Jump to content

Search the Community

Showing results for tags 'btsearch.name'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 1 result

  1. Hi, I believe my computer is infected. When I open a new Chrome session, it automatically opens two tabs, which re-direct me to a site called "btsearch.name" which is simply a Google search window. This began after downloading "MyStart by Incredibar". I I removed the program via Add/Remove but the problem remains. I have run both MalwareBytes & Spybot S&D (including Immunization) but the problem remains. Here are the DDS.txt & Attach.txt files as requested. Thank you for any assistance you can offer. -Ryan . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_31 Run by 107267 at 18:00:26 on 2012-04-10 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3046.2108 [GMT 10:00] . AV: Sophos Anti-Virus *Enabled/Updated* {3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD} . ============== Running Processes =============== . C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Citrix\ICA Client\ssonsvr.exe svchost.exe svchost.exe C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Hyperion\BIPlus\bin\SQR\Remote\bin\atrls.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CA\SC\CAM\bin\cam.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Notes\nsd.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Notes\ntmulti.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe C:\Program Files\Sonexis\ApplicationSharing\AppDriverService.exe C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe C:\Program Files\Sophos\AutoUpdate\ALsvc.exe C:\Program Files\Sophos\Remote Management System\RouterNT.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe C:\Program Files\ORL\VNC\WinVNC.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\CA\DSM\Bin\caf.exe C:\Program Files\CA\DSM\Bin\cfsmsmd.exe C:\Program Files\CA\DSM\Bin\ccnfagent.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CA\DSM\Bin\cfnotsrvd.exe C:\Program Files\CA\DSM\Bin\ccsmagtd.exe C:\Program Files\CA\DSM\Bin\rcHost.exe C:\Program Files\CA\DSM\Bin\amswmagt.exe C:\Program Files\CA\DSM\PMAgent\capmuamagt.exe C:\Program Files\CA\DSM\Bin\cfftplugin.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\CA\DSM\bin\cfSysTray.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Sophos\AutoUpdate\almon.exe C:\Program Files\Real\RealPlayer\update\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Browny02\Brother\BrStMonW.exe C:\Program Files\Browny02\BrYNSvc.exe C:\Program Files\Telstra\Mobile Broadband Manager\TelstraUCM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\107267\Desktop\snagit32.exe C:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE C:\Documents and Settings\107267\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\107267\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\107267\Local Settings\Application Data\Google\Chrome\Application\chrome.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://intranet.rcleurope.com/ mDefault_Page_URL = Http://intranet.rcleurope.com uInternet Settings,ProxyServer = ausproxy.aus.rccl.com:8080 uInternet Settings,ProxyOverride = 12.42.128.*;172.18.128.137;10.*.*.*;172.16.*.*;*.rccl.com;*.royalcaribbean.com;*.celebrity-cruises.com;*.celebritycruises.com;*.cruisingpower.com;intranet;1a.amadeusprintservices.com;prod1.centra.com;ap-docmgmt;*.sourcingservice.com;anyconnect.rccl.com;119.225.1.34;;*.local;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<local> BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Sophos Web Content Scanner: {39ea7695-b3f2-4c44-a4bc-297ada8fd235} - c:\program files\sophos\sophos anti-virus\SophosBHO.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\107267\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon mRun: [CAF_SystemTray] "c:\program files\ca\dsm\bin\cfSysTray.exe" mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [soundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray mRun: [Client Access Service] "c:\program files\ibm\client access\cwbsvstr.exe" mRun: [WinVNC] "c:\program files\orl\vnc\winvnc.exe" -servicehelper mRun: [DsmSxplog] "c:\program files\ca\dsm\bin\sxpstub.exe" mRun: [sophos AutoUpdate Monitor] c:\program files\sophos\autoupdate\almon.exe mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe" mRun: [indexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe" mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini" mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun mRun: [brStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN mRun: [bigPondWirelessBroadbandCM] "c:\program files\telstra\mobile broadband manager\TelstraUCM.exe" -tsr mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1) uPolicies-explorer: DisallowRun = 1 (0x1) uPolicies-disallowrun: 1 = autorun.pif uPolicies-disallowrun: 2 = hupigon.exe uPolicies-system: NoDispSettingsPage = 0 (0x0) dPolicies-explorer: ForceClassicControlPanel = 1 (0x1) dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab DPF: B3467D2D-E10C-41A6-B671-2B07A1445DC4 - hxxp://econference.rcleurope.com//Downloads/cmW32client.cab DPF: {00B28243-126B-4FFF-B346-6C3176E8296B} - hxxp://siebgvsp.rccl.com:9100/callcenter_enu/19221/applets/SiebelAx_Calendar.cab DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://biz.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab DPF: {3605B612-C3CF-4AB4-A426-2D853391DB2E} - hxxp://qc.rccl.com/qcbin/capicom.dll DPF: {5F738800-9D2F-48CE-999B-B3D66C7E8D24} - hxxp://teamsite-prod.rccl.com/iw/ewebeditpro20/ewebeditpro5.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} - hxxps://remotemail.rccl.com:11023/dwa8W.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {DE2C7216-C882-400E-BB47-EBB90237CAD1} - hxxp://siebgvsp.rccl.com:9100/callcenter_enu/19221/applets/SiebelAx_HI_Client.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://aufreetrial.webex.com/client/T27L/webex/ieatgpc.cab DPF: {F79364C6-8DF2-4060-BF77-35239AC7BCB1} - hxxp://hyperion.rccl.com/InsightInstaller/setup.cab DPF: {FCADE536-93F5-4577-80A3-E7C32FAC4C7D} - hxxp://qc.rccl.com/qcbin/Spider10.cab TCP: DhcpNameServer = 192.168.0.1 203.134.12.90 TCP: Interfaces\{362A5A16-A1C4-4FFD-8712-ECA41F10EB74} : DhcpNameServer = 192.168.0.1 203.134.12.90 Notify: CAF - c:\program files\ca\dsm\bin\cfwlogon.dll Notify: igfxcui - igfxdev.dll Notify: rcHostExt - c:\program files\ca\dsm\bin\rcLoginExt.dll AppInit_DLLs: c:\progra~1\sophos\sophos~1\SOPHOS~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\107267\application data\mozilla\firefox\profiles\tuai47zv.default\ FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredibar.com/mb119?a=6Oyy706xO9&i=26 FF - prefs.js: browser.search.selectedEngine - MyStart Search FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb119/?loc=IB_DS&a=6Oyy706xO9&&i=26&search= FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll FF - plugin: c:\documents and settings\107267\application data\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\107267\application data\mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: c:\documents and settings\107267\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6Oyy706xO9&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 142c63b900000000000000218696caed FF - user.js: extensions.incredibar_i.instlDay - 15437 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1414:42:48 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6Oyy706xO9 FF - user.js: extensions.incredibar_i.upn2n - 92261197075936793 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10606 FF - user.js: extensions.incredibar_i.ppd - 61%5F2 . ============= SERVICES / DRIVERS =============== . R1 SAVOnAccessControl;SAVOnAccessControl;c:\windows\system32\drivers\savonaccesscontrol.sys [2010-3-5 153344] R1 SAVOnAccessFilter;SAVOnAccessFilter;c:\windows\system32\drivers\savonaccessfilter.sys [2010-3-5 24064] R2 Ataman TCP Remote Logon Services;Ataman TCP Remote Logon Services;c:\hyperion\biplus\bin\sqr\remote\bin\atrls.exe [2010-9-17 71168] R2 CA-MessageQueuing;CA Message Queuing Server;c:\program files\ca\sc\cam\bin\cam.exe [2010-3-5 147456] R2 caf;CA DSM r11 Common Application Framework.;c:\program files\ca\dsm\bin\CAF.exe [2008-3-1 193800] R2 Lotus Notes Diagnostics;Lotus Notes Diagnostics;c:\program files\notes\nsd.exe [2009-9-29 3397000] R2 SAVAdminService;Sophos Anti-Virus status reporter;c:\program files\sophos\sophos anti-virus\SAVAdminService.exe [2010-12-13 163056] R2 SAVService;Sophos Anti-Virus;c:\program files\sophos\sophos anti-virus\SavService.exe [2010-12-13 97520] R2 Sonexis Application Sharing Driver Service;Sonexis Application Sharing Driver Service;c:\program files\sonexis\applicationsharing\AppDriverService.exe [2010-8-16 167936] R2 Sophos Agent;Sophos Agent;c:\program files\sophos\remote management system\ManagementAgentNT.exe [2010-12-13 282624] R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;c:\program files\sophos\autoupdate\ALsvc.exe [2010-12-13 230640] R2 Sophos Message Router;Sophos Message Router;c:\program files\sophos\remote management system\RouterNT.exe [2010-12-13 806912] R2 swi_service;Sophos Web Intelligence Service;c:\program files\sophos\sophos anti-virus\web intelligence\swi_service.exe [2012-3-15 1543704] R2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;c:\program files\sierra wireless inc\common\SwiCardDetect.exe [2010-9-2 230768] R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client\vpnagent.exe [2009-12-17 497856] R3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2011-7-25 245760] R3 rcSmCard;rcSmCard;c:\windows\system32\drivers\rcSmCard.sys [2008-3-1 26128] R3 rcVidCap;rcVidCap;c:\windows\system32\drivers\rcVidMpt.sys [2008-3-1 9872] R3 SonMirrorftas;ConferenceManager AppShare Filter Driver;c:\windows\system32\drivers\SonMirrorftas.sys [2010-8-16 3840] R3 SonVMDas;SonVMDas;c:\windows\system32\drivers\SonVMDas.sys [2010-8-16 2560] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-4 253600] S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2011-7-28 7680] S3 sdcfilter;sdcfilter;c:\windows\system32\drivers\sdcfilter.sys [2010-7-21 23928] S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2003-8-29 189792] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336] S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [2011-7-28 114688] S4 SophosBootDriver;SophosBootDriver;c:\windows\system32\drivers\SophosBootDriver.sys [2010-3-5 14976] . =============== Created Last 30 ================ . 2012-04-10 06:00:54 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-04-10 06:00:54 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy 2012-04-10 05:52:28 -------- d-----w- c:\documents and settings\107267\application data\Malwarebytes 2012-04-10 05:52:19 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-04-10 05:52:18 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-10 05:52:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-04-07 04:43:10 -------- d-----w- c:\documents and settings\all users\application data\Premium 2012-04-07 04:38:14 -------- d-----w- C:\codec-info 2012-04-07 04:37:42 -------- d-----w- c:\documents and settings\all users\application data\InstallMate 2012-04-04 01:09:18 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe . ==================== Find3M ==================== . 2012-04-04 01:09:18 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-03-07 06:58:33 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-03-07 06:58:32 472808 ----a-w- c:\windows\system32\deployJava1.dll . ============= FINISH: 18:01:24.15 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 3/5/2010 11:12:31 PM System Uptime: 4/10/2012 5:11:47 PM (1 hours ago) . Motherboard: LENOVO | | 7659WET Processor: Intel® Core2 Duo CPU T7100 @ 1.80GHz | None | 1795/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 68 GiB total, 35.063 GiB free. D: is CDROM (UDF) . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318} Description: Unicenter r11 Remote Control Secure Control Adapter Device ID: ROOT\DISPLAY\0001 Manufacturer: Computer Associates Intl., Inc. Name: Unicenter r11 Remote Control Secure Control Adapter PNP Device ID: ROOT\DISPLAY\0001 Service: rcVidCap . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Cisco Systems VPN Adapter Device ID: ROOT\NET\0000 Manufacturer: Cisco Systems Name: Cisco Systems VPN Adapter PNP Device ID: ROOT\NET\0000 Service: CVirtA . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows Device ID: ROOT\NET\0001 Manufacturer: Cisco Systems Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows PNP Device ID: ROOT\NET\0001 Service: vpnva . ==== System Restore Points =================== . RP387: 2/21/2012 11:01:03 AM - System Checkpoint RP388: 2/26/2012 5:54:36 PM - System Checkpoint RP389: 3/3/2012 5:03:07 PM - System Checkpoint RP390: 3/5/2012 6:04:10 PM - System Checkpoint RP391: 3/7/2012 4:57:42 PM - Removed Java 6 Update 17 RP392: 3/7/2012 4:58:27 PM - Installed Java 6 Update 31 RP393: 3/8/2012 5:06:13 PM - System Checkpoint RP394: 3/9/2012 7:30:28 PM - System Checkpoint RP395: 3/10/2012 8:42:14 PM - System Checkpoint RP396: 3/12/2012 7:38:40 PM - System Checkpoint RP397: 3/14/2012 1:06:50 PM - System Checkpoint RP398: 3/15/2012 4:32:59 PM - System Checkpoint RP399: 3/16/2012 4:43:28 PM - System Checkpoint RP400: 3/19/2012 4:46:45 PM - System Checkpoint RP401: 3/20/2012 5:37:09 PM - System Checkpoint RP402: 3/22/2012 3:07:04 AM - System Checkpoint RP403: 3/23/2012 7:46:19 AM - System Checkpoint RP404: 3/25/2012 3:34:39 AM - System Checkpoint RP405: 3/26/2012 1:32:00 PM - System Checkpoint RP406: 3/27/2012 5:45:53 PM - System Checkpoint RP407: 3/29/2012 12:24:37 PM - System Checkpoint RP408: 3/31/2012 10:35:09 PM - System Checkpoint RP409: 4/2/2012 9:55:37 AM - System Checkpoint RP410: 4/3/2012 8:53:55 PM - System Checkpoint RP411: 4/5/2012 9:00:51 PM - System Checkpoint RP412: 4/7/2012 1:57:07 PM - System Checkpoint RP413: 4/10/2012 6:39:39 AM - System Checkpoint RP414: 4/10/2012 11:12:59 AM - Removed PGP Desktop . ==== Installed Programs ====================== . 32 Bit HP BiDi Channel Components Installer Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.0) Adobe Shockwave Player 11.5 Apple Application Support Apple Mobile Device Support Apple Software Update Avaya CMS Supervisor R13 BlackBerry Desktop Software 6.0 Bonjour Brother MFL-Pro Suite MFC-J415W CA Unicenter DSM Agent + Asset Management Plugin (English only Edition) CA Unicenter DSM Agent + Remote Control Plugin (English only Edition) CA Unicenter DSM Agent + Software Delivery Plugin (English only Edition) Cisco AnyConnect VPN Client Cisco Systems VPN Client 4.0.3 (F) Client Access Shortcut Fix Compatibility Pack for the 2007 Office system ConferenceManager Application Sharing Driver 8.0.15.0 Foxit Reader Google Chrome Google Talk Plugin GoToMeeting 4.8.0.723 GPL Ghostscript Lite 8.61 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB969084) Hyperion Interactive Reporting Web Client Hyperion Reporting and Analysis Client IBM iSeries Access for Windows Intel® Graphics Media Accelerator Driver iTunes Java Auto Updater Java 6 Update 31 Lotus Notes Malwarebytes Anti-Malware version 1.61.0.1400 MetaFrame Presentation Server Client Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Professional Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Mozilla Firefox 10.0 (x86 en-GB) mp mpmri MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6.0 Parser (KB925673) Oracle10gAdmin PaperPort Image Printer QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer RealUpgrade 1.1 RSA SecurID Software Token ScanSoft PaperPort 11 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player (KB979402) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2183461) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360131) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2416400) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2483614) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2497640) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2559049) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB963027) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165-v2) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Skype™ 4.2 Sophos Remote Management System SoundMAX Spybot - Search & Destroy Telstra Mobile Broadband Manager ThinkPad Modem ThinkPad Power Management Driver ThinkPad UltraNav Driver Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Windows (KB971513) Update for Windows XP (KB2264107) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2492386) Update for Windows XP (KB2541763) Update for Windows XP (KB898461) Update for Windows XP (KB943729) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Update for Windows XP (KB978207) VLC media player 1.0.5 VNC Free Edition 4.1.3 WarriorPDF 5.0.0.614 WebEx WebFldrs XP Windows Imaging Component Windows Management Framework Core Windows Media Format 11 runtime Windows Media Player 11 Windows Presentation Foundation Windows XP Service Pack 3 WinRAR 4.00 beta 4 (32-bit) XML Paper Specification Shared Components Pack 1.0 . ==== Event Viewer Messages From Past Week ======== . 4/5/2012 4:00:50 PM, error: PlugPlayManager [12] - The device 'MATSHITA DVD-RAM UJ-862' (IDE\CdRomMATSHITA_DVD-RAM_UJ-862_________________RB01____\5&28ef052f&0&0.1.0) disappeared from the system without first being prepared for removal. 4/5/2012 11:10:01 AM, error: PlugPlayManager [12] - The device 'MATSHITA DVD-RAM UJ-862' (IDE\CdRomMATSHITA_DVD-RAM_UJ-862_________________RB01____\5&28ef052f&0&0.0.0) disappeared from the system without first being prepared for removal. 4/5/2012 11:09:59 AM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period. 4/5/2012 11:09:32 AM, error: Dhcp [1002] - The IP address lease 10.1.1.79 for the Network Card with network address 00215C8FD1CB has been denied by the DHCP server 192.168.40.65 (The DHCP Server sent a DHCPNACK message). 4/4/2012 11:06:50 AM, error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 4/4/2012 10:56:03 AM, error: NETLOGON [5719] - No Domain Controller is available for domain AUS due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator. 4/3/2012 8:34:37 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service. 4/3/2012 8:34:19 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 4/10/2012 5:12:22 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 4/10/2012 11:18:27 AM, error: Service Control Manager [7031] - The Sophos Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.