« previous next »
Pages: [1] 2   Go Down

Author Topic: [Resolved K] IE opens in code at times and duplicate emails  (Read 854 times)

0 Members and 1 Guest are viewing this topic.

Offline PGB

  • Bronze Member
  • Posts: 253
[Resolved K] IE opens in code at times and duplicate emails
« on: July 10, 2012, 03:25:27 AM »
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/1/2007 2:05:49 PM
System Uptime: 6/29/2012 12:45:03 PM (257 hours ago)
.
Motherboard: Hewlett-Packard |  | 0A58h
Processor: Intel(R) Core(TM)2 CPU          6400  @ 2.13GHz | XU1 PROCESSOR | 2127/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 138.518 GiB free.
D: is FIXED (NTFS) - 233 GiB total, 145.916 GiB free.
E: is FIXED (NTFS) - 10 GiB total, 8.206 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&696F438&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&696F438&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP796: 4/11/2012 9:37:14 AM - Software Distribution Service 3.0
RP797: 4/12/2012 1:00:20 AM - Software Distribution Service 3.0
RP798: 4/12/2012 1:17:22 AM - Software Distribution Service 3.0
RP799: 4/13/2012 1:25:04 AM - Software Distribution Service 3.0
RP800: 4/14/2012 1:24:54 AM - Software Distribution Service 3.0
RP801: 4/14/2012 12:40:46 PM - Installed Forms Add-on
RP802: 4/15/2012 1:24:53 AM - Software Distribution Service 3.0
RP803: 4/16/2012 1:25:01 AM - Software Distribution Service 3.0
RP804: 4/17/2012 1:29:35 AM - Software Distribution Service 3.0
RP805: 4/18/2012 1:28:59 AM - Software Distribution Service 3.0
RP806: 4/18/2012 10:25:01 AM - Software Distribution Service 3.0
RP807: 4/19/2012 1:29:09 AM - Software Distribution Service 3.0
RP808: 4/19/2012 10:24:55 AM - Software Distribution Service 3.0
RP809: 4/20/2012 1:29:11 AM - Software Distribution Service 3.0
RP810: 4/20/2012 10:25:09 AM - Software Distribution Service 3.0
RP811: 4/21/2012 1:29:07 AM - Software Distribution Service 3.0
RP812: 4/21/2012 10:24:50 AM - Software Distribution Service 3.0
RP813: 4/22/2012 1:28:49 AM - Software Distribution Service 3.0
RP814: 4/22/2012 10:24:57 AM - Software Distribution Service 3.0
RP815: 4/22/2012 9:46:27 PM - Software Distribution Service 3.0
RP816: 4/23/2012 10:25:17 AM - Software Distribution Service 3.0
RP817: 4/24/2012 1:28:18 AM - Software Distribution Service 3.0
RP818: 4/24/2012 10:24:06 AM - Software Distribution Service 3.0
RP819: 4/25/2012 1:10:25 AM - Software Distribution Service 3.0
RP820: 4/25/2012 5:02:20 AM - Software Distribution Service 3.0
RP821: 4/26/2012 12:54:04 AM - Software Distribution Service 3.0
RP822: 4/26/2012 5:16:39 AM - Software Distribution Service 3.0
RP823: 4/26/2012 11:11:15 AM - Microsoft Antimalware Checkpoint
RP824: 4/27/2012 12:54:53 AM - Software Distribution Service 3.0
RP825: 4/27/2012 5:16:35 AM - Software Distribution Service 3.0
RP826: 4/28/2012 12:54:58 AM - Software Distribution Service 3.0
RP827: 4/28/2012 5:16:39 AM - Software Distribution Service 3.0
RP828: 4/29/2012 12:54:08 AM - Software Distribution Service 3.0
RP829: 4/29/2012 5:16:18 AM - Software Distribution Service 3.0
RP830: 4/30/2012 1:09:12 AM - Software Distribution Service 3.0
RP831: 4/30/2012 8:26:04 AM - Printer Driver Amyuni Document Converter 400 Installed
RP832: 4/30/2012 8:44:34 AM - Installed Quicken WillMaker Plus 2012
RP833: 4/30/2012 11:47:05 PM - Software Distribution Service 3.0
RP834: 5/2/2012 7:44:07 AM - Software Distribution Service 3.0
RP835: 5/3/2012 12:32:07 AM - Software Distribution Service 3.0
RP836: 5/3/2012 7:44:32 AM - Software Distribution Service 3.0
RP837: 5/4/2012 12:32:03 AM - Software Distribution Service 3.0
RP838: 5/4/2012 7:44:40 AM - Software Distribution Service 3.0
RP839: 5/5/2012 12:32:29 AM - Software Distribution Service 3.0
RP840: 5/5/2012 7:44:15 AM - Software Distribution Service 3.0
RP841: 5/6/2012 12:32:57 AM - Software Distribution Service 3.0
RP842: 5/6/2012 7:47:49 AM - Software Distribution Service 3.0
RP843: 5/7/2012 1:10:29 AM - Software Distribution Service 3.0
RP844: 5/8/2012 1:15:20 AM - System Checkpoint
RP845: 5/8/2012 1:24:27 AM - Software Distribution Service 3.0
RP846: 5/8/2012 12:09:02 PM - Software Distribution Service 3.0
RP847: 5/9/2012 1:24:15 AM - Software Distribution Service 3.0
RP848: 5/9/2012 12:08:22 PM - Software Distribution Service 3.0
RP849: 5/10/2012 1:24:24 AM - Software Distribution Service 3.0
RP850: 5/10/2012 12:12:59 PM - Software Distribution Service 3.0
RP851: 5/11/2012 12:09:10 PM - Software Distribution Service 3.0
RP852: 5/12/2012 1:00:23 AM - Software Distribution Service 3.0
RP853: 5/13/2012 1:03:05 AM - Software Distribution Service 3.0
RP854: 5/13/2012 1:58:52 AM - Software Distribution Service 3.0
RP855: 5/14/2012 1:02:24 AM - Software Distribution Service 3.0
RP856: 5/14/2012 1:58:55 AM - Software Distribution Service 3.0
RP857: 5/15/2012 1:03:00 AM - Software Distribution Service 3.0
RP858: 5/15/2012 1:58:35 AM - Software Distribution Service 3.0
RP859: 5/16/2012 1:03:02 AM - Software Distribution Service 3.0
RP860: 5/16/2012 1:57:48 AM - Software Distribution Service 3.0
RP861: 5/17/2012 1:03:26 AM - Software Distribution Service 3.0
RP862: 5/17/2012 1:58:06 AM - Software Distribution Service 3.0
RP863: 5/18/2012 1:02:13 AM - Software Distribution Service 3.0
RP864: 5/19/2012 1:02:40 AM - Software Distribution Service 3.0
RP865: 5/19/2012 1:58:22 AM - Software Distribution Service 3.0
RP866: 5/20/2012 1:02:31 AM - Software Distribution Service 3.0
RP867: 5/20/2012 1:59:11 AM - Software Distribution Service 3.0
RP868: 5/21/2012 1:11:47 AM - Software Distribution Service 3.0
RP869: 5/21/2012 8:48:32 PM - Printer Driver LogMeIn Printer Driver Installed
RP870: 5/22/2012 1:00:17 AM - Software Distribution Service 3.0
RP871: 5/22/2012 1:57:42 AM - Software Distribution Service 3.0
RP872: 5/23/2012 1:02:46 AM - Software Distribution Service 3.0
RP873: 5/23/2012 1:58:45 AM - Software Distribution Service 3.0
RP874: 5/24/2012 1:02:34 AM - Software Distribution Service 3.0
RP875: 5/24/2012 1:58:27 AM - Software Distribution Service 3.0
RP876: 5/25/2012 1:10:04 AM - Software Distribution Service 3.0
RP877: 5/26/2012 1:03:11 AM - Software Distribution Service 3.0
RP878: 5/26/2012 2:02:36 AM - Software Distribution Service 3.0
RP879: 5/27/2012 1:02:41 AM - Software Distribution Service 3.0
RP880: 5/27/2012 1:58:25 AM - Software Distribution Service 3.0
RP881: 5/28/2012 1:02:18 AM - Software Distribution Service 3.0
RP882: 5/28/2012 1:57:20 AM - Software Distribution Service 3.0
RP883: 5/29/2012 12:44:56 AM - Software Distribution Service 3.0
RP884: 5/29/2012 9:06:29 PM - Software Distribution Service 3.0
RP885: 5/30/2012 9:05:49 PM - Software Distribution Service 3.0
RP886: 5/31/2012 4:40:54 PM - Installed eFax Messenger
RP887: 5/31/2012 9:06:43 PM - Software Distribution Service 3.0
RP888: 6/1/2012 9:05:59 PM - Software Distribution Service 3.0
RP889: 6/2/2012 9:06:47 PM - Software Distribution Service 3.0
RP890: 6/3/2012 9:07:00 PM - Software Distribution Service 3.0
RP891: 6/4/2012 9:06:23 PM - Software Distribution Service 3.0
RP892: 6/5/2012 1:00:21 AM - Software Distribution Service 3.0
RP893: 6/6/2012 12:36:12 AM - Software Distribution Service 3.0
RP894: 6/6/2012 1:44:14 AM - Software Distribution Service 3.0
RP895: 6/7/2012 12:46:08 AM - Software Distribution Service 3.0
RP896: 6/7/2012 2:54:55 PM - Software Distribution Service 3.0
RP897: 6/8/2012 12:46:11 AM - Software Distribution Service 3.0
RP898: 6/8/2012 2:54:11 PM - Software Distribution Service 3.0
RP899: 6/9/2012 12:46:54 AM - Software Distribution Service 3.0
RP900: 6/10/2012 12:53:19 AM - System Checkpoint
RP901: 6/10/2012 1:08:39 AM - Software Distribution Service 3.0
RP902: 6/10/2012 8:01:52 AM - Software Distribution Service 3.0
RP903: 6/11/2012 1:08:53 AM - Software Distribution Service 3.0
RP904: 6/12/2012 1:08:52 AM - Software Distribution Service 3.0
RP905: 6/12/2012 7:59:40 AM - Software Distribution Service 3.0
RP906: 6/13/2012 1:22:38 AM - Software Distribution Service 3.0
RP907: 6/13/2012 8:18:48 AM - Software Distribution Service 3.0
RP908: 6/14/2012 1:00:19 AM - Software Distribution Service 3.0
RP909: 6/15/2012 12:48:11 AM - Software Distribution Service 3.0
RP910: 6/15/2012 1:56:18 AM - Software Distribution Service 3.0
RP911: 6/16/2012 7:33:39 AM - Software Distribution Service 3.0
RP912: 6/17/2012 12:31:15 AM - Software Distribution Service 3.0
RP913: 6/17/2012 7:34:30 AM - Software Distribution Service 3.0
RP914: 6/18/2012 12:31:14 AM - Software Distribution Service 3.0
RP915: 6/18/2012 7:34:45 AM - Software Distribution Service 3.0
RP916: 6/19/2012 12:30:40 AM - Software Distribution Service 3.0
RP917: 6/19/2012 7:34:34 AM - Software Distribution Service 3.0
RP918: 6/20/2012 12:31:40 AM - Software Distribution Service 3.0
RP919: 6/20/2012 7:35:32 AM - Software Distribution Service 3.0
RP920: 6/21/2012 12:30:19 AM - Software Distribution Service 3.0
RP921: 6/21/2012 7:35:36 AM - Software Distribution Service 3.0
RP922: 6/22/2012 12:30:42 AM - Software Distribution Service 3.0
RP923: 6/22/2012 7:34:38 AM - Software Distribution Service 3.0
RP924: 6/23/2012 8:20:01 AM - System Checkpoint
RP925: 6/23/2012 5:17:35 PM - Installed TrueForms Program Update
RP926: 6/24/2012 12:40:59 AM - Software Distribution Service 3.0
RP927: 6/24/2012 6:27:16 AM - Software Distribution Service 3.0
RP928: 6/25/2012 12:42:56 AM - Software Distribution Service 3.0
RP929: 6/25/2012 8:42:32 AM - Software Distribution Service 3.0
RP930: 6/26/2012 12:42:05 AM - Software Distribution Service 3.0
RP931: 6/26/2012 8:41:29 AM - Software Distribution Service 3.0
RP932: 6/27/2012 12:41:45 AM - Software Distribution Service 3.0
RP933: 6/27/2012 8:42:04 AM - Software Distribution Service 3.0
RP934: 6/28/2012 12:42:17 AM - Software Distribution Service 3.0
RP935: 6/28/2012 8:42:01 AM - Software Distribution Service 3.0
RP936: 6/29/2012 12:42:51 AM - Software Distribution Service 3.0
RP937: 6/29/2012 8:42:01 AM - Software Distribution Service 3.0
RP938: 6/30/2012 1:22:30 AM - Software Distribution Service 3.0
RP939: 6/30/2012 12:57:54 PM - Software Distribution Service 3.0
RP940: 7/1/2012 1:22:29 AM - Software Distribution Service 3.0
RP941: 7/1/2012 12:58:07 PM - Software Distribution Service 3.0
RP942: 7/2/2012 1:22:15 AM - Software Distribution Service 3.0
RP943: 7/2/2012 1:00:50 PM - Software Distribution Service 3.0
RP944: 7/3/2012 1:22:16 AM - Software Distribution Service 3.0
RP945: 7/3/2012 12:56:49 PM - Software Distribution Service 3.0
RP946: 7/4/2012 1:22:14 AM - Software Distribution Service 3.0
RP947: 7/4/2012 12:56:51 PM - Software Distribution Service 3.0
RP948: 7/5/2012 1:22:46 AM - Software Distribution Service 3.0
RP949: 7/5/2012 12:57:11 PM - Software Distribution Service 3.0
RP950: 7/6/2012 1:22:17 AM - Software Distribution Service 3.0
RP951: 7/6/2012 12:57:26 PM - Software Distribution Service 3.0
RP952: 7/7/2012 1:22:14 AM - Software Distribution Service 3.0
RP953: 7/7/2012 12:57:14 PM - Software Distribution Service 3.0
RP954: 7/8/2012 1:22:54 AM - Software Distribution Service 3.0
RP955: 7/8/2012 12:57:06 PM - Software Distribution Service 3.0
RP956: 7/9/2012 1:23:05 AM - Software Distribution Service 3.0
RP957: 7/9/2012 12:56:27 PM - Software Distribution Service 3.0
RP958: 7/10/2012 1:22:17 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
.
Ad-Aware Antivirus
Ad-Aware Browsing Protection
Ad-Aware Security Toolbar
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Applian Director
ATI Display Driver
AVS DVD Player version 2.4
AVS Update Manager 1.0
AVS Video Converter 7
AVS Video Editor 5
BlackBerry Desktop Software 6.0.1
BlackBerry Device Software Updater
BlackBerry USB Drivers
Bonjour
BotHunter
Brother HL-5250DN
CCleaner
ClearType Tuning Control Panel Applet
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Critical Update for Windows Media Player 11 (KB959772)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DGOControls
DirectXInstallService
DVD-Cloner V8.20 Build 1007
EasyCleaner
eFax Messenger
eLynx SMARTvue
Forex Profit Multiplier
FXOrder2Go
getPlus(R)_ocx
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
GoToMeeting 5.1.0.880
High Definition Audio Driver Package - KB888111
HiJackThis
hotComm® CL
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Format SDK (KB910998)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HotTopicMediaQuizzMaker 1.08
HP Backup and Recovery Manager
HP BIOS Configuration for ProtectTools 2.00 J2
HP Credential Manager for ProtectTools
HP Embedded Security for ProtectTools
HP Help and Support
HP ProtectTools Security Manager 2.00 D3
HpSdpAppCoreApp
HTML Executable IERuntime
Image Resizer Powertoy for Windows XP
Integrated Investor
Intel(R) Active Management Technology LMS Service and SOL Driver
Intel(R) Management Engine Interface
Intel(R) PRO Network Connections
InterVideo Register Manager
InterVideo WinDVD
IrfanView (remove only)
iSEEK AnswerWorks English Runtime
iTunes
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 31
LaserJet 1020 series
LightScribe  1.4.142.1
LogMeIn
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Chart Controls for Microsoft .NET Framework 3.5
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Business 2010
Microsoft Office Live Meeting 2007
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Office XP Professional with FrontPage
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 14
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft Web Publishing Wizard 1.52
MobileMe Control Panel
Move Networks Media Player for Internet Explorer
Mozilla Firefox 13.0.1 (x86 en-GB)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Netscape Navigator (9.0b3)
Network Scan
OGA Notifier 2.0.0048.0
oggcodecs 0.71.0946
OpenOffice.org 3.3
OverDrive Media Console
Panorama Maker
PDF Complete
PDF Compress 1.0
PhotoImpact Pro
PixiePack Codec Pack
Portfolio Prophet
ProfitSource
Quicken 2012
Quicken WillMaker Plus 2012
QuickTime
Readiris Pro 10
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealTalk Digest Viewer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Replay Video Capture
RolEDX 2006
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio RecordNow 10 Music Lab
Roxio Update Manager
Safari
Samsung CLX-8380 Series
SAMSUNG Dr. Printer
SDMSSplash
Seagate Dashboard
Secunia PSI (2.0.0.3003)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
ShapeChanger
SHARP MX/DX Series PCL/PS Printer Driver
ShowingDesk Web Edition
Skype Click to Call
Skype™ 5.8
SmarThru Office
Sonic CinePlayer Decoder Pack
Spybot - Search & Destroy
thinkorswim from TD AMERITRADE
Top Producer Editor
TradeStation 8.8
TradeStation 9.0
TradeStation 9.1
TrueForms 4.5 2007 NHAR Forms SP2
TweetDeck
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
User Agent String Utility
VC 9.0 Runtime
VectorVest 7
VectorVest U.S.
Virtual Earth 3D (Beta)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VisualTour Studio
VZAccess Manager
WaveL Pic2Pic
WebEx
WebEx Recorder and Player
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Essentials
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Live Writer
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
WinPcap 4.0.2
ZoneAlarm Firewall
ZoneAlarm Free
ZoneAlarm LTD Toolbar
ZoneAlarm Security
.
==== End Of File ===========================


« Last Edit: July 11, 2012, 02:31:01 PM by kevinf80 »
Logged


Offline PGB

  • Bronze Member
  • Posts: 253
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #1 on: July 10, 2012, 03:27:51 AM »
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_31
Run by Administrator at 5:10:57 on 2012-07-10
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3583.2343 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Lavasoft Ad-Aware *Disabled*
FW: ZoneAlarm Free Firewall *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe -k Cognizance
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\Program Files\Ad-Aware Antivirus\Engine\SBAMSvc.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\eFax Messenger 4.4\J2GTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
c:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.stevebrownsellshomes.com/
uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [eFax 4.4] "c:\program files\efax messenger 4.4\J2GDllCmd.exe" /R
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [SetRefresh] c:\program files\compaq\setrefresh\SetRefresh.exe
mRun: [Seagate Dashboard] c:\program files\seagate\seagate dashboard\MemeoLauncher.exe --silent --no_ui
mRun: [SDMSSplash] "c:\program files\hp_sdms\sdmssplash\launcher.exe" "launchdir=c:\program files\hp_sdms\SDMSSplash"
mRun: [Scheduler] c:\windows\sminst\Scheduler.exe
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Recguard] c:\windows\sminst\Recguard.exe
mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start
mRun: [PDF Complete] "c:\program files\pdf complete\pdfsty.exe"
mRun: [CognizanceTS] rundll32.exe c:\progra~1\hpq\iam\bin\AsTsVcc.dll,RegisterModule
mRun: [atchk] "c:\program files\intel\amt\atchk.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVw"&"inst=NwA3AC0ANAAwADYAMwA2ADcANQAyADUALQBUADEAOAAtAFUAOAA1ACsAMQAtAEIAQQArADEALQBLAFYAMwArADcALQBYAEwAKwAx"&"prod=90"&"ver=9.0.864
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\efax44~1.lnk - c:\program files\efax messenger 4.4\J2GTray.exe
StartupFolder: c:\documents and settings\administrator\start menu\programs\startup\login.bat
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: nnerenmls.com\www
Trusted Zone: topproducer8i.com\www
Trusted Zone: vectorvest.com\www
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab
DPF: {475E5A2B-6EAC-4EA3-880A-55207CB012B5} - hxxp://wucma.wyldfyre.com/xbin/CMAX.dll
DPF: {4D054067-DE3A-48F9-B19B-BCD229B9AE8D} - hxxp://www.samsungdp.com/printerhelp/ActiveX/DrPrinter.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180889120859
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} - hxxps://www.topproduceronline.com/Downloads/arview2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} - hxxps://www1.gotomeeting.com/default/applets/g2mdlax.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} - hxxp://ak.imgag.com/imgag/cp/install/Crusher.cab
DPF: {C269D811-8511-44CF-B310-28CDDFFB1B74} - hxxp://www.nnerenmls.com/nne/valid/osi_valid9m.ocx
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D6E0B119-DCF2-4CD6-8DFB-7CFF1B70F7FF} - hxxps://bis.na.blackberry.com/html/web/client_tools/TOImport.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://oxps.webex.com/client/T27L/nbr/ieatgpc.cab
DPF: {F7A05BAC-9778-410A-9CDE-BFBD4D5D2B7F} - hxxp://216.249.24.62/code/iPIX-ImageWell-ipix.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: IfxWlxEN - IfxWlxEN.dll
Notify: LMIinit - LMIinit.dll
Notify: OneCard - c:\program files\hpq\iam\bin\AsWlnPkg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC} - c:\program files\pixiepack codec pack\InstallerHelper.exe
Hosts: 255.255.255.255   hcurltest5
Hosts: 255.255.255.255   vnsjs1.1stworks.com
Hosts: 74.208.77.54   hcurltest1
Hosts: 74.208.223.76   hcurltest2
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.topproducer8i.com
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\components\dtTransparency.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko10.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko11.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko5.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko6.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko7.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko8.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko9.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\logmeinclient@logmein.com\plugins\npLMI64.dll
FF - plugin: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdbplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npxsciter.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 171064]
R1 MpKsl5d3021dd;MpKsl5d3021dd;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c088bc51-c584-45ac-8b88-7fd23efc8cd7}\MpKsl5d3021dd.sys [2012-7-10 29904]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2006-4-7 31104]
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2012-4-14 21592]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2012-4-14 332248]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2010-12-11 101720]
R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2012-4-14 212568]
R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2012-3-19 525840]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-3-29 1161072]
R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2006-2-27 14336]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2012-3-16 27016]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2012-3-16 497280]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2011-12-7 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2011-9-16 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-1-19 47640]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2007-5-6 540448]
R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\engine\SBAMSvc.exe [2011-5-17 2804280]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2012-4-14 74968]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2011-6-1 14088]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-4-19 993848]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-4-19 399416]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-6-19 3048136]
R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe -service --> c:\program files\checkpoint\zonealarm\vsmon.exe -service [?]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-5-6 36608]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2012-4-14 69208]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-7 136176]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2008-2-7 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2008-2-7 166384]
S2 SessionLauncher;SessionLauncher;c:\docume~1\admini~1\locals~1\temp\dx9\sessionlauncher.exe --> c:\docume~1\admini~1\locals~1\temp\dx9\SessionLauncher.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-7 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-2 113120]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-2-7 1112560]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2012-4-14 69208]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2012-4-14 94040]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~1\SMSIVZAM5.SYS [2010-4-14 32408]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\tmpassthru.sys --> c:\windows\system32\drivers\TMPassthru.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-2-27 14336]
S4 LMIRfsClientNP;LMIRfsClientNP;

.
=============== Created Last 30 ================
.
2012-07-10 05:24:58   56200   ----a-w-   c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c088bc51-c584-45ac-8b88-7fd23efc8cd7}\offreg.dll
2012-07-10 05:24:57   29904   ----a-w-   c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c088bc51-c584-45ac-8b88-7fd23efc8cd7}\MpKsl5d3021dd.sys
2012-07-10 05:22:22   6762896   ----a-w-   c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c088bc51-c584-45ac-8b88-7fd23efc8cd7}\mpengine.dll
2012-07-09 16:56:31   6762896   ----a-w-   c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-07-05 14:03:04   16151040   ----a-w-   c:\program files\LogMeIn.msi
2012-06-19 21:35:14   4967624   ----a-w-   c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2012-06-14 03:51:19   521728   ------w-   c:\windows\system32\dllcache\jsdbgui.dll
.
==================== Find3M  ====================
.
2012-06-23 10:22:01   70344   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-23 10:22:01   426184   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-06-02 19:19:44   22040   ----a-w-   c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19:38   219160   ----a-w-   c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19:38   15384   ----a-w-   c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19:34   15384   ----a-w-   c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19:30   17944   ----a-w-   c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:18:58   275696   ----a-w-   c:\windows\system32\mucltui.dll
2012-06-02 19:18:58   214256   ----a-w-   c:\windows\system32\muweb.dll
2012-06-02 19:18:58   17136   ----a-w-   c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09   599040   ----a-w-   c:\windows\system32\crypt32.dll
2012-05-22 00:47:25   83360   ----a-w-   c:\windows\system32\LMIRfsClientNP.dll
2012-05-22 00:47:24   52096   ----a-w-   c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2012-05-22 00:47:23   87424   ----a-w-   c:\windows\system32\LMIinit.dll
2012-05-22 00:47:23   30592   ----a-w-   c:\windows\system32\LMIport.dll
2012-05-16 15:08:26   916992   ----a-w-   c:\windows\system32\wininet.dll
2012-05-15 13:20:33   1863168   ------w-   c:\windows\system32\win32k.sys
2012-05-11 14:42:33   43520   ------w-   c:\windows\system32\licmgr10.dll
2012-05-11 14:42:33   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2012-05-11 11:38:02   385024   ----a-w-   c:\windows\system32\html.iec
2012-05-04 13:16:13   2148352   ------w-   c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19   2026496   ------w-   c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36   139656   ------w-   c:\windows\system32\drivers\rdpwd.sys
2012-04-18 22:10:52   4200024   ----a-w-   c:\windows\system32\cdintf400.dll
2011-10-21 13:44:04   980616   ----a-w-   c:\program files\SkypeSetup.exe
2011-09-01 22:10:08   11550057   ----a-w-   c:\program files\dcloner8.exe
2011-03-31 22:28:03   3452416   ----a-w-   c:\program files\PortfolioProphet_Setup.msi
2011-01-14 20:28:52   46947840   ----a-w-   c:\program files\zaSetup_92_102_000_en.exe
2010-12-16 14:12:27   8582536   ----a-w-   c:\program files\Firefox Setup 3.6.13.exe
2010-12-15 17:30:44   3895296   ----a-w-   c:\program files\ARGALIWYSETUP.EXE
2010-11-04 15:36:12   8048805   ----a-w-   c:\program files\FPM_Trade_Alert_Setup.exe
2009-12-27 16:51:25   16883056   ----a-w-   c:\program files\IE8-WindowsXP-x86-ENU.exe
2009-12-11 14:51:30   2131832   ----a-w-   c:\program files\Top Producer Editor.exe
2009-10-30 20:34:31   1925024   ----a-w-   c:\program files\install_flash_player.exe
2009-03-07 12:31:23   13112552   ----a-w-   c:\program files\Quicken_WillMaker_Plus_2009.exe
2008-10-06 18:57:29   3407848   ----a-w-   c:\program files\YouSendItExpressSetup1_7_3.exe
2008-09-22 12:37:59   13596936   ----a-w-   c:\program files\sdsetup.exe
2008-07-10 22:27:38   1058886   ----a-w-   c:\program files\anytv_setup.exe
2007-09-01 19:06:20   5872077   ----a-w-   c:\program files\netscape-navigator-9.0b3.exe
2007-06-23 23:09:17   935638   ----a-w-   c:\program files\pdfcomp.exe
2007-06-06 13:47:11   3115949   ----a-w-   c:\program files\DigestViewerSetup.exe
2007-06-06 12:10:25   38347264   ----a-w-   c:\program files\RolEDX2006Setup.exe
.
============= FINISH:  5:12:34.20 ===============

Previiously have beenhelped by HOOV with this computer.  I connected remotely to a know infected computer (my dad's) via logmein, and now am noticing that IE often opens in HTML code rather than the webpage and last night when I opened my Outlook it wanted to download ones that have already been downloaded and are on my server.  I need to keep emails on my server because they also go to my smartphone.  How do I stop this craziness?   Immediatley I ran MalawareBytes but it detected no problem.  Obviously there is a problem.  Would really appreciate your help to cut through this as quickly and efficiently as possible!
« Last Edit: July 10, 2012, 03:41:06 AM by PGB »
Logged

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 6483
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #2 on: July 10, 2012, 04:46:49 AM »
Hiya PGB,

You`ve been here before so do not need an introduction, do the following:

Remove the following via Start > Control Panel > add/remove programs

J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 22

Next,

There are also two AV applications and two FirewallS running, that is not good and will cause major conflict for yourr system.

Uninstall all Lavasoft Adaware components, this should leave Microsoft Security Essentials and Zonealarm FW.

Next,

You have Spybot S&D installed, if teatimer is active, turn it off.

Next,

Your Hosts file is showing several extra entries, do you recognize them?

Hosts: 255.255.255.255   hcurltest5
Hosts: 255.255.255.255   vnsjs1.1stworks.com
Hosts: 74.208.77.54   hcurltest1
Hosts: 74.208.223.76   hcurltest2

Next,

Download aswMBR from Here
If it asks to update during the process please allow this to happen.

  • Save aswMBR.exe to your Desktop
  • Double click aswMBR.exe to run it
  • Ensure Quick scan is selected,then select Scan button to start the scan as illustrated below


Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

   
  • Once the scan finishes click Save log to save the log to your Desktop.


   
  • Copy and paste the contents of aswMBR.txt back here for review


You will also notice another file created on the desktop named MBR.dat. Right-click that file and select Send To and then Compressed (zipped) file. Attach that zipped file to your next reply as well.

Logged

Offline PGB

  • Bronze Member
  • Posts: 253
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #3 on: July 10, 2012, 05:14:06 AM »
Kevin, regarding:  Your Hosts file is showing several extra entries, do you recognize them?

Hosts: 255.255.255.255   hcurltest5
Hosts: 255.255.255.255   vnsjs1.1stworks.com
Hosts: 74.208.77.54   hcurltest1
Hosts: 74.208.223.76   hcurltest2

We hve 3 computers and 2 printers networked in this home and a shared drive which are networked directly from this computer.  Ther's an older laptop or two that used to log into this computer through log me in.   Would I see any o fthese numbers in any of our other computers, and if so where do I look?  How can i identify the numbers of those other identities and how do I identify the numbers of the other computers in the home?
Logged

Offline PGB

  • Bronze Member
  • Posts: 253
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #4 on: July 10, 2012, 06:01:49 AM »
Removed the following:
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 22
Uninstalled all Lavasoft Adaware components, specifically: Ad-Aware Security Toolbar, Ad-Aware Browsing protection and Ad-Aware Antivirus
Teatimer was active, turn it off.

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-10 07:50:22
-----------------------------
07:50:22.140    OS Version: Windows 5.1.2600 Service Pack 3
07:50:22.140    Number of processors: 2 586 0xF02
07:50:22.140    ComputerName: UPSTAIRSWINDOW  UserName: Administrator
07:50:22.937    Initialize success
07:50:38.703    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-13
07:50:38.703    Disk 0 Vendor: WDC_WD2500JS-60MHB5 10.02E04 Size: 238475MB BusType: 3
07:50:38.703    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-1b
07:50:38.718    Disk 1 Vendor: WDC_WD2500JS-60MHB5 10.02E04 Size: 238475MB BusType: 3
07:50:38.734    Disk 0 MBR read successfully
07:50:38.750    Disk 0 MBR scan
07:50:38.750    Disk 0 unknown MBR code
07:50:38.750    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       228110 MB offset 63
07:50:38.781    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        10244 MB offset 467186265
07:50:38.812    Disk 0 Partition 3 00     72                            101 MB offset 488167155
07:50:38.812    Disk 0 scanning sectors +488376000
07:50:38.859    Disk 0 scanning C:\WINDOWS\system32\drivers
07:50:47.296    Service scanning
07:50:54.953    Service MpKslb9c55425 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A0DBE9CA-AC72-4A31-8CD6-833BE5B9CAEF}\MpKslb9c55425.sys **LOCKED** 32
07:51:04.015    Modules scanning
07:51:20.281    Disk 0 trace - called modules:
07:51:20.328    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
07:51:20.328    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aff8ab8]
07:51:20.343    3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\0000007b[0x8b035718]
07:51:20.359    5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-13[0x8af99940]
07:51:20.375    Scan finished successfully
07:51:39.531    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
07:51:39.546    The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-10 07:50:22
-----------------------------
07:50:22.140    OS Version: Windows 5.1.2600 Service Pack 3
07:50:22.140    Number of processors: 2 586 0xF02
07:50:22.140    ComputerName: UPSTAIRSWINDOW  UserName: Administrator
07:50:22.937    Initialize success
07:50:38.703    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-13
07:50:38.703    Disk 0 Vendor: WDC_WD2500JS-60MHB5 10.02E04 Size: 238475MB BusType: 3
07:50:38.703    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-1b
07:50:38.718    Disk 1 Vendor: WDC_WD2500JS-60MHB5 10.02E04 Size: 238475MB BusType: 3
07:50:38.734    Disk 0 MBR read successfully
07:50:38.750    Disk 0 MBR scan
07:50:38.750    Disk 0 unknown MBR code
07:50:38.750    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       228110 MB offset 63
07:50:38.781    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        10244 MB offset 467186265
07:50:38.812    Disk 0 Partition 3 00     72                            101 MB offset 488167155
07:50:38.812    Disk 0 scanning sectors +488376000
07:50:38.859    Disk 0 scanning C:\WINDOWS\system32\drivers
07:50:47.296    Service scanning
07:50:54.953    Service MpKslb9c55425 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A0DBE9CA-AC72-4A31-8CD6-833BE5B9CAEF}\MpKslb9c55425.sys **LOCKED** 32
07:51:04.015    Modules scanning
07:51:20.281    Disk 0 trace - called modules:
07:51:20.328    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
07:51:20.328    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aff8ab8]
07:51:20.343    3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\0000007b[0x8b035718]
07:51:20.359    5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-13[0x8af99940]
07:51:20.375    Scan finished successfully
07:51:39.531    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
07:51:39.546    The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"
07:51:53.203    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
07:51:53.218    The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"

MBR zipped file is attached.
« Last Edit: July 10, 2012, 06:16:34 AM by PGB »
Logged

Offline PGB

  • Bronze Member
  • Posts: 253
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #5 on: July 10, 2012, 06:10:54 AM »
The compressed MBR file is now attached. ... fine when I re-read and just follow your directions!    (Looking for how to delete this message; I attached it to my previous post.)
« Last Edit: July 10, 2012, 06:18:59 AM by PGB »
Logged

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 6483
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #6 on: July 10, 2012, 07:12:08 AM »
MBR is clean, DDS does not show any obvious malware, Hosts entries check out OK.. Do the following:

Go here http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html to Download Sophos tool.

Select the Download now tab as below:




In the new window select for Home User then fill out all necessary information:

The download should start automatically, if not select the link as below:




Save the download file to your Desktop, when complete double click the file to install the tool. Windows 7 or Vista user accept UAC alert.

The tool will self extract as below:





In the new window select next, as below:





Agree the licence and select next, as below:





Leave the installation folder as default, select next, as below:





In the new window select "Install" as below:





The install will progress from:





To:




At the above image ensure "Launch Sophos Virus Removal tool" is checked, then select Finish:

In the new window select "Start scanning" as below:





When the tool completes the log can be found by Navigating  C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log

Logged

Offline PGB

  • Bronze Member
  • Posts: 253
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #7 on: July 10, 2012, 11:05:13 AM »
As the scan was running, after a couple of hours at 11:25am, an Error message came up:
                                          SearchFilterHost.exe – Application Error
The instruction at “0x038e662a” referenced memory at “00000014”.  The memory could not be “read”.

                                          Click on OK to terminate the program

I did not click on anything, as the scan was continuing to run.

The scan ran for a few hours.  Scan Results: Your computer is clean.  Number of threats found: 0
Am unable to locate a log. I do see the folder where the program was installed.

Also have not had one instance of IE acting strange-- I've been trying IE for the past half hour intermitently and the email is acting normally again.  I did go in and delete back emails from the server and culled the two and three of each in my Outlook.  It has not been trying to re-download the same emails since.   Do these things get dormant if they know you're looking for them?  Are they that 'smart' yet? (haha)  Or is there really no problem? My computer WAS behaving downright spooky late yesterday  afternoon.
« Last Edit: July 10, 2012, 11:08:19 AM by PGB »
Logged

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 6483
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #8 on: July 10, 2012, 12:26:51 PM »
The Sophos log is not in the installation folder in Progam Files, it should be in the Application Data folder:

C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log

As this log is also clean i`d say you have no malware issues, none of the logs even show remnants of an infection..

Delete the following from the Desktop:

aswMBR, plus any produced logs/files
DDS, plus any produced logs/files

Next,

UNinstall Sophos via start > Control Panel > Add/Remove Programs.

Next,

Go here http://www.filehippo.com/updatechecker/ run the FileHippo Update Checker, update all applications as suggested by the Update Checker. Ignore any Beta updates.
If Java or Adobe as updated please check under Start > Control Panel > Add/Remove Programs, ensure any old versions are removed.

Next,

I see you have CCleaner installed, run the cleaner section.

Next,

Create a new restore point > Start > all programs > accessories > system tools > system restore > create a restore point > In the Restore point description box give it a name for reference eg. Clean 1. The time and date are added automatically > then select create and follow the prompts.

Let me know if the above completes OK, also if any remaining issues or concerns
Logged

Offline PGB

  • Bronze Member
  • Posts: 253
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #9 on: July 10, 2012, 12:43:10 PM »
Interesting ... I have  C:\Documents and Settings\All Users\ ... no Application Data   file
                 and a       C:\Documents and Settings\public\Application Data\ ...no Sophos
I search for Sophos and only find no .log file.
Will get back to you after i finish it all.
Logged

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 6483
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #10 on: July 10, 2012, 01:43:04 PM »
Application Data folder is normally hidden in XP, you will have to change that in Folder options....

Start > My Documents > tools > folder options > View tab. Select "Show hidden files and folders" option, apply then OK. Don`t forget to change that back when finished..
Logged

Offline PGB

  • Bronze Member
  • Posts: 253
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #11 on: July 10, 2012, 05:50:12 PM »
2012-07-10 09:36:14   Sophos Virus Removal Tool version 2.1
2012-07-10 09:36:14   Copyright (c) 2009-2012 Sophos Limited. All rights reserved.

2012-07-10 09:36:14   This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2012-07-10 09:36:14   Windows version 5.1 SP 3.0 Service Pack 3 build 2600 SM=0x100 PT=0x1 Win32
2012-07-10 09:36:14   Component SVRTcli.exe version 2.1
2012-07-10 09:36:14   Component control.dll version 2.1
2012-07-10 09:36:14   Component SVRTservice.exe version 2.1
2012-07-10 09:36:14   Component osdp.dll version 1.44.0.1982
2012-07-10 09:36:14   Component veex.dll version 3.33.2.1982
2012-07-10 09:36:14   Component savi.dll version 7.5.9.1982
2012-07-10 09:36:14   Component rkdisk.dll version 1.5.30.0
2012-07-10 09:36:21   Option all = no
2012-07-10 09:36:21   Option recurse = yes
2012-07-10 09:36:21   Option archive = no
2012-07-10 09:36:21   Option service = yes
2012-07-10 09:36:21   Option confirm = yes
2012-07-10 09:36:21   Option sxl = yes
2012-07-10 09:36:21   Option max-data-age = 35
2012-07-10 09:36:21   Version info:   Product version   2.1
2012-07-10 09:36:21   Version info:   Detection engine   3.33.2
2012-07-10 09:36:21   Version info:   Detection data   4.79
2012-07-10 09:36:21   Version info:   Virus data date   7/2/2012
2012-07-10 09:36:21   Version info:   Data files added   245





2012-07-10 11:24:13   Password protected file C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.MSO\78962DEC.xls
2012-07-10 11:24:14   Password protected file C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.MSO\DA5F1EBB.xls
2012-07-10 11:24:21   Password protected file C:\Documents and Settings\Administrator\My Documents\Banking Logons.xls
2012-07-10 11:24:24   Password protected file C:\Documents and Settings\Administrator\My Documents\Einstein 7-5-2010 laptop .xls
2012-07-10 11:28:05   Password protected file C:\Documents and Settings\All Users\Documents\Banking & Finance\Banking Logons 3-7-10.xls
2012-07-10 11:28:36   Could not open C:\hiberfil.sys
2012-07-10 12:27:26   Password protected file D:\Projects\Financial\Banking Logons.xls

2012-07-10 12:48:22   Scan completed.
2012-07-10 12:48:22   

------------------------------------------------------------

2012-07-10 14:45:53   Sophos Virus Removal Tool version 2.1
2012-07-10 14:45:53   Copyright (c) 2009-2012 Sophos Limited. All rights reserved.

2012-07-10 14:45:53   This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2012-07-10 14:45:53   Windows version 5.1 SP 3.0 Service Pack 3 build 2600 SM=0x100 PT=0x1 Win32
2012-07-10 14:45:53   Component SVRTcli.exe version 2.1
2012-07-10 14:45:53   Component control.dll version 2.1
2012-07-10 14:45:53   Component SVRTservice.exe version 2.1
2012-07-10 14:45:53   Component osdp.dll version 1.44.0.1982
2012-07-10 14:45:53   Component veex.dll version 3.33.2.1982
2012-07-10 14:45:53   Component savi.dll version 7.5.9.1982
2012-07-10 14:45:53   Component rkdisk.dll version 1.5.30.0

2012-07-10 14:45:54   Scan completed.
2012-07-10 14:45:54   


Completed all, as instructed, OK.
A few questions:
1)   In Programs I see  Java 6 Update 31  and  Java 7 Update 5        Should one of them be removed?
2)    How do I eliminate some of the prgrams that start up when the computer starts?
3)    My husband says that my hard drive should not be compressing continually; says my computer would work better without the compressing feature on and that I have enough space   He wants me to ask that if I uncompress would that be OK?  Should I back up everything fiorst before doing something like this? 

Thanks!
« Last Edit: July 10, 2012, 05:56:21 PM by PGB »
Logged

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 6483
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #12 on: July 11, 2012, 12:45:47 AM »
Java 6 31 can be removed,

Start up items can be modified in MSConfig http://www.howtogeek.com/?post_type=post&p=434 Or even easier with CCleaner, open CCleaner > select > Tools > Startup > Under the "Windows" tab highlight an entry by selecting, then enable/disable as appropriate. Do the same for "Internet Explorer" and "Scheduled tasks" tabs....

Drive compression can simply be unticked, select start > my computer > right click on C:\ and select "Properties" compresion enable/disable by tick/untick command box...

Kevin
Logged

Offline PGB

  • Bronze Member
  • Posts: 253
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #13 on: July 11, 2012, 06:43:37 AM »
Quote from: kevinf80 on July 11, 2012, 12:45:47 AM
Drive compression can simply be unticked, select start > my computer > right click on C:\ and select "Properties" compresion enable/disable by tick/untick command box...
Do you think that will help my computer's performance?
Logged

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 6483
Re: [Resolved K] IE opens in code at times and duplicate emails
« Reply #14 on: July 11, 2012, 11:38:38 AM »
Have a read here http://support.microsoft.com/kb/251186 regarding drive compression, if you choose that option it will have an adverse effect performance.

Any other questions or issues etc...
Logged
Pages: [1] 2   Go Up
« previous next »