Tang1
-
Posts
22 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Tang1
-
-
Have you completed the clean up instructions?
Hi Kevin,
TFC keeps freezing when I try to run it. It goes as far as turning the desktop off and no matter how long I wait for nothing happens. However, I have tried running it in safe mode. In this instance it tells me 78MB files cleaned but doesn't re-open desktop. I have to exit the program and restart the laptop normally. I don't know if this will work. Please let me know.
-
Can you run this please, I`d like a overview of security, java, adobe etc to see if classed as current... Let me know if you are still experiencing any issues or concerns...
Download Security Check by screen317 from HERE or HERE.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document...
Thanks,
Kevin
Thanks Kevin.
I turned on my security softwares before running the scan. Hope that won't distort the results.
I hope to start using this machine now more regularly and update you of any issues. Please find the checkup.txt results below.
Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Security Toolbar
AVG Free 8.5
SonicStage Mastering Studio Audio Filter Custom Preset
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 6 Adobe Reader out of Date!
Adobe Reader 7 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 9%
````````````````````End of Log``````````````````````
-
Is system restore turned off? in addition to to the DDS logs how is your system responding, any issues or concerns?
No, the system restore is not turned off.
I have not been using this machine as a matter of precaution except when running the relevant scans. During this period the main issues I have been having is freezing during scanning. I presume I can turn my firewall and anti-virus/malware back on in between scans, so I can give it a proper run and see how it is responding.
I have completed the dds scan. There was a loud beep when I clicked on the dds.com file to start the scanning process. I don't know if this is normal. However please find below the attach.txt and dds.txt files. Many thanks.
Attach.txt.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 04/04/2008 17:00:19
System Uptime: 05/12/2012 18:57:19 (6 hours ago)
Processor: Intel® Pentium® M processor 1.60GHz | N/A | 1596/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 47 GiB total, 22.324 GiB free.
D: is FIXED (NTFS) - 47 GiB total, 20.376 GiB free.
E: is Removable
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP738: 18/10/2012 17:30:06 - System Checkpoint
RP739: 19/10/2012 17:32:51 - System Checkpoint
RP740: 20/10/2012 18:08:38 - System Checkpoint
RP741: 21/10/2012 18:53:45 - System Checkpoint
RP742: 22/10/2012 18:59:14 - System Checkpoint
RP743: 24/10/2012 14:48:12 - System Checkpoint
RP744: 26/10/2012 00:07:14 - System Checkpoint
RP745: 27/10/2012 00:09:00 - System Checkpoint
RP746: 28/10/2012 00:42:10 - System Checkpoint
RP747: 28/10/2012 23:52:02 - System Checkpoint
RP748: 30/10/2012 16:23:55 - System Checkpoint
RP749: 31/10/2012 21:47:03 - System Checkpoint
RP750: 04/11/2012 11:38:27 - System Checkpoint
RP751: 05/11/2012 19:14:59 - System Checkpoint
RP752: 08/11/2012 18:28:36 - System Checkpoint
RP753: 09/11/2012 18:31:14 - System Checkpoint
RP754: 10/11/2012 18:57:22 - System Checkpoint
RP755: 14/11/2012 15:04:23 - System Checkpoint
RP756: 15/11/2012 01:56:31 - Software Distribution Service 3.0
RP757: 15/11/2012 09:08:37 - Installed Rapport
RP758: 16/11/2012 17:38:35 - System Checkpoint
RP759: 18/11/2012 19:14:55 - System Checkpoint
RP760: 19/11/2012 12:18:13 - Installed Rapport
RP761: 20/11/2012 12:57:33 - System Checkpoint
RP762: 21/11/2012 13:12:11 - System Checkpoint
RP763: 22/11/2012 14:01:34 - System Checkpoint
RP764: 25/11/2012 15:28:36 - System Checkpoint
RP765: 26/11/2012 00:55:45 - September restore point
RP766: 26/11/2012 01:10:20 - Restore Operation
RP767: 26/11/2012 01:17:25 - Restore Operation
RP768: 26/11/2012 01:27:17 - Restore Operation
RP769: 26/11/2012 01:37:13 - Restore Operation
RP770: 26/11/2012 14:35:26 - Restore Operation
RP771: 26/11/2012 15:22:59 - Installed Rapport
RP772: 27/11/2012 02:10:52 - Software Distribution Service 3.0
RP773: 27/11/2012 10:56:07 - Software Distribution Service 3.0
RP774: 28/11/2012 01:38:31 - Software Distribution Service 3.0
RP775: 02/12/2012 21:58:49 - System Checkpoint
RP776: 04/12/2012 11:34:10 - System Checkpoint
RP777: 05/12/2012 20:32:03 - System Checkpoint
.
==== Installed Programs ======================
.
Adobe Acrobat Elements 6.0
Adobe Flash Player 10 ActiveX
Adobe Photoshop 7.0
Adobe Photoshop Album 2.0 Starter Edition
Adobe Photoshop Elements 2.0
Adobe Premiere Standard
Adobe Reader 6.0.1
Adobe Reader 7.0
AiO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaImpression
AutoUpdate
AVG Free 8.5
AVG Security Toolbar
Belarc Advisor 8.2
Bing Bar
Bonjour
Click to DVD 2.0.01 Menu Data
Click to DVD 2.3.03
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Digital Video
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DVgate Plus
EdgeStreamClient 2.2.6.0
Enterprise
EPSON Printer Software
EPSON Scan
ffdshow [rev 1692] [2007-12-09]
Free Download Manager 3.8
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HDAUDIO SoftV92 Data Fax Modem with SmartCP
High Definition Audio Driver Package - KB835221
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP PSC & Officejet 4.2 Corporate Edition
Intel® Graphics Media Accelerator Driver for Mobile
Intel® PRO Network Connections Drivers
Intel® PROSet/Wireless Software
InterVideo WinDVD 5 for VAIO
InterVideo WinDVDX
iTunes
J2SE Runtime Environment 5.0
Kazaa Lite Resurrection 0.0.8
Macromedia Flash Player
Malwarebytes Anti-Malware version 1.65.1.1000
McDonald's Fairies
mCore
mDriver
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
mMHouse
MoodLogic
mPfMgr
mProSafe
MSN
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MTN Internet
mWlsSafe
mXML
My Info Centre
Novation Bass-Station VSTi v1.10
NVIDIA Drivers
Olympus Digital Wave Player
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
Orbit Downloader
PDFCreator
PictureGear Studio 2.0
Pinnacle Instant DVD Recorder
QFolder
QuickTime
Rapport
Realtek High Definition Audio Driver
SafeGuard® PrivateDisk 1.00.6 - Try and Buy Version
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile Composite Device Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Setting Utility Series
Skype™ 5.10
Sonic RecordNow!
SonicStage 4.3
SonicStage Mastering Studio 1.4
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Studio 11
TeamViewer 6
Ulead DVD MovieFactory 2
Ulead MediaStudio Pro 7.0
Ulead MediaStudio Pro 7.0 Patch3
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VAIO Edit Components
VAIO Entertainment Platform
VAIO Event Service
VAIO Fluid Wallpaper
VAIO Launcher
VAIO Light Flo Wallpaper
VAIO Media 4.0
VAIO Media Integrated Server 4.1
VAIO Media Redistribution 4.0
VAIO Media Registration Tool 4.0
VAIO Online Registration (English)
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Motion HD Normal Contents
VAIO Original Screen Saver VAIO Motion HD Wide Contents
VAIO Original Screen Saver VAIO Motion SD Normal Contents
VAIO Original Screen Saver VAIO Motion SD Wide Contents
VAIO Original Screen Saver VAIO Scene HD Normal Contents
VAIO Original Screen Saver VAIO Scene HD Wide Contents
VAIO Original Screen Saver VAIO Scene SD Normal Contents
VAIO Original Screen Saver VAIO Scene SD Wide Contents
VAIO Power Management
VAIO Product Survey (English)
VAIO Update 3
VAIO Zone
VOR
VPS
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Xvid 1.1.3 final uninstall
Yahoo! Desktop Login
.
==== Event Viewer Messages From Past Week ========
.
06/12/2012 00:38:40, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
05/12/2012 18:14:18, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
05/12/2012 17:58:20, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
05/12/2012 16:58:29, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
05/12/2012 16:58:06, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX BANTExt DMICall Fips intelppm IPSec MRxSmb NetBIOS NetBT PrivateDisk RapportKELL RasAcd Rdbss StarOpen Tcpip WS2IFSL
05/12/2012 16:58:06, error: Service Control Manager [7001] - The VAIO Entertainment File Import Service service depends on the VAIO Entertainment Database Service service which failed to start because of the following error: The dependency service or group failed to start.
05/12/2012 16:58:06, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
05/12/2012 16:58:06, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
05/12/2012 16:58:06, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
05/12/2012 16:58:06, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
05/12/2012 16:57:53, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
04/12/2012 12:01:36, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
04/12/2012 00:46:01, error: Service Control Manager [7034] - The BingBar Service service terminated unexpectedly. It has done this 1 time(s).
03/12/2012 18:03:33, error: BROWSER [8007] - The browser was unable to update the service status bits. The data is the error.
03/12/2012 18:02:47, error: MRxSmb [8003] - The master browser has received a server announcement from the computer OFFICE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{12F96322-E6F2-4AA5. The master browser is stopping or an election is being forced.
03/12/2012 15:48:01, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
03/12/2012 15:48:01, error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).
03/12/2012 15:48:00, error: Service Control Manager [7034] - The DCService.exe service terminated unexpectedly. It has done this 1 time(s).
03/12/2012 15:48:00, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
03/12/2012 15:48:00, error: Service Control Manager [7034] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 1 time(s).
03/12/2012 15:48:00, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2012 15:47:59, error: Service Control Manager [7034] - The Rapport Management Service service terminated unexpectedly. It has done this 1 time(s).
03/12/2012 15:47:59, error: Service Control Manager [7034] - The Intel® PROSet/Wireless Service service terminated unexpectedly. It has done this 1 time(s).
03/12/2012 15:47:59, error: Service Control Manager [7034] - The Intel® PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).
03/12/2012 15:47:59, error: Service Control Manager [7034] - The BrSplService service terminated unexpectedly. It has done this 1 time(s).
03/12/2012 15:47:59, error: Service Control Manager [7034] - The ArcSoft Connect Daemon service terminated unexpectedly. It has done this 1 time(s).
03/12/2012 14:41:07, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
03/12/2012 14:41:07, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll. Reference error message: The operation completed successfully. .
03/12/2012 14:41:07, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
03/12/2012 14:34:58, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
03/12/2012 12:53:43, error: Service Control Manager [7031] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
02/12/2012 18:26:34, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the VAIO Entertainment Aggregation and Control Service service to connect.
02/12/2012 18:26:34, error: Service Control Manager [7000] - The VAIO Entertainment Aggregation and Control Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
02/12/2012 18:26:34, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service VAIO Entertainment Aggregation and Control Service with arguments "" in order to run the server: {D221A1AA-893F-42BB-A881-60578A49195B}
02/12/2012 18:22:33, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the BBUpdate service to connect.
02/12/2012 18:22:33, error: Service Control Manager [7000] - The BBUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
02/12/2012 18:22:15, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service BBUpdate with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
02/12/2012 18:13:33, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the BITS service to connect.
02/12/2012 18:13:33, error: Service Control Manager [7000] - The BITS service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
02/12/2012 18:13:28, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
02/12/2012 18:08:32, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the VAIO Event Service service to connect.
02/12/2012 18:08:32, error: Service Control Manager [7000] - The VAIO Event Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
DDS.txt
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by tony fox at 0:38:34 on 2012-12-06
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.295 [GMT 0:00]
.
AV: AVG Anti-Virus Free *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Sony\Click to DVD 2\ctdatsvr.exe
C:\Program Files\Sony\VAIO Launcher\Launcher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uInternet Connection Wizard,ShellNext = iexplore
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - c:\program files\orbitdownloader\orbitcth.dll
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - c:\program files\orbitdownloader\GrabPro.dll
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - c:\program files\orbitdownloader\GrabPro.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - c:\program files\internet explorer\iedvtool.dll
uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [sonyPowerCfg] c:\program files\sony\vaio power management\SPMgr.exe
mRun: [iSBMgr.exe] c:\program files\sony\isb utility\ISBMgr.exe
mRun: [PDService.exe] c:\program files\utimaco\safeguard privatedisk\pdservice.exe
mRun: [VAIO Update 3] "c:\program files\sony\vaio update 3\VAIOUpdt.exe" /Stationary
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\tonyfo~1\startm~1\programs\startup\clickt~1.lnk - c:\program files\sony\click to dvd 2\ctdatsvr.exe
StartupFolder: c:\docume~1\tonyfo~1\startm~1\programs\startup\vaiola~1.lnk - c:\program files\sony\vaio launcher\Launcher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\audiof~1.lnk - c:\program files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\device~1.lnk - c:\program files\olympus\devicedetector\DevDtct2.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\orbit.lnk - c:\program files\orbitdownloader\orbitdm.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202
IE: Download all with Free Download Manager - c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - c:\program files\free download manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\NPJPI150.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1207323304746
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1207341209125
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F3D34410-6F9A-4FDD-987E-410C6F7AEA27} - hxxps://now.abs-cbn.com/software/ES_EasyInstall.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxsrvc.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "c:\progra~1\outlook express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "c:\progra~1\outlook express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
.
============= SERVICES / DRIVERS ===============
.
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2012-10-28 65848]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-30 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-4-4 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-30 108552]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-30 26984]
R1 PrivateDisk;PrivateDisk;c:\windows\system32\drivers\privatediskm.sys [2004-7-6 45627]
R1 RapportCerberus_43926;RapportCerberus_43926;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportcerberus\43926\RapportCerberus32_43926.sys [2012-10-30 272216]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2012-10-28 71480]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2012-10-28 166840]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-5-30 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-5-30 297752]
R2 DCService.exe;DCService.exe;c:\documents and settings\all users\application data\datacardservice\DCService.exe [2010-5-8 229376]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-27 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-6-19 676936]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2012-10-28 976728]
R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-10-29 2358656]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-11-8 711112]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-1-20 70656]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-6-19 22856]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg8\toolbar\ToolbarBroker.exe [2010-12-22 167264]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-1-20 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2012-1-20 117504]
S3 RapportIaso;RapportIaso;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\RapportIaso.sys [2012-5-31 21520]
.
=============== Created Last 30 ================
.
2012-12-06 00:30:01 -------- d--h--w- c:\windows\PIF
2012-12-03 12:53:42 -------- d-----w- C:\_OTM
2012-11-29 11:23:43 -------- d-s---w- C:\ComboFix
2012-11-29 01:00:08 -------- d-sha-r- C:\cmdcons
2012-11-29 00:56:31 98816 ----a-w- c:\windows\sed.exe
2012-11-29 00:56:31 256000 ----a-w- c:\windows\PEV.exe
2012-11-29 00:56:31 208896 ----a-w- c:\windows\MBR.exe
2012-11-26 15:14:26 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-11-26 15:14:26 -------- d-----w- c:\windows\system32\wbem\Repository
2012-11-19 13:49:17 -------- d-----w- c:\docume~1\tonyfo~1\applic~1\BabylonToolbar
.
==================== Find3M ====================
.
2012-11-08 15:48:30 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-10-28 16:46:34 65848 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-29 18:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 0:39:42.62 ===============
-
Boot into safemode. re-run OTM in that mode see if it will complete...
I ran OTM in safe mode as suggested. I was asked to reboot so I got the log results from c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log (See log below)
(I will run and post DDS logs shortly)
Please find OTM result log below:
All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
An internal error occurred: The request is not supported.
Please contact Microsoft Product Support Services for further help.
Additional information: Unable to query host name.
C:\Documents and Settings\tony fox\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\tony fox\My Documents\Downloads\cmd.txt deleted successfully.
C:\Documents and Settings\tony fox\My Documents\Downloads\cnet2_wctrial_zip.exe moved successfully.
C:\Documents and Settings\tony fox\My Documents\Downloads\iLividSetupV1.exe moved successfully.
C:\Downloads\asc5-setup(1).exe moved successfully.
C:\Downloads\asc5-setup.exe moved successfully.
C:\Downloads\OrbitSetup4.1.02(1).exe moved successfully.
C:\Downloads\OrbitSetup4.1.02.exe moved successfully.
c:\documents and settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} folder moved successfully.
c:\documents and settings\All Users\Application Data\Tarma Installer folder moved successfully.
c:\documents and settings\All Users\Application Data\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings folder moved successfully.
c:\documents and settings\All Users\Application Data\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content folder moved successfully.
c:\documents and settings\All Users\Application Data\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components folder moved successfully.
c:\documents and settings\All Users\Application Data\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension folder moved successfully.
c:\documents and settings\All Users\Application Data\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} folder moved successfully.
c:\documents and settings\All Users\Application Data\Browser Manager\2.5.911.18 folder moved successfully.
c:\documents and settings\All Users\Application Data\Browser Manager folder moved successfully.
c:\documents and settings\tony fox\Application Data\Free Download Manager\Update folder moved successfully.
c:\documents and settings\tony fox\Application Data\Free Download Manager folder moved successfully.
c:\program files\Free Download Manager\Skins\old style folder moved successfully.
c:\program files\Free Download Manager\Skins folder moved successfully.
c:\program files\Free Download Manager\Server folder moved successfully.
c:\program files\Free Download Manager\Plugins folder moved successfully.
c:\program files\Free Download Manager\Language folder moved successfully.
c:\program files\Free Download Manager\Help folder moved successfully.
c:\program files\Free Download Manager\Firefox\extension\components folder moved successfully.
c:\program files\Free Download Manager\Firefox\extension\chrome\content folder moved successfully.
c:\program files\Free Download Manager\Firefox\extension\chrome folder moved successfully.
c:\program files\Free Download Manager\Firefox\extension folder moved successfully.
c:\program files\Free Download Manager\Firefox folder moved successfully.
c:\program files\Free Download Manager\Archive\7-zip\Formats folder moved successfully.
c:\program files\Free Download Manager\Archive\7-zip\Codecs folder moved successfully.
c:\program files\Free Download Manager\Archive\7-zip folder moved successfully.
c:\program files\Free Download Manager\Archive folder moved successfully.
c:\program files\Free Download Manager folder moved successfully.
c:\documents and settings\tony fox\Application Data\Babylon folder moved successfully.
========== COMMANDS ==========
Error creating restore point.
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 398 bytes
User: Administrator.YOUR-844AEAC0A5
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 98669 bytes
->Flash cache emptied: 451 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes
->Flash cache emptied: 451 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78991 bytes
->Flash cache emptied: 451 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 82054 bytes
User: Tony
->Temp folder emptied: 27598309 bytes
->Temporary Internet Files folder emptied: 43614624 bytes
->Java cache emptied: 19018585 bytes
->Flash cache emptied: 202911 bytes
User: tony fox
->Temp folder emptied: 1486295 bytes
->Temporary Internet Files folder emptied: 30402256 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 7332103 bytes
->Flash cache emptied: 14109 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 84612 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34318 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 124.00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 12052012_185422
-
Ok I will give it more time and proceed accordingly.
Thanks
Tang
I have tried running OTM now on several occasions but it keeps on freezing. As expected the desktop successfully disappears but it doesn't return no matter how long I leave it for. As you pointed out previously we experienced freezes when we tried to run combofix. I still got combofix installed on my desktop. I don't know if uninstalling it will make any difference. I will wait to hear from you.
Many thanks,
Tang
-
The Desktop does disappear due to processes being stopped during the run, that is very much normal and expected. The Desktop normally returns on completion, 5 hours run time is not what i`ve experienced before, that sounds very excessive, maybe OTM has frozen? Leave maybe another 2 hours, if still no results and no activity from Laptop you will have to power off and reboot...
Ok I will give it more time and proceed accordingly.
Thanks
Tang
-
Use any link, alternatives are just incase maybe one does not work to give a download....
So far I have downloaded OTM and copied the text into the moveit window. My desktop disappeared over five hours ago but has not reappeared since then. How long should I wait for the results to be processed and do I need to do anything?
I wait to hear from you.
Thanks,
Tang
-
Hi Kevin,
Do we need to download OTM from all the three links above (including mirrors 1 & 2) or just any one of the 3 links?
Thanks,
Tang
-
I am waiting for the ESET scan to complete.
This is what I did to get the laptop to boot:
- I took out the memmory chips one at a time - not resolved
- swapped over the two chips - not resolved
- took out both chips and replace one of the slots with a new one - laptop started (important - I noticed that after pressing down the power on button I released it very quickly)
- So I put back the 2 old chips in their slots but this time I gave the power on button a quick push and released it immediately - boot Successful.
Hope this makes sense. I presume it had something to do with the contact at the power on button.
I will forward the ESET scan results shortly.
Many thanks once again.
Tang
Further to my previous reply please find below ESET SCAN results as requested. Doesn't look too good !
C:\Documents and Settings\All Users\Application Data\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\mngr.js Win32/bProtector.C application
C:\Documents and Settings\tony fox\My Documents\Downloads\cnet2_wctrial_zip.exe a variant of Win32/InstallCore.D application
C:\Documents and Settings\tony fox\My Documents\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite application
C:\Downloads\asc5-setup(1).exe a variant of Win32/ELEX application
C:\Downloads\asc5-setup.exe a variant of Win32/ELEX application
C:\Downloads\OrbitSetup4.1.02(1).exe Win32/OpenCandy application
C:\Downloads\OrbitSetup4.1.02.exe Win32/OpenCandy application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP762\A0529337.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP762\A0529339.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP763\A0532210.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP764\A0532985.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP766\A0533000.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP767\A0533115.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP768\A0533228.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP769\A0533329.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP770\A0533563.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP770\A0534284.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP770\A0535659.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP770\A0535662.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP770\A0536298.dll Win32/bProtector.D application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP770\A0536319.exe probably a variant of Win32/Toolbar.Babylon application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP770\A0536328.dll a variant of Win32/Toolbar.Babylon application
C:\System Volume Information\_restore{B01E8ED6-95B5-4381-A1C4-8341C4F8B2E9}\RP770\A0537215.dll a variant of Win32/bProtector.A application
I wait to hear from you.
Thanks,
Tang
-
Do not worry about Combofix log, I`d rather you ran ESET and see what that produces.... Also let me know what you did to get the laptop to boot
I am waiting for the ESET scan to complete.
This is what I did to get the laptop to boot:
- I took out the memmory chips one at a time - not resolved
- swapped over the two chips - not resolved
- took out both chips and replace one of the slots with a new one - laptop started (important - I noticed that after pressing down the power on button I released it very quickly)
- So I put back the 2 old chips in their slots but this time I gave the power on button a quick push and released it immediately - boot Successful.
Hope this makes sense. I presume it had something to do with the contact at the power on button.
I will forward the ESET scan results shortly.
Many thanks once again.
Tang
-
Regarding the Auto run enquiry, go here http://support.microsoft.com/kb/967715 Scroll down the page until you fin the apprpriate Fixit...
Next,
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste the text in the Codebox below into it:
ClearJavaCache::
Killall::
Folder::
c:\documents and settings\All Users\Application Data\Tarma Installer
c:\documents and settings\All Users\Application Data\Browser Manager
c:\documents and settings\tony fox\Application Data\Free Download Manager
c:\program files\Free Download Manager
c:\documents and settings\tony fox\Application Data\Babylon
RegLockDelete::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{44fb0b1d-25c4-4044-8d67-1249b1e7d24b}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]Save this as CFScript.txt, and as Type: All Files (*.*) in the same location as ComboFix.exe
Refering to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
Next,
**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin
Go Eset web page http://www.eset.com/...online-scanner/ to run an online scanner from ESET.
- Turn off the real time scanner of any existing antivirus program while performing the online scan
- click on the Run ESET Online Scanner button
- Tick the box next to YES, I accept the Terms of Use.
Click Start - When asked, allow the add/on to be installed
Click Start - Make sure that the option Remove found threats is unticked
- Click on Advanced Settings, ensure the options
- Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan - wait for the virus definitions to be downloaded
- Wait for the scan to finish
When the scan is complete
- If no threats were found
- put a checkmark in "Uninstall application on close"
- close program
- report to me that nothing was found
If threats were found
- click on "list of threats found"
- click on "export to text file" and save it as ESET SCAN and save to the desktop
- Click on back
- put a checkmark in "Uninstall application on close"
- click on finish
close program
copy and paste the report here
Copy and paste the logs, do not attach them...
Thanks,
Kevin
Ok the laptop is now back on.
Before the freeze I drag CFScript into ComboFix.exe
but combofix froze so a log wasn't produced. I am not sure if a log was generated internally within combofix but just wasn't displayed. So far I haven't run an online scanner from ESET web page yet. Please could you let me know how to proceed from here.
Many thanks.
Tang
- Turn off the real time scanner of any existing antivirus program while performing the online scan
-
Remove the battery, connect power adaptor cable, does it power on now?
There is power getting to the laptop as the power lights come on when I press the power on button, but before any thing comes on the screen the laptop turns itself off. This happens irrespective of whether its done with the battery or power adaptor cable connected.
-
I
When Combofix was first run it installed the Revovery Console, normally when that is done you will see that as an option as you boot. It is necessary to use the up/down arrows to select the recovery console, is that an option?
I don't think so because I can't boot it at all. The laptop doesn't turn on and there is nothing on the screen, so there are no boot options.
-
I have just tried listening to the beeps again but for some reason I can't hear any this time. When I heard it before it was hard to clearing distinguish the beeps because they were quite close together. I will try it again later and if I hear any beeps I will update you.The laptop is Sony Vaio VGN-FS115B, Model PCG-791M. I am not sure if it can boot into safe mode because it doesn't come on at all, to allow me to press the F8 or similar keys. I don't know if there is any other way to boot into safe mode.
I await your instructions.
Thanks
Tang
-
Hi Kevin,
I couldn't open taskmanager using ctrl-alt-del, so tried manual reboot as requested. The computer closed down but couldn't restart.
This is what happens:
When I press the power on button I see the power lights come on, I hear the fan turning, a brief light shows on the screen, I hear 2 or 3 quick beeps but then the computer switches back off. At the moment I can't start the computer. Please let us know how to proceed.
I wait to hear from you.
Thanks,
Tang
-
Hi Kevin,
Just a quick note to let you know that there has been no changes on the AutoScan screen since my last post.
Should I continue to wait until tomorrow ?
Many thanks,
Tang
-
Thank you Kevin,
So far I dragged the CFScript.txt file to combofix.exe.
It then gave me the option to run or cancel. I clicked run.
It then asked if I wanted to update combofix. I clicked yes and agreed to terms & conditions.
It then proceed to open the AutoScan screen with the following information:
[scanning for infected files ...........
This typically doesn't take more than 10 minutes
However, scan times for badly infected machines may easily double
- ]
It has stayed on this screen now for almost 2 hours with nothing happening apart from the dash ( - ) flashing on and off.
So far I haven't gone to Eset webpage or even touched the computer at all (I am replying from a different laptop).
Is there anything I need to do ? If not how much longer should I leave it on this screen ?
I wait to hear from you.
Many thanks,
Tang
-
Many thanks Kevin,
I have followed your instructions as above. Please find attached log files for roguekiller and combofix.
Is it now save to re - enable security softwares? How to I re - enable autorun should I wish to in due course?
I wait to hear from you.
Once again many thanks.
Tang
-
Thanks Kevin,
I have seen it via control panel as Advanced system care. It has been uninstalled. Please find below roguekiller report as requested.
Many thanks,
Tang
RogueKiller V8.3.1 [Nov 26 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : tony fox [Admin rights]
Mode : Scan -- Date : 11/28/2012 16:50:29
¤¤¤ Bad processes : 1 ¤¤¤
[sUSP PATH] DCService.exe -- C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe -> KILLED [TermProc]
¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : EPSON Stylus DX9400F Series (C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S16C.tmp" /EF "HKCU") -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-2432774525-1097754318-1563436208-1007[...]\Run : EPSON Stylus DX9400F Series (C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S16C.tmp" /EF "HKCU") -> FOUND
[sTARTUP][NOTFOUND] tue0.40022097878722707.exe.lnk @tony fox : C:\WINDOWS\system32\rundll32.exe|C:\DOCUME~1\TONYFO~1\LOCALS~1\Temp\tue0.40022097878722707.exe,SuppS -> FOUND
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
SSDT[19] : NtAssignProcessToJobObject @ 0x805CCB02 -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F20DA)
SSDT[37] : NtCreateFile @ 0x8056E3EE -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F2CA6)
SSDT[53] : NtCreateThread @ 0x805C73DE -> HOOKED (\??\C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys @ 0xAA35D670)
SSDT[62] : NtDeleteFile @ 0x8056BF8E -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F2EB8)
SSDT[63] : NtDeleteKey @ 0x8061B222 -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F6714)
SSDT[65] : NtDeleteValueKey @ 0x8061B3F2 -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F6756)
SSDT[98] : NtLoadKey @ 0x8061CFAA -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F68FA)
SSDT[116] : NtOpenFile @ 0x8056F50C -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F2DCA)
SSDT[122] : NtOpenProcess @ 0x805C1462 -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F2282)
SSDT[128] : NtOpenThread @ 0x805C16EE -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F2482)
SSDT[137] : NtProtectVirtualMemory @ 0x805ADBC6 -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F25C2)
SSDT[177] : NtQueryValueKey @ 0x80618FAA -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F685E)
SSDT[192] : NtRenameKey @ 0x8061A7A8 -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F67A8)
SSDT[193] : NtReplaceKey @ 0x8061CE5A -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F67EA)
SSDT[204] : NtRestoreKey @ 0x8061C766 -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F6824)
SSDT[213] : NtSetContextThread @ 0x805C9036 -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F2068)
SSDT[224] : NtSetInformationFile @ 0x805703F6 -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F2F6A)
SSDT[247] : NtSetValueKey @ 0x806192F8 -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F669C)
SSDT[254] : NtSuspendThread @ 0x805CAD9A -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F1FE6)
SSDT[257] : NtTerminateProcess @ 0x805C86EA -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F1EEE)
SSDT[258] : NtTerminateThread @ 0x805C88E4 -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F1F46)
S_SSDT[7] : NtGdiAlphaBlend -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F9128)
S_SSDT[13] : NtGdiBitBlt -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F8F56)
S_SSDT[191] : NtGdiGetPixel -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F8FAC)
S_SSDT[227] : NtGdiMaskBlt -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F904A)
S_SSDT[237] : NtGdiPlgBlt -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F90A0)
S_SSDT[292] : NtGdiStretchBlt -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F8FE8)
S_SSDT[298] : NtGdiTransparentBlt -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F90E4)
S_SSDT[378] : NtUserFindWindowEx -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F33FC)
S_SSDT[477] : NtUserPrintWindow -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F916C)
S_SSDT[483] : NtUserQueryWindow -> HOOKED (\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys @ 0xAA1F3366)
¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: FUJITSU MHV2100AT PL +++++
--- User ---
[MBR] 40f5c6e89135e12f2d8f8d9d7bc857a4
[bSP] 9f8b54fa3f46ac14b7d9e455c3912a5e : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 47685 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 97659135 | Size: 47708 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_11282012_02d1650.txt >>
RKreport[1]_S_11282012_02d1650.txt
-
Hi Kevin,
Thanks for getting back to me quickly.
I can't find iobit on the list of installed programs but I can see Orbit Downloader. Is "Orbit Downloader" the program you want me to uninstall ?
I wait to hear from you.
Many thanks
Tang
-
Hello,
The trojan Horse generic3030akck has been dictated on my computer but I have been unable to remove it so far. Please find attached the dds and attach logs. I am new to this forum and any help will be very much appreciated.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by tony fox at 15:43:04 on 2012-11-27
.
============== Running Processes ================
.
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Sony\Click to DVD 2\ctdatsvr.exe
C:\Program Files\Sony\VAIO Launcher\Launcher.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tony fox\My Documents\Downloads\HijackThis.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\tony fox\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uInternet Connection Wizard,ShellNext = iexplore
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - c:\program files\orbitdownloader\orbitcth.dll
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - c:\program files\orbitdownloader\GrabPro.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - c:\program files\orbitdownloader\GrabPro.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - c:\program files\internet explorer\iedvtool.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
uRun: [Google Update] "c:\documents and settings\tony fox\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [EPSON Stylus DX9400F Series] c:\windows\system32\spool\drivers\w32x86\3\e_faticfe.exe /fu "c:\windows\temp\E_S16C.tmp" /EF "HKCU"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Alcmtr] ALCMTR.EXE
mRun: [sonyPowerCfg] c:\program files\sony\vaio power management\SPMgr.exe
mRun: [iSBMgr.exe] c:\program files\sony\isb utility\ISBMgr.exe
mRun: [PDService.exe] c:\program files\utimaco\safeguard privatedisk\pdservice.exe
mRun: [VAIO Update 3] "c:\program files\sony\vaio update 3\VAIOUpdt.exe" /Stationary
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204
IE: &Search - <no file>
IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\NPJPI150.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1207323304746
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1207341209125
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F3D34410-6F9A-4FDD-987E-410C6F7AEA27} - hxxps://now.abs-cbn.com/software/ES_EasyInstall.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{12F96322-E6F2-4AA5-B5FB-732433427E69} : DHCPNameServer = 192.168.0.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxsrvc.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R? AVG Security Toolbar Service;AVG Security Toolbar Service
R? BBSvc;BingBar Service
R? ew_hwusbdev;Huawei MobileBroadband USB PNP Device
R? ewusbnet;HUAWEI USB-NDIS miniport
R? SkypeUpdate;Skype Updater
S? AdvancedSystemCareService5;Advanced SystemCare Service 5
S? avg8emc;AVG Free8 E-mail Scanner
S? avg8wd;AVG Free8 WatchDog
S? AvgLdx86;AVG Free AVI Loader Driver x86
S? AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86
S? AvgTdiX;AVG Free8 Network Redirector
S? avgtp;avgtp
S? BBUpdate;BBUpdate
S? DCService.exe;DCService.exe
S? huawei_enumerator;huawei_enumerator
S? MBAMProtector;MBAMProtector
S? MBAMScheduler;MBAMScheduler
S? MBAMService;MBAMService
S? PrivateDisk;PrivateDisk
S? RapportCerberus_43926;RapportCerberus_43926
S? RapportEI;RapportEI
S? RapportIaso;RapportIaso
S? RapportKELL;RapportKELL
S? RapportMgmtService;Rapport Management Service
S? RapportPG;RapportPG
S? TeamViewer6;TeamViewer 6
S? vToolbarUpdater13.2.0;vToolbarUpdater13.2.0
.
=============== Created Last 30 ================
.
2012-11-26 15:14:26 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-11-26 15:14:26 -------- d-----w- c:\windows\system32\wbem\Repository
2012-11-19 13:49:28 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer
2012-11-19 13:49:17 -------- d-----w- c:\documents and settings\tony fox\application data\BabylonToolbar
2012-11-19 13:49:15 -------- d-----w- c:\documents and settings\all users\application data\Browser Manager
2012-11-19 13:49:14 -------- d-----w- c:\documents and settings\tony fox\application data\Free Download Manager
2012-11-19 13:48:27 -------- d-----w- c:\program files\Free Download Manager
2012-11-19 13:46:37 -------- d-----w- c:\documents and settings\tony fox\application data\Babylon
2012-10-28 16:46:34 65848 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
.
==================== Find3M ====================
.
2012-11-08 15:48:30 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-29 18:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 15:46:03.85 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 04/04/2008 17:00:19
System Uptime: 27/11/2012 11:26:09 (4 hours ago)
Processor: Intel® Pentium® M processor 1.60GHz | N/A | 1596/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 47 GiB total, 22.284 GiB free.
D: is FIXED (NTFS) - 47 GiB total, 20.018 GiB free.
E: is Removable
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP738: 18/10/2012 17:30:06 - System Checkpoint
RP739: 19/10/2012 17:32:51 - System Checkpoint
RP740: 20/10/2012 18:08:38 - System Checkpoint
RP741: 21/10/2012 18:53:45 - System Checkpoint
RP742: 22/10/2012 18:59:14 - System Checkpoint
RP743: 24/10/2012 14:48:12 - System Checkpoint
RP744: 26/10/2012 00:07:14 - System Checkpoint
RP745: 27/10/2012 00:09:00 - System Checkpoint
RP746: 28/10/2012 00:42:10 - System Checkpoint
RP747: 28/10/2012 23:52:02 - System Checkpoint
RP748: 30/10/2012 16:23:55 - System Checkpoint
RP749: 31/10/2012 21:47:03 - System Checkpoint
RP750: 04/11/2012 11:38:27 - System Checkpoint
RP751: 05/11/2012 19:14:59 - System Checkpoint
RP752: 08/11/2012 18:28:36 - System Checkpoint
RP753: 09/11/2012 18:31:14 - System Checkpoint
RP754: 10/11/2012 18:57:22 - System Checkpoint
RP755: 14/11/2012 15:04:23 - System Checkpoint
RP756: 15/11/2012 01:56:31 - Software Distribution Service 3.0
RP757: 15/11/2012 09:08:37 - Installed Rapport
RP758: 16/11/2012 17:38:35 - System Checkpoint
RP759: 18/11/2012 19:14:55 - System Checkpoint
RP760: 19/11/2012 12:18:13 - Installed Rapport
RP761: 20/11/2012 12:57:33 - System Checkpoint
RP762: 21/11/2012 13:12:11 - System Checkpoint
RP763: 22/11/2012 14:01:34 - System Checkpoint
RP764: 25/11/2012 15:28:36 - System Checkpoint
RP765: 26/11/2012 00:55:45 - September restore point
RP766: 26/11/2012 01:10:20 - Restore Operation
RP767: 26/11/2012 01:17:25 - Restore Operation
RP768: 26/11/2012 01:27:17 - Restore Operation
RP769: 26/11/2012 01:37:13 - Restore Operation
RP770: 26/11/2012 14:35:26 - Restore Operation
RP771: 26/11/2012 15:22:59 - Installed Rapport
RP772: 27/11/2012 02:10:52 - Software Distribution Service 3.0
RP773: 27/11/2012 10:56:07 - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Acrobat Elements 6.0
Adobe Flash Player 10 ActiveX
Adobe Photoshop 7.0
Adobe Photoshop Album 2.0 Starter Edition
Adobe Photoshop Elements 2.0
Adobe Premiere Standard
Adobe Reader 6.0.1
Adobe Reader 7.0
Advanced SystemCare 5
AiO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaImpression
AutoUpdate
AVG Free 8.5
AVG Security Toolbar
Belarc Advisor 8.2
Bing Bar
Bonjour
Click to DVD 2.0.01 Menu Data
Click to DVD 2.3.03
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Digital Video
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DVgate Plus
EdgeStreamClient 2.2.6.0
Enterprise
EPSON Printer Software
EPSON Scan
ffdshow [rev 1692] [2007-12-09]
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HDAUDIO SoftV92 Data Fax Modem with SmartCP
High Definition Audio Driver Package - KB835221
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP PSC & Officejet 4.2 Corporate Edition
Intel® Graphics Media Accelerator Driver for Mobile
Intel® PRO Network Connections Drivers
Intel® PROSet/Wireless Software
InterVideo WinDVD 5 for VAIO
InterVideo WinDVDX
iTunes
J2SE Runtime Environment 5.0
Kazaa Lite Resurrection 0.0.8
Macromedia Flash Player
Malwarebytes Anti-Malware version 1.65.1.1000
McDonald's Fairies
mCore
mDriver
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
mMHouse
MoodLogic
mPfMgr
mProSafe
MSN
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MTN Internet
mWlsSafe
mXML
My Info Centre
Novation Bass-Station VSTi v1.10
NVIDIA Drivers
Olympus Digital Wave Player
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
Orbit Downloader
PDFCreator
PictureGear Studio 2.0
Pinnacle Instant DVD Recorder
QFolder
QuickTime
Rapport
Realtek High Definition Audio Driver
SafeGuard® PrivateDisk 1.00.6 - Try and Buy Version
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile Composite Device Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Setting Utility Series
Skype™ 5.10
Sonic RecordNow!
SonicStage 4.3
SonicStage Mastering Studio 1.4
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Studio 11
TeamViewer 6
Ulead DVD MovieFactory 2
Ulead MediaStudio Pro 7.0
Ulead MediaStudio Pro 7.0 Patch3
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VAIO Edit Components
VAIO Entertainment Platform
VAIO Event Service
VAIO Fluid Wallpaper
VAIO Launcher
VAIO Light Flo Wallpaper
VAIO Media 4.0
VAIO Media Integrated Server 4.1
VAIO Media Redistribution 4.0
VAIO Media Registration Tool 4.0
VAIO Online Registration (English)
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Motion HD Normal Contents
VAIO Original Screen Saver VAIO Motion HD Wide Contents
VAIO Original Screen Saver VAIO Motion SD Normal Contents
VAIO Original Screen Saver VAIO Motion SD Wide Contents
VAIO Original Screen Saver VAIO Scene HD Normal Contents
VAIO Original Screen Saver VAIO Scene HD Wide Contents
VAIO Original Screen Saver VAIO Scene SD Normal Contents
VAIO Original Screen Saver VAIO Scene SD Wide Contents
VAIO Power Management
VAIO Product Survey (English)
VAIO Update 3
VAIO Zone
VOR
VPS
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Xvid 1.1.3 final uninstall
Yahoo! Desktop Login
.
==== Event Viewer Messages From Past Week ========
.
27/11/2012 10:38:39, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom0.
27/11/2012 10:37:42, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
27/11/2012 10:37:42, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll. Reference error message: The operation completed successfully. .
27/11/2012 10:37:42, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
27/11/2012 10:20:54, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
27/11/2012 01:19:29, error: MRxSmb [8003] - The master browser has received a server announcement from the computer OFFICE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{12F96322-E6F2-4AA5. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
I look forward to hearing from you and many thanks in advance.
HijackThis Log - Trojan Horse Generic30akck
in Resolved Malware Removal Logs
Posted
I have disabled firewall and anti-virus and ran in normal mode but TFC still freezes.