Jump to content

Windows Security Systems - Not fully gone?


Recommended Posts

Yesterday I found myself infected with an annoying little "Windows Security Systems" virus. I ran MBAM, and after a couple of tries I managed to get all of it...or so I thought.

This morning I've noticed my computer is running slower than usual and Mcafee OAS won't enable. I did a little snooping around, ran some more virus scans and I can't solve it. I think I must still be infected.

Here are the logs requested:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by amanda at 9:46:30 on 2012-07-27

Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.2551.1600 [GMT 10:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\PROGRA~1\DHL\DCTO\bin\jsl.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\McAfee\Common Framework\FrameworkService.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft SQL Server\MSSQL10.DHLEASYSHIP\MSSQL\Binn\sqlservr.exe

C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\RTHDCPL.EXE

C:\UPS\WSTD\UPSNA1Msgr.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\McAfee\Common Framework\udaterui.exe

C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\McAfee\Common Framework\McTray.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\DHL\EasyShip v5.3\Bin\DHLEasyShipSchedulerEngine.exe

C:\UPS\WSTD\WSTDMessaging.exe

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\mstsc.exe

C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\McAfee\VirusScan Enterprise\scan32.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.ninemsn.com.au/

uDefault_Page_URL = hxxp://www.ninemsn.com.au

uInternet Connection Wizard,ShellNext = iexplore

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120727090810.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

EB: &Discuss: {bdeade7f-c265-11d0-bced-00a0c90ab50f} - shdocvw.dll

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [3daad05b770d8db6.exe] c:\documents and settings\jessie\local settings\application data\3daad05b770d8db6.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe

mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

mRun: [NA1Messenger] c:\ups\wstd\UPSNA1Msgr.exe

mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe

mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey

mRun: [shStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\schedu~1.lnk - c:\program files\dhl\easyship v5.3\bin\DHLEasyShipSchedulerEngine.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\upswor~2.lnk - c:\ups\wstd\WSTDMessaging.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\upswor~1.lnk - c:\ups\wstd\wstdPldReminder.exe

IE: &Search

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

Trusted Zone: averydennison.com\www.webservices

Trusted Zone: bookitlive.net\www

Trusted Zone: cashs.com.au\www

Trusted Zone: kdbnm.cn\www

Trusted Zone: kungwo.com.hk\www

Trusted Zone: microsoft.com\*.update

Trusted Zone: microsoft.com\update

Trusted Zone: microsoft.com\windowsupdate

Trusted Zone: microsoft.com\www.update

Trusted Zone: pacnet.com.au\www

Trusted Zone: pacnetglobal.com\www

Trusted Zone: royaleasia.com\www

Trusted Zone: ups.com\wwwapps

Trusted Zone: vic.gov.au\rentalbonds

Trusted Zone: windowsupdate.com\download

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341205237905

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.10.10 192.168.10.15

TCP: Interfaces\{0EF25E98-3AF4-42F9-8298-6D5A160F6751} : DhcpNameServer = 192.168.10.10 192.168.10.15

Notify: igfxcui - igfxsrvc.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

LSA: Authentication Packages = msv1_0 nwprovau

.

============= SERVICES / DRIVERS ===============

.

R2 DCTO;DCTO;c:\progra~1\dhl\dcto\bin\jsl.exe [2012-4-11 49152]

R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2011-1-12 120128]

R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2011-1-12 209760]

R2 MSSQL$DHLEASYSHIP;SQL Server (DHLEASYSHIP);c:\program files\microsoft sql server\mssql10.dhleasyship\mssql\binn\sqlservr.exe [2009-3-30 43010392]

R2 MSSQL$UPSWSDBSERVER;MSSQL$UPSWSDBSERVER;c:\ups\wstd\mssql$upswsdbserver\binn\sqlservr.exe -supswsdbserver --> c:\ups\wstd\mssql$upswsdbserver\binn\sqlservr.exe -sUPSWSDBSERVER [?]

R3 USTORAGE;UMass Storage Device;c:\windows\system32\drivers\UStorage.sys [2009-4-14 31104]

S0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-7-5 436728]

S1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-7-5 88544]

S2 Centura SQLBase;Centura SQLBase;c:\ups\worldship\dbnt25sv.exe [2005-11-21 1616384]

S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-7-5 159320]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-7-5 145936]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-7-26 40776]

S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-7-5 171296]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-7-5 58456]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-7-5 85152]

S3 SQLAgent$UPSWSDBSERVER;SQLAgent$UPSWSDBSERVER;c:\ups\wstd\mssql$upswsdbserver\binn\sqlagent.exe -i upswsdbserver --> c:\ups\wstd\mssql$upswsdbserver\binn\sqlagent.EXE -i UPSWSDBSERVER [?]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-3-31 47128]

S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]

S4 SQLAgent$DHLEASYSHIP;SQL Server Agent (DHLEASYSHIP);c:\program files\microsoft sql server\mssql10.dhleasyship\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]

.

=============== Created Last 30 ================

.

2012-07-26 02:13:53 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-07-26 02:13:14 35328 ----a-w- c:\windows\system32\drivers\adef49c984fffd9.sys

2012-07-08 22:19:38 365568 ----a-w- c:\windows\system32\ZSHP1020.EXE

2012-07-08 22:19:38 169472 ----a-w- c:\windows\system32\ZLhp1020.DLL

2012-07-03 05:14:45 -------- d-----w- c:\program files\HP

.

==================== Find3M ====================

.

2012-07-26 23:07:01 74848 ----a-w- c:\windows\system32\MfeOtlkAddin.dll

2012-07-26 23:07:01 22816 ----a-w- c:\windows\system32\MFEOtlk.dll

2012-07-25 22:25:28 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-25 22:25:27 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-03 03:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:50:25 1372672 ------w- c:\windows\system32\msxml6.dll

2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 07:35:26 222448 ----a-w- c:\windows\system32\muweb.dll

2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 05:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 05:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 05:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 05:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 05:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 05:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-28 22:34:04 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-05-28 22:34:03 476960 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-05-28 22:34:03 472864 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec

2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

============= FINISH: 9:49:25.89 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 18/11/2005 12:46:32 PM

System Uptime: 27/07/2012 8:36:15 AM (1 hours ago)

.

Motherboard: Intel Corporation | | D915GAV

Processor: Intel® Pentium® 4 CPU 3.00GHz | J2E1 | 3000/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 75 GiB total, 45.928 GiB free.

D: is CDROM (UDF)

E: is NetworkDisk (NTFS) - 500 GiB total, 189.841 GiB free.

F: is Removable

H: is NetworkDisk (NTFS) - 100 GiB total, 41.249 GiB free.

P: is NetworkDisk (NTFS) - 500 GiB total, 189.841 GiB free.

T: is NetworkDisk (NTFS) - 500 GiB total, 189.841 GiB free.

W: is NetworkDisk (NTFS) - 500 GiB total, 189.841 GiB free.

X: is NetworkDisk (NTFS) - 500 GiB total, 189.841 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1560: 27/04/2012 7:06:47 PM - System Checkpoint

RP1561: 28/04/2012 8:05:47 PM - System Checkpoint

RP1562: 29/04/2012 8:05:55 PM - System Checkpoint

RP1563: 30/04/2012 8:06:02 PM - System Checkpoint

RP1564: 1/05/2012 8:06:08 PM - System Checkpoint

RP1565: 2/05/2012 8:06:15 PM - System Checkpoint

RP1566: 3/05/2012 8:06:22 PM - System Checkpoint

RP1567: 8/05/2012 5:14:47 PM - System Checkpoint

RP1568: 9/05/2012 5:16:23 PM - System Checkpoint

RP1569: 10/05/2012 8:27:28 AM - Software Distribution Service 3.0

RP1570: 11/05/2012 1:41:59 PM - System Checkpoint

RP1571: 12/05/2012 2:00:46 PM - System Checkpoint

RP1572: 13/05/2012 2:48:54 PM - System Checkpoint

RP1573: 14/05/2012 5:15:35 PM - System Checkpoint

RP1574: 16/05/2012 5:17:54 PM - System Checkpoint

RP1575: 17/05/2012 6:01:07 PM - System Checkpoint

RP1576: 21/05/2012 1:49:43 PM - System Checkpoint

RP1577: 22/05/2012 5:15:33 PM - System Checkpoint

RP1578: 23/05/2012 8:33:12 AM - Software Distribution Service 3.0

RP1579: 23/05/2012 8:41:07 AM - Software Distribution Service 3.0

RP1580: 23/05/2012 8:50:16 AM - Software Distribution Service 3.0

RP1581: 23/05/2012 9:03:11 AM - Software Distribution Service 3.0

RP1582: 23/05/2012 9:22:10 AM - Software Distribution Service 3.0

RP1583: 24/05/2012 1:54:37 PM - System Checkpoint

RP1584: 28/05/2012 1:41:33 PM - System Checkpoint

RP1585: 29/05/2012 8:33:33 AM - Removed Java™ 6 Update 29

RP1586: 30/05/2012 5:19:26 PM - System Checkpoint

RP1587: 31/05/2012 5:44:11 PM - System Checkpoint

RP1588: 4/06/2012 10:19:19 AM - System Checkpoint

RP1589: 5/06/2012 8:52:15 AM - Software Distribution Service 3.0

RP1590: 5/06/2012 2:39:35 PM - Printer Driver HP LaserJet 1020 Installed

RP1591: 5/06/2012 2:53:38 PM - Printer Driver HP LaserJet 1020 Installed

RP1592: 6/06/2012 4:04:43 PM - System Checkpoint

RP1593: 7/06/2012 5:34:50 PM - System Checkpoint

RP1594: 12/06/2012 8:21:27 AM - Printer Driver HP LaserJet 1020 Installed

RP1595: 13/06/2012 8:23:15 AM - System Checkpoint

RP1596: 14/06/2012 9:39:21 AM - System Checkpoint

RP1597: 14/06/2012 3:08:17 PM - Software Distribution Service 3.0

RP1598: 15/06/2012 3:14:34 PM - System Checkpoint

RP1599: 18/06/2012 9:22:52 AM - System Checkpoint

RP1600: 19/06/2012 9:41:47 AM - System Checkpoint

RP1601: 20/06/2012 10:42:37 AM - System Checkpoint

RP1602: 21/06/2012 10:52:26 AM - System Checkpoint

RP1603: 22/06/2012 3:31:18 PM - System Checkpoint

RP1604: 23/06/2012 4:11:55 PM - System Checkpoint

RP1605: 24/06/2012 4:38:49 PM - System Checkpoint

RP1606: 25/06/2012 8:48:07 AM - Printer Driver Microsoft Office Document Image Writer Installed

RP1607: 26/06/2012 2:15:03 PM - System Checkpoint

RP1608: 28/06/2012 1:33:08 PM - System Checkpoint

RP1609: 2/07/2012 3:06:42 PM - Software Distribution Service 3.0

RP1610: 2/07/2012 3:36:14 PM - Printer Driver HP LaserJet 1020 Installed

RP1611: 3/07/2012 9:20:50 AM - Printer Driver HP LaserJet 1020 Installed

RP1612: 3/07/2012 9:34:11 AM - Printer Driver HP LaserJet 1020 Installed

RP1613: 4/07/2012 5:16:01 PM - System Checkpoint

RP1614: 5/07/2012 6:13:02 PM - System Checkpoint

RP1615: 9/07/2012 8:21:08 AM - Printer Driver HP LaserJet 1020 Installed

RP1616: 10/07/2012 10:15:28 AM - System Checkpoint

RP1617: 11/07/2012 11:02:14 AM - System Checkpoint

RP1618: 12/07/2012 8:28:09 AM - Software Distribution Service 3.0

RP1619: 16/07/2012 5:19:14 PM - System Checkpoint

RP1620: 17/07/2012 5:29:09 PM - System Checkpoint

RP1621: 20/07/2012 9:52:06 AM - System Checkpoint

RP1622: 23/07/2012 8:53:12 AM - System Checkpoint

RP1623: 26/07/2012 1:31:27 PM - System Checkpoint

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Reader 9.5.1

Apple Software Update

ArcSoft PhotoImpression 5

ArcSoft VideoImpression 2

CCC

CCleaner

Chinese Simplified Fonts Support For Adobe Reader 9

Compatibility Pack for the 2007 Office system

Critical Update for Windows Media Player 11 (KB959772)

DCT Offline

DHL EasyShip v5.3

FormsComponent

FOSS

High Definition Audio Driver Package - KB835221

High Definition Audio Driver Package - KB888111

HighMAT Extension to Microsoft Windows XP CD Writing Wizard

Hotfix 2055 for SQL Server 2000 ENU (KB960082)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Format SDK (KB902344)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Adapters and Drivers

Java Auto Updater

Java™ 6 Update 32

Malwarebytes Anti-Malware version 1.62.0.1300

McAfee Agent

McAfee VirusScan Enterprise

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office File Validation Add-In

Microsoft Office Small Business Edition 2003

Microsoft SQL Server 2008

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 Native Client

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files

Microsoft SQL Server Desktop Engine (UPSWSDBSERVER)

Microsoft SQL Server VSS Writer

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Windows Journal Viewer

MSIChecker

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NA1Messenger

Nero OEM

NRF

OGA Notifier 2.0.0048.0

PolicyManager

Realtek High Definition Audio Driver

Reconciler

ReportServer

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB969897)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165-v2)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Service Pack 1 for SQL Server 2008 (KB968369)

Sql Server Customer Experience Improvement Program

SupportUtility

System

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows Internet Explorer 8 (KB2632503)

Update for Windows Internet Explorer 8 (KB971180)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2492386)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB942763)

Update for Windows XP (KB943729)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

UPS WorldShip

UPSDB

UPSICC

UPSlinkHTTP

UPSVCMM

WebFldrs XP

WebHelp

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage v1.3.0254.0

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Hotfix - KB895181

Windows Media Player 10 Hotfix - KB888656

Windows Media Player 10 Hotfix - KB892313

Windows Media Player 11

Windows XP Service Pack 3

WinZip

WorldShip

WorldShip 7.0

XMLinst

.

==== Event Viewer Messages From Past Week ========

.

27/07/2012 8:38:16 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: mfehidk mfetdi2k

26/07/2012 2:10:26 PM, error: Service Control Manager [7000] - The McAfee Inc. mfehidk service failed to start due to the following error: A device attached to the system is not functioning.

26/07/2012 2:03:28 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde mfehidk mfetdi2k

26/07/2012 2:03:28 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Centura SQLBase service to connect.

26/07/2012 2:03:28 PM, error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.

26/07/2012 2:03:28 PM, error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.

26/07/2012 2:03:28 PM, error: Service Control Manager [7000] - The Centura SQLBase service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

26/07/2012 12:53:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

26/07/2012 12:50:04 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm mfehidk mfetdi2k

26/07/2012 12:24:44 PM, error: Service Control Manager [7000] - The mbamchameleon service failed to start due to the following error: A device attached to the system is not functioning.

.

==== End Of File ===========================

Link to post
Share on other sites

Thanks for your help.

MBAM scan was clean. Log below anyway.

Database version: v2012.07.26.16

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

amanda :: JESSIE [administrator]

27/07/2012 10:06:44 AM

mbam-log-2012-07-27 (10-06-44).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 339770

Time elapsed: 9 minute(s), 9 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

The other file doesn't exist or I can't find it in that location.

Thanks.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.