Jump to content

Dieseldave

Members
 View Profile  See their activity

  • Posts

    8

  • Joined

  • Last visited

 Content Type 

Posts posted by Dieseldave

    my search results go to differnt places Malwarebytes didnt find anything

    in Resolved Malware Removal Logs

    Posted

    Malwarebytes Anti-Malware 1.65.0.1400

    www.malwarebytes.org

    Database version: v2012.09.16.07

    Windows XP Service Pack 3 x86 NTFS

    Internet Explorer 8.0.6001.18702

    owner :: SKULL [administrator]

    9/16/2012 4:19:12 PM

    mbam-log-2012-09-16 (16-19-12).txt

    Scan type: Full scan (C:\|)

    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

    Scan options disabled: P2P

    Objects scanned: 398828

    Time elapsed: 1 hour(s), 19 minute(s), 50 second(s)

    Memory Processes Detected: 0

    (No malicious items detected)

    Memory Modules Detected: 0

    (No malicious items detected)

    Registry Keys Detected: 0

    (No malicious items detected)

    Registry Values Detected: 0

    (No malicious items detected)

    Registry Data Items Detected: 0

    (No malicious items detected)

    Folders Detected: 0

    (No malicious items detected)

    Files Detected: 2

    C:\System Volume Information\_restore{65C06EA8-4E62-4E8A-8B9A-A8BE0C4B1B74}\RP441\A0238236.EXE (PUP.Tool) -> Quarantined and deleted successfully.

    C:\Documents and Settings\owner\Application Data\Sun\Java\Deployment\cache\6.0\35\3952a8a3-12c03353 (Trojan.Reza) -> Quarantined and deleted successfully.

    (end)

    my search results go to differnt places Malwarebytes didnt find anything

    in Resolved Malware Removal Logs

    Posted

    Object reference not set to an instance of an object.

    Object reference not set to an instance of an object.

    User initialised redundant data purge.

    ......................

    Removed registry subkey tree: JavaPlugin.160_31

    Removed registry subkey: {08B0E5C0-4FCB-11CF-AAA5-00401C608500}

    Removed registry subkey: 0357E4991DA5FF14F9615B3412062B06

    Removed registry subkey: 0357E4991DA5FF14F9615B3612062B06

    Removal routine completed successfully. 4 items have been deleted.

    Object reference not set to an instance of an object.

    Object reference not set to an instance of an object.

    User initialised redundant data purge.

    ......................

    Removal routine completed successfully. 4 items have been deleted.

    JavaRa 2.0 loaded without incident. Checking system...

    User initialised redundant data purge.

    ......................

    Removal routine completed successfully. 0 items have been deleted.

    JavaRa 2.0 loaded without incident. Checking system...

    User initialised redundant data purge.

    ......................

    Cleanup routine completed successfully. 0 items have been deleted.

    my search results go to differnt places Malwarebytes didnt find anything

    in Resolved Malware Removal Logs

    Posted

    aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

    Run date: 2012-09-16 13:34:31

    -----------------------------

    13:34:31.234 OS Version: Windows 5.1.2600 Service Pack 3

    13:34:31.234 Number of processors: 4 586 0xF07

    13:34:31.234 ComputerName: SKULL UserName: owner

    13:34:33.937 Initialize success

    13:43:37.718 AVAST engine defs: 12091400

    13:44:03.546 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts3Port4Path1Target1Lun0

    13:44:03.546 Disk 0 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 3

    13:44:03.593 Disk 0 MBR read successfully

    13:44:03.593 Disk 0 MBR scan

    13:44:03.656 Disk 0 Windows XP default MBR code

    13:44:03.656 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476937 MB offset 63

    13:44:03.656 Disk 0 scanning sectors +976768065

    13:44:03.734 Disk 0 scanning C:\WINDOWS\system32\drivers

    13:44:12.078 Service scanning

    13:44:22.859 Modules scanning

    13:44:26.453 Disk 0 trace - called modules:

    13:44:26.468 ntkrnlpa.exe CLASSPNP.SYS disk.sys tsk11F.tmp hal.dll SCSIPORT.SYS nvgts.sys

    13:44:26.484 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a524ab8]

    13:44:26.812 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\0000006a[0x8a56d920]

    13:44:26.812 5 tsk11F.tmp[b7f51620] -> nt!IofCallDriver -> \Device\Scsi\nvgts3Port4Path1Target1Lun0[0x8a56da38]

    13:44:28.062 AVAST engine scan C:\WINDOWS

    13:44:39.593 AVAST engine scan C:\WINDOWS\system32

    13:47:30.109 AVAST engine scan C:\WINDOWS\system32\drivers

    13:47:52.500 AVAST engine scan C:\Documents and Settings\owner

    13:48:11.640 File: C:\Documents and Settings\owner\Application Data\crdrf.dll **INFECTED** Win32:Medfos [Trj]

    13:48:38.484 File: C:\Documents and Settings\owner\Application Data\Sun\Java\Deployment\cache\6.0\35\3952a8a3-12c03353 **INFECTED** Win32:Karagany-KH [Trj]

    13:49:34.796 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\owner\Desktop\recent stuff\MBR.dat"

    13:49:34.796 The log file has been saved successfully to "C:\Documents and Settings\owner\Desktop\recent stuff\aswMBR.txt"

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2011-08-26.01)

    .

    Microsoft Windows XP Professional

    Boot Device: \Device\HarddiskVolume1

    Install Date: 12/19/2010 9:19:50 AM

    System Uptime: 9/16/2012 8:32:57 AM (6 hours ago)

    .

    Motherboard: EVGA | | 122-CK-NF68

    Processor: Intel® Core2 Quad CPU @ 2.40GHz | Socket 775 | 2399/266mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 466 GiB total, 367.419 GiB free.

    E: is Removable

    F: is Removable

    G: is Removable

    H: is CDROM ()

    I: is CDROM ()

    J: is Removable

    .

    ==== Disabled Device Manager Items =============

    .

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

    Description: Gigabyte GN-WP01GS PCI WLAN Card(Turbo)

    Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_E9341458&REV_00\4&1A82106&0&5078

    Manufacturer: Gigabyte Technology Corp.

    Name: Gigabyte GN-WP01GS PCI WLAN Card(Turbo)

    PNP Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_E9341458&REV_00\4&1A82106&0&5078

    Service: RT61

    .

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

    Description: NVIDIA nForce Networking Controller

    Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&575C2CF&0&00

    Manufacturer: NVIDIA

    Name: NVIDIA nForce 10/100/1000 Mbps Ethernet

    PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&575C2CF&0&00

    Service: NVENETFD

    .

    ==== System Restore Points ===================

    .

    RP405: 6/23/2012 12:00:08 PM - System Checkpoint

    RP406: 6/24/2012 1:14:35 PM - System Checkpoint

    RP407: 6/26/2012 6:52:41 PM - System Checkpoint

    RP408: 6/27/2012 7:23:29 PM - System Checkpoint

    RP409: 6/29/2012 7:33:12 PM - System Checkpoint

    RP410: 7/1/2012 7:52:13 AM - System Checkpoint

    RP411: 7/4/2012 2:44:56 PM - System Checkpoint

    RP412: 7/6/2012 6:37:27 PM - System Checkpoint

    RP413: 7/7/2012 6:43:55 PM - System Checkpoint

    RP414: 7/8/2012 7:49:11 PM - System Checkpoint

    RP415: 7/10/2012 7:18:03 PM - System Checkpoint

    RP416: 7/11/2012 7:38:10 PM - System Checkpoint

    RP417: 7/12/2012 8:41:13 PM - System Checkpoint

    RP418: 7/13/2012 10:02:37 PM - System Checkpoint

    RP419: 7/14/2012 10:55:10 PM - System Checkpoint

    RP420: 7/17/2012 8:23:06 PM - System Checkpoint

    RP421: 7/18/2012 8:44:56 PM - System Checkpoint

    RP422: 7/19/2012 8:49:51 PM - System Checkpoint

    RP423: 7/20/2012 9:00:46 PM - System Checkpoint

    RP424: 7/21/2012 9:45:18 PM - System Checkpoint

    RP425: 7/25/2012 6:23:51 PM - System Checkpoint

    RP426: 7/26/2012 7:54:47 PM - System Checkpoint

    RP427: 7/28/2012 6:03:33 PM - System Checkpoint

    RP428: 7/29/2012 6:30:18 PM - System Checkpoint

    RP429: 7/30/2012 7:08:29 PM - System Checkpoint

    RP430: 7/31/2012 7:21:41 PM - System Checkpoint

    RP431: 8/1/2012 7:35:50 PM - System Checkpoint

    RP432: 8/2/2012 8:31:13 PM - System Checkpoint

    RP433: 8/3/2012 9:03:40 PM - System Checkpoint

    RP434: 8/4/2012 9:43:04 PM - System Checkpoint

    RP435: 8/8/2012 8:35:13 PM - System Checkpoint

    RP436: 8/10/2012 11:13:26 PM - System Checkpoint

    RP437: 8/12/2012 7:54:43 AM - System Checkpoint

    RP438: 8/14/2012 7:39:34 PM - System Checkpoint

    RP439: 8/16/2012 7:10:59 PM - System Checkpoint

    RP440: 8/18/2012 3:21:58 PM - Installed AVG 2012

    RP441: 8/18/2012 3:22:15 PM - Installed AVG 2012

    RP442: 8/18/2012 8:15:15 PM - Installed Far Cry Demo 2

    RP443: 8/19/2012 8:23:04 PM - System Checkpoint

    RP444: 8/23/2012 7:01:19 PM - System Checkpoint

    RP445: 8/24/2012 7:48:51 PM - System Checkpoint

    RP446: 8/25/2012 7:57:44 PM - System Checkpoint

    RP447: 8/28/2012 5:24:48 PM - System Checkpoint

    RP448: 9/2/2012 12:29:16 PM - System Checkpoint

    RP449: 9/3/2012 1:34:10 PM - System Checkpoint

    RP450: 9/4/2012 7:40:25 PM - System Checkpoint

    RP451: 9/7/2012 6:52:34 PM - System Checkpoint

    RP452: 9/9/2012 8:05:22 AM - System Checkpoint

    RP453: 9/11/2012 7:58:06 PM - System Checkpoint

    RP454: 9/14/2012 7:25:34 PM - System Checkpoint

    RP455: 9/15/2012 1:30:27 PM - Removed AVG 2012

    RP456: 9/15/2012 1:31:35 PM - Removed AVG 2012

    RP457: 9/16/2012 7:33:23 AM - Removed ABBYY FineReader 6.0 Sprint

    RP458: 9/16/2012 7:56:28 AM - Installed Windows Defender

    RP459: 9/16/2012 7:59:18 AM - Software Distribution Service 3.0

    .

    ==== Installed Programs ======================

    .

    18 Wheels of Steel Haulin

    32 Bit HP CIO Components Installer

    Adobe AIR

    Adobe Flash Player 11 ActiveX

    Adobe Reader X (10.1.3)

    Adobe Shockwave Player 11.5

    Adobe SVG Viewer 3.0

    Army Men

    Cross Fire En

    Dell Driver Download Manager

    Far Cry Demo 2

    Ford Racing 3

    FriendFinder Messenger v4.1

    Get Tiffany

    Gigabyte GN-WP01GS

    Grand Theft Auto IV

    Grand Theft Auto Vice City

    Grand Theft Auto: Episodes From Liberty City

    GTA San Andreas

    GTAIII

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

    Hotfix for Windows Media Format 11 SDK (KB929399)

    Hotfix for Windows Media Player 10 (KB903157)

    Hotfix for Windows Media Player 11 (KB939683)

    Hotfix for Windows XP (KB2443685)

    Hotfix for Windows XP (KB2633952)

    Hotfix for Windows XP (KB915800-v4)

    Hotfix for Windows XP (KB952287)

    Hotfix for Windows XP (KB954550-v5)

    Hotfix for Windows XP (KB961118)

    Hotfix for Windows XP (KB981793)

    HP Photo Creations

    HP Update

    IC4 Interface Device by SU Enterprise, Inc.

    IDS

    Image Plugin

    Java Auto Updater

    Java 6 Update 31

    Lexmark Printable Web

    Lexmark S300-S400 Series

    Malwarebytes Anti-Malware version 1.62.0.1300

    Microsoft .NET Framework 1.0 Hotfix (KB2572066)

    Microsoft .NET Framework 1.1

    Microsoft .NET Framework 1.1 Security Update (KB2656353)

    Microsoft .NET Framework 1.1 Security Update (KB979906)

    Microsoft .NET Framework 2.0 Service Pack 2

    Microsoft .NET Framework 3.0 Service Pack 2

    Microsoft .NET Framework 3.5 SP1

    Microsoft Base Smart Card Cryptographic Service Provider Package

    Microsoft Choice Guard

    Microsoft Compression Client Pack 1.0 for Windows XP

    Microsoft Games for Windows - LIVE

    Microsoft Games for Windows - LIVE Redistributable

    Microsoft Internationalized Domain Names Mitigation APIs

    Microsoft National Language Support Downlevel APIs

    Microsoft Office 97, Professional Edition

    Microsoft Silverlight

    Microsoft User-Mode Driver Framework Feature Pack 1.0

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    MSXML 4.0 SP2 Parser and SDK

    MSXML 6 Service Pack 2 (KB973686)

    NVIDIA Display Control Panel

    NVIDIA Drivers

    NVIDIA ForceWare Network Access Manager

    NVIDIA nView Desktop Manager

    NVIDIA PhysX

    Puma

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

    Security Update for Microsoft Windows (KB2564958)

    Security Update for Windows Internet Explorer 7 (KB2482017)

    Security Update for Windows Internet Explorer 7 (KB2544521)

    Security Update for Windows Internet Explorer 7 (KB2647516)

    Security Update for Windows Internet Explorer 7 (KB938127-v2)

    Security Update for Windows Internet Explorer 7 (KB982381)

    Security Update for Windows Internet Explorer 8 (KB2618444)

    Security Update for Windows Internet Explorer 8 (KB2647516)

    Security Update for Windows Internet Explorer 8 (KB2675157)

    Security Update for Windows Internet Explorer 8 (KB982381)

    Security Update for Windows Media Player (KB2378111)

    Security Update for Windows Media Player (KB952069)

    Security Update for Windows Media Player (KB954155)

    Security Update for Windows Media Player (KB973540)

    Security Update for Windows Media Player (KB975558)

    Security Update for Windows Media Player (KB978695)

    Security Update for Windows Media Player 11 (KB954154)

    Security Update for Windows Media Player 6.4 (KB925398)

    Security Update for Windows Search 4 - KB963093

    Security Update for Windows XP (KB2079403)

    Security Update for Windows XP (KB2115168)

    Security Update for Windows XP (KB2121546)

    Security Update for Windows XP (KB2229593)

    Security Update for Windows XP (KB2259922)

    Security Update for Windows XP (KB2296011)

    Security Update for Windows XP (KB2347290)

    Security Update for Windows XP (KB2360937)

    Security Update for Windows XP (KB2387149)

    Security Update for Windows XP (KB2393802)

    Security Update for Windows XP (KB2412687)

    Security Update for Windows XP (KB2419632)

    Security Update for Windows XP (KB2423089)

    Security Update for Windows XP (KB2440591)

    Security Update for Windows XP (KB2443105)

    Security Update for Windows XP (KB2476490)

    Security Update for Windows XP (KB2476687)

    Security Update for Windows XP (KB2478960)

    Security Update for Windows XP (KB2478971)

    Security Update for Windows XP (KB2479628)

    Security Update for Windows XP (KB2481109)

    Security Update for Windows XP (KB2483185)

    Security Update for Windows XP (KB2485376)

    Security Update for Windows XP (KB2485663)

    Security Update for Windows XP (KB2506212)

    Security Update for Windows XP (KB2507618)

    Security Update for Windows XP (KB2507938)

    Security Update for Windows XP (KB2508429)

    Security Update for Windows XP (KB2509553)

    Security Update for Windows XP (KB2510581)

    Security Update for Windows XP (KB2535512)

    Security Update for Windows XP (KB2536276-v2)

    Security Update for Windows XP (KB2544893-v2)

    Security Update for Windows XP (KB2566454)

    Security Update for Windows XP (KB2570222)

    Security Update for Windows XP (KB2570947)

    Security Update for Windows XP (KB2584146)

    Security Update for Windows XP (KB2585542)

    Security Update for Windows XP (KB2592799)

    Security Update for Windows XP (KB2598479)

    Security Update for Windows XP (KB2603381)

    Security Update for Windows XP (KB2618451)

    Security Update for Windows XP (KB2620712)

    Security Update for Windows XP (KB2624667)

    Security Update for Windows XP (KB2631813)

    Security Update for Windows XP (KB2633171)

    Security Update for Windows XP (KB2646524)

    Security Update for Windows XP (KB2660465)

    Security Update for Windows XP (KB2661637)

    Security Update for Windows XP (KB923561)

    Security Update for Windows XP (KB941569)

    Security Update for Windows XP (KB946648)

    Security Update for Windows XP (KB950762)

    Security Update for Windows XP (KB950974)

    Security Update for Windows XP (KB951376-v2)

    Security Update for Windows XP (KB951748)

    Security Update for Windows XP (KB952004)

    Security Update for Windows XP (KB952954)

    Security Update for Windows XP (KB955069)

    Security Update for Windows XP (KB956572)

    Security Update for Windows XP (KB956744)

    Security Update for Windows XP (KB956802)

    Security Update for Windows XP (KB956803)

    Security Update for Windows XP (KB956844)

    Security Update for Windows XP (KB958644)

    Security Update for Windows XP (KB958869)

    Security Update for Windows XP (KB959426)

    Security Update for Windows XP (KB960225)

    Security Update for Windows XP (KB960803)

    Security Update for Windows XP (KB960859)

    Security Update for Windows XP (KB961501)

    Security Update for Windows XP (KB969059)

    Security Update for Windows XP (KB970238)

    Security Update for Windows XP (KB970430)

    Security Update for Windows XP (KB971468)

    Security Update for Windows XP (KB971657)

    Security Update for Windows XP (KB971961)

    Security Update for Windows XP (KB972270)

    Security Update for Windows XP (KB973507)

    Security Update for Windows XP (KB973869)

    Security Update for Windows XP (KB973904)

    Security Update for Windows XP (KB974112)

    Security Update for Windows XP (KB974318)

    Security Update for Windows XP (KB974392)

    Security Update for Windows XP (KB974571)

    Security Update for Windows XP (KB975025)

    Security Update for Windows XP (KB975467)

    Security Update for Windows XP (KB975560)

    Security Update for Windows XP (KB975561)

    Security Update for Windows XP (KB975562)

    Security Update for Windows XP (KB975713)

    Security Update for Windows XP (KB977816)

    Security Update for Windows XP (KB977914)

    Security Update for Windows XP (KB978037)

    Security Update for Windows XP (KB978338)

    Security Update for Windows XP (KB978542)

    Security Update for Windows XP (KB978601)

    Security Update for Windows XP (KB978706)

    Security Update for Windows XP (KB979309)

    Security Update for Windows XP (KB979482)

    Security Update for Windows XP (KB979559)

    Security Update for Windows XP (KB979683)

    Security Update for Windows XP (KB979687)

    Security Update for Windows XP (KB980195)

    Security Update for Windows XP (KB980218)

    Security Update for Windows XP (KB980232)

    Security Update for Windows XP (KB980436)

    Security Update for Windows XP (KB981322)

    Security Update for Windows XP (KB981349)

    Security Update for Windows XP (KB981997)

    Security Update for Windows XP (KB982132)

    Security Update for Windows XP (KB982214)

    Security Update for Windows XP (KB982381)

    Security Update for Windows XP (KB982665)

    SpeedFan (remove only)

    Spybot - Search & Destroy

    TeamSpeak 2 RC2

    Teradyne Wireless Card

    The Lord of the Rings Online™ v03.02.03.8013

    TTI Trailers Skins Pack

    TTI Trucks and Trailers Skins Pack

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

    Update for Windows Internet Explorer 8 (KB2598845)

    Update for Windows Media Player 10 (KB913800)

    Update for Windows Media Player 10 (KB926251)

    Update for Windows XP (KB2141007)

    Update for Windows XP (KB2345886)

    Update for Windows XP (KB2467659)

    Update for Windows XP (KB2641690)

    Update for Windows XP (KB951978)

    Update for Windows XP (KB955759)

    Update for Windows XP (KB967715)

    Update for Windows XP (KB968389)

    Update for Windows XP (KB971029)

    Update for Windows XP (KB971737)

    Update for Windows XP (KB973687)

    Update for Windows XP (KB973815)

    Update Rollup 2 for Windows XP Media Center Edition 2005

    Ventrilo Client

    WebFldrs XP

    Windows Defender

    Windows Genuine Advantage Validation Tool (KB892130)

    Windows Imaging Component

    Windows Internet Explorer 7

    Windows Internet Explorer 8

    Windows Live ID Sign-in Assistant

    Windows Live Upload Tool

    Windows Media Format 11 runtime

    Windows Media Player 11

    Windows Search 4.0

    Windows XP Media Center Edition 2005 KB2502898

    Windows XP Media Center Edition 2005 KB2619340

    Windows XP Media Center Edition 2005 KB2628259

    Windows XP Media Center Edition 2005 KB925766

    Windows XP Media Center Edition 2005 KB973768

    Windows XP Service Pack 3

    Yahoo! Messenger

    .

    ==== Event Viewer Messages From Past Week ========

    .

    9/16/2012 8:35:00 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgtp nvata nvatabus

    9/16/2012 1:47:38 PM, error: nvgts [9] - The device, \Device\Scsi\nvgts3, did not respond within the timeout period.

    9/16/2012 1:47:38 PM, error: nvgts [5] - A parity error was detected on \Device\Scsi\nvgts3.

    9/15/2012 1:31:27 PM, error: Service Control Manager [7000] - The avgtp service failed to start due to the following error: The specified driver is invalid.

    9/11/2012 7:33:47 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

    9/11/2012 6:43:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgtp

    9/11/2012 6:43:45 PM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

    9/11/2012 6:43:45 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the lxeaCATSCustConnectService service to connect.

    9/11/2012 6:43:45 PM, error: Service Control Manager [7000] - The lxeaCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    9/11/2012 6:43:45 PM, error: Service Control Manager [7000] - The 5619 service failed to start due to the following error: The system cannot find the file specified.

    .

    ==== End Of File ===========================

    .

    DDS (Ver_2011-08-26.01) - NTFSx86

    Internet Explorer: 8.0.6001.18702

    Run by owner at 14:01:22 on 2012-09-16

    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1121 [GMT -5:00]

    .

    .

    ============== Running Processes ===============

    .

    C:\WINDOWS\system32\nvsvc32.exe

    C:\WINDOWS\system32\svchost -k DcomLaunch

    svchost.exe

    C:\Program Files\Windows Defender\MsMpEng.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

    svchost.exe

    svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    svchost.exe

    C:\WINDOWS\eHome\ehRecvr.exe

    C:\WINDOWS\eHome\ehSched.exe

    C:\Program Files\Java\jre6\bin\jqs.exe

    C:\WINDOWS\system32\lxeacoms.exe

    C:\WINDOWS\System32\svchost.exe -k HPZ12

    C:\WINDOWS\System32\svchost.exe -k HPZ12

    C:\WINDOWS\system32\PnkBstrA.exe

    svchost.exe

    C:\WINDOWS\system32\svchost.exe -k imgsvc

    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\WINDOWS\system32\SearchIndexer.exe

    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

    C:\Program Files\Common Files\Teradyne\TDSNetSetup.exe

    C:\WINDOWS\Explorer.EXE

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\WINDOWS\system32\dllhost.exe

    C:\WINDOWS\ehome\ehtray.exe

    C:\WINDOWS\system32\RUNDLL32.EXE

    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

    C:\WINDOWS\eHome\ehmsas.exe

    C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe

    C:\Program Files\Lexmark S300-S400 Series\ezprint.exe

    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\WINDOWS\system32\rundll32.exe

    C:\Program Files\Windows Defender\MSASCui.exe

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    C:\WINDOWS\System32\svchost.exe -k HTTPFilter

    C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe

    C:\Program Files\Gigabyte\Gigabyte WP01GS Wireless PCI Adapter SoftAP\Installer\WINXP\RaUI.exe

    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE

    C:\Program Files\Microsoft Office\Office\OSA.EXE

    C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe

    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

    C:\Program Files\Common Files\Java\Java Update\jucheck.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.yahoo.com

    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: {1E1B2879-88FF-11D2-8D96-D7ACAC95951F} - No File

    BHO: TM_BHO Class: {60ec89b7-367d-402b-8c55-30faeb32a705} - c:\program files\ford motor company\ids\runtime\TMCtrlBHO.dll

    BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

    BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.2.0.5\AVG Secure Search_toolbar.dll

    BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.2.0.5\AVG Secure Search_toolbar.dll

    TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

    TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File

    {e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

    {555d4d79-4bd2-4094-a395-cfc534424a05}

    uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet

    uRun: [iSUSPM] "c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe" -scheduler

    mRun: [ehTray] c:\windows\ehome\ehtray.exe

    mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet

    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

    mRun: [<NO NAME>]

    mRun: [TDSReanimator] "c:\program files\common files\teradyne\TDSReanimator.exe"

    mRun: [lxeamon.exe] "c:\program files\lexmark s300-s400 series\lxeamon.exe"

    mRun: [EzPrint] "c:\program files\lexmark s300-s400 series\ezprint.exe"

    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

    mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

    mRun: [crdrf] "c:\windows\system32\rundll32.exe" "c:\documents and settings\owner\application data\crdrf.dll",ToContiguous

    mRun: [ROC_roc_ssl_v12] "c:\program files\avg secure search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

    mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide

    StartupFolder: c:\docume~1\owner\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\FINDFAST.EXE

    StartupFolder: c:\docume~1\owner\startm~1\programs\startup\office~1.lnk - c:\program files\microsoft office\office\OSA.EXE

    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\device~1.lnk - c:\program files\ford motor company\ids\runtime\DeviceManager.exe

    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\gn-wp0~1.lnk - c:\program files\gigabyte\gigabyte wp01gs wireless pci adapter softap\installer\winxp\RaUI.exe

    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

    LSP: %SYSTEMROOT%\system32\nvLsp.dll

    Trusted Zone: yahoo.com\www

    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1345319533534

    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1292781541281

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

    DPF: {997C5A94-77F6-427D-A388-AC2B6ECF0F7C} - hxxp://webdeploy.teradyne-ds.com/webdeploy/Wireless_11.2.0/setup.ocx

    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    TCP: DhcpNameServer = 192.168.1.1

    TCP: Interfaces\{4FF69FB5-376C-460A-AD7F-B6C3AED6C54C} : DhcpNameServer = 192.168.1.1

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

    SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

    .

    ============= SERVICES / DRIVERS ===============

    .

    R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe -service --> c:\windows\system32\lxeacoms.exe -service [?]

    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

    R2 TDSNetSetup;TDSNetSetup;c:\program files\common files\teradyne\TDSNetSetup.exe [2011-3-22 17920]

    R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files\common files\avg secure search\vtoolbarupdater\12.2.6\ToolbarUpdater.exe [2012-9-3 722528]

    R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-9-16 40776]

    R3 skfilt;skfilt;c:\windows\system32\drivers\skfilt.sys [2008-2-12 1670016]

    S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-18 27496]

    S2 5619;5619;\??\c:\docume~1\owner\locals~1\temp\5619.sys --> c:\docume~1\owner\locals~1\temp\5619.sys [?]

    S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe [2011-5-16 193192]

    S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-9-16 35144]

    S3 USB-100;Realtek RTL8150 USB 10/100 Fast Ethernet Adapter;c:\windows\system32\drivers\RTL8150.SYS [2006-5-10 22016]

    S3 XDva397;XDva397;\??\c:\windows\system32\xdva397.sys --> c:\windows\system32\XDva397.sys [?]

    S3 XDva398;XDva398;\??\c:\windows\system32\xdva398.sys --> c:\windows\system32\XDva398.sys [?]

    S3 XDva399;XDva399;\??\c:\windows\system32\xdva399.sys --> c:\windows\system32\XDva399.sys [?]

    .

    =============== Created Last 30 ================

    .

    2012-09-16 17:50:08 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

    2012-09-16 14:28:09 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{9b1a7bd7-edc5-4a98-9701-d87aa1e07b5b}\offreg.dll

    2012-09-16 13:31:28 -------- d-----w- C:\TDSSKiller_Quarantine

    2012-09-16 13:12:44 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

    2012-09-16 12:59:24 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\backup\mpengine.dll

    2012-09-16 12:59:21 7022536 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{9b1a7bd7-edc5-4a98-9701-d87aa1e07b5b}\mpengine.dll

    2012-09-16 12:59:20 237072 ------w- c:\windows\system32\MpSigStub.exe

    2012-09-16 12:33:30 -------- d-----w- c:\windows\system32\appmgmt

    2012-09-15 18:31:36 -------- d-----w- c:\documents and settings\owner\application data\{46577E3C-95B4-4f4f-B4A7-0C29D12FB15D}

    2012-08-18 22:52:25 -------- d-sh--w- c:\documents and settings\owner\IECompatCache

    2012-08-18 20:25:10 -------- d-----w- c:\documents and settings\owner\application data\AVG2012

    2012-08-18 20:24:46 -------- d-----w- c:\documents and settings\all users\application data\AVG Secure Search

    2012-08-18 20:24:39 -------- d-----w- c:\documents and settings\owner\application data\AVG Secure Search

    2012-08-18 20:24:38 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

    2012-08-18 20:24:37 -------- d-----w- c:\program files\common files\AVG Secure Search

    2012-08-18 20:24:37 -------- d-----w- c:\program files\AVG Secure Search

    2012-08-18 20:21:58 -------- d-----w- c:\program files\AVG

    2012-08-18 20:12:33 -------- d--h--w- c:\documents and settings\all users\application data\Common Files

    2012-08-18 20:12:33 -------- d-----w- c:\documents and settings\all users\application data\MFAData

    2012-08-18 20:04:29 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

    2012-08-18 18:33:45 -------- d-----w- c:\program files\Yontoo

    2012-08-18 18:33:43 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer

    .

    ==================== Find3M ====================

    .

    2012-09-16 13:33:00 187776 ----a-w- c:\windows\system32\drivers\acpi.sys

    2012-09-07 22:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

    2012-08-21 23:42:24 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe

    2012-08-21 23:42:23 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2012-08-07 23:23:49 371712 ----a-w- c:\documents and settings\owner\application data\crdrf.dll

    2012-07-27 23:56:16 98304 ----a-w- c:\windows\system32\CmdLineExt.dll

    2012-06-28 02:17:05 139136 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

    2012-06-28 02:16:56 233920 ----a-w- c:\windows\system32\PnkBstrB.xtr

    2012-06-28 02:16:56 233920 ----a-w- c:\windows\system32\PnkBstrB.exe

    .

    ============= FINISH: 14:02:17.12 ===============

    Malwarebytes Anti-Malware 1.65.0.1400

    www.malwarebytes.org

    Database version: v2012.09.16.07

    Windows XP Service Pack 3 x86 NTFS

    Internet Explorer 8.0.6001.18702

    owner :: SKULL [administrator]

    9/16/2012 12:51:54 PM

    mbam-log-2012-09-16 (13-31-00).txt

    Scan type: Quick scan

    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

    Scan options disabled: P2P

    Objects scanned: 274715

    Time elapsed: 34 minute(s), 3 second(s)

    Memory Processes Detected: 0

    (No malicious items detected)

    Memory Modules Detected: 0

    (No malicious items detected)

    Registry Keys Detected: 1

    HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> No action taken.

    Registry Values Detected: 1

    HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 4290b82d4017c5d31ef2aabc7ded302c -> No action taken.

    Registry Data Items Detected: 0

    (No malicious items detected)

    Folders Detected: 0

    (No malicious items detected)

    Files Detected: 3

    C:\Documents and Settings\owner\Local Settings\Temp\install_0_msi.exe (Backdoor.Agent.RC2Gen) -> No action taken.

    C:\Documents and Settings\owner\Local Settings\Temp\install_1_msi.exe (Trojan.Sirefef) -> No action taken.

    C:\WINDOWS\Installer\{d74cfbfb-0c05-d728-f3fd-0a24268dca5f}\U\80000000.@ (Trojan.Small) -> No action taken.

    (end)

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.