Live Security Platinum removed, please look over HJT log to verify

[MarkusRuckus]

can someone look over this log to verify this system is clean? I already removed the infection per the instructions at http://malwaretips.com/blogs/live-security-platinum-virus/

Thanks in advance! see below:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by dave dewiel at 14:18:41 on 2012-08-09

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.254 [GMT -4:00]

.

AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: AVG Internet Security 2012 *Enabled*

FW: AVG Firewall *Disabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\WINDOWS\system32\ctfmon.exe

svchost.exe

C:\WINDOWS\system32\pctspk.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\WINDOWS\System32\msiexec.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\NOTEPAD.EXE

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.search.yahoo.com/?fr=w3i&type=W3i_SP,204,0_0,StartPage,20111146,16898,0,8,0

uWindow Title = Internet Explorer, optimized for Bing and MSN

uDefault_Page_URL = hxxp://www.msn.com

uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\YTNavAssist.dll

mURLSearchHooks: H - No File

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1344535646275

DPF: {E6BB2089-163F-466B-812A-748096614DFD} - hxxp://cainternetsecurity.net/scanner/cascanner.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{22F5D2F5-4D5B-4AE8-AE44-C1E1D06D2C0A} : DhcpNameServer = 209.18.47.61 209.18.47.62

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\dave dewiel\application data\mozilla\firefox\profiles\jqaw4g29.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?ilc=1

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bd131708c-9937-46df-ba71-8cfe6e087bfd%7D&mid=5bf81c80d81a47d69567d159f37a2f56-dec1d29f266496e8f8eb103162b6c03306110fd4&ds=AVG&v=8.0.0.34.1〈=en&pr=fr&d=2011-10-26%2013%3A27%3A09&sap=ku&q=

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_270.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]

R1 MpKsl5dec1b38;MpKsl5dec1b38;c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{bfcd3e0f-25ee-4a81-9400-4a258d8ea735}\MpKsl5dec1b38.sys [2012-8-9 29904]

R3 mgau;mgau;c:\windows\system32\drivers\mgaum.sys [2010-7-21 320384]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-8 250056]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-8-7 40776]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-12 113120]

.

=============== Created Last 30 ================

.

2012-08-09 18:18:14 29904 ----a-w- c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{bfcd3e0f-25ee-4a81-9400-4a258d8ea735}\MpKsl5dec1b38.sys

2012-08-09 18:14:15 -------- d-----w- C:\temp

2012-08-09 18:01:43 6891424 ----a-w- c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{bfcd3e0f-25ee-4a81-9400-4a258d8ea735}\mpengine.dll

2012-08-09 17:52:06 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-08-09 17:52:06 222448 ----a-w- c:\windows\system32\muweb.dll

2012-08-09 17:52:06 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-08-08 16:45:28 -------- d-----w- c:\program files\HitmanPro

2012-08-08 16:44:54 -------- d-----w- c:\documents and settings\all users.windows\application data\HitmanPro

2012-08-08 00:37:17 6891424 ----a-w- c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2012-08-08 00:36:19 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-08-08 00:32:58 -------- d-----w- c:\program files\Microsoft Security Client

2012-08-07 23:16:31 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-08-07 23:16:30 -------- d-----w- c:\documents and settings\dave dewiel\application data\Malwarebytes

2012-08-07 23:16:14 -------- d-----w- c:\documents and settings\all users.windows\application data\Malwarebytes

2012-08-07 23:16:12 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-07 23:16:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-08-07 20:45:34 -------- d-----w- c:\program files\ESET

2012-08-07 20:17:01 1051552 ----a-w- C:\iexplore.exe

2012-08-07 20:15:40 1205 ----a-w- C:\registryfix.reg

2012-08-07 19:43:07 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys

2012-08-07 19:43:07 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys

2012-08-07 19:43:00 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys

2012-08-07 19:43:00 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys

2012-08-06 23:36:10 -------- d-----w- c:\documents and settings\all users.windows\application data\6F638BB519C3D28A16E86BEB7B07D287

2012-07-26 02:04:22 -------- d-----w- c:\documents and settings\dave dewiel\application data\TuneUp Software

2012-07-26 02:03:18 -------- d-----w- c:\documents and settings\all users.windows\application data\TuneUp Software

2012-07-26 02:02:56 -------- d-sh--w- c:\documents and settings\all users.windows\application data\{32364CEA-7855-4A3C-B674-53D8E9B97936}

.

==================== Find3M ====================

.

2012-08-05 12:14:01 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-05 12:14:01 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:50:25 1372672 ------w- c:\windows\system32\msxml6.dll

2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll

.

============= FINISH: 14:19:43.12 ===============

-

-

-

-

-

-

-

attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 7/21/2010 3:45:47 PM

System Uptime: 8/9/2012 1:49:59 PM (1 hours ago)

.

Motherboard: Compaq | | 06E4h

Processor: AMD Duron Processor | U12A | 801/100mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 28 GiB total, 14.251 GiB free.

D: is CDROM ()

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}

Description: PS/2 Compatible Mouse

Device ID: ACPI\PNP0F13\4&2EEFE43E&0

Manufacturer: Microsoft

Name: PS/2 Compatible Mouse

PNP Device ID: ACPI\PNP0F13\4&2EEFE43E&0

Service: i8042prt

.

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}

Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard

Device ID: ACPI\PNP0303\4&2EEFE43E&0

Manufacturer: (Standard keyboards)

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard

PNP Device ID: ACPI\PNP0303\4&2EEFE43E&0

Service: i8042prt

.

==== System Restore Points ===================

.

RP287: 5/10/2012 7:55:31 PM - System Checkpoint

RP288: 5/11/2012 9:49:30 PM - System Checkpoint

RP289: 5/12/2012 10:00:07 PM - System Checkpoint

RP290: 5/18/2012 4:54:50 PM - System Checkpoint

RP291: 5/20/2012 3:54:50 PM - System Checkpoint

RP292: 5/23/2012 3:46:53 PM - System Checkpoint

RP293: 5/24/2012 4:11:01 PM - System Checkpoint

RP294: 5/25/2012 7:44:38 PM - System Checkpoint

RP295: 5/26/2012 9:30:53 PM - System Checkpoint

RP296: 5/27/2012 9:56:02 PM - System Checkpoint

RP297: 5/28/2012 10:29:14 PM - System Checkpoint

RP298: 5/30/2012 9:10:04 PM - System Checkpoint

RP299: 6/2/2012 5:37:58 PM - System Checkpoint

RP300: 6/3/2012 5:53:30 PM - System Checkpoint

RP301: 6/4/2012 6:59:11 AM - Software Distribution Service 3.0

RP302: 6/5/2012 3:24:45 PM - System Checkpoint

RP303: 6/6/2012 4:10:30 PM - System Checkpoint

RP304: 6/7/2012 8:10:42 PM - System Checkpoint

RP305: 6/8/2012 8:55:50 PM - System Checkpoint

RP306: 6/9/2012 9:35:09 PM - System Checkpoint

RP307: 6/12/2012 7:49:21 PM - System Checkpoint

RP308: 6/13/2012 2:18:49 PM - Software Distribution Service 3.0

RP309: 6/13/2012 8:50:12 PM - Software Distribution Service 3.0

RP310: 6/14/2012 9:33:50 PM - System Checkpoint

RP311: 6/15/2012 10:21:31 PM - System Checkpoint

RP312: 6/16/2012 10:54:14 PM - System Checkpoint

RP313: 6/18/2012 5:14:38 PM - System Checkpoint

RP314: 6/19/2012 5:45:05 PM - System Checkpoint

RP315: 6/20/2012 7:27:07 PM - System Checkpoint

RP316: 6/21/2012 8:16:37 PM - System Checkpoint

RP317: 6/24/2012 6:49:09 PM - System Checkpoint

RP318: 6/27/2012 11:58:56 AM - System Checkpoint

RP319: 6/28/2012 4:12:51 PM - System Checkpoint

RP320: 6/29/2012 4:39:28 PM - System Checkpoint

RP321: 7/1/2012 12:17:33 PM - System Checkpoint

RP322: 7/2/2012 12:59:21 PM - System Checkpoint

RP323: 7/3/2012 6:52:04 PM - System Checkpoint

RP324: 7/4/2012 7:05:32 PM - System Checkpoint

RP325: 7/6/2012 1:17:52 PM - System Checkpoint

RP326: 7/8/2012 1:25:46 PM - System Checkpoint

RP327: 7/9/2012 3:50:02 PM - System Checkpoint

RP328: 7/10/2012 4:09:32 PM - System Checkpoint

RP329: 7/11/2012 3:46:05 PM - Software Distribution Service 3.0

RP330: 7/12/2012 4:38:37 PM - System Checkpoint

RP331: 7/13/2012 5:33:34 PM - System Checkpoint

RP332: 7/14/2012 5:34:13 PM - System Checkpoint

RP333: 7/16/2012 3:04:13 PM - System Checkpoint

RP334: 7/17/2012 3:40:38 PM - System Checkpoint

RP335: 7/18/2012 4:43:16 PM - System Checkpoint

RP336: 7/19/2012 4:45:22 PM - System Checkpoint

RP337: 7/20/2012 9:04:49 PM - System Checkpoint

RP338: 7/22/2012 1:19:17 PM - Installed AVG 2012

RP339: 7/22/2012 1:32:11 PM - Removed AVG 2012

RP340: 7/23/2012 1:59:15 PM - System Checkpoint

RP341: 7/24/2012 2:10:41 PM - System Checkpoint

RP342: 7/25/2012 2:28:51 PM - System Checkpoint

RP343: 7/26/2012 2:36:12 PM - System Checkpoint

RP344: 7/27/2012 3:57:09 PM - System Checkpoint

RP345: 8/5/2012 7:46:08 AM - System Checkpoint

RP346: 8/6/2012 12:35:49 PM - System Checkpoint

RP347: 8/7/2012 8:36:17 PM - Software Distribution Service 3.0

RP348: 8/9/2012 2:01:31 PM - Software Distribution Service 3.0

RP349: 8/9/2012 2:07:37 PM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.1

ESET Online Scanner v3

GoZone iSync

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2633952)

Malwarebytes Anti-Malware version 1.62.0.1300

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Security Client

Microsoft Security Essentials

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB941569)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB982632)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

WebFldrs XP

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

8/8/2012 12:58:28 PM, error: Dhcp [1002] - The IP address lease 192.168.1.111 for the Network Card with network address 0010B59EC6A5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

8/7/2012 4:15:36 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

8/7/2012 4:12:08 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service TuneUp.UtilitiesSvc with arguments "" in order to run the server: {FCA02D56-BF9D-4591-AD41-E59AF763C64A}

8/7/2012 4:11:53 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service TuneUp.UtilitiesSvc with arguments "" in order to run the server: {5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}

8/7/2012 3:50:16 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

8/7/2012 3:49:16 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

8/7/2012 3:48:48 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 Fips i8042prt Processor

8/7/2012 3:42:44 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt

8/7/2012 3:42:44 PM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758213660 (0xE001CA1C).

8/6/2012 7:48:17 PM, error: Service Control Manager [7034] - The AVG Firewall service terminated unexpectedly. It has done this 1 time(s).

8/6/2012 7:48:17 PM, error: Service Control Manager [7022] - The Yahoo! Updater service hung on starting.

8/6/2012 7:48:17 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

8/6/2012 7:48:17 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

8/6/2012 7:46:55 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect.

8/6/2012 7:46:55 PM, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

8/6/2012 7:37:26 PM, error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).

8/6/2012 7:37:26 PM, error: Service Control Manager [7034] - The vToolbarUpdater11.2.0 service terminated unexpectedly. It has done this 1 time(s).

8/6/2012 7:37:26 PM, error: Service Control Manager [7034] - The TuneUp Utilities Service service terminated unexpectedly. It has done this 1 time(s).

8/6/2012 7:37:26 PM, error: Service Control Manager [7034] - The PCTEL Speaker Phone service terminated unexpectedly. It has done this 1 time(s).

8/6/2012 7:37:26 PM, error: Service Control Manager [7031] - The AVG WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

8/6/2012 7:37:26 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVG WatchDog service to connect.

8/6/2012 7:37:26 PM, error: Service Control Manager [7000] - The AVG WatchDog service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

[MrCharlie]

Welcome to the forum. Lets look a little deeper >>>

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

[MarkusRuckus]

Thanks for the fast reply. here is the log

RogueKiller V7.6.5 [08/03/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: dave dewiel [Admin rights]

Mode: Scan -- Date: 08/09/2012 15:23:31

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 1 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD300AA-60BAA0 +++++

--- User ---

[MBR] 4769d42d0971ad5cb82df33ce68c31e7

[bSP] 17667dedc59acdf168ec0fc2c89a60e8 : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 28615 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[MrCharlie]

It looks OK, are you having any issues??

We can always run another scanner if so, MrC

[MarkusRuckus]

No, just cleaning up PCs for family and I wanted to make sure I got everything. Thank you for looking it over. I appreciate it.

[MrCharlie]

OK..........

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!