Jump to content

recurring trojan


Recommended Posts

Hi guys, got a computer with a persistent virus. It had the 2012 XP Home Security virus and I thought I had it removed, but still having problems. Any help greatly appreciated.

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22

Run by Kira at 17:18:53 on 2011-12-17

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1570 [GMT -5:00]

.

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\AVAST Software\Avast\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\wscntfy.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mDefault_Page_URL = hxxp://www.yahoo.com

mStart Page = hxxp://www.yahoo.com

uInternet Connection Wizard,ShellNext = iexplore

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - c:\progra~1\inboxt~1\Inbox.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~3.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.gamesfreak.net/games/Motorcross_281.html"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

dPolicies-system: DisableTaskMgr = 1 (0x1)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB

DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://pcpitstop.com/pcpitstop/PCPitStop.CAB

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab

DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab

DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab

DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab

DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} - hxxp://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab

DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab

DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} - hxxp://zone.msn.com/bingame/dsh2/default/DinerDash2.1.0.0.68.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263429025312

DPF: {64D01C7F-810D-446E-A07E-16C764235644} - hxxp://zone.msn.com/bingame/amad/default/atomaders.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab

DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/chnz/default/mjolauncher.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab

DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://zone.msn.com/bingame/burg/default/GoBitGamesPlayer_v6.cab

DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab

DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} - hxxp://zone.msn.com/bingame/fotg/default/ddfotg.1.0.0.37.cab

DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} - hxxp://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10

DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} - hxxp://zone.msn.com/bingame/zpagames/zpa_pool.cab56649.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} - hxxp://zone.msn.com/bingame/feed/default/SproutLauncher.cab

DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab55579.cab

DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.98.cab

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/popcaploader_v10.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} - hxxp://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab

DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} - hxxp://zone.msn.com/bingame/zpagames/CheckersZPA.cab55579.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{C4364157-1024-4138-BC26-57BD272875BF} : DhcpNameServer = 192.168.1.1

Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\inboxt~1\Inbox.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\kira\application data\mozilla\firefox\profiles\lkx191a3.default\

FF - prefs.js: browser.startup.homepage - hxxp://apps.pirates.go.com/pirates/v3/#/news/currentnews.html

FF - plugin: c:\documents and settings\kira\application data\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\documents and settings\kira\application data\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\documents and settings\kira\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll

FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll

FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-15 435032]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-15 314456]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-15 20568]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-15 44768]

R2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files\rosettastoneltdservices\RosettaStoneDaemon.exe [2011-4-15 1646056]

R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe --> c:\progra~1\avg\avg8\avgemc.exe [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-12-17 21:57:04 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{275459bf-12f6-416b-8a7c-96984061a9f9}\offreg.dll

2011-12-17 21:47:21 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-12-17 21:47:18 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll

2011-12-17 21:47:18 801752 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll

2011-12-17 21:47:18 719832 ----a-w- c:\program files\mozilla firefox\mozcpp19.dll

2011-12-17 21:47:18 478168 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll

2011-12-17 21:47:18 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll

2011-12-17 21:47:18 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll

2011-12-17 21:47:18 1989592 ----a-w- c:\program files\mozilla firefox\mozjs.dll

2011-12-17 21:47:18 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe

2011-12-17 21:47:18 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll

2011-12-16 02:43:42 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-12-16 02:43:27 41184 ----a-w- c:\windows\avastSS.scr

2011-12-16 02:43:12 -------- d--h--w- c:\program files\AVAST Software

2011-12-15 22:38:13 -------- d--h--w- c:\program files\ESET

2011-12-15 21:56:17 6823496 ---ha-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{275459bf-12f6-416b-8a7c-96984061a9f9}\mpengine.dll

2011-12-15 21:47:14 -------- d--h--w- c:\windows\system32\wbem\Repository

2011-12-15 21:47:14 -------- d-----w- c:\windows\system32\wbem\repository\FS

2011-12-11 13:39:22 304640 ---ha-w- c:\documents and settings\kira\local settings\application data\iwe.exe

2011-12-05 23:40:13 -------- d-sh--w- c:\documents and settings\kira\application data\CE12E3AA

.

==================== Find3M ====================

.

2011-11-18 22:23:19 414368 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-10 14:22:41 692736 ---ha-w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06:50 599040 ---ha-w- c:\windows\system32\crypt32.dll

2011-09-26 15:41:20 611328 ---ha-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 15:41:20 220160 ---ha-w- c:\windows\system32\oleacc.dll

2011-09-26 15:41:14 20480 ---ha-w- c:\windows\system32\oleaccrc.dll

2007-11-10 18:55:48 774144 -c-ha-w- c:\program files\RngInterstitial.dll

.

============= FINISH: 17:20:18.54 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 8/3/2007 3:40:38 PM

System Uptime: 12/17/2011 4:56:40 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0CU409

Processor: Intel® Core2 CPU 4300 @ 1.80GHz | Socket 775 | 1795/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 74 GiB total, 29.902 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1509: 10/29/2011 7:16:16 AM - System Checkpoint

RP1510: 10/30/2011 11:08:44 AM - System Checkpoint

RP1511: 10/31/2011 11:16:47 AM - System Checkpoint

RP1512: 11/1/2011 11:28:47 AM - System Checkpoint

RP1513: 11/1/2011 12:54:46 PM - Software Distribution Service 3.0

RP1514: 11/2/2011 1:28:48 PM - System Checkpoint

RP1515: 11/3/2011 2:16:47 PM - System Checkpoint

RP1516: 11/4/2011 3:16:47 PM - System Checkpoint

RP1517: 11/4/2011 5:27:33 PM - Software Distribution Service 3.0

RP1518: 11/5/2011 6:16:48 PM - System Checkpoint

RP1519: 11/6/2011 6:04:51 PM - System Checkpoint

RP1520: 11/7/2011 6:17:07 PM - System Checkpoint

RP1521: 11/8/2011 8:51:01 PM - System Checkpoint

RP1522: 11/9/2011 3:31:19 PM - Software Distribution Service 3.0

RP1523: 11/10/2011 3:00:14 AM - Software Distribution Service 3.0

RP1524: 11/11/2011 2:12:49 AM - Software Distribution Service 3.0

RP1525: 11/11/2011 3:00:13 AM - Software Distribution Service 3.0

RP1526: 11/12/2011 3:21:40 AM - System Checkpoint

RP1527: 11/13/2011 4:16:30 AM - System Checkpoint

RP1528: 11/14/2011 5:16:32 AM - System Checkpoint

RP1529: 11/15/2011 5:33:47 AM - Software Distribution Service 3.0

RP1530: 11/16/2011 6:16:32 AM - System Checkpoint

RP1531: 11/17/2011 7:16:32 AM - System Checkpoint

RP1532: 11/18/2011 8:16:32 AM - System Checkpoint

RP1533: 11/18/2011 11:46:06 AM - Software Distribution Service 3.0

RP1534: 11/19/2011 12:21:10 PM - System Checkpoint

RP1535: 11/20/2011 12:52:06 PM - System Checkpoint

RP1536: 11/21/2011 1:56:09 PM - System Checkpoint

RP1537: 11/22/2011 1:09:59 PM - Software Distribution Service 3.0

RP1538: 11/23/2011 1:56:13 PM - System Checkpoint

RP1539: 11/24/2011 2:22:02 PM - System Checkpoint

RP1540: 11/25/2011 1:23:41 AM - Software Distribution Service 3.0

RP1541: 11/26/2011 2:22:02 AM - System Checkpoint

RP1542: 11/27/2011 3:22:02 AM - System Checkpoint

RP1543: 11/28/2011 3:22:16 AM - System Checkpoint

RP1544: 11/29/2011 4:22:15 AM - System Checkpoint

RP1545: 11/29/2011 8:55:09 AM - Software Distribution Service 3.0

RP1546: 11/30/2011 9:22:15 AM - System Checkpoint

RP1547: 12/1/2011 10:22:15 AM - System Checkpoint

RP1548: 12/2/2011 11:22:15 AM - System Checkpoint

RP1549: 12/2/2011 6:30:19 PM - Software Distribution Service 3.0

RP1550: 12/3/2011 9:18:15 PM - System Checkpoint

RP1551: 12/4/2011 9:51:53 PM - System Checkpoint

RP1552: 12/5/2011 10:51:52 PM - System Checkpoint

RP1553: 12/6/2011 3:13:06 AM - Software Distribution Service 3.0

RP1554: 12/7/2011 8:25:21 PM - System Checkpoint

RP1555: 12/8/2011 2:35:47 PM - Software Distribution Service 3.0

RP1556: 12/9/2011 11:17:42 AM - Software Distribution Service 3.0

RP1557: 12/10/2011 12:39:48 PM - System Checkpoint

RP1558: 12/10/2011 12:52:36 PM - Installed Microsoft Fix it 50123

RP1559: 12/10/2011 1:04:49 PM - Software Distribution Service 3.0

RP1560: 12/10/2011 1:14:48 PM - Software Distribution Service 3.0

RP1561: 12/10/2011 1:26:44 PM - Software Distribution Service 3.0

RP1562: 12/11/2011 5:09:15 PM - System Checkpoint

RP1563: 12/12/2011 5:12:54 PM - System Checkpoint

RP1564: 12/13/2011 9:03:27 PM - System Checkpoint

RP1565: 12/14/2011 9:18:08 PM - System Checkpoint

RP1566: 12/15/2011 4:16:02 PM - Installed Microsoft Fix it 50199

RP1567: 12/15/2011 4:46:31 PM - Restore Operation

RP1568: 12/15/2011 4:56:14 PM - Software Distribution Service 3.0

RP1569: 12/15/2011 5:07:46 PM - avast! Free Antivirus Setup

RP1570: 12/15/2011 9:43:12 PM - avast! Free Antivirus Setup

RP1571: 12/16/2011 10:31:48 PM - System Checkpoint

.

==== Installed Programs ======================

.

3DVIA Player 4.1

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player Plugin

Adobe Reader 9.4.6

Adobe Shockwave Player 11

avast! Free Antivirus

Cake Mania

Canon IJ Network Scan Utility

Canon IJ Network Tool

Canon MX870 series MP Drivers

Canon MX870 series User Registration

CCleaner

Compatibility Pack for the 2007 Office system

Critical Update for Windows Media Player 11 (KB959772)

Dell Driver Reset Tool

Dell Support Center

DellSupport

Diner Dash Flo on the Go

Disney Pirates of the Caribbean Online

ESET Online Scanner v3

Google Talk Plugin

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.0 (KB932471)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Inbox Toolbar

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections 12.1.8.0

J2SE Runtime Environment 5.0 Update 6

Java Auto Updater

Java 6 Update 22

Lotus 1-2-3

Malwarebytes' Anti-Malware

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2572067)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft National Language Support Downlevel APIs

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Basic 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Mozilla Firefox 8.0.1 (x86 en-US)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser (KB933579)

ODF Add-in for Microsoft Word

OpenOffice.org 3.2

OTOY

Pando Media Booster

PowerDVD

QualxServ Service Agreement

RealArcade

Realtek High Definition Audio Driver

Rosetta Stone Ltd Services

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2530548)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2559049)

Security Update for Windows Internet Explorer 7 (KB2586448)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 (KB917734)

Security Update for Windows Media Player 9 (KB936782)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002)

Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002)

SpongeBob SquarePants 3-D

The Lord of the Rings Online™ v03.02.05.8032

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Windows (KB971513)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB942763)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

Windows Defender

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 7

Windows Media Format 11 runtime

Windows Media Format SDK Hotfix - KB891122

Windows Media Player 11

Windows Presentation Foundation

Windows XP Service Pack 3

Wizard101

XML Paper Specification Shared Components Pack 1.0

.

==== Event Viewer Messages From Past Week ========

.

12/17/2011 2:33:27 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 b9f3b71d, parameter3 a0a72758, parameter4 00000000.

12/17/2011 2:32:50 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'attrib' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

12/15/2011 4:52:56 PM, error: Service Control Manager [7022] - The avast! Antivirus service hung on starting.

12/15/2011 4:48:18 PM, error: WinDefend [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80092003 Error description: An error occurred while reading or writing to a file. Signatures loading: Backup Loading signature version: 1.117.614.0 Loading engine version: 1.1.7903.0

12/14/2011 8:22:27 PM, error: Service Control Manager [7001] - The Microsoft IPv6 Protocol Driver service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.

12/14/2011 8:22:27 PM, error: Service Control Manager [7001] - The IPv6 Helper Service service depends on the Microsoft IPv6 Protocol Driver service which failed to start because of the following error: The dependency service or group failed to start.

12/14/2011 8:03:25 PM, error: NetBT [4311] - Initialization failed because the driver device could not be created.

12/14/2011 8:01:41 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Tcpip

12/14/2011 8:01:41 PM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: The system cannot find the file specified.

12/14/2011 8:01:41 PM, error: Service Control Manager [7003] - The TCP/IP Protocol Driver service depends on the following nonexistent service: IPSec

12/14/2011 8:01:41 PM, error: Service Control Manager [7003] - The TCP/IP NetBIOS Helper service depends on the following nonexistent service: Afd

12/14/2011 8:01:41 PM, error: Service Control Manager [7003] - The Network Location Awareness (NLA) service depends on the following nonexistent service: Afd

12/14/2011 8:01:41 PM, error: Service Control Manager [7003] - The IPSEC Services service depends on the following nonexistent service: IPSec

12/14/2011 8:01:41 PM, error: Service Control Manager [7003] - The DHCP Client service depends on the following nonexistent service: Afd

12/14/2011 8:01:41 PM, error: Service Control Manager [7003] - The AVG8 E-mail Scanner service depends on the following nonexistent service: avg8wd

12/14/2011 8:01:41 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

12/14/2011 7:30:44 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

12/14/2011 7:29:32 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 aswRdr aswSnx aswSP aswTdi Fips intelppm MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

12/14/2011 7:29:32 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

12/14/2011 7:29:19 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

12/14/2011 7:28:37 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

12/14/2011 6:45:01 PM, error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error 2147952450 (0x80072742).

12/14/2011 6:32:36 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: iaStor Tcpip

12/14/2011 6:30:17 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

12/10/2011 12:46:19 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: iaStor

12/10/2011 1:09:57 PM, error: Service Control Manager [7001] - The AVG8 E-mail Scanner service depends on the AVG8 WatchDog service which failed to start because of the following error: The system cannot find the path specified.

12/10/2011 1:09:57 PM, error: Service Control Manager [7000] - The AVG8 WatchDog service failed to start due to the following error: The system cannot find the path specified.

.

==== End Of File ===========================

Link to post
Share on other sites

  • 1 month later...
  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 1 month later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.