[snowysdad43]

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Run by myaccount at 13:39:48 on 2011-11-07
.
============== Running Processes ===============
.
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\AOL\1230249116\EE\aolsoftware.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\AOL\1230249116\EE\aolsoftware.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ntvdm.exe
C:\DOCUME~1\MYACCO~1\MYDOCU~1\DDS.COM
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com/?ncid=customie8
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
uDefault_Page_URL = hxxp://www.aol.com/?ncid=customie8
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
mStart Page = hxxp://www.yahoo.com/
mURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - c:\program files\aol toolbar\aoltb.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - No File
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files\aol toolbar\aoltb.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [nwiz] nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230133906203
DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} - hxxp://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?39992.2864351852
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-delicious-winter-edition/zylomplayer.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
TCP: DhcpNameServer = 192.168.0.1 192.168.3.1
TCP: Interfaces\{80443072-5384-4D29-A197-604ECE8884D8} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
TCP: Interfaces\{8AB7525D-E207-499F-AC67-CBE186DE2CB5} : DhcpNameServer = 192.168.0.1 192.168.3.1
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R? Akamai;Akamai NetSession Interface
R? GamesAppService;GamesAppService
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
S? !SASCORE;SAS Core Service
S? AntiVirSchedulerService;Avira AntiVir Scheduler
S? AntiVirService;Avira AntiVir Guard
S? avgio;avgio
S? avgntflt;avgntflt
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
.
=============== Created Last 30 ================
.
2011-11-07 17:49:47 -------- d-----w- c:\progra~1\Viewpoint
2011-11-07 16:28:10 -------- d-----w- c:\windows\msdownld.tmp
2011-11-07 16:23:58 -------- d-----w- c:\progra~1\MSECACHE
2011-11-07 14:29:14 -------- d-----w- C:\ComboFix
2011-11-07 02:46:53 98816 ----a-w- c:\windows\sed.exe
2011-11-07 02:46:53 518144 ----a-w- c:\windows\SWREG.exe
2011-11-07 02:46:53 256000 ----a-w- c:\windows\PEV.exe
2011-11-07 02:46:53 208896 ----a-w- c:\windows\MBR.exe
2011-11-07 02:20:42 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-27 21:50:19 -------- d-----w- c:\docume~1\alluse~1\application data\IncrediMail
2011-10-27 21:50:19 -------- d-----w- c:\docume~1\alluse~1\application data\IM
.
==================== Find3M ====================
.
2011-10-25 18:06:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-07-04 01:23:19 20533281 -c--a-w- c:\progra~1\VLC.exe
.
============= FINISH: 13:40:58.21 ===============

[Advertisements]

Start, Run, sfc /scannow, OK

SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.

Start, Run, sigverif, OK

Press Start. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)

[RKinner]

Start, Run, sfc /scannow, OK

SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.

Start, Run, sigverif, OK

Press Start. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)

[snowysdad43]

ok the first command i ran i just get the cmd screen ( black screen ) for a millisecond then nothing !
the second one ( sigveryf) produced only 5 unsigned products and the newest one was in 07

[snowysdad43]

i should note ron i had a problem about a year ago and emerald cleaned my system
i am wondering if the search settings thing is just a remnant that cant be removed
as far as otl i ran as dds but not as normal ?
i guess the main thing i am wondering is if my computer seems to be working fine should i worry about these 2 things ??

[RKinner]

Up to you.

Instead of running sfc from Run first try

Start, Run, cmd, OK then type

sfc /scannow

I expect it is giving an error. That may help us.

Ron

[snowysdad43]

ok got a little further that way but
after entering i get a response stating i nust be an administrator running a console session in order to use the windows file checker utility ? i am logged in on an acct with admin rights

[RKinner]

Go to
http://www.winhelpon...-in-windows-xp/

Follow the instructions starting where it says:

Using SubInACL

[snowysdad43]

ron is the reset cmd file part of the subinacl or is that a separate feature
i do not want to do this wrong

[RKinner]

The reset.cmd is part of the fix. It uses the program you downloaded in order to reset the permissions back to default.

[snowysdad43]

ron i downoaded subin and installed in win resource where it was supposed to go then followed derections for second part reset cmd
the instructions are not that complete ! now do i enter the reset cmd in the same way i did the others ? ir run cmd then enter the resetcmd in the command box or ?

[RKinner]

I would think you just need to double click on it. You can run it from the Command window but you need to be in the same directory or use the full path.

[snowysdad43]

just double clicked it it ran fast and as the files were modified they were failed i thought i trashed my computer
ugggg as you can tell i am a novice so this is scary stuff for me :::huge exhale:

Edited by snowysdad43, 07 November 2011 - 04:33 PM.

[snowysdad43]

hi again ron
does my computer look like its functioning normaly as far as the files and or warnings /errors you have seen
or will these problems with access to certain reg keys or programs get worse?

[RKinner]

I don't know what has been done to it to make it so odd. Try the sfc /scannow command again. See if it will run now.

Ron

[snowysdad43]

hi ron i was able to run sfc scannow it ran thru completion and then just finished and closed on its own
no logs :that i can find anyway