Jump to content

help

ruthless

By ruthless
in Resolved Malware Removal Logs

 Share

Recommended Posts

ruthless

ruthless

Posted
Posted

I know it is currently infected with ping.exe, I just removed XP malware but I want to make sure I get everything. Please help.

.

DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK

Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_20

Run by KK at 16:13:15 on 2011-12-22

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.678 [GMT -5:00]

.

AV: Norton Internet Security 2006 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton Internet Security 2006 *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\regedit.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://start.facemoods.com/?a=ironto

mDefault_Page_URL = hxxp://www.sony.com/vaiopeople

uInternet Connection Wizard,ShellNext = hxxp://www.sony.com/vaiopeople

mSearchAssistant = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: {53707962-6F74-2D53-2644-206D7942484F} - No File

BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll

BHO: CNavExtBho Class: {a8f38d8d-e480-4d52-b7a2-731bb6995fdd} - c:\program files\norton internet security\norton antivirus\NavShExt.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Norton Internet Security 2006: {0b53eac3-8d69-4b9e-9b19-a37c9a5676a7} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll

TB: Norton AntiVirus: {c4069e3a-68f1-403e-b40e-20066696354b} - c:\program files\norton internet security\norton antivirus\NavShExt.dll

uRun: [Aim6]

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [Google Update] "c:\documents and settings\kk\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [Logitech Vid] "c:\program files\logitech\logitech vid\vid.exe" -bootmode

uRun: [ALLUpdate] "c:\program files\opensubtitlesplayer\ALLUpdate.exe" "sleep"

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [Privacy Protection] c:\documents and settings\all users\application data\privacy.exe

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [Last.fm Update] rundll32 "c:\documents and settings\kk\local settings\application data\{ef714422-3134-4a6a-9471-e9e81086b4c7}\{ef714422-3134-4a6a-9471-e9e81086b4c7}update\{EF714422-3134-4A6A-9471-E9E81086B4C7}updt32.dll",DllRegisterServer

mRun: [igfxtray] c:\windows\system32\igfxtray.exe

mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

mRun: [igfxpers] c:\windows\system32\igfxpers.exe

mRun: [Apoint] c:\program files\apoint\Apoint.exe

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [skyTel] SkyTel.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [AzMixerSel] c:\program files\realtek\installshield\AzMixerSel.exe

mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe

mRun: [iSBMgr.exe] c:\program files\sony\isb utility\ISBMgr.exe

mRun: [VAIO Update 2] "c:\program files\sony\vaio update 2\VAIOUpdt.exe" /Stationary

mRun: [sonyPowerCfg] "c:\program files\sony\vaio power management\SPMgr.exe"

mRun: [switcher.exe] c:\program files\sony\wireless switch setting utility\Switcher.exe

mRun: [<NO NAME>]

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [iS CfgWiz] c:\program files\norton internet security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"

mRun: [urlLSTCK.exe] c:\program files\norton internet security\UrlLstCk.exe

mRun: [PartSeal] c:\windows\sonysys\vaio recovery\PartSeal.exe

mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE

mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon

mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon

mRun: [CarboniteSetupLite] "c:\program files\carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start

mRun: [HitmanPro35] "c:\program files\hitman pro 3.5\HitmanPro35(2).exe" /scan:boot

mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"

mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"

StartupFolder: c:\docume~1\kk\startm~1\programs\startup\seagat~1.lnk - c:\documents and settings\kk\application data\leadertech\powerregister\Seagate 2GE6KQTF Product Registration.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

LSP: mswsock.dll

Trusted Zone: anfcorp.com\my

Trusted Zone: brainfuse.com\admin

Trusted Zone: brainfuse.com\www

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{BE238C41-7477-4532-8A64-F73FACDE19BF} : DhcpNameServer = 192.168.1.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

SSODL: lezatehup - {3519b49c-8307-46bd-83ba-8e4b79955129} - No File

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

STS: {d6958ead-495d-4599-b39e-4824a5543b1c} - No File

STS: {3519b49c-8307-46bd-83ba-8e4b79955129} - No File

STS: {aa4c8e1f-71bf-4674-b03e-1d2ca0f4f2a7} - No File

STS: {e0ad83bf-ecdc-48a3-a894-48f9f359d227} - No File

LSA: Notification Packages = scecli sabiyubi.dll burobaja.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\kk\application data\mozilla\firefox\profiles\x2i5c7mn.default\

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

FF - prefs.js: network.proxy.type - 2

FF - component: c:\documents and settings\kk\application data\mozilla\firefox\profiles\x2i5c7mn.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll

FF - component: c:\documents and settings\kk\application data\mozilla\firefox\profiles\x2i5c7mn.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll

FF - plugin: c:\documents and settings\kk\application data\move networks\plugins\npqmp071505000011.dll

FF - plugin: c:\documents and settings\kk\application data\mozilla\firefox\profiles\x2i5c7mn.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll

FF - plugin: c:\documents and settings\kk\application data\mozilla\firefox\profiles\x2i5c7mn.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll

FF - plugin: c:\documents and settings\kk\application data\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\documents and settings\kk\application data\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\documents and settings\kk\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: IE Tab Plus: ietab@ip.cn - %profile%\extensions\ietab@ip.cn

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

FF - Ext: Garmin Communicator: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E} - %profile%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

FF - Ext: Vuze Remote Community Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}

FF - Ext: XUL Cache: {aedb2be0-4c75-422f-b807-adcff8b66a65} - %profile%\extensions\{aedb2be0-4c75-422f-b807-adcff8b66a65}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video

FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

S1 SAVRTPEL;SAVRTPEL;c:\program files\norton internet security\norton antivirus\Savrtpel.sys [2005-8-26 53896]

S1 yaisrmo32;yaisrmo32;c:\windows\system32\drivers\yaisrmo32.sys --> c:\windows\system32\drivers\yaisrmo32.sys [?]

S2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2005-9-17 192112]

S2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\ccProxy.exe [2005-9-17 202352]

S2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2005-9-17 169584]

S2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-12-18 189736]

S2 itlperf;Intel CPU;c:\windows\system32\svchost.exe -k itlsvc [2006-8-10 14336]

S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

S2 navapsvc;Norton AntiVirus Auto-Protect Service;c:\program files\norton internet security\norton antivirus\navapsvc.exe [2005-10-7 133744]

S2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2009-7-23 1120960]

S3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys --> c:\windows\system32\drivers\appliand.sys [?]

S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20111129.002\NAVENG.Sys [2011-11-29 86136]

S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20111129.002\NavEx15.Sys [2011-11-29 1576312]

S3 SAVRT;SAVRT;c:\program files\norton internet security\norton antivirus\savrt.sys [2005-8-26 334984]

S3 SAVScan;Symantec AVScan;c:\program files\norton internet security\norton antivirus\SAVScan.exe [2005-8-26 198368]

S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2006-8-10 226304]

.

=============== Created Last 30 ================

.

2011-12-22 12:37:17 307712 ----a-w- c:\documents and settings\kk\local settings\application data\lir.exe

2011-12-22 12:33:21 115712 ----a-w- c:\documents and settings\all users\application data\KeyboardManagerPolicy.dll

2011-12-19 06:15:33 -------- d-----w- c:\windows\pss

2011-12-19 06:03:32 -------- d-----w- c:\documents and settings\kk\local settings\application data\WMTools Downloaded Files

2011-12-06 05:32:57 -------- d-----w- c:\documents and settings\kk\.swt

2011-12-06 05:17:58 -------- d-----w- c:\program files\Vuze

2011-12-05 06:17:44 -------- d-----w- c:\windows\system32\wbem\repository\FS

2011-12-05 06:17:44 -------- d-----w- c:\windows\system32\wbem\Repository

2011-12-01 03:09:24 -------- d-----w- c:\documents and settings\kk\application data\Azureus

2011-12-01 03:08:39 -------- d-----w- c:\program files\Vuze(2)

2011-12-01 03:08:21 -------- d-----w- c:\program files\Vuze_Remote

2011-11-30 04:04:53 -------- d-----w- c:\program files\Participatory Culture Foundation

2011-11-29 02:04:48 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-28 23:29:26 -------- d-----w- c:\program files\GridinSoft Trojan Killer

.

==================== Find3M ====================

.

2011-12-22 00:13:33 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-10-14 22:38:00 456192 ----a-w- c:\windows\system32\encdec.dll

.

============= FINISH: 16:15:00.48 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 7/23/2009 1:24:26 AM

System Uptime: 12/22/2011 4:08:32 PM (0 hours ago)

.

Motherboard: Sony Corporation | | VAIO

Processor: Intel® Core2 CPU T5500 @ 1.66GHz | N/A | 1662/167mhz

Processor: Intel® Core2 CPU T5500 @ 1.66GHz | N/A | 1662/167mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 105 GiB total, 7.352 GiB free.

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

.

AC3Filter (remove only)

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 7.0.7

AIM 6

AIM Search

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Audacity 1.2.6

Bonjour

Brainfuse Participant QuickConnect

Brainfuse Supervisor QuickConnect

Canon MP Navigator EX 2.0

Canon MP480 series MP Drivers

Canon MP480 series User Registration

Canon Utilities Easy-PhotoPrint EX

Canon Utilities My Printer

Canon Utilities Solution Menu

Carbonite Online Backup Setup

CC_ccProxyExt

ccCommon

CCleaner

ccPxyCore

Click to DVD 2.0.03 Menu Data

Click to DVD 2.5.30

Click to DVD Tutorial

DivX Converter

DivX Plus DirectShow Filters

DivX Setup

DivX Version Checker

DivxToDVD 0.5.2b

GMATPrep

Google Talk Plugin

High Definition Audio Driver Package - KB835221

Hitman Pro 3.5

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 10 (KB910393)

Hotfix for Windows XP (KB888795)

Hotfix for Windows XP (KB891593)

Hotfix for Windows XP (KB893357)

Hotfix for Windows XP (KB895961)

Hotfix for Windows XP (KB896256)

Hotfix for Windows XP (KB899337)

Hotfix for Windows XP (KB899510)

Hotfix for Windows XP (KB900466)

Hotfix for Windows XP (KB902841)

Hotfix for Windows XP (KB909667)

Hotfix for Windows XP (KB910728)

Hotfix for Windows XP (KB916089)

Hotfix for Windows XP (KB926239)

Hotfix for Windows XP (KB935448)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB981793)

Image Converter 2 Plus

ImageStation

Intel® Graphics Media Accelerator Driver

Intel® PROSet/Wireless Software

InterVideo WinDVD for VAIO

ISScript

iTunes

Java Auto Updater

Java 6 Update 20

LAN Setting Utility

Last.fm 1.5.4.27091

LiveUpdate 3.0 (Symantec Corporation)

Logitech Vid

Logitech Webcam Software

Logitech Webcam Software Driver Package

Macromedia Flash Player 8

Macromedia Flash Player 8 Plugin

Malwarebytes' Anti-Malware

mCore

mDriver

Memory Stick Formatter

Microsoft .NET Framework 1.0 Hotfix (KB887998)

Microsoft .NET Framework 1.0 Hotfix (KB930494)

Microsoft .NET Framework 1.0 Hotfix (KB953295)

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Data Access Components KB870669

Microsoft Digital Image Library 9 - Blocker

Microsoft Digital Image Starter Edition 2006

Microsoft Digital Image Starter Edition 2006 Editor

Microsoft Digital Image Starter Edition 2006 Library

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

mMHouse

Mozilla Firefox (3.6.25)

mPfMgr

mProSafe

MSRedist

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB973686)

mWlsSafe

mXML

Norton AntiSpam

Norton AntiVirus 2006

Norton Internet Security

Norton Internet Security 2006 (Symantec Corporation)

Norton Protection Center

Norton WMI Update

Office 2003 Trial Assistant

OpenMG AAC Add-on Module 1.0.00

OpenMG Limited Patch 4.5-06-05-12-01

OpenMG Metadata Extractor for Windows Media Player

OpenMG Secure Module 4.5.01

OpenSubtitlesPlayer V4.X

PowerISO

Quicken 2006

QuickTime

Realtek High Definition Audio Driver

Rosetta Stone V3

Roxio DigitalMedia Audio

Roxio DigitalMedia Copy

Roxio DigitalMedia Data

Seagate Manager Installer

Search Enhancement by AOL Search

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office InfoPath 2007 (KB2510061)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB890046)

Security Update for Windows XP (KB893066)

Security Update for Windows XP (KB893756)

Security Update for Windows XP (KB896358)

Security Update for Windows XP (KB896422)

Security Update for Windows XP (KB896423)

Security Update for Windows XP (KB896424)

Security Update for Windows XP (KB896428)

Security Update for Windows XP (KB896688)

Security Update for Windows XP (KB899587)

Security Update for Windows XP (KB899588)

Security Update for Windows XP (KB899589)

Security Update for Windows XP (KB899591)

Security Update for Windows XP (KB900725)

Security Update for Windows XP (KB901017)

Security Update for Windows XP (KB901214)

Security Update for Windows XP (KB902400)

Security Update for Windows XP (KB903235)

Security Update for Windows XP (KB905414)

Security Update for Windows XP (KB905749)

Security Update for Windows XP (KB905915)

Security Update for Windows XP (KB908519)

Security Update for Windows XP (KB908531)

Security Update for Windows XP (KB911280)

Security Update for Windows XP (KB911562)

Security Update for Windows XP (KB911567)

Security Update for Windows XP (KB911927)

Security Update for Windows XP (KB912919)

Security Update for Windows XP (KB914388)

Security Update for Windows XP (KB914389)

Security Update for Windows XP (KB916281)

Security Update for Windows XP (KB917159)

Security Update for Windows XP (KB917344)

Security Update for Windows XP (KB917953)

Security Update for Windows XP (KB918439)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB944338-v2)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958470)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969897)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971032)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974455)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB976325)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB981350)

Security Update for Windows XP (KB982381)

Segoe UI

Setting Utility Series

Skype Toolbars

Skype™ 4.2

Soft Data Fax Modem with SmartCP

Sonic Encoders

SonicStage 4.0

Sony Certificate PCH

Sony MP4 Shared Library

Sony Utilities DLL

Sony Video Shared Library

SPBBC

Spotify

Spybot - Search & Destroy

Symantec KB-DocID:2003093015493306

SymNet

Trojan Killer 2.1

Unlocker 1.9.1

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2583910)

Update for Outlook 2007 Junk Email Filter (KB2596560)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB894391)

Update for Windows XP (KB896727)

Update for Windows XP (KB898461)

Update for Windows XP (KB900485)

Update for Windows XP (KB910437)

Update for Windows XP (KB911164)

Update for Windows XP (KB912945)

Update for Windows XP (KB916595)

Update for Windows XP (KB925720)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB961503)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB976749)

Update for Windows XP (KB978207)

Update Rollup 2 for Windows XP Media Center Edition 2005

VAIO Backup Utility

VAIO Breeze Wallpaper

VAIO Central

VAIO Entertainment Platform

VAIO Event Service

VAIO Hardware Diagnostics

VAIO Light Flo Wallpaper

VAIO Media 5.0

VAIO Media AC3 Decoder 1.0

VAIO Media Integrated Server 5.0

VAIO Media Redistribution 5.0

VAIO Media Registration Tool 5.0

VAIO Media Tutorial

VAIO Original Screen Saver

VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents

VAIO Power Management

VAIO Registration

VAIO Security Center

VAIO Support Central

VAIO Update 2

VAIO Wireless LAN Setup Utility

VAIOSurveySA

VC80CRTRedist - 8.0.50727.4053

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Vuze

WebFldrs XP

Windows Genuine Advantage Validation Tool

Windows Imaging Component

Windows Installer 3.1 (KB893803)

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Live Sign-in Assistant

Windows Live Upload Tool

Windows Media Format 11 runtime

Windows Media Player 10 Hotfix [see KB886612 for more information]

Windows Media Player 11

Windows Media Player Firefox Plugin

Windows XP Hotfix - KB307154

Windows XP Hotfix - KB833407

Windows XP Hotfix - KB873339

Windows XP Hotfix - KB884018

Windows XP Hotfix - KB884575

Windows XP Hotfix - KB885250

Windows XP Hotfix - KB885835

Windows XP Hotfix - KB885836

Windows XP Hotfix - KB886185

Windows XP Hotfix - KB887472

Windows XP Hotfix - KB887742

Windows XP Hotfix - KB888113

Windows XP Hotfix - KB888239

Windows XP Hotfix - KB888302

Windows XP Hotfix - KB888321

Windows XP Hotfix - KB890859

Windows XP Hotfix - KB891781

Windows XP Hotfix - KB893056

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB2619340

Windows XP Media Center Edition 2005 KB908250

Windows XP Media Center Edition 2005 KB973768

WinRAR archiver

Wireless Switch Setting Utility

.

==== Event Viewer Messages From Past Week ========

.

12/22/2011 8:01:17 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.

12/22/2011 7:57:23 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: DMICall Fips intelppm SAVRTPEL SCDEmu SPBBCDrv SYMTDI Tosrfcom

12/22/2011 7:47:49 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

12/22/2011 7:45:58 AM, error: Service Control Manager [7034] - The System Restore Service service terminated unexpectedly. It has done this 1 time(s).

12/22/2011 7:45:58 AM, error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s).

12/22/2011 7:45:58 AM, error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

12/22/2011 7:45:58 AM, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

12/22/2011 7:45:58 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DMICall Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SAVRTPEL SCDEmu SPBBCDrv SYMTDI Tcpip Tosrfcom

12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The VAIO Entertainment File Import Service service depends on the VAIO Entertainment Database Service service which failed to start because of the following error: The dependency service or group failed to start.

12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

12/22/2011 7:44:27 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

12/22/2011 7:44:26 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

12/22/2011 5:33:17 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s).

12/22/2011 5:30:16 AM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

12/22/2011 5:28:20 AM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

12/22/2011 5:26:23 AM, error: Service Control Manager [7023] - The Intel CPU service terminated with the following error: The specified module could not be found.

12/22/2011 3:45:46 PM, error: Service Control Manager [7022] - The VAIO Entertainment File Import Service service hung on starting.

12/22/2011 3:05:09 AM, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

12/22/2011 2:15:26 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.

12/22/2011 2:13:43 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'i8042prt.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

12/21/2011 2:56:11 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.

12/21/2011 2:56:05 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.

12/21/2011 2:56:05 PM, error: Service Control Manager [7000] - The LiveUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

12/21/2011 2:56:03 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}

12/20/2011 12:56:51 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

12/20/2011 12:56:50 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

.

==== End Of File ===========================

Link to post
Share on other sites
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.