some of the fixes from this forum and did some things that tech support told me to do but nothing helped. I'm attaching some information.

[om343]

Computer running slow

 

* IObit Malware Fighter log

* Both DDS logs

 

Hope I did this right

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by John Agrelo at 15:36:12 on 2012-07-24

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1320 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Firewall *Enabled*

.

============== Running Processes ===============

.

C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\Ati2evxx.exe

svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Roxio\BackOnTrack\App\SaibSVC.exe

C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Roxio\BackOnTrack\App\BService.exe

C:\Program Files\Real\RealUpgrade\realupgrade.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Program Files\McAfee\VirusScan\mcods.exe

C:\WINDOWS\system32\mfevtps.exe

C:\Program Files\McAfee Online Backup\MOBKbackup.exe

C:\Program Files\Dantz\Retrospect\retrorun.exe

C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe

C:\PROGRAM FILES\COMMON FILES\ADOBE\ARM\1.0\ADOBEARM.EXE

C:\WINDOWS\system32\WDBTNMGR.EXE

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Roxio\CinePlayer\5.0\CPMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Topmost Clock\TopMostClock.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\StkASv2K.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\System32\vssvc.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://entertainment.verizon.com/news/

uWindow Title = Internet Explorer, optimized for Bing and MSN

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120625152605.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [TopmostClock] c:\program files\topmost clock\TopMostClock.exe

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [CPMonitor] "c:\program files\roxio\cineplayer\5.0\CPMonitor.exe"

mRun: [userFaultCheck] %systemroot%\system32\dumprep 0 -u

IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM

IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM

IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM

IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM

IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM

IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1332162711748

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{C881E740-4EFE-4102-B86A-7835EB202216} : DhcpNameServer = 192.168.2.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Notify: AtiExtEvent - Ati2evxx.dll

Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

.

============= SERVICES / DRIVERS ===============

.

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2012-4-26 99856]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-6-5 57600]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-4-26 1691480]

S3 AVC2310F;AVC-2310/AVC-2210 USB Loader;c:\windows\system32\drivers\avcuwfl.sys [2012-3-24 18644]

S3 AvcUWilo;Adaptec AVC-2210/2310 USB Device;c:\windows\system32\drivers\avcuwilo.sys [2012-3-24 51166]

.

=============== Created Last 30 ================

.

2012-07-24 08:45:58 -------- d-----w- c:\windows\LastGood.Tmp

2012-07-22 13:02:10 -------- d-----w- c:\program files\Speccy

2012-07-20 18:50:42 -------- d-----w- C:\992cfaf0818e6f1eddc4

2012-07-20 17:41:05 21376 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2012-07-20 13:11:49 -------- d-----w- c:\documents and settings\all users\application data\IObit

2012-07-20 13:07:28 -------- d-----w- c:\program files\IObit

2012-07-19 19:04:40 -------- d-----w- c:\documents and settings\john agrelo\application data\addpcs

2012-07-19 17:27:34 -------- d-----w- c:\program files\Temp File Cleaner

2012-07-19 12:10:01 -------- d-----w- c:\documents and settings\john agrelo\application data\Speeding Up My PC

2012-07-19 12:10:01 -------- d-----w- c:\documents and settings\john agrelo\application data\RegistryKeys

2012-07-06 14:33:00 -------- d-----w- c:\documents and settings\john agrelo\application data\McAfee

2012-07-01 17:55:02 5504 -c--a-w- c:\windows\system32\dllcache\intelide.sys

2012-07-01 17:55:02 38784 -c--a-w- c:\windows\system32\dllcache\io8.sys

2012-07-01 17:55:01 16000 -c--a-w- c:\windows\system32\dllcache\ini910u.sys

2012-07-01 17:55:01 13056 -c--a-w- c:\windows\system32\dllcache\inport.sys

2012-07-01 17:53:59 455680 -c--a-w- c:\windows\system32\dllcache\fus2base.sys

2012-07-01 17:52:59 614429 -c--a-w- c:\windows\system32\dllcache\digiview.exe

2012-07-01 17:51:59 74240 -c--a-w- c:\windows\system32\dllcache\camexo20.dll

2012-07-01 17:50:59 46464 -c--a-w- c:\windows\system32\dllcache\atibt829.sys

2012-06-30 13:38:32 -------- d-----w- c:\documents and settings\john agrelo\application data\inkscape

2012-06-30 13:30:31 -------- d-----w- c:\program files\Inkscape

2012-06-28 14:32:58 -------- d-----w- c:\documents and settings\all users\PSU

2012-06-28 13:26:22 430080 ----a-w- c:\windows\system32\DKADIQcomc.dll

2012-06-28 13:26:21 204800 ----a-w- c:\windows\system32\DKADIQinpa.dll

2012-06-28 13:26:21 1024000 ----a-w- c:\windows\system32\DKADIQlang.dll

2012-06-28 13:25:42 430080 ----a-w- c:\windows\system32\DKFX1Ncomc.dll

2012-06-28 13:25:41 204800 ----a-w- c:\windows\system32\DKFX1Ninpa.dll

2012-06-28 13:25:41 1024000 ----a-w- c:\windows\system32\DKFX1Nlang.dll

2012-06-28 13:25:12 421888 ----a-w- c:\windows\system32\lexlog.dll

2012-06-28 13:22:27 -------- d-----w- c:\documents and settings\john agrelo\local settings\application data\ABBYY

2012-06-28 13:21:36 -------- d-----w- c:\program files\common files\ABBYY

2012-06-28 13:21:36 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint

2012-06-28 13:21:36 -------- d-----w- c:\documents and settings\all users\application data\ABBYY

2012-06-28 13:20:25 -------- d-----w- c:\program files\Dell

2012-06-28 13:19:52 -------- d-----w- c:\program files\Dell V720 Series

2012-06-27 22:53:44 181760 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\DKADIQ4C.DLL

2012-06-27 22:53:08 181760 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\DKFX1N4C.DLL

2012-06-27 22:52:07 -------- d-----w- c:\documents and settings\all users\gn_Logs

2012-06-27 22:48:58 -------- d-----w- c:\documents and settings\all users\ADI

.

==================== Find3M ====================

.

2012-07-19 14:56:26 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2012-07-12 18:26:24 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-12 18:26:24 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-22 15:53:57 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-06-22 15:53:56 476936 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-06-22 15:53:56 472840 ----a-w- c:\windows\system32\deployJava1.dll

2012-06-18 12:10:15 17801 ----a-w- c:\windows\system32\drivers\AegisP.sys

2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:50:25 1372672 ------w- c:\windows\system32\msxml6.dll

2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 19:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 19:18:58 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 19:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-29 11:21:53 499712 ----a-w- c:\windows\system32\msvcp71.dll

2012-05-29 11:21:53 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll

2012-05-11 14:42:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec

2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

============= FINISH: 15:51:18.15 ===============

[om343]

Computer running slow

 

* IObit Malware Fighter log

* Both DDS logs

 

Hope I did this right

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by John Agrelo at 15:36:12 on 2012-07-24

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1320 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Firewall *Enabled*

.

============== Running Processes ===============

.

C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\Ati2evxx.exe

svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Roxio\BackOnTrack\App\SaibSVC.exe

C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Roxio\BackOnTrack\App\BService.exe

C:\Program Files\Real\RealUpgrade\realupgrade.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Program Files\McAfee\VirusScan\mcods.exe

C:\WINDOWS\system32\mfevtps.exe

C:\Program Files\McAfee Online Backup\MOBKbackup.exe

C:\Program Files\Dantz\Retrospect\retrorun.exe

C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe

C:\PROGRAM FILES\COMMON FILES\ADOBE\ARM\1.0\ADOBEARM.EXE

C:\WINDOWS\system32\WDBTNMGR.EXE

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Roxio\CinePlayer\5.0\CPMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Topmost Clock\TopMostClock.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\StkASv2K.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\System32\vssvc.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://entertainment.verizon.com/news/

uWindow Title = Internet Explorer, optimized for Bing and MSN

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120625152605.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [TopmostClock] c:\program files\topmost clock\TopMostClock.exe

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [CPMonitor] "c:\program files\roxio\cineplayer\5.0\CPMonitor.exe"

mRun: [userFaultCheck] %systemroot%\system32\dumprep 0 -u

IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM

IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM

IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM

IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM

IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM

IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1332162711748

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{C881E740-4EFE-4102-B86A-7835EB202216} : DhcpNameServer = 192.168.2.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Notify: AtiExtEvent - Ati2evxx.dll

Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

.

============= SERVICES / DRIVERS ===============

.

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2012-4-26 99856]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-6-5 57600]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-4-26 1691480]

S3 AVC2310F;AVC-2310/AVC-2210 USB Loader;c:\windows\system32\drivers\avcuwfl.sys [2012-3-24 18644]

S3 AvcUWilo;Adaptec AVC-2210/2310 USB Device;c:\windows\system32\drivers\avcuwilo.sys [2012-3-24 51166]

.

=============== Created Last 30 ================

.

2012-07-24 08:45:58 -------- d-----w- c:\windows\LastGood.Tmp

2012-07-22 13:02:10 -------- d-----w- c:\program files\Speccy

2012-07-20 18:50:42 -------- d-----w- C:\992cfaf0818e6f1eddc4

2012-07-20 17:41:05 21376 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2012-07-20 13:11:49 -------- d-----w- c:\documents and settings\all users\application data\IObit

2012-07-20 13:07:28 -------- d-----w- c:\program files\IObit

2012-07-19 19:04:40 -------- d-----w- c:\documents and settings\john agrelo\application data\addpcs

2012-07-19 17:27:34 -------- d-----w- c:\program files\Temp File Cleaner

2012-07-19 12:10:01 -------- d-----w- c:\documents and settings\john agrelo\application data\Speeding Up My PC

2012-07-19 12:10:01 -------- d-----w- c:\documents and settings\john agrelo\application data\RegistryKeys

2012-07-06 14:33:00 -------- d-----w- c:\documents and settings\john agrelo\application data\McAfee

2012-07-01 17:55:02 5504 -c--a-w- c:\windows\system32\dllcache\intelide.sys

2012-07-01 17:55:02 38784 -c--a-w- c:\windows\system32\dllcache\io8.sys

2012-07-01 17:55:01 16000 -c--a-w- c:\windows\system32\dllcache\ini910u.sys

2012-07-01 17:55:01 13056 -c--a-w- c:\windows\system32\dllcache\inport.sys

2012-07-01 17:53:59 455680 -c--a-w- c:\windows\system32\dllcache\fus2base.sys

2012-07-01 17:52:59 614429 -c--a-w- c:\windows\system32\dllcache\digiview.exe

2012-07-01 17:51:59 74240 -c--a-w- c:\windows\system32\dllcache\camexo20.dll

2012-07-01 17:50:59 46464 -c--a-w- c:\windows\system32\dllcache\atibt829.sys

2012-06-30 13:38:32 -------- d-----w- c:\documents and settings\john agrelo\application data\inkscape

2012-06-30 13:30:31 -------- d-----w- c:\program files\Inkscape

2012-06-28 14:32:58 -------- d-----w- c:\documents and settings\all users\PSU

2012-06-28 13:26:22 430080 ----a-w- c:\windows\system32\DKADIQcomc.dll

2012-06-28 13:26:21 204800 ----a-w- c:\windows\system32\DKADIQinpa.dll

2012-06-28 13:26:21 1024000 ----a-w- c:\windows\system32\DKADIQlang.dll

2012-06-28 13:25:42 430080 ----a-w- c:\windows\system32\DKFX1Ncomc.dll

2012-06-28 13:25:41 204800 ----a-w- c:\windows\system32\DKFX1Ninpa.dll

2012-06-28 13:25:41 1024000 ----a-w- c:\windows\system32\DKFX1Nlang.dll

2012-06-28 13:25:12 421888 ----a-w- c:\windows\system32\lexlog.dll

2012-06-28 13:22:27 -------- d-----w- c:\documents and settings\john agrelo\local settings\application data\ABBYY

2012-06-28 13:21:36 -------- d-----w- c:\program files\common files\ABBYY

2012-06-28 13:21:36 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint

2012-06-28 13:21:36 -------- d-----w- c:\documents and settings\all users\application data\ABBYY

2012-06-28 13:20:25 -------- d-----w- c:\program files\Dell

2012-06-28 13:19:52 -------- d-----w- c:\program files\Dell V720 Series

2012-06-27 22:53:44 181760 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\DKADIQ4C.DLL

2012-06-27 22:53:08 181760 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\DKFX1N4C.DLL

2012-06-27 22:52:07 -------- d-----w- c:\documents and settings\all users\gn_Logs

2012-06-27 22:48:58 -------- d-----w- c:\documents and settings\all users\ADI

.

==================== Find3M ====================

.

2012-07-19 14:56:26 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2012-07-12 18:26:24 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-12 18:26:24 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-22 15:53:57 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-06-22 15:53:56 476936 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-06-22 15:53:56 472840 ----a-w- c:\windows\system32\deployJava1.dll

2012-06-18 12:10:15 17801 ----a-w- c:\windows\system32\drivers\AegisP.sys

2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:50:25 1372672 ------w- c:\windows\system32\msxml6.dll

2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 19:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 19:18:58 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 19:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-29 11:21:53 499712 ----a-w- c:\windows\system32\msvcp71.dll

2012-05-29 11:21:53 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll

2012-05-11 14:42:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec

2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

============= FINISH: 15:51:18.15 ===============

[om343]

* IObit Malware Fighter log

* Both DDS logs

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 3/19/2012 12:48:51 PM

System Uptime: 7/24/2012 3:27:22 PM (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | M3A78 PRO

Processor: AMD Athlon 64 X2 Dual Core Processor 4400+ | CPU 1 | 2305/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 466 GiB total, 414.549 GiB free.

D: is FIXED (NTFS) - 466 GiB total, 379.534 GiB free.

E: is FIXED (NTFS) - 298 GiB total, 297.59 GiB free.

F: is CDROM ()

G: is CDROM ()

H: is CDROM ()

I: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}

Description: Creative SB Live! Value (WDM)

Device ID: PCI\VEN_1102&DEV_0002&SUBSYS_80271102&REV_08\4&2966AB86&0&30A4

Manufacturer: Creative

Name: Creative SB Live! Value (WDM)

PNP Device ID: PCI\VEN_1102&DEV_0002&SUBSYS_80271102&REV_08\4&2966AB86&0&30A4

Service: emu10k

.

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}

Description: Creative SBLive! Gameport

Device ID: PCI\VEN_1102&DEV_7002&SUBSYS_00201102&REV_08\4&2966AB86&0&31A4

Manufacturer: Creative

Name: Creative SBLive! Gameport

PNP Device ID: PCI\VEN_1102&DEV_7002&SUBSYS_00201102&REV_08\4&2966AB86&0&31A4

Service: gameenum

.

==== System Restore Points ===================

.

RP136: 4/26/2012 5:39:39 AM - Software Distribution Service 3.0

RP137: 4/26/2012 10:59:45 AM - Installed Realtek High Definition Audio Driver

RP138: 4/26/2012 12:01:28 PM - Software Distribution Service 3.0

RP139: 4/26/2012 1:10:25 PM - Removed Ask Toolbar.

RP140: 4/27/2012 4:59:56 PM - System Checkpoint

RP141: 4/28/2012 5:15:02 AM - Software Distribution Service 3.0

RP142: 4/29/2012 6:56:19 AM - Software Distribution Service 3.0

RP143: 4/30/2012 8:10:45 AM - System Checkpoint

RP144: 5/1/2012 6:04:10 AM - Software Distribution Service 3.0

RP145: 5/2/2012 7:04:58 AM - Software Distribution Service 3.0

RP146: 5/3/2012 8:26:06 AM - System Checkpoint

RP147: 5/4/2012 3:41:59 AM - Software Distribution Service 3.0

RP148: 5/5/2012 7:33:17 AM - Software Distribution Service 3.0

RP149: 5/6/2012 9:16:17 AM - Software Distribution Service 3.0

RP150: 5/7/2012 10:04:04 AM - System Checkpoint

RP151: 5/8/2012 7:02:51 AM - Software Distribution Service 3.0

RP152: 5/9/2012 11:34:07 AM - System Checkpoint

RP153: 5/9/2012 7:06:52 PM - Software Distribution Service 3.0

RP154: 5/10/2012 8:29:04 AM - Software Distribution Service 3.0

RP155: 5/11/2012 4:52:53 AM - Software Distribution Service 3.0

RP156: 5/12/2012 4:40:18 AM - Software Distribution Service 3.0

RP157: 5/13/2012 6:52:39 AM - Software Distribution Service 3.0

RP158: 5/14/2012 7:21:18 AM - Software Distribution Service 3.0

RP159: 5/15/2012 9:04:39 AM - System Checkpoint

RP160: 5/16/2012 7:27:56 AM - Software Distribution Service 3.0

RP161: 5/17/2012 12:11:59 PM - System Checkpoint

RP162: 5/17/2012 2:59:43 PM - Software Distribution Service 3.0

RP163: 5/18/2012 4:10:34 PM - System Checkpoint

RP164: 5/19/2012 6:44:16 AM - Software Distribution Service 3.0

RP165: 5/20/2012 8:54:48 AM - Installed Data Lifeguard Tools

RP166: 5/20/2012 9:07:33 AM - Software Distribution Service 3.0

RP167: 5/21/2012 9:02:55 AM - Made by Regsofts

RP168: 5/22/2012 7:40:15 AM - Software Distribution Service 3.0

RP169: 5/22/2012 9:21:57 AM - Software Distribution Service 3.0

RP170: 5/23/2012 7:15:41 AM - Software Distribution Service 3.0

RP171: 5/24/2012 9:47:30 AM - System Checkpoint

RP172: 5/25/2012 6:54:38 AM - Software Distribution Service 3.0

RP173: 5/25/2012 9:41:43 AM - Installed Google SketchUp 8

RP174: 5/25/2012 9:42:08 AM - Removed Google SketchUp 8

RP175: 5/26/2012 10:35:49 AM - System Checkpoint

RP176: 5/27/2012 7:09:00 AM - Software Distribution Service 3.0

RP177: 5/28/2012 10:27:21 AM - System Checkpoint

RP178: 5/29/2012 7:14:06 AM - Software Distribution Service 3.0

RP179: 5/30/2012 8:02:07 AM - System Checkpoint

RP180: 5/31/2012 7:00:41 AM - Software Distribution Service 3.0

RP181: 6/1/2012 7:27:23 AM - Software Distribution Service 3.0

RP182: 6/2/2012 8:02:07 AM - System Checkpoint

RP183: 6/3/2012 7:13:10 AM - Software Distribution Service 3.0

RP184: 6/4/2012 5:37:33 AM - Software Distribution Service 3.0

RP185: 6/5/2012 7:25:03 AM - Software Distribution Service 3.0

RP186: 6/6/2012 8:06:13 AM - System Checkpoint

RP187: 6/6/2012 11:51:09 AM - Removed SPAMfighter.

RP188: 6/7/2012 11:52:31 AM - System Checkpoint

RP189: 6/8/2012 1:44:08 PM - System Checkpoint

RP190: 6/9/2012 2:36:42 PM - System Checkpoint

RP191: 6/10/2012 9:52:37 AM - Removed LightScribe System Software.

RP192: 6/10/2012 10:54:06 AM - Installed LightScribe System Software.

RP193: 6/10/2012 10:56:24 AM - Removed LightScribe System Software.

RP194: 6/10/2012 11:11:36 AM - Installed LightScribe System Software.

RP195: 6/10/2012 11:13:54 AM - Installed LightScribe Diagnostic Utility.

RP196: 6/11/2012 3:31:59 PM - System Checkpoint

RP197: 6/12/2012 3:34:07 PM - System Checkpoint

RP198: 6/13/2012 4:12:57 PM - System Checkpoint

RP199: 6/13/2012 7:34:21 PM - Software Distribution Service 3.0

RP200: 6/15/2012 9:23:33 AM - System Checkpoint

RP201: 6/16/2012 9:52:55 AM - System Checkpoint

RP202: 6/17/2012 10:29:10 AM - System Checkpoint

RP203: 6/17/2012 11:36:04 AM - Installed USB2.0 Capture Device

RP204: 6/17/2012 11:39:27 AM - Unsigned driver install

RP205: 6/17/2012 11:41:55 AM - Installed Ulead VideoStudio

RP206: 6/17/2012 3:25:10 PM - Installed NETGEAR WG111 Software

RP207: 6/17/2012 3:55:38 PM - Installed NETGEAR WG111 Software

RP208: 6/17/2012 4:40:53 PM - Removed NETGEAR WG111 Software

RP209: 6/17/2012 4:43:55 PM - Installed NETGEAR WG111 Software

RP210: 6/17/2012 4:51:04 PM - Removed Belkin Wireless Utility

RP211: 6/18/2012 5:45:54 AM - Installed NETGEAR WG111 Software

RP212: 6/18/2012 5:56:19 AM - Removed NETGEAR WG111 Software

RP213: 6/18/2012 6:00:15 AM - Installed NETGEAR WG111 Software

RP214: 6/18/2012 7:04:33 AM - Installed NETGEAR WG111 Software

RP215: 6/18/2012 8:09:43 AM - Installed Belkin Wireless Utility

RP216: 6/18/2012 8:24:03 AM - Unsigned driver install

RP217: 6/19/2012 10:33:07 AM - Installed Sound Blaster Audigy

RP218: 6/20/2012 10:47:39 AM - System Checkpoint

RP219: 6/21/2012 12:31:20 PM - System Checkpoint

RP220: 6/22/2012 11:53:31 AM - Removed Java 6 Update 31

RP221: 6/22/2012 11:53:38 AM - Installed Java 6 Update 33

RP222: 6/23/2012 12:06:02 PM - System Checkpoint

RP223: 6/24/2012 12:48:40 PM - System Checkpoint

RP224: 6/25/2012 3:04:50 PM - System Checkpoint

RP225: 6/26/2012 3:05:45 PM - System Checkpoint

RP226: 6/27/2012 9:18:09 AM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

RP227: 6/28/2012 11:28:13 AM - System Checkpoint

RP228: 6/29/2012 5:30:49 AM - Removed OpenOffice.org 3.3

RP229: 6/29/2012 5:32:19 AM - Installed OpenOffice.org 3.4

RP230: 6/29/2012 11:17:47 AM - Installed Family Tree Maker 2011

RP231: 6/30/2012 12:19:37 PM - System Checkpoint

RP232: 7/1/2012 12:51:23 PM - System Checkpoint

RP233: 7/2/2012 1:22:18 PM - System Checkpoint

RP234: 7/3/2012 1:41:23 PM - System Checkpoint

RP235: 7/4/2012 2:12:10 PM - System Checkpoint

RP236: 7/5/2012 2:24:39 PM - System Checkpoint

RP237: 7/6/2012 11:04:18 AM - Made by Regsofts

RP238: 7/7/2012 11:48:18 AM - System Checkpoint

RP239: 7/8/2012 2:24:49 PM - System Checkpoint

RP240: 7/10/2012 7:57:36 AM - System Checkpoint

RP241: 7/11/2012 6:25:49 AM - Software Distribution Service 3.0

RP242: 7/12/2012 8:44:43 AM - System Checkpoint

RP243: 7/13/2012 11:14:57 AM - System Checkpoint

RP244: 7/13/2012 11:22:17 AM - Made by Regsofts

RP245: 7/14/2012 12:29:21 PM - System Checkpoint

RP246: 7/15/2012 1:00:53 PM - System Checkpoint

RP247: 7/16/2012 4:08:54 PM - System Checkpoint

RP248: 7/17/2012 4:36:28 PM - System Checkpoint

RP249: 7/19/2012 6:41:35 AM - Removed ABBYY FineReader 6.0 Sprint

RP250: 7/19/2012 6:48:25 AM - Removed HP Product Detection

RP251: 7/20/2012 8:27:29 AM - Made by Regsofts

RP252: 7/20/2012 2:07:11 PM - Software Distribution Service 3.0

RP253: 7/21/2012 2:13:16 PM - System Checkpoint

RP254: 7/22/2012 3:02:41 PM - System Checkpoint

RP255: 7/23/2012 3:21:16 PM - System Checkpoint

.

==== Installed Programs ======================

.

ABBYY FineReader 9.0 Sprint

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Advanced SystemCare 5

Amazon MP3 Downloader 1.0.15

AMD Catalyst Install Manager

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI AVIVO Codecs

ATI Problem Report Wizard

Belarc Advisor 8.2

Belkin Wireless Utility

Bonjour

Calendar Creator

Camera Window DS

Canon Camera Access Library

Canon Camera Support Core Library

Canon Camera Window DC_DV 5 for ZoomBrowser EX

Canon Camera Window DC_DV 6 for ZoomBrowser EX

Canon Camera Window DS for ZoomBrowser EX

Canon Camera Window MC 6 for ZoomBrowser EX

Canon Easy-PhotoPrint EX

Canon G.726 WMP-Decoder

Canon MovieEdit Task for ZoomBrowser EX

Canon MP Navigator EX 4.0

Canon MP495 series User Registration

Canon PhotoRecord

Canon RAW Image Task for ZoomBrowser EX

Canon RemoteCapture Task for ZoomBrowser EX

Canon Utilities EOS Utility

Canon Utilities PhotoStitch 3.1

Canon Utilities ZoomBrowser EX

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Complete Legal Collection 2.1

CutePDF Writer 2.8

Data Lifeguard Diagnostic for Windows 1.24

Data Lifeguard Tools

Dell Driver Download Manager

Dell V720 Series Uninstaller

DesignPro 5

Diamond 10.1 XP Installation

DirectX 9 Runtime

eReg

Family Lawyer

Family Tree Maker 2011

FormatFactory 2.95

Free YouTube Downloader 3.5.126

Google SketchUp 8

Hallmark Card Studio 2008 Deluxe

Hewlett-Packard ACLM.NET v1.1.0.0

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Format SDK (KB902344)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB981793)

ieSpell

IHA_MessageCenter

Inkscape 0.48.2

Internet Explorer (Enable DEP)

IrfanView (remove only)

iTunes

Jasc After Shot

Java Auto Updater

Java 6 Update 33

L&H Power Translator Pro

LightScribe Diagnostic Utility

LightScribe System Software

Logitech iTouch Software

Logitech QuickCam Software

Logitech SetPoint 6.32

Logitech® Camera Driver

McAfee Internet Security

McAfee Online Backup

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Digital Image Library 9 - Blocker

Microsoft Digital Image Standard 2006

Microsoft Digital Image Standard 2006 Editor

Microsoft Digital Image Standard 2006 Library

Microsoft Download Manager

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Primary Interoperability Assemblies 2005

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Web Publishing Wizard 1.52

Microsoft Word 2002

Microsoft Works

Microsoft Works Suite 2006 Setup Launcher

Microsoft Works Suite Add-in for Microsoft Word

Microsoft WSE 3.0 Runtime

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Omron Health Management Software

OpenOffice.org 3.4

Paint Shop Pro 7

PhotoStitch

PosteRazor

PrintMaster Platinum 18

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

RemoteCapture Task 1.1

Retrospect 6.5

Roxio BackOnTrack

Roxio Burn

Roxio CinePlayer

Roxio CinePlayer Decoder Pack

Roxio Creator 2011

Roxio Creator 2011 Content

Roxio PhotoShow

Roxio Video Capture USB

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

SmartSound Common Data

SmartSound Quicktracks 5

Sonic MyDVD

Sound Blaster Live! Value

Sound Blaster Live! Web 2K/XP

Speccy

Topmost Clock

Ulead VideoStudio SE DVD

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

USB2.0 Capture Device

VC 9.0 Runtime

Video Capture USB

Visual C++ 8.0 CRT (x86) WinSXS MSM

Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM

Vz In Home Agent

WebFldrs XP

Windows Driver Package - Printer Printer (11/18/2009 1.7.0.0)

Windows Driver Package - Roxio Technology (USB28xxBGA) Media (11/14/2008 5.8.0912.1114)

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Encoder 9 Series

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows XP Service Pack 3

WinZip

Works Upgrade

.

==== Event Viewer Messages From Past Week ========

.

7/24/2012 3:25:16 PM, error: Service Control Manager [7034] - The Ulead Burning Helper service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:16 PM, error: Service Control Manager [7034] - The Syntek STK1160 Service service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:16 PM, error: Service Control Manager [7034] - The SmartLinkService service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:16 PM, error: Service Control Manager [7034] - The RoxMediaDB13 service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:15 PM, error: Service Control Manager [7034] - The Retrospect WD Service service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:15 PM, error: Service Control Manager [7034] - The Retrospect Launcher service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:14 PM, error: Service Control Manager [7034] - The McAfee Online Backup service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:13 PM, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:13 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:13 PM, error: Service Control Manager [7034] - The IHA_MessageCenter service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:13 PM, error: Service Control Manager [7034] - The BOT4Service service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:13 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:13 PM, error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/24/2012 3:25:13 PM, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/24/2012 3:25:13 PM, error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/24/2012 3:25:13 PM, error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/24/2012 3:25:13 PM, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/24/2012 3:25:13 PM, error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/24/2012 3:25:13 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/24/2012 3:25:12 PM, error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:10 PM, error: Service Control Manager [7034] - The ABBYY FineReader 9.0 Sprint Licensing Service service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:09 PM, error: Service Control Manager [7034] - The Roxio SAIB Service service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:08 PM, error: Service Control Manager [7034] - The Broadcom Wireless LAN Tray Service service terminated unexpectedly. It has done this 1 time(s).

7/24/2012 3:25:08 PM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).

7/22/2012 7:50:59 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 12 service to connect.

7/22/2012 7:50:59 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Microsoft Antimalware Service service to connect.

7/22/2012 7:50:59 AM, error: Service Control Manager [7001] - The Canon Camera Access Library 8 service depends on the SSDP Discovery Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

7/22/2012 7:50:59 AM, error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

7/21/2012 9:35:50 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

7/21/2012 9:28:09 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}

7/21/2012 9:21:46 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the McNaiAnn service.

7/21/2012 9:21:14 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the mcmscsvc service.

7/21/2012 9:20:08 AM, error: Service Control Manager [7022] - The McAfee McShield service hung on starting.

7/21/2012 6:45:55 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Schedule service.

7/21/2012 6:45:55 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the McAfee SiteAdvisor Service service.

7/21/2012 4:44:25 PM, error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

7/20/2012 9:25:31 AM, error: Service Control Manager [7034] - The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).

7/20/2012 12:02:21 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.

7/19/2012 11:59:16 AM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

7/19/2012 11:59:14 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.

7/19/2012 11:58:26 AM, error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

7/19/2012 11:58:25 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Volume Shadow Copy service to connect.

7/19/2012 11:57:51 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

7/18/2012 8:05:03 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.

7/18/2012 7:45:58 AM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.

.

==== End Of File ===========================

[Melvin_Deal]

Hi om343... welcome here!

 

You did well!;-)

 

Please wait for SuperDave to assist you. He is very busy on multiple forums so please be patient.

 

Sincerely,

-Mel

Live long and prosper!

[Superdave]

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

 

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

 

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*************************************************************

SUPERAntiSpyware

 

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

 

Download SuperAntispyware Free Edition (SAS)

* Double-click the icon on your desktop to run the installer.

* When asked to Update the program definitions, click Yes

* If you encounter any problems while downloading the updates, manually download and unzip them from here

* Next click the Preferences button.

 

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts

* Click the Scanning Control tab.

* Under Scanner Options make sure only the following are checked:

 

•Close browsers before scanning

•Scan for tracking cookies

•Terminate memory threats before quarantining

•Please leave the others unchecked

 

•Click the Close button to leave the control center screen.

 

* On the main screen click Scan your computer

* On the left check the box for the drive you are scanning.

* On the right choose Perform Complete Scan

* Click Next to start the scan. Please be patient while it scans your computer.

* After the scan is complete a summary box will appear. Click OK

* Make sure everything in the white box has a check next to it, then click Next

* It will quarantine what it found and if it asks if you want to reboot, click Yes

 

•To retrieve the removal information please do the following:

•After reboot, double-click the SUPERAntiSpyware icon on your desktop.

•Click Preferences. Click the Statistics/Logs tab.

 

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

 

•It will open in your default text editor (preferably Notepad).

•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

 

* Save the log somewhere you can easily find it. (normally the desktop)

* Click close and close again to exit the program.

*Copy and Paste the log in your post.

*********************************************

 

 

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• Please save the log to a location you will remember.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the entire report in your next reply.

Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

********************************************************

Please download aswMBR.exe ( 511KB ) to your desktop.

 

Double click the aswMBR.exe to run it

 

http://i424.photobucket.com/albums/pp322/digistar/aswMBR_Scan.jpg

 

Click the "Scan" button to start scan

 

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

 

http://i424.photobucket.com/albums/pp322/digistar/aswMBR_SaveLog.png

 

On completion of the scan click save log, save it to your desktop and post in your next reply.

[om343]

It took the better part of two days to complete the scans. no difference yet.

 

Malwarebytes Anti-Malware (Trial) 1.62.0.1300

http://www.malwarebytes.org

 

Database version: v2012.07.26.11

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

John Agrelo :: YOUR-7A73B1DAD8 [administrator]

 

Protection: Disabled

 

7/26/2012 3:14:49 PM

mbam-log-2012-07-27 (06-53-31).txt

 

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 332038

Time elapsed: 5 hour(s), 54 minute(s), 5 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 2

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE} (PUP.BlekkoSearchBar) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE} (PUP.BlekkoSearchBar) -> No action taken.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 5

C:\New Stuff\oi_CuteWriterzip.exe (PUP.BundleInstaller.OI) -> No action taken.

C:\New Stuff\SoftonicDownloader_for_format-factory.exe (PUP.ToolbarDownloader) -> No action taken.

C:\Documents and Settings\John Agrelo\Desktop\Wagner\ac3filter_app_1200.exe (PUP.BundleOffers.IIQ) -> No action taken.

C:\Documents and Settings\John Agrelo\Desktop\Wagner\Audacity.exe (PUP.BundleOffers.IIQ) -> No action taken.

C:\Documents and Settings\John Agrelo\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> No action taken.

 

(end)

[om343]

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 07/27/2012 at 12:01 PM

 

Application Version : 5.5.1012

 

Core Rules Database Version : 8970

Trace Rules Database Version: 6782

 

Scan type : Complete Scan

Total Scan Time : 03:05:20

 

Operating System Information

Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)

Administrator

 

Memory items scanned : 561

Memory threats detected : 0

Registry items scanned : 38805

Registry threats detected : 0

File items scanned : 51182

File threats detected : 0

[om343]

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-07-27 13:30:40

-----------------------------

13:30:40.375 OS Version: Windows 5.1.2600 Service Pack 3

13:30:40.375 Number of processors: 2 586 0x6B02

13:30:40.375 ComputerName: YOUR-7A73B1DAD8 UserName: John Agrelo

13:31:07.625 Initialize success

13:31:21.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4

13:31:21.468 Disk 0 Vendor: WDC_WD5001AALS-00LWTA0 15.01H15 Size: 476940MB BusType: 3

13:31:21.484 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c

13:31:21.484 Disk 1 Vendor: WDC_WD5000AACS-00G8B1 05.04C05 Size: 476940MB BusType: 3

13:31:21.500 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP1T0L0-17

13:31:21.515 Disk 2 Vendor: WDC_WD3200AAJS-00VWA0 12.01B02 Size: 305245MB BusType: 3

13:31:21.546 Disk 0 MBR read successfully

13:31:21.562 Disk 0 MBR scan

13:31:21.578 Disk 0 Windows XP default MBR code

13:31:21.593 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63

13:31:21.640 Disk 0 scanning sectors +976752000

13:31:22.031 Disk 0 scanning C:\WINDOWS\system32\drivers

13:32:17.640 Service scanning

13:33:16.906 Modules scanning

13:33:54.437 Disk 0 trace - called modules:

13:33:54.500 ntkrnlpa.exe CLASSPNP.SYS disk.sys SahdIa32.sys atapi.sys hal.dll pciide.sys

13:33:54.531 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a74cab8]

13:33:54.562 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> [0x8a770bb0]

13:33:54.578 5 SahdIa32.sys[ba109939] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8a711b00]

13:33:54.609 Scan finished successfully

13:34:05.953 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\John Agrelo\Desktop\MBR.dat"

13:34:06.000 The log file has been saved successfully to "C:\Documents and Settings\John Agrelo\Desktop\aswMBR.txt"

[Superdave]

Please run MBAM again and, this time, clean the infections.

 

Download Combofix from any of the links below, and save it to your DESKTOP.

 

Link 1

Link 2

Link 3

 

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

• Close any open windows and double click ComboFix.exe to run it.
   
  You will see the following image:
  

http://i424.photobucket.com/albums/pp322/digistar/NSIS_disclaimer_ENG.png

 

Click I Agree to start the program.

 

ComboFix will then extract the necessary files and you will see this:

 

http://i424.photobucket.com/albums/pp322/digistar/NSIS_extraction.png

 

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

 

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

 

If you did not have it installed, you will see the prompt below. Choose YES.

 

http://i424.photobucket.com/albums/pp322/digistar/RcAuto1.gif

 

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

 

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

 

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

 

http://i424.photobucket.com/albums/pp322/digistar/whatnext.png

 

Click on Yes, to continue scanning for malware.

 

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

 

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

 

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

[om343]

ComboFix 12-07-27.03 - John Agrelo 07/28/2012 9:51.1.2 - x86

Running from: c:\documents and settings\John Agrelo\Desktop\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\John Agrelo\Application Data\PriceGong

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\1.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\10.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\1385.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\2229.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\2443.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\4489.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\5797.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\a.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\b.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\c.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\d.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\e.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\f.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\g.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\h.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\i.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\j.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\k.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\l.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\m.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\n.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\o.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\p.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\q.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\r.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\s.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\t.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\u.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\v.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\w.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\wlu.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\x.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\y.txt

c:\documents and settings\John Agrelo\Application Data\PriceGong\Data\z.txt

c:\documents and settings\John Agrelo\Application Data\Toolbar4

c:\documents and settings\John Agrelo\WINDOWS

C:\install.exe

c:\windows\system32\Cache

c:\windows\system32\Cache\272512937d9e61a4.fb

c:\windows\system32\Cache\287204568329e189.fb

c:\windows\system32\Cache\28bc8f716fd76a47.fb

c:\windows\system32\Cache\2c53092c95605355.fb

c:\windows\system32\Cache\32c84fe32bb74d60.fb

c:\windows\system32\Cache\3917078cb68ec657.fb

c:\windows\system32\Cache\590ba23ce359fd0c.fb

c:\windows\system32\Cache\610289e025a3ee9a.fb

c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb

c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb

c:\windows\system32\Cache\6d03dad1035885d3.fb

c:\windows\system32\Cache\a8556537add6dfc5.fb

c:\windows\system32\Cache\ad10a52aff5e038d.fb

c:\windows\system32\Cache\c1fa887b03019701.fb

c:\windows\system32\Cache\c4d28dca2e7648be.fb

c:\windows\system32\Cache\cb9f25fc025be2e4.fb

c:\windows\system32\Cache\d201ef9910cd39de.fb

c:\windows\system32\Cache\d2e94710a5708128.fb

c:\windows\system32\Cache\d79b9dfe81484ec4.fb

c:\windows\system32\Cache\f998975c9cc711ee.fb

.

.

((((((((((((((((((((((((( Files Created from 2012-06-28 to 2012-07-28 )))))))))))))))))))))))))))))))

.

.

2012-07-26 12:47 . 2012-07-26 12:47 -------- d-----w- c:\documents and settings\John Agrelo\Application Data\SUPERAntiSpyware.com

2012-07-26 12:45 . 2012-07-26 12:47 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-07-26 12:45 . 2012-07-26 12:45 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2012-07-26 12:20 . 2012-07-26 12:20 -------- d-----w- c:\windows\system32\winrm

2012-07-26 12:20 . 2012-07-26 12:20 -------- d-----w- c:\windows\system32\GroupPolicy

2012-07-26 12:19 . 2012-07-26 12:20 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$

2012-07-26 11:21 . 2012-07-26 11:21 -------- d-----w- c:\documents and settings\John Agrelo\Application Data\Malwarebytes

2012-07-26 11:21 . 2012-07-26 11:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-07-26 11:21 . 2012-07-03 17:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-26 11:21 . 2012-07-26 11:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-07-22 13:05 . 2012-07-22 13:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google

2012-07-22 13:02 . 2012-07-22 13:02 -------- d-----w- c:\program files\Speccy

2012-07-22 13:00 . 2012-07-22 13:00 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google

2012-07-20 19:25 . 2012-07-20 19:25 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\IObit

2012-07-20 18:50 . 2012-07-21 13:38 -------- d-----w- C:\992cfaf0818e6f1eddc4

2012-07-20 17:41 . 2012-05-24 14:48 21376 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2012-07-20 13:11 . 2012-07-20 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit

2012-07-20 13:07 . 2012-07-20 13:07 -------- d-----w- c:\program files\IObit

2012-07-19 19:04 . 2012-07-19 19:04 -------- d-----w- c:\documents and settings\John Agrelo\Application Data\addpcs

2012-07-19 17:27 . 2012-07-20 11:33 -------- d-----w- c:\program files\Temp File Cleaner

2012-07-19 12:10 . 2012-07-19 12:10 -------- d-----w- c:\documents and settings\John Agrelo\Application Data\Speeding Up My PC

2012-07-19 12:10 . 2012-07-19 12:10 -------- d-----w- c:\documents and settings\John Agrelo\Application Data\RegistryKeys

2012-07-15 11:45 . 2012-07-15 11:45 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

2012-07-10 15:41 . 2012-07-10 15:41 -------- d-----w- c:\documents and settings\LocalService\Application Data\Roxio

2012-07-06 14:33 . 2012-07-06 14:33 -------- d-----w- c:\documents and settings\John Agrelo\Application Data\McAfee

2012-07-01 17:58 . 2008-04-13 21:12 27648 -c--a-w- c:\windows\system32\dllcache\rw430ext.dll

2012-07-01 17:58 . 2004-08-04 03:31 20992 -c--a-w- c:\windows\system32\dllcache\rtl8139.sys

2012-07-01 17:58 . 2001-08-17 16:12 19017 -c--a-w- c:\windows\system32\dllcache\rtl8029.sys

2012-07-01 17:58 . 2001-08-17 16:19 30720 -c--a-w- c:\windows\system32\dllcache\rthwcls.sys

2012-07-01 17:58 . 2001-08-18 02:36 9216 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll

2012-07-01 17:58 . 2001-08-17 16:19 3840 -c--a-w- c:\windows\system32\dllcache\rpfun.sys

2012-07-01 17:58 . 2008-04-13 15:40 79104 -c--a-w- c:\windows\system32\dllcache\rocket.sys

2012-07-01 17:58 . 2001-08-17 16:12 37563 -c--a-w- c:\windows\system32\dllcache\rlnet5.sys

2012-07-01 17:58 . 2001-08-18 02:36 86097 -c--a-w- c:\windows\system32\dllcache\reslog32.dll

2012-07-01 17:56 . 2001-08-17 17:53 7552 -c--a-w- c:\windows\system32\dllcache\nsmmc.sys

2012-07-01 17:55 . 2001-08-17 17:52 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys

2012-07-01 17:54 . 2001-08-18 02:36 372824 -c--a-w- c:\windows\system32\dllcache\iconf32.dll

2012-07-01 17:53 . 2001-08-17 16:15 455680 -c--a-w- c:\windows\system32\dllcache\fus2base.sys

2012-07-01 17:52 . 2001-08-18 02:36 614429 -c--a-w- c:\windows\system32\dllcache\digiview.exe

2012-07-01 17:51 . 2001-08-18 02:36 74240 -c--a-w- c:\windows\system32\dllcache\camexo20.dll

2012-07-01 17:50 . 2001-08-17 16:49 46464 -c--a-w- c:\windows\system32\dllcache\atibt829.sys

2012-06-30 13:38 . 2012-06-30 13:38 -------- d-----w- c:\documents and settings\John Agrelo\Application Data\inkscape

2012-06-30 13:30 . 2012-06-30 13:36 -------- d-----w- c:\program files\Inkscape

2012-06-28 14:32 . 2012-06-28 14:32 -------- d-----w- c:\documents and settings\All Users\PSU

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-27 20:27 . 2012-04-04 11:12 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-27 20:27 . 2012-03-19 19:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-19 14:56 . 2012-03-28 15:17 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2012-06-22 15:53 . 2012-06-22 15:54 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-06-22 15:53 . 2012-06-22 15:54 476936 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-06-22 15:53 . 2012-03-19 21:50 472840 ----a-w- c:\windows\system32\deployJava1.dll

2012-06-18 12:10 . 2012-06-18 12:10 17801 ----a-w- c:\windows\system32\drivers\AegisP.sys

2012-06-13 13:19 . 2004-08-03 23:17 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:50 . 2008-04-14 00:12 1372672 ------w- c:\windows\system32\msxml6.dll

2012-06-05 15:50 . 2004-08-04 00:56 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32 . 2004-08-04 00:56 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 19:19 . 2009-08-07 03:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 19:19 . 2012-03-19 16:44 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 19:19 . 2012-03-19 16:44 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-02 19:19 . 2012-03-19 16:44 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 19:19 . 2009-08-07 03:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 19:19 . 2012-03-19 16:44 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 19:19 . 2012-03-19 16:44 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 19:19 . 2009-08-07 03:24 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 19:19 . 2009-08-07 03:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 19:19 . 2004-08-04 00:56 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 19:19 . 2009-08-07 03:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 19:19 . 2012-03-19 16:44 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 19:19 . 2012-03-19 16:44 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 19:18 . 2012-03-20 12:22 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 19:18 . 2012-03-20 12:22 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-06-02 19:18 . 2009-08-07 03:23 214256 ----a-w- c:\windows\system32\muweb.dll

2012-05-31 13:22 . 2004-08-04 00:56 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-29 11:21 . 2012-03-19 16:52 499712 ----a-w- c:\windows\system32\msvcp71.dll

2012-05-29 11:21 . 2012-03-19 16:52 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-05-16 15:08 . 2004-08-04 00:56 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42 . 2004-08-04 00:56 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-05-11 14:42 . 2004-08-04 00:56 43520 ------w- c:\windows\system32\licmgr10.dll

2012-05-11 11:38 . 2004-08-03 22:59 385024 ------w- c:\windows\system32\html.iec

2012-05-08 16:40 . 2012-06-05 11:25 6737808 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E53094C5-CCF7-4ECD-AD35-7052F6DE9254}\mpengine.dll

2012-05-04 13:16 . 2004-08-03 23:18 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32 . 2004-08-03 22:59 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46 . 2012-03-19 16:42 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]

@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"

[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]

2010-04-14 00:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]

@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"

[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]

2010-04-14 00:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]

@="{b4caf489-1eec-c617-49ad-8d7088598c06}"

[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]

2010-04-14 00:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TopmostClock"="c:\program files\Topmost Clock\TopMostClock.exe" [2002-09-08 540672]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1318816]

"CPMonitor"="c:\program files\Roxio\CinePlayer\5.0\CPMonitor.exe" [2010-08-25 84464]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2011-09-27 19:03 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Camio Viewer.lnk]

backup=c:\windows\pss\Camio Viewer.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Event Planner Reminder 2008.lnk]

backup=c:\windows\pss\Event Planner Reminder 2008.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Event Reminder.lnk]

backup=c:\windows\pss\Event Reminder.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^John Agrelo^Start Menu^Programs^Startup^CNET TechTracker.lnk]

backup=c:\windows\pss\CNET TechTracker.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-03 13:10 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2012-05-31 00:06 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]

2010-06-30 13:10 477680 ----a-w- c:\program files\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DKADImon]

2011-11-25 10:48 948360 ----a-w- c:\program files\Dell V720 Series\DKADImon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]

2011-10-07 09:40 1387288 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2012-06-07 23:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]

2005-06-08 18:44 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]

2005-06-08 19:24 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]

2005-06-08 19:14 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]

2005-07-19 21:32 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-04-19 00:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]

2010-07-16 10:48 307184 ----a-w- c:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

2012-03-14 17:40 20065896 ----a-w- c:\windows\RTHDCPL.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]

2002-01-14 18:42 61440 ----a-w- c:\windows\MIDIDEF.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

2012-04-06 01:48 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-01-18 18:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2012-05-29 11:21 296056 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]

2000-05-11 05:00 90112 ------w- c:\windows\Updreg.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS10 Preload]

2006-08-09 13:27 36864 ------w- c:\program files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager]

2012-03-20 13:10 335872 ----a-w- c:\windows\system32\WDBtnMgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINDVDPatch]

2002-02-07 22:01 40960 ----a-w- c:\windows\system32\CTHELPER.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wltray.exe]

2005-06-08 21:32 778318 ----a-w- c:\windows\system32\wltray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zBrowser Launcher]

2004-03-18 13:33 892928 ----a-w- c:\program files\Logitech\iTouch\iTouch.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Dell\\Status Center\\DKsmc.exe"=

"c:\\Program Files\\Dell\\PSU\\DKpsu.exe"=

"c:\\Program Files\\Dell\\WirelessSetup\\DKwpss.exe"=

"c:\\Program Files\\Dell V720 Series\\DKADImon.exe"=

"c:\\Program Files\\Dell V720 Series\\DKADIlscn.exe"=

"c:\\Program Files\\Dell V720 Series\\DKabscw.dll"=

"c:\\Program Files\\Dell\\NetworkTwain\\DKzzz_32__bc.dll"=

"c:\\Program Files\\Dell\\NetworkTwain\\DKzzz_32serv.dll"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"50000:UDP"= 50000:UDP:IHA_MessageCenter

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

.

R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [3/20/2012 9:40 AM 21488]

R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [3/20/2012 9:40 AM 15856]

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [6/5/2012 12:35 PM 89792]

R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [6/5/2012 12:36 PM 54776]

R1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [3/20/2012 9:40 AM 25584]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664]

R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 7:38 PM 116608]

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\Roxio\BackOnTrack\App\SaibSVC.exe [6/2/2009 7:05 PM 457200]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [5/14/2009 6:07 PM 759048]

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [7/20/2012 9:07 AM 913792]

R2 BOT4Service;BOT4Service;c:\program files\Roxio\BackOnTrack\App\BService.exe [8/30/2010 11:14 PM 39408]

R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [3/28/2012 11:16 AM 12184]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/26/2012 7:21 AM 655944]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [6/5/2012 12:35 PM 214904]

R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [6/5/2012 12:35 PM 214904]

R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [6/5/2012 12:35 PM 214904]

R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [6/5/2012 12:36 PM 161632]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [6/5/2012 11:54 AM 151880]

R2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [4/13/2010 8:11 PM 229688]

R2 RoxMediaDB13;RoxMediaDB13;c:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [7/16/2010 6:48 AM 1099248]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [4/26/2012 11:36 AM 99856]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [6/5/2012 12:35 PM 57600]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/26/2012 7:21 AM 22344]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [6/5/2012 12:35 PM 340920]

R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [6/5/2012 12:35 PM 83856]

R3 Slnt7554;USB Soft Modem Driver;c:\windows\system32\drivers\slnt7554.sys [3/19/2012 10:25 AM 129535]

S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/4/2012 7:12 AM 250056]

S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [12/12/2011 11:03 AM 335888]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [7/16/2010 6:48 AM 354288]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [4/26/2012 10:59 AM 1691480]

S3 AVC2310F;AVC-2310/AVC-2210 USB Loader;c:\windows\system32\drivers\avcuwfl.sys [3/24/2012 2:14 PM 18644]

S3 AvcUWilo;Adaptec AVC-2210/2310 USB Device;c:\windows\system32\drivers\avcuwilo.sys [3/24/2012 2:16 PM 51166]

S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [9/2/2011 2:31 AM 42648]

S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [9/2/2011 2:31 AM 12184]

S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [6/5/2012 12:35 PM 83856]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [6/5/2012 12:35 PM 87656]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - mfeavfk01

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2011-06-20 19:05 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 20:27]

.

2012-06-19 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]

.

2012-07-28 c:\windows\Tasks\ASC5_AutoClean.job

- c:\program files\IObit\Advanced SystemCare 5\AutoSweep.exe [2012-07-20 14:45]

.

2012-07-26 c:\windows\Tasks\ASC5_AutoUpdate.job

- c:\program files\IObit\Advanced SystemCare 5\AutoUpdate.exe [2012-07-20 22:33]

.

2012-07-21 c:\windows\Tasks\Disk Cleanup.job

- c:\windows\system32\cleanmgr.exe [2004-08-04 00:12]

.

2012-07-28 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1547161642-1482476501-725345543-1003.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 22:21]

.

2012-07-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1547161642-1482476501-725345543-1003.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 22:21]

.

2012-07-24 c:\windows\Tasks\Roxio PhotoShow Updater.job

- c:\program files\Roxio\PhotoShow\auto_updater_shim.exe [2010-06-11 04:25]

.

2012-07-28 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 7ee09d73-be1c-4ad5-a297-f3e403e5c412.job

- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://entertainment.verizon.com/news/

uInternet Settings,ProxyOverride = *.local

IE: &ieSpell Options - c:\program files\ieSpell\iespell.dll/SPELLOPTION.HTM

IE: Check &Spelling - c:\program files\ieSpell\iespell.dll/SPELLCHECK.HTM

IE: Lookup on Merriam Webster - file://c:\program files\ieSpell\Merriam Webster.HTM

IE: Lookup on Wikipedia - file://c:\program files\ieSpell\wikipedia.HTM

TCP: DhcpNameServer = 192.168.2.1

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

AddRemove-Creative Installer Setup - c:\program files\Creative\Uninstall\Installer.isu

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-07-28 10:04

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1232)

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\WININET.dll

c:\windows\system32\Ati2evxx.dll

c:\windows\system32\atiadlxx.dll

c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll

c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

.

Completion time: 2012-07-28 10:10:02

ComboFix-quarantined-files.txt 2012-07-28 14:09

.

Pre-Run: 445,072,797,696 bytes free

Post-Run: 445,020,745,728 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - D905B2A99DAD9654D6FF6D577E72D887

[om343]

Malwarebytes Anti-Malware (Trial) 1.62.0.1300

http://www.malwarebytes.org

 

Database version: v2012.07.27.04

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

John Agrelo :: YOUR-7A73B1DAD8 [administrator]

 

Protection: Disabled

 

7/28/2012 5:26:42 AM

mbam-log-2012-07-28 (05-26-42).txt

 

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 331544

Time elapsed: 4 hour(s), 10 minute(s), 59 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

[om343]

I'm on someone elses computer. After I made my last post and rebooted a black screen came up with NTLDR is missing. I tried rebooting again and got the same message. What happened?

[Superdave]

Fixing NTLDR via Recovery Console

• Insert the Windows CD and start the computer.
  
• When the Welcome to Setup screen appears, press R.
  
• Type a number corresponding to the Windows installation you wish to repair (usually 1) and press Enter.
  
• When prompted, type the administrator password and press Enter.
  
• From the command prompt, copy NTLDR and NTDETECT.COM from the i386 folder of the CD to the root folder of the hard drive. In the example commands given below, C: is the hard drive and D: is the CD-ROM drive. You will need to change the drive letters if appropriate:
   
  COPY D:\I386\NTLDR C:\
  COPY D:\I386\NTDETECT.COM C:\
   
  
• Remove the Windows XP CD from the drive and restart the computer.
  

[om343]

I booted from the CD but didn't get the welcome to setup screen. It started loading files then I got a screen with this information.

 

476938 MB Disk 0 at Ide on bus 0 on atapi (MBR)

C: Partition1 (Unknown) 476930 MB [ 476929 free ]

Unpartitioned Space 8 MB

 

It asksd if I wanted to install but I quit.

[Superdave]

Ok Let's try this:

 

Place the OS disk in your CD ROM drive and follow the instructions below:

•Click on Start > Run and type sfc /scannow then press Enter (note the space between scf and /scannow)

*Let this run undisturbed until the window with the blue progress bar goes away

SFC - Which stands for System File Checker, retrieves the correct version of the file from %Systemroot%\System32\Dllcache or the Windows installation source files, and then replaces the incorrect file.

[om343]

I should have said that I tried booting from the OS disk. The computer won't boot up. When I start up with the disk it wants to install Windows again. I don't get any other choices.

[om343]

took my computer to a service shop and was told that my hred drive has been wiped clean. The OS will have to be reinstalled. I lost tons of information and software that I bought and downloaded. He said that it was probably the Spyware thing fhat did it. Needless to say that I'm really upset.

[Superdave]

took my computer to a service shop and was told that my hred drive has been wiped clean. The OS will have to be reinstalled. I lost tons of information and software that I bought and downloaded. He said that it was probably the Spyware thing fhat did it. Needless to say that I'm really upset.

 

I'm sorry to hear about that. That's another good reason why we should always backup our important data; you never know when disaster will happen. That's standard procedure when a tech shop gets their hands on a computer. If you had continued with our forum I could have at least save all your data.

[om343]

I've reinstalled my OS now I need to install AVC again but my license key was in the computer. How do I get it again.

[wozofoz]

I've reinstalled my OS now I need to install AVC again but my license key was in the computer. How do I get it again.

 

Do you mean ASC (Advanced SystemCare)? If yes:

You would have already received an email from Avangate when you first purchased the IObit software. That email contained your License code

If you can't find that then you can get a copy sent to the same email address by going to IObit - Retrieve License

 

All the best, woz of oz