ruthless Posted December 22, 2011 ID:508044 Share Posted December 22, 2011 I know it is currently infected with ping.exe, I just removed XP malware but I want to make sure I get everything. Please help..DDS (Ver_2011-08-26.01) - NTFSx86 NETWORKInternet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_20Run by KK at 16:13:15 on 2011-12-22Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.678 [GMT -5:00].AV: Norton Internet Security 2006 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}FW: Norton Internet Security 2006 *Enabled* .============== Running Processes ===============.C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\regedit.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\plugin-container.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://start.facemoods.com/?a=irontomDefault_Page_URL = hxxp://www.sony.com/vaiopeopleuInternet Connection Wizard,ShellNext = hxxp://www.sony.com/vaiopeoplemSearchAssistant = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dllBHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dllBHO: {53707962-6F74-2D53-2644-206D7942484F} - No FileBHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dllBHO: CNavExtBho Class: {a8f38d8d-e480-4d52-b7a2-731bb6995fdd} - c:\program files\norton internet security\norton antivirus\NavShExt.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: Norton Internet Security 2006: {0b53eac3-8d69-4b9e-9b19-a37c9a5676a7} - c:\program files\common files\symantec shared\adblocking\NISShExt.dllTB: Norton AntiVirus: {c4069e3a-68f1-403e-b40e-20066696354b} - c:\program files\norton internet security\norton antivirus\NavShExt.dlluRun: [Aim6] uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [Google Update] "c:\documents and settings\kk\local settings\application data\google\update\GoogleUpdate.exe" /cuRun: [Logitech Vid] "c:\program files\logitech\logitech vid\vid.exe" -bootmodeuRun: [ALLUpdate] "c:\program files\opensubtitlesplayer\ALLUpdate.exe" "sleep"uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /backgrounduRun: [Privacy Protection] c:\documents and settings\all users\application data\privacy.exeuRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exeuRun: [Last.fm Update] rundll32 "c:\documents and settings\kk\local settings\application data\{ef714422-3134-4a6a-9471-e9e81086b4c7}\{ef714422-3134-4a6a-9471-e9e81086b4c7}update\{EF714422-3134-4A6A-9471-E9E81086B4C7}updt32.dll",DllRegisterServermRun: [igfxtray] c:\windows\system32\igfxtray.exemRun: [igfxhkcmd] c:\windows\system32\hkcmd.exemRun: [igfxpers] c:\windows\system32\igfxpers.exemRun: [Apoint] c:\program files\apoint\Apoint.exemRun: [ehTray] c:\windows\ehome\ehtray.exemRun: [skyTel] SkyTel.EXEmRun: [Alcmtr] ALCMTR.EXEmRun: [AzMixerSel] c:\program files\realtek\installshield\AzMixerSel.exemRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exemRun: [iSBMgr.exe] c:\program files\sony\isb utility\ISBMgr.exemRun: [VAIO Update 2] "c:\program files\sony\vaio update 2\VAIOUpdt.exe" /StationarymRun: [sonyPowerCfg] "c:\program files\sony\vaio power management\SPMgr.exe"mRun: [switcher.exe] c:\program files\sony\wireless switch setting utility\Switcher.exemRun: [<NO NAME>] mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"mRun: [iS CfgWiz] c:\program files\norton internet security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"mRun: [urlLSTCK.exe] c:\program files\norton internet security\UrlLstCk.exemRun: [PartSeal] c:\windows\sonysys\vaio recovery\PartSeal.exemRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXEmRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hidemRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logonmRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logonmRun: [CarboniteSetupLite] "c:\program files\carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOWmRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" startmRun: [HitmanPro35] "c:\program files\hitman pro 3.5\HitmanPro35(2).exe" /scan:bootmRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"StartupFolder: c:\docume~1\kk\startm~1\programs\startup\seagat~1.lnk - c:\documents and settings\kk\application data\leadertech\powerregister\Seagate 2GE6KQTF Product Registration.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exeIE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLLLSP: mswsock.dllTrusted Zone: anfcorp.com\myTrusted Zone: brainfuse.com\adminTrusted Zone: brainfuse.com\wwwDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabTCP: DhcpNameServer = 192.168.1.1TCP: Interfaces\{BE238C41-7477-4532-8A64-F73FACDE19BF} : DhcpNameServer = 192.168.1.1Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLLSSODL: lezatehup - {3519b49c-8307-46bd-83ba-8e4b79955129} - No FileSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSTS: {d6958ead-495d-4599-b39e-4824a5543b1c} - No FileSTS: {3519b49c-8307-46bd-83ba-8e4b79955129} - No FileSTS: {aa4c8e1f-71bf-4674-b03e-1d2ca0f4f2a7} - No FileSTS: {e0ad83bf-ecdc-48a3-a894-48f9f359d227} - No FileLSA: Notification Packages = scecli sabiyubi.dll burobaja.dll.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\kk\application data\mozilla\firefox\profiles\x2i5c7mn.default\FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=FF - prefs.js: network.proxy.type - 2FF - component: c:\documents and settings\kk\application data\mozilla\firefox\profiles\x2i5c7mn.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dllFF - component: c:\documents and settings\kk\application data\mozilla\firefox\profiles\x2i5c7mn.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dllFF - plugin: c:\documents and settings\kk\application data\move networks\plugins\npqmp071505000011.dllFF - plugin: c:\documents and settings\kk\application data\mozilla\firefox\profiles\x2i5c7mn.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dllFF - plugin: c:\documents and settings\kk\application data\mozilla\firefox\profiles\x2i5c7mn.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dllFF - plugin: c:\documents and settings\kk\application data\mozilla\plugins\npgoogletalk.dllFF - plugin: c:\documents and settings\kk\application data\mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: c:\documents and settings\kk\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dllFF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dllFF - plugin: c:\program files\divx\divx plus web player\npdivx32.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.comFF - Ext: IE Tab Plus: ietab@ip.cn - %profile%\extensions\ietab@ip.cnFF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}FF - Ext: Garmin Communicator: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E} - %profile%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}FF - Ext: Vuze Remote Community Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}FF - Ext: XUL Cache: {aedb2be0-4c75-422f-b807-adcff8b66a65} - %profile%\extensions\{aedb2be0-4c75-422f-b807-adcff8b66a65}FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtensionFF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ffFF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5videoFF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa.---- FIREFOX POLICIES ----FF - user.js: network.cookie.cookieBehavior - 0FF - user.js: privacy.clearOnShutdown.cookies - falseFF - user.js: security.warn_viewing_mixed - falseFF - user.js: security.warn_viewing_mixed.show_once - falseFF - user.js: security.warn_submit_insecure - falseFF - user.js: security.warn_submit_insecure.show_once - false.============= SERVICES / DRIVERS ===============.S1 SAVRTPEL;SAVRTPEL;c:\program files\norton internet security\norton antivirus\Savrtpel.sys [2005-8-26 53896]S1 yaisrmo32;yaisrmo32;c:\windows\system32\drivers\yaisrmo32.sys --> c:\windows\system32\drivers\yaisrmo32.sys [?]S2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2005-9-17 192112]S2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\ccProxy.exe [2005-9-17 202352]S2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2005-9-17 169584]S2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-12-18 189736]S2 itlperf;Intel CPU;c:\windows\system32\svchost.exe -k itlsvc [2006-8-10 14336]S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]S2 navapsvc;Norton AntiVirus Auto-Protect Service;c:\program files\norton internet security\norton antivirus\navapsvc.exe [2005-10-7 133744]S2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2009-7-23 1120960]S3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys --> c:\windows\system32\drivers\appliand.sys [?]S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20111129.002\NAVENG.Sys [2011-11-29 86136]S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20111129.002\NavEx15.Sys [2011-11-29 1576312]S3 SAVRT;SAVRT;c:\program files\norton internet security\norton antivirus\savrt.sys [2005-8-26 334984]S3 SAVScan;Symantec AVScan;c:\program files\norton internet security\norton antivirus\SAVScan.exe [2005-8-26 198368]S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2006-8-10 226304].=============== Created Last 30 ================.2011-12-22 12:37:17 307712 ----a-w- c:\documents and settings\kk\local settings\application data\lir.exe2011-12-22 12:33:21 115712 ----a-w- c:\documents and settings\all users\application data\KeyboardManagerPolicy.dll2011-12-19 06:15:33 -------- d-----w- c:\windows\pss2011-12-19 06:03:32 -------- d-----w- c:\documents and settings\kk\local settings\application data\WMTools Downloaded Files2011-12-06 05:32:57 -------- d-----w- c:\documents and settings\kk\.swt2011-12-06 05:17:58 -------- d-----w- c:\program files\Vuze2011-12-05 06:17:44 -------- d-----w- c:\windows\system32\wbem\repository\FS2011-12-05 06:17:44 -------- d-----w- c:\windows\system32\wbem\Repository2011-12-01 03:09:24 -------- d-----w- c:\documents and settings\kk\application data\Azureus2011-12-01 03:08:39 -------- d-----w- c:\program files\Vuze(2)2011-12-01 03:08:21 -------- d-----w- c:\program files\Vuze_Remote2011-11-30 04:04:53 -------- d-----w- c:\program files\Participatory Culture Foundation2011-11-29 02:04:48 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2011-11-28 23:29:26 -------- d-----w- c:\program files\GridinSoft Trojan Killer.==================== Find3M ====================.2011-12-22 00:13:33 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys2011-10-14 22:38:00 456192 ----a-w- c:\windows\system32\encdec.dll.============= FINISH: 16:15:00.48 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume2Install Date: 7/23/2009 1:24:26 AMSystem Uptime: 12/22/2011 4:08:32 PM (0 hours ago).Motherboard: Sony Corporation | | VAIOProcessor: Intel® Core2 CPU T5500 @ 1.66GHz | N/A | 1662/167mhzProcessor: Intel® Core2 CPU T5500 @ 1.66GHz | N/A | 1662/167mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 105 GiB total, 7.352 GiB free.G: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.No restore point in system..==== Installed Programs ======================..AC3Filter (remove only)Adobe AIRAdobe Flash Player 10 ActiveXAdobe Flash Player 10 PluginAdobe Reader 7.0.7AIM 6AIM SearchApple Application SupportApple Mobile Device SupportApple Software UpdateAudacity 1.2.6BonjourBrainfuse Participant QuickConnectBrainfuse Supervisor QuickConnectCanon MP Navigator EX 2.0Canon MP480 series MP DriversCanon MP480 series User RegistrationCanon Utilities Easy-PhotoPrint EXCanon Utilities My PrinterCanon Utilities Solution MenuCarbonite Online Backup SetupCC_ccProxyExtccCommonCCleanerccPxyCoreClick to DVD 2.0.03 Menu DataClick to DVD 2.5.30Click to DVD TutorialDivX ConverterDivX Plus DirectShow FiltersDivX SetupDivX Version CheckerDivxToDVD 0.5.2bGMATPrepGoogle Talk PluginHigh Definition Audio Driver Package - KB835221Hitman Pro 3.5Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Media Player 10 (KB903157)Hotfix for Windows Media Player 10 (KB910393)Hotfix for Windows XP (KB888795)Hotfix for Windows XP (KB891593)Hotfix for Windows XP (KB893357)Hotfix for Windows XP (KB895961)Hotfix for Windows XP (KB896256)Hotfix for Windows XP (KB899337)Hotfix for Windows XP (KB899510)Hotfix for Windows XP (KB900466)Hotfix for Windows XP (KB902841)Hotfix for Windows XP (KB909667)Hotfix for Windows XP (KB910728)Hotfix for Windows XP (KB916089)Hotfix for Windows XP (KB926239)Hotfix for Windows XP (KB935448)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB981793)Image Converter 2 PlusImageStationIntel® Graphics Media Accelerator DriverIntel® PROSet/Wireless SoftwareInterVideo WinDVD for VAIOISScriptiTunesJava Auto UpdaterJava 6 Update 20LAN Setting UtilityLast.fm 1.5.4.27091LiveUpdate 3.0 (Symantec Corporation)Logitech VidLogitech Webcam SoftwareLogitech Webcam Software Driver PackageMacromedia Flash Player 8Macromedia Flash Player 8 PluginMalwarebytes' Anti-MalwaremCoremDriverMemory Stick FormatterMicrosoft .NET Framework 1.0 Hotfix (KB887998)Microsoft .NET Framework 1.0 Hotfix (KB930494)Microsoft .NET Framework 1.0 Hotfix (KB953295)Microsoft .NET Framework 1.0 Hotfix (KB979904)Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB979906)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Application Error ReportingMicrosoft Choice GuardMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Data Access Components KB870669Microsoft Digital Image Library 9 - BlockerMicrosoft Digital Image Starter Edition 2006Microsoft Digital Image Starter Edition 2006 EditorMicrosoft Digital Image Starter Edition 2006 LibraryMicrosoft Office 2007 Service Pack 2 (SP2)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Excel MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Professional 2007Microsoft Office Professional Plus 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft Software Update for Web Folders (English) 12Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft VC9 runtime librariesMicrosoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft WorksmMHouseMozilla Firefox (3.6.25)mPfMgrmProSafeMSRedistMSVCRTMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 6 Service Pack 2 (KB973686)mWlsSafemXMLNorton AntiSpamNorton AntiVirus 2006Norton Internet SecurityNorton Internet Security 2006 (Symantec Corporation)Norton Protection CenterNorton WMI UpdateOffice 2003 Trial AssistantOpenMG AAC Add-on Module 1.0.00OpenMG Limited Patch 4.5-06-05-12-01OpenMG Metadata Extractor for Windows Media PlayerOpenMG Secure Module 4.5.01OpenSubtitlesPlayer V4.XPowerISOQuicken 2006QuickTimeRealtek High Definition Audio DriverRosetta Stone V3Roxio DigitalMedia AudioRoxio DigitalMedia CopyRoxio DigitalMedia DataSeagate Manager InstallerSearch Enhancement by AOL SearchSecurity Update for 2007 Microsoft Office System (KB2288621)Security Update for 2007 Microsoft Office System (KB2288931)Security Update for 2007 Microsoft Office System (KB2345043)Security Update for 2007 Microsoft Office System (KB2553089)Security Update for 2007 Microsoft Office System (KB2553090)Security Update for 2007 Microsoft Office System (KB2584063)Security Update for 2007 Microsoft Office System (KB969559)Security Update for 2007 Microsoft Office System (KB976321)Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office Access 2007 (KB979440)Security Update for Microsoft Office InfoPath 2007 (KB2510061)Security Update for Microsoft Office InfoPath 2007 (KB979441)Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office system 2007 (972581)Security Update for Microsoft Office system 2007 (KB974234)Security Update for Microsoft Office Visio Viewer 2007 (KB973709)Security Update for Microsoft Office Word 2007 (KB2344993)Security Update for Step By Step Interactive Training (KB923723)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 10 (KB917734)Security Update for Windows Media Player 10 (KB936782)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB890046)Security Update for Windows XP (KB893066)Security Update for Windows XP (KB893756)Security Update for Windows XP (KB896358)Security Update for Windows XP (KB896422)Security Update for Windows XP (KB896423)Security Update for Windows XP (KB896424)Security Update for Windows XP (KB896428)Security Update for Windows XP (KB896688)Security Update for Windows XP (KB899587)Security Update for Windows XP (KB899588)Security Update for Windows XP (KB899589)Security Update for Windows XP (KB899591)Security Update for Windows XP (KB900725)Security Update for Windows XP (KB901017)Security Update for Windows XP (KB901214)Security Update for Windows XP (KB902400)Security Update for Windows XP (KB903235)Security Update for Windows XP (KB905414)Security Update for Windows XP (KB905749)Security Update for Windows XP (KB905915)Security Update for Windows XP (KB908519)Security Update for Windows XP (KB908531)Security Update for Windows XP (KB911280)Security Update for Windows XP (KB911562)Security Update for Windows XP (KB911567)Security Update for Windows XP (KB911927)Security Update for Windows XP (KB912919)Security Update for Windows XP (KB914388)Security Update for Windows XP (KB914389)Security Update for Windows XP (KB916281)Security Update for Windows XP (KB917159)Security Update for Windows XP (KB917344)Security Update for Windows XP (KB917953)Security Update for Windows XP (KB918439)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB938464-v2)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB944338-v2)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958470)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969897)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971032)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972260)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974455)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB976325)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB981350)Security Update for Windows XP (KB982381)Segoe UISetting Utility SeriesSkype ToolbarsSkype™ 4.2Soft Data Fax Modem with SmartCPSonic EncodersSonicStage 4.0Sony Certificate PCHSony MP4 Shared LibrarySony Utilities DLLSony Video Shared LibrarySPBBCSpotifySpybot - Search & DestroySymantec KB-DocID:2003093015493306SymNetTrojan Killer 2.1Unlocker 1.9.1Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft Office 2007 suites (KB2596651) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596789) 32-Bit EditionUpdate for Microsoft Office 2007 System (KB2539530)Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 (KB2583910)Update for Outlook 2007 Junk Email Filter (KB2596560)Update for Windows Media Player 10 (KB913800)Update for Windows Media Player 10 (KB926251)Update for Windows XP (KB894391)Update for Windows XP (KB896727)Update for Windows XP (KB898461)Update for Windows XP (KB900485)Update for Windows XP (KB910437)Update for Windows XP (KB911164)Update for Windows XP (KB912945)Update for Windows XP (KB916595)Update for Windows XP (KB925720)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB961503)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)Update for Windows XP (KB976749)Update for Windows XP (KB978207)Update Rollup 2 for Windows XP Media Center Edition 2005VAIO Backup UtilityVAIO Breeze WallpaperVAIO CentralVAIO Entertainment PlatformVAIO Event ServiceVAIO Hardware DiagnosticsVAIO Light Flo WallpaperVAIO Media 5.0VAIO Media AC3 Decoder 1.0VAIO Media Integrated Server 5.0VAIO Media Redistribution 5.0VAIO Media Registration Tool 5.0VAIO Media TutorialVAIO Original Screen SaverVAIO Original Screen Saver VAIO Cozy Screen SD Wide ContentsVAIO Power ManagementVAIO RegistrationVAIO Security CenterVAIO Support CentralVAIO Update 2VAIO Wireless LAN Setup UtilityVAIOSurveySAVC80CRTRedist - 8.0.50727.4053Visual C++ 2008 x86 Runtime - (v9.0.30729)Visual C++ 2008 x86 Runtime - v9.0.30729.01VuzeWebFldrs XPWindows Genuine Advantage Validation ToolWindows Imaging ComponentWindows Installer 3.1 (KB893803)Windows Live CallWindows Live Communications PlatformWindows Live EssentialsWindows Live MessengerWindows Live Sign-in AssistantWindows Live Upload ToolWindows Media Format 11 runtimeWindows Media Player 10 Hotfix [see KB886612 for more information]Windows Media Player 11Windows Media Player Firefox PluginWindows XP Hotfix - KB307154Windows XP Hotfix - KB833407Windows XP Hotfix - KB873339Windows XP Hotfix - KB884018Windows XP Hotfix - KB884575Windows XP Hotfix - KB885250Windows XP Hotfix - KB885835Windows XP Hotfix - KB885836Windows XP Hotfix - KB886185Windows XP Hotfix - KB887472Windows XP Hotfix - KB887742Windows XP Hotfix - KB888113Windows XP Hotfix - KB888239Windows XP Hotfix - KB888302Windows XP Hotfix - KB888321Windows XP Hotfix - KB890859Windows XP Hotfix - KB891781Windows XP Hotfix - KB893056Windows XP Media Center Edition 2005 KB2502898Windows XP Media Center Edition 2005 KB2619340Windows XP Media Center Edition 2005 KB908250Windows XP Media Center Edition 2005 KB973768WinRAR archiverWireless Switch Setting Utility.==== Event Viewer Messages From Past Week ========.12/22/2011 8:01:17 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.12/22/2011 7:57:23 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: DMICall Fips intelppm SAVRTPEL SCDEmu SPBBCDrv SYMTDI Tosrfcom12/22/2011 7:47:49 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}12/22/2011 7:45:58 AM, error: Service Control Manager [7034] - The System Restore Service service terminated unexpectedly. It has done this 1 time(s).12/22/2011 7:45:58 AM, error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s).12/22/2011 7:45:58 AM, error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.12/22/2011 7:45:58 AM, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.12/22/2011 7:45:58 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DMICall Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SAVRTPEL SCDEmu SPBBCDrv SYMTDI Tcpip Tosrfcom12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The VAIO Entertainment File Import Service service depends on the VAIO Entertainment Database Service service which failed to start because of the following error: The dependency service or group failed to start.12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.12/22/2011 7:45:58 AM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.12/22/2011 7:44:27 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}12/22/2011 7:44:26 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}12/22/2011 5:33:17 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s).12/22/2011 5:30:16 AM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.12/22/2011 5:28:20 AM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.12/22/2011 5:26:23 AM, error: Service Control Manager [7023] - The Intel CPU service terminated with the following error: The specified module could not be found.12/22/2011 3:45:46 PM, error: Service Control Manager [7022] - The VAIO Entertainment File Import Service service hung on starting.12/22/2011 3:05:09 AM, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.12/22/2011 2:15:26 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.12/22/2011 2:13:43 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'i8042prt.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.12/21/2011 2:56:11 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.12/21/2011 2:56:05 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.12/21/2011 2:56:05 PM, error: Service Control Manager [7000] - The LiveUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.12/21/2011 2:56:03 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}12/20/2011 12:56:51 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.12/20/2011 12:56:50 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect..==== End Of File =========================== Link to post Share on other sites More sharing options...
Staff screen317 Posted December 22, 2011 Staff ID:508105 Share Posted December 22, 2011 Hi and welcome to Malwarebytes. Please update MBAM, run a Quick Scan, and post its log. Next, please visit this webpage for instructions for running ComboFix: http://www.bleepingcomputer.com/combofix/how-to-use-combofix When the tool is finished, it will produce a report for you.Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system. Link to post Share on other sites More sharing options...
Recommended Posts