0

After installing BearShareV9 now cannot open Internet Explorer. Tried turning DEP on Performance Options (Part of System Properties in the Control Panel.

Decided to Unstall BearShare V9 - problem did not go away.

Removed IE 8 and still reinstalled, problem did not go away.

(To do this post I had to borrow my wife's laptop). I can still receive and send emails. Any responses/notifications can be sent to my email.

Run HijasckThis following is the logfile . Please help :-

===================================================================================

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:39:59 AM, on 2011/04/06
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\WINDOWS\system32\ifxspmgt.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nikon\WT-4 Setup Utility\NkPtpEnum.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\PLFSetI.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\DOCUME~1\Lungi\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEButton Class - {F81D52BF-F2F1-4F49-BF5F-05664E803039} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll
O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Program Files\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [NokiaPCInternetAccess] "C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Convert with ImageConverter Plus... - res://C:\Program Files\ImageConverter Plus\icpwebintegration.exe/200
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} (GoToMeeting Web Starter) - https://www1.gotomeeting.com/default/applets/g2mdlax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll C:\PROGRA~1\KASPER~1\KASPER~2\MZVKBD3.DLL,C:\PROGRA~1\KASPER~1\KASPER~2\KLOEHK.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: NkPtpEnumWT3 - Nikon Corporation - C:\Program Files\Nikon\WT-4 Setup Utility\NkPtpEnum.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--
End of file - 17145 bytes

2
Contributors
5
Replies
7
Views
6 Years
Discussion Span
Last Post by jholland1964
0

Hi welcome back,
You have found one of the major dangers of P2P, these programs can attempt to and very often do take over your computer. Even though you have uninstalled this program, "crumbs" of it still remain and show in the log. You can try first to get rid of these entries by running HJT again but then you DO need to follow the steps given in our Read Me sticky because I guarantee the items showing in the log are not the only remainders.
The first thing you should do is Turn Off the SpyBot TeaTimer as it interferes with any fixes attempted. To do this do the following:
Disable Spybot's TeaTimer

* Run Spybot-S&D in Advanced Mode
* If it is not already set to do this, go to the Mode menu
select
Advanced Mode
* On the left hand side, click on Tools
* Then click on the Resident icon in the list
* Uncheck
Resident TeaTimer
and OK any prompts.
* Restart your computer

After the computer has fully restarted then run HiJackThis again and put check marks next to these listings;

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/

O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll

O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll

O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll C:\PROGRA~1\KASPER~1\KASPER~2\MZVKBD3.DLL,C:\PROGRA~1\KASPER~1\KASPER~2\KLOEHK.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL

After you have placed the check marks then click the Fix Checked button.
Exit HJT and Reboot the computer.

Next follow all of the steps given in our Read Me sticky and post back here with Copy/Pastes of ALL the logs. If you still cannot connect using the affected computer then you will have to download them to a flash drive or CD and take them to the computer and run them from there. Then post back with the logs.

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865

Judy

Edited by jholland1964: n/a

0

Dear Judy,
Thank you ever so much for your help. It finally worked after following your instructions together with Read Me sticky . Phew it took hours with lots of scans to be done and all those programs being transfered between two computers.

I am really puzzled as top why Kaspensky AV software was not able to block this. Infact this piece of software also disabled Kaspennsky. I am saying this because it (the AV) no longer scans any device that I put into the USB port. Whereas the Memory Stick when I put it in the other computer it detects it.

Find attached are the 5 logs files.


1) LOG NAME = mbam-log-2011-04-07 (03-06-59)

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6292

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2011/04/07 03:06:59 AM
mbam-log-2011-04-07 (03-06-59).txt

Scan type: Quick scan
Objects scanned: 178182
Time elapsed: 8 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
---------------------------------------------------
2) LOG NAME = GMER One

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit quick scan 2011-04-07 01:50:25
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FCDO
Running: 6744xuey.exe; Driver: C:\DOCUME~1\Lungi\LOCALS~1\Temp\awlyyfod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xA7612ED2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xA7612F6A]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Tcp tcpipBM.sys (Bytemobile Kernel Network Provider/Bytemobile, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----
==================================================
3) LOG NAME = GMER Two
GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-07 02:49:32
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FCDO
Running: 6744xuey.exe; Driver: C:\DOCUME~1\Lungi\LOCALS~1\Temp\awlyyfod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xA7613558]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xA7613E5C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xA7614C90]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xA76151DA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateFile [0xA7614138]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateKey [0xA76123C8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xA76150C0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0xA7613146]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xA7614F94]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xA76132EE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xA76152FA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xA7613AE4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xA761502A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xA76169E2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xA76129D2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xA7612D86]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xA76145BA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xA7617BEE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xA7612ED2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xA7612F6A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwFsControlFile [0xA76143C8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xA7616AD4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xA76123A4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xA76123B6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xA761723C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xA7613096]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xA7615270]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenFile [0xA7613EDE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenKey [0xA7612588]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xA7615150]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xA7613794]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xA7616FD6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xA7615390]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xA7613686]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xA7613002]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xA7612C3A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xA7617576]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xA7612864]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xA7616E68]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xA7612AF4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xA7611DDE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xA76156F4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xA76155BA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xA761677C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xA7612156]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xA7617A90]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xA7611D76]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xA76149D6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xA7613D00]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xA761601C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSecurityObject [0xA7616C72]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xA76176C6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xA76126DE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xA76177B8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xA76178F2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xA7616906]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateProcess [0xA7613930]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xA7613890]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xA761741A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xA7613A1A]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp tcpipBM.sys (Bytemobile Kernel Network Provider/Bytemobile, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002269e4bc4e
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002269e4bc4e (not active ControlSet)

---- EOF - GMER 1.0.15 ----
=====================================================================================================================================================
4) LOG NAME = DDS
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Lungi at 3:15:16.10 on 2011/04/07
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1961.1215 [GMT 2:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
svchost.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\WINDOWS\system32\ifxspmgt.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Nikon\WT-4 Setup Utility\NkPtpEnum.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\PLFSetI.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\DOCUME~1\Lungi\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Lungi\Desktop\HiJackThis Stuff\dds.scr
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2011\ievkbd.dll
BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\progra~1\bearsh~1\mediabar\datamngr\IEBHO.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: IEButton Class: {f81d52bf-f2f1-4f49-bf5f-05664e803039} - c:\program files\unh solutions\flash saving plugin\FlashSButton.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] "c:\documents and settings\all users\application data\macrovision\flexnet connect\6\ISUSPM.exe" -scheduler
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [NokiaPCInternetAccess] "c:\program files\nokia\pc internet access\NPCIA.exe" /b
uRun: [AdobeBridge]
uRun: [Free Download Manager] "c:\program files\free download manager\fdm.exe" -autorun
uRun: [Software Informer] "c:\program files\software informer\softinfo.exe" -autorun
mRun: [preload] c:\windows\RUNXMLPL.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [BkupTray] "c:\program files\newtech infosystems\nti backup now 5\BkupTray.exe"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [picon] "c:\program files\common files\intel\privacy icon\PrivacyIconClient.exe" -startup
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [IFXSPMGT] c:\windows\system32\ifxspmgt.exe /NotifyLogon
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [PLFSetL] c:\windows\PLFSetL.exe
mRun: [ZPdtWzdVitaKey MC3000] "c:\program files\acer\acer bio protection\PdtWzd.exe" show
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AzMixerSel] c:\program files\realtek\audio\installshield\AzMixerSel.exe
mRun: [ProductReg] "c:\program files\acer\wr_popup\ProductReg.exe"
mRun: [ePower_DMC] c:\program files\acer\empowering technology\epower\ePower_DMC.exe
mRun: [Boot] c:\program files\acer\empowering technology\epower\Boot.exe
mRun: [eRecoveryService] c:\program files\acer\empowering technology\erecovery\eRAgent.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [MobileConnect] c:\program files\vodafone\vodafone mobile connect\bin\MobileConnect.exe /silent
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DATAMNGR] c:\progra~1\bearsh~1\mediabar\datamngr\DATAMN~1.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\lungi\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acerem~1.lnk - c:\program files\acer\empowering technology\Framework.Launcher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: &Convert with ImageConverter Plus... - c:\program files\imageconverter plus\icpwebintegration.exe/200
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2011\ie_banner_deny.htm
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\program files\acer\acer bio protection\PwdBank.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} - hxxps://www1.gotomeeting.com/default/applets/g2mdlax.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: AWinNotifyVitaKey MC3000 - c:\program files\acer\acer bio protection\WinNotify.dll
Notify: igfxcui - igfxdev.dll
Notify: klogon - c:\windows\system32\klogon.dll
Notify: spba - c:\program files\common files\spba\homefus2.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli c:\program files\acer\acer bio protection\PwdFilter
.
============= SERVICES / DRIVERS ===============
.
R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\drivers\AlfaFF.sys [2010-4-8 42608]
R0 BMLoad;Bytemobile Boot Time Load Driver;c:\windows\system32\drivers\BMLoad.sys [2009-11-13 13184]
R0 kl1;kl1;c:\windows\system32\drivers\kl1.sys [2010-6-9 132184]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-4-7 475736]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2008-5-8 38816]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe -r --> c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe -r [?]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2008-3-3 16384]
R2 IGBASVC;iGroupTec Service;c:\program files\acer\acer bio protection\BASVC.exe [2010-4-8 3566080]
R2 NkPtpEnumWT3;NkPtpEnumWT3;c:\program files\nikon\wt-4 setup utility\NkPtpEnum.exe [2008-1-18 69632]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-4-26 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-4-26 131072]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2010-4-8 2058776]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2010-3-15 9216]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2008-3-27 244368]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2008-5-8 41216]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2009-9-14 32856]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2010-4-7 51288]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2010-4-7 43608]
R3 VBus;Virtual Bus;c:\windows\system32\drivers\NkVBus.sys [2008-1-18 17824]
R3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;c:\windows\system32\drivers\vodafone_K3805-z_dc_enum.sys [2010-3-1 80000]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-8 135664]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2010-4-8 113280]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-4-7 30192]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2010-4-7 102656]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 19472]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-5-23 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-5-23 8320]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2011-04-07 00:51:38 -------- d-----w- c:\docume~1\lungi\applic~1\Malwarebytes
2011-04-07 00:51:23 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-07 00:51:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-04-07 00:51:19 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-07 00:51:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-06 05:38:55 388096 ----a-r- c:\docume~1\lungi\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-04-06 05:38:55 -------- d-----w- c:\program files\Trend Micro
2011-04-06 05:37:38 16409960 ----a-w- C:\spybotsd162.exe
2011-04-06 05:37:32 1402880 ----a-w- C:\HiJackThis.msi
2011-04-05 16:14:49 -------- dc-h--w- c:\windows\ie8
2011-04-05 13:48:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-05 13:48:51 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-04-05 00:00:04 -------- d-----w- c:\docume~1\lungi\applic~1\mediabarbs
2011-04-04 23:56:17 -------- d-----w- c:\program files\BearShare Applications
2011-04-04 23:54:47 -------- d-----w- c:\docume~1\lungi\locals~1\applic~1\PackageAware
2011-03-31 22:22:52 622 ----a-w- c:\docume~1\lungi\applic~1\mdbu.bin
2011-03-31 22:16:25 -------- d-----w- c:\program files\fujifilm
2011-03-25 18:40:37 -------- d-----w- c:\docume~1\lungi\applic~1\Digilabs
2011-03-25 18:39:04 -------- d-----w- c:\documents and settings\lungi\.JxBrowser
2011-03-25 18:36:35 -------- d-----w- c:\documents and settings\lungi\.digilabs
2011-03-25 18:33:10 -------- d-----w- c:\program files\Pics2book
2011-03-23 23:52:24 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-03-23 23:52:24 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-20 03:37:12 202664 ----a-w- c:\windows\system32\cnvshell.dll
2011-03-20 03:37:00 -------- d-----w- c:\program files\ImageConverter Plus
2011-03-19 14:50:54 -------- d-----w- c:\program files\RapidStudio_Support
2011-03-13 16:22:52 236 ----a-w- c:\windows\BIOLOGIN.EXE
2011-03-09 10:29:55 -------- d-----w- c:\windows\PRIndex
2011-03-09 10:29:55 -------- d-----w- c:\docume~1\lungi\applic~1\NewspaperDirect
2011-03-09 10:29:35 -------- d-----w- c:\program files\NewspaperDirect
.
==================== Find3M ====================
.
2011-03-13 14:04:00 1024 ---h--r- c:\windows\system32\NTIMP3.dll
2011-02-15 10:05:20 1409 ----a-w- c:\windows\QTFont.for
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-17 12:57:39 507936 ----a-w- c:\windows\system32\RS_Updater_uninstall.exe
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH: 3:16:05.62 ===============

=====================================================================================================================================================
5) LOG NAME = Attach
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 2010/04/07 11:57:08 PM
System Uptime: 2011/04/07 03:10:21 AM (0 hours ago)
.
Motherboard: Acer | | FourPeaks
Processor: Intel Pentium III Xeon processor | U2E1 | 2260/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 22.891 GiB free.
D: is FIXED (NTFS) - 112 GiB total, 110.568 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP379: 2011/01/07 07:00:43 AM - Software Distribution Service 3.0
RP380: 2011/01/08 09:07:28 AM - System Checkpoint
RP381: 2011/01/08 04:39:09 PM - Installed Kaspersky Internet Security 2011.
RP382: 2011/01/08 04:58:47 PM - Installed Kaspersky Internet Security 2011.
RP383: 2011/01/09 12:11:12 AM - Installed Kaspersky Internet Security 2011.
RP384: 2011/01/09 12:39:14 AM - Installed Kaspersky Internet Security 2011.
RP385: 2011/01/09 01:03:58 AM - Installed Kaspersky Internet Security 2011.
RP386: 2011/01/09 01:43:31 AM - Software Distribution Service 3.0
RP387: 2011/01/09 07:00:20 AM - Installed Kaspersky Internet Security 2011.
RP388: 2011/01/10 02:30:38 PM - Removed Vodafone Mobile Connect Lite.
RP389: 2011/01/10 02:31:39 PM - Removed Vodafone Mobile Connect Lite.
RP390: 2011/01/10 02:32:45 PM - Installed Vodafone Mobile Connect.
RP391: 2011/01/10 03:07:32 PM - Installed Kaspersky Internet Security 2011.
RP392: 2011/01/10 04:37:35 PM - Software Distribution Service 3.0
RP393: 2011/01/11 02:11:58 PM - Software Distribution Service 3.0
RP394: 2011/01/12 06:09:17 AM - Software Distribution Service 3.0
RP395: 2011/01/12 07:11:47 AM - Software Distribution Service 3.0
RP396: 2011/01/14 05:23:27 AM - Software Distribution Service 3.0
RP397: 2011/01/14 10:08:12 AM - Software Distribution Service 3.0
RP398: 2011/01/17 03:14:44 PM - Software Distribution Service 3.0
RP399: 2011/01/18 03:00:16 AM - Software Distribution Service 3.0
RP400: 2011/01/18 01:32:49 PM - Software Distribution Service 3.0
RP401: 2011/01/19 03:00:16 AM - Software Distribution Service 3.0
RP402: 2011/01/19 06:06:47 PM - Software Distribution Service 3.0
RP403: 2011/01/20 09:50:06 AM - Software Distribution Service 3.0
RP404: 2011/01/21 08:46:08 AM - Software Distribution Service 3.0
RP405: 2011/01/21 10:35:30 AM - Software Distribution Service 3.0
RP406: 2011/01/22 07:42:56 AM - Software Distribution Service 3.0
RP407: 2011/01/23 01:01:16 AM - Removed Adobe Reader 9.3.4.
RP408: 2011/01/23 01:02:09 AM - Removed Nikon Transfer
RP409: 2011/01/23 01:02:43 AM - Removed Nikon Message Center
RP410: 2011/01/23 01:04:31 AM - Removed Microsoft Office 2003 Web Components
RP411: 2011/01/23 07:27:35 AM - Software Distribution Service 3.0
RP412: 2011/01/24 08:42:20 AM - Software Distribution Service 3.0
RP413: 2011/01/24 04:54:35 PM - Software Distribution Service 3.0
RP414: 2011/01/25 03:00:22 AM - Software Distribution Service 3.0
RP415: 2011/01/25 01:56:35 PM - Software Distribution Service 3.0
RP416: 2011/01/26 11:52:41 PM - Software Distribution Service 3.0
RP417: 2011/01/28 12:48:37 AM - Software Distribution Service 3.0
RP418: 2011/01/29 09:20:07 AM - Software Distribution Service 3.0
RP419: 2011/01/30 03:00:17 AM - Software Distribution Service 3.0
RP420: 2011/01/31 09:15:46 AM - System Checkpoint
RP421: 2011/01/31 05:00:27 PM - Software Distribution Service 3.0
RP422: 2011/02/01 12:53:03 PM - Software Distribution Service 3.0
RP423: 2011/02/02 05:52:09 AM - Software Distribution Service 3.0
RP424: 2011/02/02 06:21:51 AM - Software Distribution Service 3.0
RP425: 2011/02/03 02:29:08 PM - Software Distribution Service 3.0
RP426: 2011/02/04 09:20:07 AM - Software Distribution Service 3.0
RP427: 2011/02/04 01:18:43 PM - Software Distribution Service 3.0
RP428: 2011/02/05 08:04:12 AM - Software Distribution Service 3.0
RP429: 2011/02/06 03:00:15 AM - Software Distribution Service 3.0
RP430: 2011/02/07 10:43:04 AM - System Checkpoint
RP431: 2011/02/07 02:06:56 PM - Software Distribution Service 3.0
RP432: 2011/02/08 08:30:15 AM - Software Distribution Service 3.0
RP433: 2011/02/08 09:59:16 AM - Software Distribution Service 3.0
RP434: 2011/02/09 06:41:36 PM - System Checkpoint
RP435: 2011/02/10 08:10:36 AM - Software Distribution Service 3.0
RP436: 2011/02/11 10:57:02 AM - System Checkpoint
RP437: 2011/02/13 03:43:35 AM - Software Distribution Service 3.0
RP438: 2011/02/14 12:41:10 AM - Software Distribution Service 3.0
RP439: 2011/02/14 07:56:20 AM - Installed Windows Internet Explorer 8.
RP440: 2011/02/14 12:24:37 PM - Installed %1 %2.
RP441: 2011/02/14 12:45:23 PM - Software Distribution Service 3.0
RP442: 2011/02/15 05:51:00 AM - Software Distribution Service 3.0
RP443: 2011/02/15 07:24:25 AM - Installed Windows Internet Explorer 8.
RP444: 2011/02/16 03:00:23 AM - Software Distribution Service 3.0
RP445: 2011/02/16 09:52:05 AM - Software Distribution Service 3.0
RP446: 2011/02/17 12:15:54 AM - Software Distribution Service 3.0
RP447: 2011/02/17 07:48:18 AM - Software Distribution Service 3.0
RP448: 2011/02/18 03:00:20 AM - Software Distribution Service 3.0
RP449: 2011/02/18 04:11:02 AM - Software Distribution Service 3.0
RP450: 2011/02/19 03:00:17 AM - Software Distribution Service 3.0
RP451: 2011/02/20 12:16:22 AM - Software Distribution Service 3.0
RP452: 2011/02/21 06:20:07 AM - Software Distribution Service 3.0
RP453: 2011/02/22 11:16:11 AM - System Checkpoint
RP454: 2011/02/22 12:12:13 PM - Software Distribution Service 3.0
RP455: 2011/02/23 07:02:03 AM - Software Distribution Service 3.0
RP456: 2011/02/23 07:15:46 AM - Software Distribution Service 3.0
RP457: 2011/02/23 07:25:06 AM - Software Distribution Service 3.0
RP458: 2011/02/23 02:43:27 PM - Software Distribution Service 3.0
RP459: 2011/02/24 02:20:16 AM - Software Distribution Service 3.0
RP460: 2011/02/24 11:26:25 PM - Software Distribution Service 3.0
RP461: 2011/02/25 10:54:05 AM - Software Distribution Service 3.0
RP462: 2011/02/25 10:17:33 PM - Software Distribution Service 3.0
RP463: 2011/02/27 07:50:30 AM - Software Distribution Service 3.0
RP464: 2011/02/28 11:33:51 AM - Software Distribution Service 3.0
RP465: 2011/02/28 11:55:50 AM - Software Distribution Service 3.0
RP466: 2011/02/28 01:44:13 PM - Software Distribution Service 3.0
RP467: 2011/03/01 03:00:16 AM - Software Distribution Service 3.0
RP468: 2011/03/02 06:05:32 AM - Software Distribution Service 3.0
RP469: 2011/03/02 04:17:43 PM - Software Distribution Service 3.0
RP470: 2011/03/03 07:28:32 AM - Software Distribution Service 3.0
RP471: 2011/03/03 12:14:52 PM - Software Distribution Service 3.0
RP472: 2011/03/04 03:00:22 AM - Software Distribution Service 3.0
RP473: 2011/03/05 01:22:43 AM - Software Distribution Service 3.0
RP474: 2011/03/05 10:41:26 AM - Software Distribution Service 3.0
RP475: 2011/03/07 10:00:23 AM - Software Distribution Service 3.0
RP476: 2011/03/08 03:00:15 AM - Software Distribution Service 3.0
RP477: 2011/03/08 04:04:07 AM - Software Distribution Service 3.0
RP478: 2011/03/08 10:35:12 PM - Software Distribution Service 3.0
RP479: 2011/03/09 12:29:33 PM - Installed PressReader.
RP480: 2011/03/10 03:00:34 AM - Software Distribution Service 3.0
RP481: 2011/03/11 11:34:38 AM - Software Distribution Service 3.0
RP482: 2011/03/12 07:14:51 PM - System Checkpoint
RP483: 2011/03/13 05:39:18 AM - Software Distribution Service 3.0
RP484: 2011/03/15 09:42:13 AM - Software Distribution Service 3.0
RP485: 2011/03/15 10:12:27 PM - Software Distribution Service 3.0
RP486: 2011/03/17 05:13:15 AM - Software Distribution Service 3.0
RP487: 2011/03/18 12:30:12 PM - Software Distribution Service 3.0
RP488: 2011/03/19 06:19:49 PM - System Checkpoint
RP489: 2011/03/19 06:28:40 PM - Software Distribution Service 3.0
RP490: 2011/03/20 03:38:30 AM - Software Distribution Service 3.0
RP491: 2011/03/21 12:34:21 PM - System Checkpoint
RP492: 2011/03/22 05:06:03 AM - Software Distribution Service 3.0
RP493: 2011/03/23 12:28:13 AM - Software Distribution Service 3.0
RP494: 2011/03/24 01:51:47 AM - Installed Java(TM) 6 Update 24
RP495: 2011/03/24 02:01:45 AM - Software Distribution Service 3.0
RP496: 2011/03/24 11:43:11 AM - Software Distribution Service 3.0
RP497: 2011/03/24 11:26:28 PM - Software Distribution Service 3.0
RP498: 2011/03/25 08:33:09 PM - Installed Pics2book
RP499: 2011/03/26 03:00:21 AM - Software Distribution Service 3.0
RP500: 2011/03/27 03:58:45 PM - Software Distribution Service 3.0
RP501: 2011/03/27 04:42:40 PM - Software Distribution Service 3.0
RP502: 2011/03/28 12:39:48 AM - Software Distribution Service 3.0
RP503: 2011/03/28 05:20:55 PM - Software Distribution Service 3.0
RP504: 2011/03/29 03:00:16 AM - Software Distribution Service 3.0
RP505: 2011/03/29 03:40:12 AM - Software Distribution Service 3.0
RP506: 2011/03/30 11:41:11 PM - Software Distribution Service 3.0
RP507: 2011/03/30 08:43:34 AM - System Checkpoint
RP508: 2011/03/31 12:58:42 PM - System Checkpoint
RP509: 2011/04/01 03:00:16 AM - Software Distribution Service 3.0
RP510: 2011/04/02 06:54:00 AM - Software Distribution Service 3.0
RP511: 2011/04/04 02:25:20 AM - Software Distribution Service 3.0
RP512: 2011/04/04 08:46:07 AM - Software Distribution Service 3.0
RP513: 2011/04/05 03:00:29 AM - Software Distribution Service 3.0
RP514: 2011/04/05 06:15:10 PM - Installed Windows Internet Explorer 8.
RP515: 2011/04/05 07:04:06 PM - Software Distribution Service 3.0
RP516: 2011/04/06 07:36:54 AM - Installed HiJackThis
RP517: 2011/04/06 12:11:53 PM - Software Distribution Service 3.0
RP518: 2011/04/07 03:00:33 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acer Bio Protection
Acer Crystal Eye Webcam 2.0.8.4
Acer Crystal Eye Webcam Video Class Camera
Acer Empowering Technology
Acer ePower Management
Acer GridVista
Acer ScreenSaver
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.4.2
Applian FLV Player
Business Contact Manager for Outlook 2007 SP2
Compatibility Pack for the 2007 Office system
CutePDF Writer 2.8
DxO Optics Pro 6
eSobi v2
File Uploader
Flash Saving Plugin
Free Download Manager 3.0
Fuji Film digital printing
Google Desktop
Google Update Helper
GoToMeeting 4.5.0.457
HDAUDIO Soft Data Fax Modem with SmartCP
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
hp officejet g series
ImageConverter Plus 8.0
Infineon TPM Professional Package
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Interface
IntelĀ® Active Management Technology
Internet Explorer (Enable DEP)
Java Auto Updater
Java(TM) 6 Update 24
Kaspersky Internet Security 2011
Launch Manager
LightScribe 1.4.142.1
Malwarebytes' Anti-Malware
MediaBar
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Automated Troubleshooting Services Shim
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Project 2007 Service Pack 2 (SP2)
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MSVC80_x86_v2
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser
Nikon RAW Codec
Nokia Connectivity Cable Driver
Nokia PC Internet Access
Nokia PC Suite
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
NTI Shadow
O2Micro Flash Memory Card Reader Driver (x86)
OGA Notifier 2.0.0048.0
PC Connectivity Solution
PDF Settings CS5
PhotoScape
Pics2book
Picture Control Utility
PowerDVD
PressReader
QuickTime
RapidStudio
RapidStudio QuickSupport
RapidStudio Software Updater
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio 2007 (KB2434737)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Serif WebPlus X2
Serif WebPlus X2 Resources
SlimComputer
SPBA 5.8
Striata Reader
Studio22 Album Maker
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2508979)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB942763)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Vodafone Mobile Connect
WebFldrs XP
WIDCOMM Bluetooth Software
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
Windows Driver Package - Nokia Modem (10/05/2009 4.2)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows PowerShell(TM) 1.0
Windows Search 4.0
WinRAR archiver
WT-4 Setup Utility
.
==== Event Viewer Messages From Past Week ========
.
2011/04/06 12:10:13 PM, error: Dhcp [1002] - The IP address lease 41.30.69.181 for the Network Card with network address 001E101FFA3F has been denied by the DHCP server 41.30.199.97 (The DHCP Server sent a DHCPNACK message).
2011/04/06 11:45:13 AM, error: Dhcp [1002] - The IP address lease 41.28.246.17 for the Network Card with network address 001E101FFA3F has been denied by the DHCP server 41.30.69.182 (The DHCP Server sent a DHCPNACK message).
2011/04/06 11:32:33 AM, error: Dhcp [1002] - The IP address lease 41.30.253.115 for the Network Card with network address 001E101FFA3F has been denied by the DHCP server 41.28.246.18 (The DHCP Server sent a DHCPNACK message).
2011/04/06 11:15:28 AM, error: Dhcp [1002] - The IP address lease 41.26.35.108 for the Network Card with network address 001E101FFA3F has been denied by the DHCP server 41.30.253.113 (The DHCP Server sent a DHCPNACK message).
2011/04/06 10:53:38 AM, error: Dhcp [1002] - The IP address lease 41.29.41.103 for the Network Card with network address 001E101FFA3F has been denied by the DHCP server 41.26.35.105 (The DHCP Server sent a DHCPNACK message).
2011/04/06 10:49:23 AM, error: Dhcp [1002] - The IP address lease 41.30.222.202 for the Network Card with network address 001E101FFA3F has been denied by the DHCP server 41.29.41.97 (The DHCP Server sent a DHCPNACK message).
2011/04/06 10:03:33 AM, error: Dhcp [1002] - The IP address lease 41.31.11.65 for the Network Card with network address 001E101FFA3F has been denied by the DHCP server 41.30.222.201 (The DHCP Server sent a DHCPNACK message).
2011/04/06 09:59:43 AM, error: Dhcp [1002] - The IP address lease 41.27.144.170 for the Network Card with network address 001E101FFA3F has been denied by the DHCP server 41.31.11.66 (The DHCP Server sent a DHCPNACK message).
2011/04/06 06:20:07 AM, error: Dhcp [1002] - The IP address lease 41.28.199.233 for the Network Card with network address 001E101F3DA8 has been denied by the DHCP server 41.31.89.65 (The DHCP Server sent a DHCPNACK message).
2011/04/05 12:16:08 AM, error: Dhcp [1002] - The IP address lease 41.27.188.19 for the Network Card with network address 001E101F19A3 has been denied by the DHCP server 41.31.120.145 (The DHCP Server sent a DHCPNACK message).
2011/04/05 10:16:29 AM, error: Dhcp [1002] - The IP address lease 41.29.204.63 for the Network Card with network address 001E101F5B0C has been denied by the DHCP server 41.29.143.249 (The DHCP Server sent a DHCPNACK message).
2011/04/05 10:00:01 AM, error: Dhcp [1002] - The IP address lease 41.31.62.182 for the Network Card with network address 001E101F00E4 has been denied by the DHCP server 41.28.49.217 (The DHCP Server sent a DHCPNACK message).
2011/04/05 09:23:11 AM, error: Dhcp [1002] - The IP address lease 41.31.224.192 for the Network Card with network address 001E101F1047 has been denied by the DHCP server 41.31.62.181 (The DHCP Server sent a DHCPNACK message).
2011/04/05 09:15:26 AM, error: Dhcp [1002] - The IP address lease 41.29.115.74 for the Network Card with network address 001E101F1047 has been denied by the DHCP server 41.31.224.129 (The DHCP Server sent a DHCPNACK message).
2011/04/05 09:10:06 AM, error: Dhcp [1002] - The IP address lease 41.29.24.228 for the Network Card with network address 001E101F1047 has been denied by the DHCP server 41.29.115.73 (The DHCP Server sent a DHCPNACK message).
2011/04/05 07:01:41 PM, error: Dhcp [1002] - The IP address lease 41.30.16.118 for the Network Card with network address 001E101FC3E9 has been denied by the DHCP server 41.28.154.233 (The DHCP Server sent a DHCPNACK message).
2011/04/05 06:23:15 PM, error: Dhcp [1002] - The IP address lease 41.29.140.92 for the Network Card with network address 001E101FBCAD has been denied by the DHCP server 41.30.16.117 (The DHCP Server sent a DHCPNACK message).
2011/04/05 05:08:16 PM, error: Dhcp [1002] - The IP address lease 41.29.31.17 for the Network Card with network address 001E101F4824 has been denied by the DHCP server 41.29.140.89 (The DHCP Server sent a DHCPNACK message).
2011/04/05 05:04:16 PM, error: Dhcp [1002] - The IP address lease 41.26.44.255 for the Network Card with network address 001E101F4824 has been denied by the DHCP server 41.29.31.18 (The DHCP Server sent a DHCPNACK message).
2011/04/05 04:31:26 PM, error: Dhcp [1002] - The IP address lease 41.28.118.161 for the Network Card with network address 001E101F4824 has been denied by the DHCP server 41.26.44.1 (The DHCP Server sent a DHCPNACK message).
2011/04/05 03:47:41 PM, error: Dhcp [1002] - The IP address lease 41.27.105.176 for the Network Card with network address 001E101F4824 has been denied by the DHCP server 41.28.118.162 (The DHCP Server sent a DHCPNACK message).
2011/04/05 03:06:50 AM, error: Service Control Manager [7024] - The SQL Server (MSSMLBIZ) service terminated with service-specific error 3417 (0xD59).
2011/04/05 02:59:29 PM, error: Print [6161] - The document Untitled - Notepad owned by Lungi failed to print on printer hp officejet g series. Data type: NT EMF 1.008. Size of the spool file in bytes: 14408. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\LUNGI-2010. Win32 error code returned by the print processor: 259 (0x103).
2011/04/05 02:32:20 PM, error: Dhcp [1002] - The IP address lease 41.28.196.225 for the Network Card with network address 001E101F24F1 has been denied by the DHCP server 41.27.105.161 (The DHCP Server sent a DHCPNACK message).
2011/04/05 02:27:20 AM, error: Dhcp [1002] - The IP address lease 41.27.183.71 for the Network Card with network address 001E101F2A27 has been denied by the DHCP server 41.31.39.145 (The DHCP Server sent a DHCPNACK message).
2011/04/05 02:20:05 AM, error: Dhcp [1002] - The IP address lease 41.28.194.235 for the Network Card with network address 001E101F2A27 has been denied by the DHCP server 41.27.183.65 (The DHCP Server sent a DHCPNACK message).
2011/04/05 02:17:48 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o hpn i2omp ini910u IntelIde mraid35x perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 sisagp Sparrow symc810 symc8xx sym_hi sym_u3 TosIde ultra viaagp ViaIde
2011/04/05 02:09:08 AM, error: Service Control Manager [7022] - The Kaspersky Anti-Virus Service service hung on starting.
2011/04/05 01:14:58 AM, error: Dhcp [1002] - The IP address lease 41.31.120.151 for the Network Card with network address 001E101F19A3 has been denied by the DHCP server 41.28.194.233 (The DHCP Server sent a DHCPNACK message).
2011/04/04 12:57:46 AM, error: Dhcp [1002] - The IP address lease 41.30.103.166 for the Network Card with network address 001E101F5224 has been denied by the DHCP server 41.28.211.90 (The DHCP Server sent a DHCPNACK message).
2011/04/04 08:49:02 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706).
2011/04/04 08:15:56 AM, error: Dhcp [1002] - The IP address lease 41.30.34.139 for the Network Card with network address 001E101F825B has been denied by the DHCP server 41.27.34.89 (The DHCP Server sent a DHCPNACK message).
2011/04/04 08:07:51 AM, error: Dhcp [1002] - The IP address lease 41.30.145.123 for the Network Card with network address 001E101F825B has been denied by the DHCP server 41.30.34.137 (The DHCP Server sent a DHCPNACK message).
2011/04/04 01:18:31 AM, error: Dhcp [1002] - The IP address lease 41.28.211.89 for the Network Card with network address 001E101F5224 has been denied by the DHCP server 41.31.52.129 (The DHCP Server sent a DHCPNACK message).
2011/04/02 07:51:03 AM, error: Dhcp [1002] - The IP address lease 41.26.51.129 for the Network Card with network address 001E101FCC7E has been denied by the DHCP server 41.28.93.241 (The DHCP Server sent a DHCPNACK message).
2011/04/01 11:49:34 AM, error: Dhcp [1002] - The IP address lease 41.30.186.253 for the Network Card with network address 001E101F6D1A has been denied by the DHCP server 41.27.18.57 (The DHCP Server sent a DHCPNACK message).
2011/04/01 10:12:48 AM, error: Dhcp [1002] - The IP address lease 41.28.111.179 for the Network Card with network address 001E101F15EE has been denied by the DHCP server 41.30.186.254 (The DHCP Server sent a DHCPNACK message).
2011/04/01 09:26:43 AM, error: Dhcp [1002] - The IP address lease 41.26.142.50 for the Network Card with network address 001E101F15EE has been denied by the DHCP server 41.28.111.177 (The DHCP Server sent a DHCPNACK message).
2011/04/01 09:19:03 AM, error: Dhcp [1002] - The IP address lease 41.31.237.182 for the Network Card with network address 001E101F15EE has been denied by the DHCP server 41.26.142.49 (The DHCP Server sent a DHCPNACK message).
2011/04/01 07:42:13 AM, error: Dhcp [1002] - The IP address lease 41.26.107.22 for the Network Card with network address 001E101FA714 has been denied by the DHCP server 41.31.237.181 (The DHCP Server sent a DHCPNACK message).
2011/04/01 07:17:23 AM, error: Dhcp [1002] - The IP address lease 41.30.44.217 for the Network Card with network address 001E101FA714 has been denied by the DHCP server 41.26.107.21 (The DHCP Server sent a DHCPNACK message).
2011/04/01 06:49:18 AM, error: Dhcp [1002] - The IP address lease 41.30.47.95 for the Network Card with network address 001E101FA714 has been denied by the DHCP server 41.30.44.218 (The DHCP Server sent a DHCPNACK message).
2011/04/01 05:50:04 PM, error: Dhcp [1002] - The IP address lease 41.26.111.88 for the Network Card with network address 001E101FB832 has been denied by the DHCP server 41.30.58.81 (The DHCP Server sent a DHCPNACK message).
2011/04/01 03:42:14 PM, error: Dhcp [1002] - The IP address lease 41.28.45.125 for the Network Card with network address 001E101F9D21 has been denied by the DHCP server 41.27.169.241 (The DHCP Server sent a DHCPNACK message).
2011/04/01 03:38:09 PM, error: Dhcp [1002] - The IP address lease 41.27.182.158 for the Network Card with network address 001E101F9D21 has been denied by the DHCP server 41.28.45.126 (The DHCP Server sent a DHCPNACK message).
2011/04/01 02:47:34 PM, error: Dhcp [1002] - The IP address lease 41.29.186.77 for the Network Card with network address 001E101F2E4E has been denied by the DHCP server 41.27.182.157 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================

0

Are you saying that your problems are now corrected? Can you use IE now?
You asked about why Kaspersky didn't stop this. I "think" you thought you were installing a P2P program, and that may be, however, read this info to see why your Kaspersky was not working after the install, it will explain what this does to virtually any security program, even one like Kaspersky.
http://www.prevx.com/filenames/X2508246232267282497-X1/BEARSHAREV9%5B1%5D.EXE.html
Anti-virus programs are not set up to look for things like this type. The first thing they do is disable the security programs then bring in more infection.
One problem also was the SpyBot TeaTimer. It very often blocks legitimate fixes attempted, this is why this should be left turned off. SpyBot is an excellent program for scanning and removals so do keep it, just keep TeaTimer off.

Now a word about P2P, I do hope that you read the portion of the Read Me sticky concerning these types of programs, they ARE dangerous. You truly don't know who you are sharing these files with and if they are clean. Many infections are spread by using P2P, that is why many people share these files, not because they are generous but because they truly want to "share" what they find on others computers, private info, bank account numbers, credit card numbers,email addresses, the contact names contained in others personal email accounts. P2P file sharing can open doors to the world. You actually were very lucky to have had this happen so quickly, you knew immediately that something was very wrong. Many others don't know until their personal info is no longer personal.

So, are things working ok now?

0

Dear Judy !
Yes all is working well. I am really thankful to you and the Team for your assistance.

Thank you also for teaching me about the P2P programs. Indeed that was an eye-opener.
All is working and once again Thank you Thank you Thank you !

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.