I had posted this elsewhere on the site but a gentleman requested me to re-post on this thread. When I saw Broni's responses in this thread, I remembered that a couple of years ago, the same kind soul helped me clean up my computer.

Looks like I am attacked again, I am getting above error message. Additionally, there are other things happening to my computer-

It started with the above error message and then my desktop kept on blinking.

Now, I loose desktop every so often- I can be on Mozilla, but then when I minimize the window, there is no desktop.

Computer restarts by itself and after restarting displays an error message, "A hard drive error occured while starting the application". After displaying the message, I click okay and sometimes it lets me got to Mozilla but then again, I loose desktop, it comes back again and displays the same error message.

Flashes this message every so often "RAM memory usage is critically high". Also a Red Cross mark in utilities tray at the bottom right side of the screen. I also don't see any other usual icons there.

Looks like some random program called "Easy Scan" got downloaded on my machine, asks me to defrag the HDD. My daughter must have clicked yes to that it started defragging. Since I did not trust the program, I stopped the process in between when I realized this was happening.
I tried to uninstall but my computer says it cannot find some file named "hfecNhz2aLq.exe". And then again, I loose desktop for a couple of secs, then it comes back again with Hard drive error message as above.


Can someone help.... I really know nothing about technical stuff but last time with Bronni's help, I was able to impress myself :-)

Thank you so much,
Sam

Another error message at the bottom utility tray with a Red Cross mark "Hard Drive not found. Missing hard drive"

Please, read HERE and post required logs.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running tools or applying updates other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

MBAM log:

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Database version: 5438

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

1/1/2011 9:45:06 PM
mbam-log-2011-01-01 (21-45-06).txt

Scan type: Quick scan
Objects scanned: 152823
Time elapsed: 9 minute(s), 57 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
c:\documents and settings\all users\application data\cvmmcsnbgpjqkx.exe (Spyware.Zbot) -> 2740 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\CvMMcsnbGpjQKX.exe (Spyware.Zbot) -> Value: CvMMcsnbGpjQKX.exe -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\all users\application data\cvmmcsnbgpjqkx.exe (Spyware.Zbot) -> Quarantined and deleted successfully.

MBR
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0002000c

Kernel Drivers (total 162):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xF79FD000 \WINDOWS\system32\KDCOM.DLL
0xF790D000 \WINDOWS\system32\BOOTVID.dll
0xF74FD000 cjuk.sys
0xF73CE000 ACPI.sys
0xF79FF000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF73BD000 pci.sys
0xF750D000 isapnp.sys
0xF7911000 compbatt.sys
0xF7915000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7AC5000 pciide.sys
0xF777D000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF739F000 pcmcia.sys
0xF751D000 MountMgr.sys
0xF7380000 ftdisk.sys
0xF7A01000 dmload.sys
0xF735A000 dmio.sys
0xF7785000 PartMgr.sys
0xF7919000 ACPIEC.sys
0xF7AC6000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF7345000 Shockprf.sys
0xF752D000 VolSnap.sys
0xF732D000 atapi.sys
0xF7257000 iaStor.sys
0xF753D000 disk.sys
0xF754D000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7237000 fltmgr.sys
0xF7225000 sr.sys
0xF720F000 DRVMCDB.SYS
0xF778D000 PxHelp20.sys
0xF71F8000 KSecDD.sys
0xF716B000 Ntfs.sys
0xF713E000 NDIS.sys
0xF7124000 Mup.sys
0xF75AD000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF61C1000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xF61AD000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF6185000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF7845000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF5F80000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF784D000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF75BD000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF7855000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF5F54000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xF7A5B000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF785D000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7865000 \SystemRoot\system32\DRIVERS\nscirda.sys
0xF7073000 \SystemRoot\system32\DRIVERS\irenum.sys
0xF786D000 \SystemRoot\system32\DRIVERS\atmeltpm.sys
0xF79D1000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF6330000 \SystemRoot\system32\DRIVERS\ibmpmdrv.sys
0xF75CD000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7A5D000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
0xF75DD000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF75ED000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF5F31000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7875000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF5DED000 \SystemRoot\system32\DRIVERS\btkrnl.sys
0xF7BBD000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7A67000 \SystemRoot\System32\Drivers\RootMdm.sys
0xF78C5000 \SystemRoot\System32\Drivers\Modem.SYS
0xF78CD000 \SystemRoot\system32\DRIVERS\rasirda.sys
0xF78D5000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6944000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF631C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF59F7000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF6934000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF6924000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF59E6000 \SystemRoot\system32\DRIVERS\psched.sys
0xF766D000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF5406000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF53FE000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF53F6000 \SystemRoot\system32\DRIVERS\RimSerial.sys
0xF10C0000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF21B7000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7A09000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF1062000 \SystemRoot\system32\DRIVERS\update.sys
0xF578E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF1D69000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xAA6F2000 \SystemRoot\system32\drivers\ADIHdAud.sys
0xAA6CE000 \SystemRoot\system32\drivers\portcls.sys
0xF1D39000 \SystemRoot\system32\drivers\drmk.sys
0xAA6A8000 \SystemRoot\system32\drivers\AEAudio.sys
0xAA66E000 \SystemRoot\system32\DRIVERS\hsxhwazl.sys
0xAA577000 \SystemRoot\system32\DRIVERS\hsx_dpv.sys
0xAA4C1000 \SystemRoot\system32\DRIVERS\hsx_cnxt.sys
0xA45D3000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xA413D000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xA564D000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xA42D5000 \SystemRoot\System32\Drivers\Null.SYS
0xA564B000 \SystemRoot\System32\Drivers\Beep.SYS
0xA41E6000 \SystemRoot\System32\Drivers\DLARTL_N.SYS
0xA41DE000 \SystemRoot\System32\drivers\vga.sys
0xA5649000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xA5647000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xA41D6000 \SystemRoot\System32\Drivers\Msfs.SYS
0xA41CE000 \SystemRoot\System32\Drivers\Npfs.SYS
0xA4135000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA3B6A000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA3B11000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA45B3000 \SystemRoot\system32\drivers\mvstdi5x.sys
0xA3AEB000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xA3AC3000 \SystemRoot\system32\DRIVERS\netbt.sys
0xA45A3000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xA3AA1000 \SystemRoot\System32\drivers\afd.sys
0xA4593000 \SystemRoot\system32\DRIVERS\netbios.sys
0xA41C6000 \SystemRoot\System32\drivers\TSMAPIP.SYS
0xA41BE000 \SystemRoot\System32\drivers\Tppwrif.sys
0xA41B6000 \SystemRoot\System32\Drivers\TPHKDRV.SYS
0xA41AE000 \SystemRoot\System32\drivers\TDSMAPI.SYS
0xA41A6000 \SystemRoot\System32\drivers\Smapint.sys
0xA4C62000 \SystemRoot\System32\Drivers\ShockMgr.SYS
0xA3A5C000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
0xA3ECA000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0xA3A31000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA39C1000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA4090000 \SystemRoot\System32\Drivers\Fips.SYS
0xA4060000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA3EC2000 \SystemRoot\System32\Drivers\tcusb.sys
0xA38EB000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0xBF800000 \SystemRoot\System32\win32k.sys
0xA3C23000 \SystemRoot\System32\drivers\Dxapi.sys
0xA3EAA000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF1CC4000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF042000 \SystemRoot\System32\ialmdev5.DLL
0xBF077000 \SystemRoot\System32\ialmdd5.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xAA770000 \SystemRoot\System32\Drivers\DRVNDDM.SYS
0xF7C3E000 \SystemRoot\System32\DLA\DLADResN.SYS
0xA38D5000 \SystemRoot\System32\DLA\DLAIFS_M.SYS
0xF79E5000 \SystemRoot\System32\DLA\DLAOPIOM.SYS
0xA49BC000 \SystemRoot\System32\DLA\DLAPoolM.SYS
0xF7C3F000 \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
0xF47BD000 \SystemRoot\System32\DLA\DLABOIOM.SYS
0xA38BE000 \SystemRoot\System32\DLA\DLAUDFAM.SYS
0xA38A8000 \SystemRoot\System32\DLA\DLAUDF_M.SYS
0xF1374000 \SystemRoot\system32\DRIVERS\AegisP.sys
0xA3892000 \SystemRoot\system32\DRIVERS\irda.sys
0xA8226000 \SystemRoot\system32\DRIVERS\s24trans.sys
0xA7180000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA37ED000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA3CA1000 \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS
0xA37D1000 \??\C:\WINDOWS\system32\drivers\ibmfilter.sys
0xA36CD000 \SystemRoot\system32\DRIVERS\srv.sys
0xA374D000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xF7A0B000 \??\C:\WINDOWS\System32\drivers\pmemnt.sys
0xA71BC000 \??\C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PrivateDiskM.sys
0xF7AEA000 \??\C:\Program Files\SMI2\smi2.sys
0xA843D000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xA309A000 \SystemRoot\system32\drivers\naiavf5x.sys
0xA304E000 \??\C:\WINDOWS\system32\drivers\EntDrv51.sys
0xA2ECD000 \SystemRoot\system32\drivers\wdmaud.sys
0xA323D000 \SystemRoot\system32\drivers\sysaudio.sys
0xA29FE000 \SystemRoot\System32\Drivers\HTTP.sys
0xA2552000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xA250F000 \??\C:\DOCUME~1\Sarang\LOCALS~1\Temp\kwkirfod.sys
0xA24E4000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 74):
0 System Idle Process
4 System
828 C:\WINDOWS\system32\smss.exe
884 csrss.exe
908 C:\WINDOWS\system32\winlogon.exe
956 C:\WINDOWS\system32\services.exe
968 C:\WINDOWS\system32\lsass.exe
1152 C:\WINDOWS\system32\ibmpmsvc.exe
1180 C:\WINDOWS\system32\svchost.exe
1248 svchost.exe
1300 C:\WINDOWS\system32\svchost.exe
1396 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
1544 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
1664 svchost.exe
1704 svchost.exe
1972 C:\WINDOWS\system32\spoolsv.exe
224 svchost.exe
244 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
264 C:\Program Files\Bonjour\mDNSResponder.exe
276 C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
312 C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
384 C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService .exe
444 C:\Program Files\Java\jre6\bin\jqs.exe
560 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
620 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
656 C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
696 C:\Program Files\Network Associates\VirusScan\mcshield.exe
720 C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
772 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
812 naPrdMgr.exe
888 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
1320 C:\WINDOWS\system32\svchost.exe
1388 C:\WINDOWS\system32\TPHDEXLG.exe
1404 C:\WINDOWS\system32\TpKmpSvc.exe
1688 ibmtcsd.exe
1716 C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
1908 C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
1736 C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService. exe
2096 wdfmgr.exe
3788 alg.exe
3852 C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
3376 C:\WINDOWS\explorer.exe
3676 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
3684 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3744 C:\WINDOWS\system32\TpShocks.exe
3884 C:\WINDOWS\system32\hkcmd.exe
3920 C:\PROGRA~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE
4020 C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
4080 C:\Program Files\Analog Devices\Core\smax4pnp.exe
1480 C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.EXE
1920 C:\Program Files\ThinkVantage\AMSG\AMSG.EXE
2148 C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
2388 C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
2236 C:\WINDOWS\system32\DLA\DLACTRLW.EXE
3736 C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe
1512 C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe
3304 C:\WINDOWS\system32\rundll32.exe
2260 C:\Program Files\Network Associates\VirusScan\shstat.exe
3864 C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
1516 C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
1732 C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
2652 C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
3244 C:\Program Files\Logitech\QuickCam\Quickcam.exe
2604 C:\Program Files\QuickTime\QTTask.exe
3072 C:\Program Files\iTunes\iTunesHelper.exe
3256 C:\WINDOWS\system32\ctfmon.exe
4308 C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
5160 C:\WINDOWS\system32\svchost.exe
5560 C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
5632 C:\Program Files\stickies\stickies.exe
6056 C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
1800 C:\Program Files\IBM ThinkVantage\Client Security Solution\pwmgr.exe
2908 C:\Program Files\iPod\bin\iPodService.exe
4136 C:\Documents and Settings\Sarang\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: HTS541060G9SA00, Rev: MB3IC60H

Size Device Name MBR Status
--------------------------------------------
55 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 78FDA1FBB6BAEA3C41280B4FC4894383600E7827


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

DDR Attach

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/3/2006 9:16:03 AM
System Uptime: 1/1/2011 9:47:36 PM (9 hours ago)

Motherboard: LENOVO | | 1952C2U
Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz | None | 987/167mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 50 GiB total, 12.946 GiB free.
D: is CDROM ()
R: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/Wireless 3945ABG Network Connection
Device ID: PCI\VEN_8086&DEV_4227&SUBSYS_10108086&REV_02\4&209 75680&0&00E1
Manufacturer: Intel Corporation
Name: Intel(R) PRO/Wireless 3945ABG Network Connection
PNP Device ID: PCI\VEN_8086&DEV_4227&SUBSYS_10108086&REV_02\4&209 75680&0&00E1
Service: NETw3x32

==== System Restore Points ===================

RP196: 10/22/2010 8:50:34 AM - System Checkpoint
RP197: 10/23/2010 5:18:56 PM - System Checkpoint
RP198: 10/26/2010 10:55:08 AM - System Checkpoint
RP199: 10/29/2010 8:37:06 PM - System Checkpoint
RP200: 10/31/2010 12:03:00 PM - System Checkpoint
RP201: 11/2/2010 11:47:44 AM - System Checkpoint
RP202: 11/4/2010 10:44:52 AM - System Checkpoint
RP203: 11/8/2010 8:59:55 AM - System Checkpoint
RP204: 11/9/2010 9:52:17 AM - System Checkpoint
RP205: 11/10/2010 10:44:39 AM - System Checkpoint
RP206: 11/11/2010 7:37:41 AM - Software Distribution Service 3.0
RP207: 11/12/2010 6:10:10 AM - Software Distribution Service 3.0
RP208: 11/15/2010 7:12:34 AM - System Checkpoint
RP209: 11/16/2010 2:40:00 PM - System Checkpoint
RP210: 11/17/2010 8:35:47 PM - System Checkpoint
RP211: 11/19/2010 5:14:51 PM - System Checkpoint
RP212: 11/20/2010 5:45:56 PM - System Checkpoint
RP213: 11/22/2010 8:11:48 AM - System Checkpoint
RP214: 11/23/2010 8:47:36 AM - System Checkpoint
RP215: 11/24/2010 11:22:37 AM - System Checkpoint
RP216: 11/25/2010 11:32:34 AM - System Checkpoint
RP217: 11/26/2010 12:27:03 PM - System Checkpoint
RP218: 11/27/2010 5:03:57 PM - System Checkpoint
RP219: 12/1/2010 12:27:56 PM - System Checkpoint
RP220: 12/3/2010 9:27:26 AM - System Checkpoint
RP221: 12/6/2010 8:54:48 AM - System Checkpoint
RP222: 12/8/2010 8:46:10 AM - System Checkpoint
RP223: 12/9/2010 10:51:09 AM - System Checkpoint
RP224: 12/10/2010 5:05:30 PM - System Checkpoint
RP225: 12/11/2010 10:06:21 PM - System Checkpoint
RP226: 12/13/2010 7:26:49 AM - System Checkpoint
RP227: 12/14/2010 10:51:35 AM - System Checkpoint
RP228: 12/15/2010 11:11:41 AM - System Checkpoint
RP229: 12/16/2010 9:50:12 AM - Software Distribution Service 3.0
RP230: 12/17/2010 6:53:29 PM - System Checkpoint
RP231: 12/18/2010 8:17:38 PM - System Checkpoint
RP232: 12/20/2010 1:17:08 PM - System Checkpoint
RP233: 12/21/2010 2:51:52 PM - System Checkpoint
RP234: 12/23/2010 3:53:26 PM - System Checkpoint
RP235: 12/24/2010 6:26:55 PM - System Checkpoint
RP236: 12/25/2010 7:44:09 PM - System Checkpoint
RP237: 12/27/2010 1:11:37 PM - System Checkpoint
RP238: 12/30/2010 1:29:09 PM - System Checkpoint
RP239: 12/31/2010 10:51:56 PM - System Checkpoint
RP240: 1/1/2011 3:00:17 AM - Software Distribution Service 3.0
RP241: 1/2/2011 3:51:53 AM - System Checkpoint

==== Installed Programs ======================

Access Help
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Attorney's Assistant (remove only)
BlackBerry Desktop Software 4.2.1
BlackBerry v4.1.0 for the 8700 Series Wireless Handheld
Bonjour
Diskeeper Lite
EPSON Printer Software
eVal3
Facebook Plug-In
FileZilla Client 3.3.1
Garmin MapSource
Garmin Training Center
Garmin USB Drivers
Google Desktop
Help Center
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Home'Bank Off-line services 4.55
Hotfix 2050 for SQL Server 2000 ENU (KB948110)
Hotfix 2055 for SQL Server 2000 ENU (KB960082)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IBM 32-bit Runtime Environment for Java 2, v1.4.2
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet/Wireless Software
InterVideo WinDVD
iTunes
Java(TM) 6 Update 17
LiveReg (Symantec Corporation)
Logitech QuickCam
Logitech QuickCam Driver Package
Magic Berry
Malwarebytes' Anti-Malware
McAfee Anti-Spyware Enterprise Module
McAfee VirusScan Enterprise
mCore
mDriver
Message Center
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
mMHouse
Mozilla Firefox (3.0.19)
mPfMgr
mProSafe
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mXML
Outlook Download
PC-Doctor 5 for Windows
Pdf995
Productivity Center Supplement for ThinkPad
QuickTime
RealPlayer
RecordNow Audio
RecordNow Copy
RecordNow Data
Remove Multimedia Center
Rescue and Recovery - Client Security Solution
Rosetta Stone Version 3
Safari
Seagate Manager Installer
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Skype 3.1
Skype Plugin Manager
Software Installer
Sonic DLA
Sonic Express Labeler
Sonic Update Manager
SopCore 1.1.2
SoundMAX
Stickies 7.0a
SUPERAntiSpyware Free Edition
System Migration Assistant
ThinkPad Bluetooth with Enhanced Data Rate Software
ThinkPad Configuration
ThinkPad EasyEject Utility
ThinkPad FullScreen Magnifier
ThinkPad Hotkey Features Setup
ThinkPad Keyboard Customizer Utility
ThinkPad Modem
ThinkPad PC Card Power Policy
ThinkPad Power Management Driver
ThinkPad Power Manager
ThinkPad Presentation Director
ThinkPad UltraNav Driver
ThinkPad UltraNav Wizard
ThinkVantage Active Protection System
ThinkVantage Away Manager
ThinkVantage Fingerprint Software 5.4
ThinkVantage Productivity Center
ThinkVantage System Update
ThinkVantage Technologies Welcome Message
TrackPoint Accessibility Features
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Veoh Web Player
Visual C++ 8.0 ATL (x86) WinSXS MSM
Visual C++ 8.0 CRT (x86) WinSXS MSM
Wallpapers
WebFldrs XP
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Connect
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
WinRAR archiver
Xobni Core
XP Themes

==== Event Viewer Messages From Past Week ========

12/30/2010 9:41:13 AM, error: System Error [1003] - Error code 1000007f, parameter1 0000000d, parameter2 00000000, parameter3 00000000, parameter4 00000000.
12/30/2010 7:57:19 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/30/2010 7:57:07 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
12/30/2010 2:00:50 PM, error: PlugPlayManager [12] - The device 'Intel(R) PRO/1000 PL Network Connection' (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&19 2ac53f&0&00E0) disappeared from the system without first being prepared for removal.
12/30/2010 1:34:19 PM, error: Service Control Manager [7003] - The IPS Core Service service depends on the following nonexistent service: PROCDD
12/29/2010 11:51:11 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
12/28/2010 12:06:51 PM, error: System Error [1003] - Error code 1000000a, parameter1 00000001, parameter2 00000002, parameter3 00000001, parameter4 806e6a2a.
12/28/2010 10:53:38 AM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
1/1/2011 9:00:35 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
1/1/2011 9:00:35 PM, error: Service Control Manager [7031] - The Bluetooth Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/1/2011 9:00:34 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/1/2011 9:00:32 PM, error: Service Control Manager [7034] - The Intel(R) PROSet/Wireless Service service terminated unexpectedly. It has done this 1 time(s).
1/1/2011 9:00:27 PM, error: Service Control Manager [7034] - The ThinkPad PM Service service terminated unexpectedly. It has done this 1 time(s).
1/1/2011 9:00:27 PM, error: Service Control Manager [7034] - The Intel(R) PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).
1/1/2011 11:00:29 PM, error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.

==== End Of File ===========================

DDS


DDS (Ver_10-12-12.02) - NTFSx86
Run by Sarang at 6:50:03.34 on Sun 01/02/2011
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.573 [GMT 1:00]


============== Running Processes ===============

C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService .exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService. exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe
C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\stickies\stickies.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\IBM ThinkVantage\Client Security Solution\pwmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Sarang\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.cric7.com/ipl/indexiplhai.php
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*Yahoo! SearchBar Home Page
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*Yahoo! UK
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
uRun: [hfecNhz2aLq] c:\docume~1\alluse~1\applic~1\hfecNhz2aLq.exe
uRun: [PVvhUP3vfz] c:\docume~1\alluse~1\applic~1\PVvhUP3vfz.exe
uRun: [85tK1L9RCC] c:\docume~1\alluse~1\applic~1\85tK1L9RCC.exe
uRun: [P5ZRExRrkF] c:\docume~1\alluse~1\applic~1\P5ZRExRrkF.exe
uRunOnce: [FFTI] c:\documents and settings\sarang\application data\mozilla\firefox\profiles\g1r04h0s.default\ext ensions\{b13721c7-f507-4982-b2e5-502a71474fed}\ffti.exe /verysilent /suppressmsgboxes /norestart /destpath="c:\documents and settings\sarang\application data\mozilla\firefox\profiles/g1r04h0s.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper
mRun: [TpShocks] TpShocks.exe
mRun: [TP4EX] tp4ex.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
mRun: [TPHOTKEY] c:\progra~1\lenovo\pkgmgr\hotkey\TPHKMGR.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [suScheduler] c:\program files\thinkvantage\systemupdate\UCLauncher.exe /SCHEDULER
mRun: [LPManager] c:\progra~1\thinkv~2\prdctr\LPMGR.exe
mRun: [AMSG] c:\program files\thinkvantage\amsg\Amsg.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [cssauth] "c:\program files\ibm thinkvantage\client security solution\cssauth.exe" silent
mRun: [PDService.exe] "c:\program files\ibm thinkvantage\safeguard privatedisk\pdservice.exe"
mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe"
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrB kGndMonitor
mRun: [BLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BatLogEx.DLL,StartBa ttLog
mRun: [ShStatEXE] "c:\program files\network associates\virusscan\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UpdaterUI.exe" /StartedFromRunKey
mRun: [Network Associates Error Reporting Service] "c:\program files\common files\network associates\talkback\tbmon.exe"
mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ser vic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\sti ckies.lnk - c:\program files\stickies\stickies.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\thinkpad\bluetooth software\btsendto_ie_ctx.htm
IE: {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - c:\program files\lenovo\pkgmgr\\PkgMgr.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} - hxxp://0-site.ebrary.com.lib.bus.umich.edu/lib/kresge/support/plugins/ebraryRdr.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} - hxxp://download.sopcast.com/download/SOPCORE.CAB
DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} - hxxp://www.ooxtv.com/livetv.ocx
DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.tvucricket.com/player/vjocx-en-black.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: psfus - psqlpwd.dll
Notify: tpfnf2 - notifyf2.dll
Notify: tphotkey - tphklock.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Notification Packages = scecli psqlpwd
mASetup: {5491B524-C5BF-4435-669F-B1A05CD3CB91} - "c:\program files\microsoft office communicator\PerUser.exe" /S
mASetup: {6449166C-2951-4105-B1A9-481F56B5DAFA} - c:\windows\umbs\ipprin~1.0\PerUser.exe /S

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sarang\applic~1\mozilla\firefox\profil es\g1r04h0s.default\
FF - prefs.js: browser.startup.homepage - hxxp://online.wsj.com/home/us
FF - plugin: c:\documents and settings\sarang\application data\facebook\npfbplugin_1_0_3.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

============= SERVICES / DRIVERS ===============

P2 McShield;Network Associates McShield;c:\program files\network associates\virusscan\mcshield.exe [2004-9-23 221191]
R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mv stdi5x.sys [2006-8-5 58464]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-12-16 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-12-16 74480]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService .exe [2008-7-17 161064]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2006-8-5 102463]
R2 McTaskManager;Network Associates Task Manager;c:\program files\network associates\virusscan\vstskmgr.exe [2004-9-23 28672]
R2 PrivateDisk;PrivateDisk;c:\program files\ibm thinkvantage\safeguard privatedisk\privatediskm.sys [2005-11-15 46142]
R2 smi2;smi2;c:\program files\smi2\smi2.sys [2005-12-22 3968]
R2 smihlp;SMI helper driver;c:\program files\thinkvantage fingerprint software\smihlp.sys [2005-12-8 3328]
R3 NaiAvFilter1;NaiAvFilter1;c:\windows\system32\driv ers\naiavf5x.sys [2006-8-5 108480]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-12-16 7408]

=============== Created Last 30 ================

2010-12-30 11:52:41 429056 ----a-w- c:\docume~1\alluse~1\applic~1\ekKfXTnYoWPAhH.dll

==================== Find3M ====================

2011-01-01 23:00:00 5427 ----a-w- c:\windows\system32\EGATHDRV.SYS
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:34:12 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34:11 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34:11 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34:11 17408 ------w- c:\windows\system32\corpol.dll
2010-11-03 12:25:53 389120 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-16 15:36:55 59 ----a-w- c:\windows\wpd99.drv

============= FINISH: 6:51:15.85 ===============

Broni---

I cannot upload GMER log for some reason.... I get this message when I try to copy log file in to the forum as a reply to my message-

Fatal error: Max execution time of 30 secs exceeded in ?home/7068/daldafor/www.d-a-l.com/public_htm/help/includes/functions.php on line 1926

How do you want me to proceed uploading this GMER log? Please advise.

I also see that there is a separate forum- someone started- Easy Scan virus-- I have it also as I said in my original post. Even after running all the programs you asked me to run, the short cut for Easy Scan still appears on my desktop.

Regarding GMER....

Upload the file(s) here: Free File Hosting - Online Storage; Upload Mp3, Videos, Music. Backup Files
Post download link (copy URL: link):

GMER log file

URL to access-

http://www.filedropper.com/gmer