Sign in to follow this  
Slandlord

Direct Specials Today ... Ad-aware does not remove.

Recommended Posts

Some Spyware is on my system and neither Ad-aware or Spybot can get rid of it. It usually refers to a page Direct Specials Today when I click on an unrelated link and it opens up a new window in Chrome. It is currently stopping me from any editing on ebay so it is affecting my livelihood as well as being extremely annoying. It got on my system as a Trojan version of VLC viewer and I still have the Trojan if anyone wants to see it. Sadly the Trojan offered me the option to install itself and rather than reading what I was agreeing to I accepted it not realising what I was doing.

 

I was pointed here by someone in another forum. Hopefully this can be sorted out without me having to do anything drastic like reformatting my hard drive.

 

Many thanks

Bill

 

DDS.txt

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by Bill at 15:20:32 on 2013-04-17
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3071.1868 [GMT 1:00]
.
AV: Panda Cloud Antivirus *Enabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Cloud Antivirus Firewall *Disabled*
FW: Lavasoft Ad-Aware *Disabled*
FW: ZoneAlarm Free Firewall Firewall *Enabled*
.
============== Running Processes ================
.
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
C:\Program Files\Sony\PlayMemories Home\dfs.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\BOINC\boinctray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\NETGEAR\WG111T\wlan111t.exe
C:\WINDOWS\STK02N\STK02NM.exe
C:\Documents and Settings\All Users\Application Data\Search Protection\SearchProtection.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\BOINC\boinc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\All Users\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=89F65B737CC65FEC9D958F516D7ADA72
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={712E3AEE-309D-11E0-BF23-00146CED37BD}
uInternet Connection Wizard,ShellNext = hxxp://www.sweetim.com/cbi.gif?barid={712E3AEE-309D-11E0-BF23-00146CED37BD}&pid=376&cmpid=3356700&plcmtid=179230000&cveid=368170000
uURLSearchHooks: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - c:\program files\pandasecuritytb\pandasecurityDx.dll
uURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} -
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Zonealarm Helper Object: {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - c:\program files\check point software technologies ltd\zonealarm\1.6.7.4\bh\zonealarm.dll
BHO: DownloadTerms: {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - c:\documents and settings\bill\local settings\application data\downloadterms\temp.dat
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} -
BHO: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - c:\program files\pandasecuritytb\pandasecurityDx.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - <orphaned>
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: ZoneAlarm Security Toolbar: {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - c:\program files\check point software technologies ltd\zonealarm\1.6.7.4\zonealarmTlbr.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - c:\program files\pandasecuritytb\pandasecurityDx.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} -
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [EPSON Stylus D92 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatibze.exe /fu "c:\windows\temp\E_S78.tmp" /EF "HKCU"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [boincmgr] "c:\program files\boinc\boincmgr.exe" /a /s
mRun: [boinctray] "c:\program files\boinc\boinctray.exe"
mRun: [RoxioEngineUtility] "c:\program files\common files\roxio shared\system\EngUtil.exe"
mRun: [EPSON Stylus Photo R200 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I0H2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [iSW] c:\program files\checkpoint\zaforcefield\ForceField.exe /icon="hidden"
mRun: [PMBVolumeWatcher] c:\program files\sony\playmemories home\PMBVolumeWatcher.exe
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [PSUAMain] "c:\program files\panda security\panda cloud antivirus\PSUAMain.exe" /LaunchSysTray
mRun: [Panda Security URL Filtering] "c:\documents and settings\all users\application data\panda security url filtering\Panda_URL_Filtering.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe"
mRun: [searchProtection] c:\documents and settings\all users\application data\search protection\_run.bat
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111t\wlan111t.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\stk02n~1.lnk - c:\windows\stk02n\STK02NM.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296853517250
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{B19C68FE-0955-4110-A7D5-8D40512CF47E} : DHCPNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs= c:\docume~1\alluse~1\applic~1\wincert\win32c~1.dll c:\progra~1\search~1\datamngr\mgrldr.dll c:\progra~1\google\google~2\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 www.spywareinfoforum.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\bill\application data\mozilla\firefox\profiles\ns7e5bhu.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=89F65B737CC65FEC9D958F516D7ADA72
FF - prefs.js: keyword.URL - hxxp://lavasoft.blekko.com/ws/?source=f439e2c0&tbp=url&toolbarid=adawaretb&u=89F65B737CC65FEC9D958F516D7ADA72&q=
FF - component: c:\documents and settings\bill\application data\mozilla\firefox\profiles\ns7e5bhu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee security scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-03-18 11:14; {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}; c:\documents and settings\bill\application data\mozilla\firefox\profiles\ns7e5bhu.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
FF - ExtSQL: 2013-03-18 11:41; [email protected]; c:\documents and settings\bill\application data\mozilla\firefox\profiles\ns7e5bhu.default\extensions\[email protected]
FF - ExtSQL: 2013-03-18 13:38; [email protected]; c:\program files\alwil software\avast5\webrep\FF
FF - ExtSQL: 2013-04-16 11:01; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-04-16 17:23; {87934c42-161d-45bc-8cef-ef18abe2a30c}; c:\documents and settings\bill\application data\mozilla\firefox\profiles\ns7e5bhu.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
FF - ExtSQL: 2013-04-16 17:23; [email protected]; c:\documents and settings\bill\application data\mozilla\firefox\profiles\ns7e5bhu.default\extensions\[email protected]
FF - ExtSQL: !HIDDEN! 2011-02-05 07:28; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2013-03-18 11:40; [email protected]; c:\program files\mozilla firefox\extensions\[email protected]
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.hmpg - true
FF - user.js: extensions.zonealarm.hmpgUrl - hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN20681294588029-1025&toolbarId=base&affiliateId=1025&Lan=en&utid=88da050200000000000000146ced37bd
FF - user.js: extensions.zonealarm.dfltSrch - true
FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
FF - user.js: extensions.zonealarm.keyWordUrl - hxxp://search.zonealarm.com/search?Source=Browser&oemCode=ZLN20681294588029-1025&toolbarId=base&affiliateId=1025&Lan=en&utid=88da050200000000000000146ced37bd&q={searchTerms}
FF - user.js: extensions.zonealarm_i.dnsErr - true
FF - user.js: extensions.zonealarm_i.newTab - true
FF - user.js: extensions.zonealarm.newTabUrl - hxxp://search.zonealarm.com/?Source=Newtab&oemCode=ZLN20681294588029-1025&toolbarId=base&affiliateId=1025&Lan=en&utid=88da050200000000000000146ced37bd
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN20681294588029-1025&toolbarId=base&affiliateId=1025&Lan={dfltLng}&utid=88da050200000000000000146ced37bd&q=
FF - user.js: extensions.zonealarm.id - 88da050200000000000000146ced37bd
FF - user.js: extensions.zonealarm.instlDay - 15574
FF - user.js: extensions.zonealarm.vrsn - 1.6.7.4
FF - user.js: extensions.zonealarm.vrsni - 1.6.7.4
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.6.7.49:11:56
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1025
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base
FF - user.js: extensions.zonealarm.instlRef - ZLN20681294588029-1025
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
.
============= SERVICES / DRIVERS ===============
.
R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-4-16 13560]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-20 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-2-4 361032]
R1 NNSALPC;NNSAlpc;c:\windows\system32\drivers\NNSAlpc.sys [2012-11-26 82728]
R1 NNSHTTP;NNSHttp;c:\windows\system32\drivers\NNSHttp.sys [2012-11-26 119080]
R1 NNSHTTPS;NNSHttps;c:\windows\system32\drivers\NNSHttps.sys [2013-1-9 95584]
R1 NNSIDS;NNSids;c:\windows\system32\drivers\NNSIds.sys [2012-11-26 123944]
R1 NNSPICC;NNSPicc;c:\windows\system32\drivers\NNSpicc.sys [2012-11-26 94632]
R1 NNSPOP3;NNSPop3;c:\windows\system32\drivers\NNSPop3.sys [2012-11-26 105640]
R1 NNSPROT;NNSProt;c:\windows\system32\drivers\NNSProt.sys [2012-11-26 286888]
R1 NNSPRV;NNSPrv;c:\windows\system32\drivers\NNSPrv.sys [2012-11-26 159528]
R1 NNSSMTP;NNSSmtp;c:\windows\system32\drivers\NNSSmtp.sys [2012-11-26 108200]
R1 NNSSTRM;NNSStrm;c:\windows\system32\drivers\NNSStrm.sys [2012-11-28 218024]
R1 NNSTLSC;NNSTlsc;c:\windows\system32\drivers\NNStlsc.sys [2012-11-26 93096]
R1 PSINKNC;PSINKnc;c:\windows\system32\drivers\PSINKNC.sys [2012-11-9 178728]
R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2012-8-3 526640]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2013-3-18 1236336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-2-4 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-2-4 44808]
R2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
R2 DeviceFinderService;DeviceFinderService;c:\program files\sony\playmemories home\dfs.exe [2012-9-25 149088]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2011-2-5 54760]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2012-3-16 27056]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2012-3-16 497320]
R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\panda security\panda cloud antivirus\PSANHost.exe [2013-1-27 140512]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\playmemories home\PMBDeviceInfoProvider.exe [2012-9-25 474208]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2012-11-9 149288]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2012-11-9 102184]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2012-11-9 114216]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2012-11-9 123560]
R2 PSUAService;Panda Product Service;c:\program files\panda security\panda cloud antivirus\PSUAService.exe [2013-1-27 37088]
R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2012-9-20 3677000]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-12-13 3290896]
R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe -service --> c:\program files\checkpoint\zonealarm\vsmon.exe -service [?]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [2011-2-4 17149]
R3 maestro;ESS Maestro Audio Driver (WDM);c:\windows\system32\drivers\maestro.sys [2011-2-5 48768]
R3 PSKMAD;PSKMAD;c:\windows\system32\drivers\PSKMAD.sys [2013-4-17 46672]
S2 DatamngrCoordinator;Datamngr Coordinator;c:\program files\search results toolbar\datamngr\datamngrcoordinator.exe --> c:\program files\search results toolbar\datamngr\DatamngrCoordinator.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S3 DCamUSBLTN;M318B Digital Video Camera;c:\windows\system32\drivers\vq318vid.sys [2002-4-22 113632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-2-4 30192]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 NNSNAHS;Network Activity Hook Server Service;c:\windows\system32\drivers\NNSNAHS.sys [2012-10-22 38824]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2003-3-31 14336]
S4 NNSPIHS;NNSPihs;c:\windows\system32\drivers\NNSpihs.sys [2012-11-26 51496]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=NOTEPAD.EXE %1
FileExt: .vbs: VBSFile=NOTEPAD.EXE %1
FileExt: .js: JSFile=NOTEPAD.EXE %1
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2013-04-17 09:44:50 -------- d-----w- c:\documents and settings\bill\application data\SecureSearch
2013-04-17 09:44:50 -------- d-----w- c:\documents and settings\all users\application data\Search Protection
2013-04-17 09:44:50 -------- d-----w- c:\documents and settings\all users\application data\Downloaded Installations
2013-04-17 09:44:40 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-04-17 09:44:11 -------- d-----w- c:\documents and settings\all users\application data\Wincert
2013-04-17 06:25:42 46672 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
2013-04-16 16:33:09 -------- d-----w- c:\documents and settings\bill\application data\LavasoftStatistics
2013-04-16 16:33:09 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Antivirus
2013-04-16 16:26:18 -------- d-----w- c:\program files\Ad-Aware Antivirus
2013-04-16 16:23:47 -------- d-----w- c:\documents and settings\bill\local settings\application data\adawarebp
2013-04-16 16:23:46 -------- d-----w- c:\documents and settings\all users\application data\adawaretb
2013-04-16 16:23:43 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Browsing Protection
2013-04-16 16:23:03 -------- d-----w- c:\documents and settings\bill\application data\adawaretb
2013-04-16 16:21:52 44424 ----a-w- c:\windows\system32\sbbd.exe
2013-04-16 16:21:52 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-04-16 16:21:47 -------- d-----w- c:\documents and settings\bill\application data\Ad-Aware Antivirus
2013-04-15 05:49:39 -------- d-----w- c:\documents and settings\bill\local settings\application data\Torch
2013-04-15 04:49:57 -------- d-----w- c:\documents and settings\bill\local settings\application data\TidyNetwork.com
2013-04-15 03:06:33 -------- d-sh--w- c:\documents and settings\bill\IECompatCache
2013-04-09 17:55:22 -------- d-----w- c:\program files\eBay
2013-03-19 16:58:58 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2013-03-19 16:58:58 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2013-03-19 16:58:02 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2013-03-19 16:58:02 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2013-03-18 20:10:20 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-03-18 17:45:25 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2013-03-18 17:45:25 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
.
==================== Find3M ====================
.
2013-03-16 11:11:21 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-16 11:11:20 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:28:24 2193408 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50:28 2070016 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:06:31 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:06:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-02 02:06:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:25:02 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-03-02 01:08:47 385024 ----a-w- c:\windows\system32\html.iec
2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
.
============= FINISH: 15:25:40.85 ===============
Attach.dat
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 04/02/2011 14:17:15
System Uptime: 17/04/2013 15:07:49 (0 hours ago)
.
Motherboard: Dell Computer Corp. | | 0F1263
Processor: Intel® Xeon CPU 3.20GHz | Microprocessor | 3189/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 76 GiB total, 13.213 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_100F&SUBSYS_012D1028&REV_01\5&14E36031&0&70E810
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_100F&SUBSYS_012D1028&REV_01\5&14E36031&0&70E810
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Audio Controller
Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_012D1028&REV_01\3&172E68DD&0&FD
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_012D1028&REV_01\3&172E68DD&0&FD
Service:
.
==== System Restore Points ===================
.
RP537: 27/03/2013 19:38:56 - System Checkpoint
RP538: 29/03/2013 13:43:35 - System Checkpoint
RP539: 31/03/2013 13:10:20 - System Checkpoint
RP540: 01/04/2013 17:23:02 - System Checkpoint
RP541: 02/04/2013 19:34:26 - System Checkpoint
RP542: 04/04/2013 13:19:31 - System Checkpoint
RP543: 05/04/2013 18:04:20 - System Checkpoint
RP544: 06/04/2013 18:11:24 - System Checkpoint
RP545: 07/04/2013 18:54:20 - System Checkpoint
RP546: 08/04/2013 19:35:13 - System Checkpoint
RP547: 09/04/2013 17:32:29 - Removed Turbo Lister 2.
RP548: 09/04/2013 18:55:17 - Installed Turbo Lister 2.
RP549: 10/04/2013 16:14:57 - Software Distribution Service 3.0
RP550: 11/04/2013 17:11:40 - System Checkpoint
RP551: 12/04/2013 17:20:59 - System Checkpoint
RP552: 13/04/2013 17:46:53 - System Checkpoint
RP553: 15/04/2013 02:57:00 - System Checkpoint
RP554: 16/04/2013 08:08:37 - System Checkpoint
RP555: 17/04/2013 09:23:55 - System Checkpoint
RP556: 17/04/2013 09:57:25 - Restore Operation
RP557: 17/04/2013 10:10:16 - Restore Operation
RP558: 17/04/2013 10:22:50 - Restore Operation
RP559: 17/04/2013 10:35:58 - Restore Operation
RP560: 17/04/2013 10:48:26 - Restore Operation
.
==== Installed Programs ======================
.
Ad-Aware Antivirus
Ad-Aware Security Add-on
Adobe AIR
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.6)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
Bing Bar
BlueJ
BOINC
Dell Driver Download Manager
DownloadTerms
Earthworm Jim (Remove only, requires CD)
Easy CD & DVD Creator 6
eBid Ninja Lister
EPSON PhotoQuicker3.5
EPSON Print CD
EPSON PRINT Image Framer Tool2.1
EPSON Printer Software
ESPR200 Reference Guide
ESPR200 Software Guide
Final DOOM for Windows 95
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
Grand Theft Auto Vice City
GTA San Andreas
GTAIII
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
Internet Explorer Toolbar 4.7 by SweetPacks
iTunes
Java 7 Update 9
Java Auto Updater
Java 6 Update 29
Java SE Development Kit 7 Update 3
JavaFX 2.0.3 SDK
JavaFX 2.1.1
Junk Mail filter update
M318B Digital Video Camera
Malwarebytes Anti-Malware version 1.70.0.1100
McAfee Security Scan Plus
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Plus! for Windows XP
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Mozilla Firefox 20.0.1 (x86 en-ZA)
Mozilla Maintenance Service
MP3 Player Utilities
MS Access 97 SP2
MSVCRT
MSXML 6.0 Parser (KB933579)
NetBeans IDE 7.1.1
NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
Panda Cloud Antivirus
Panda Security Toolbar
Pentagram SVN
PIF DESIGNER2.1
PlayChess
PlayMemories Home
PowerDVD
QuickTime
ScanToWeb
SeaMonkey (2.0.11)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Segoe UI
Shockwave
Skype Click to Call
Skype™ 6.0
Spybot - Search & Destroy
STK02N 2.0
SW_EpIII_saver
SweetIM for Messenger 3.4
Turbo Lister 2
TweakNow RegCleaner
Ultima IX
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC 9.0 Runtime
VLC media player 2.0.6
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR 4.00 (32-bit)
WinZip 11.1
Yahoo! Software Update
Yahoo! Toolbar
YTD Video Downloader 3.9.6
ZoneAlarm Firewall
ZoneAlarm Free Firewall
ZoneAlarm LTD Toolbar
ZoneAlarm Security
ZoneAlarm Security Toolbar
ZoneAlarm Spy Blocker
.
==== Event Viewer Messages From Past Week ========
.
15/04/2013 10:08:43, error: Service Control Manager [7000] - The Datamngr Coordinator service failed to start due to the following error: The system cannot find the file specified.
15/04/2013 09:40:57, error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 1 time(s).
14/04/2013 18:40:06, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00146CED37BD. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
11/04/2013 16:40:02, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/04/2013 16:40:01, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
11/04/2013 05:31:28, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.
.
==== End Of File ===========================

 

Share this post


Link to post
Share on other sites

Hi Bill,

 

1.

Please uninstall:

DownloadTerms due to http://www.systemlookup.com/CLSID/77542-temp_dat.html

Internet Explorer Toolbar 4.7 by SweetPacks due to http://www.systemlookup.com/CLSID/8159-mgToolbarIE_dll.html

Panda Security Toolbar http://www.systemlookup.com/CLSID/71599-PandaSecurityDx_dll.html

Yahoo! Toolbar http://www.systemlookup.com/CLSID/241-Ycomp_dll_yt_dll.html

ZoneAlarm Security Toolbar http://www.systemlookup.com/CLSID/75378-zonealarmTlbr_dll.html

 

Uninstall the following since they are old versions with many vulnerabilities, that makes it easy to infect the computer from a web page.

Java 7 Update 9
Java™ 6 Update 29
Java™ SE Development Kit 7 Update 3
JavaFX 2.0.3 SDK
.

Restart the computer.

 

2.

Please, follow the instructions on http://www.bleepingcomputer.com/combofix/how-to-use-combofix for installing and running ComboFix.

Read carefully and note the "Disclaimer of warranty"!

Paste the content of the log into your answer.
If ComboFix displays a message, for example that a rootkit was found, write it down as detailed as possible.

Share this post


Link to post
Share on other sites

Thank you so much for your help. I have removed the software you suggest from the Program Inventory and also run Combofix. It seems to have cleared up the infection as I can now list again using ebay and I am not aware of any other problems.

 

I'll recommend this forum to anyone that has problems with Spyware in the future.

 

Best wishes

Bill

Share this post


Link to post
Share on other sites

You are welcome :)

 

I advice you to paste the ComboFix log here for further checks and to get instructions for how to uninstall ComboFix.

Share this post


Link to post
Share on other sites

Due to lack of feedback, this topic has been closed.

 

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

 

Everyone else please begin a New Topic.

 

Thank You !

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this