Jump to content

I'm infected reparding to this topic


pudit
 Share

Recommended Posts

Hi

Regarding to this topic

http://forums.malwarebytes.org/index.php?showtopic=113359&hl=&fromsearch=1

I decided to format my PC and install new windows. I still found the same alert from MalwareBite

Here is log file

Malwarebytes Anti-Malware (Corporate) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.23.01

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Administrator :: NZN-B87372EDF4A [administrator]

Protection: Enabled

23/8/2555 7:18:13

mbam-log-2012-08-23 (07-18-13).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 178994

Time elapsed: 6 minute(s), 46 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

+++++++++

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Administrator at 7:19:01 on 2012-08-23

Microsoft Windows XP Professional 5.1.2600.3.874.66.1033.18.2046.1021 [GMT 7:00]

.

AV: Avira Desktop *Enabled/Updated* {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\VistaDrive\VistaDrive.exe

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\Program Files\Drive Space Indicator\DrvSpace.exe

C:\Program Files\Utilities\VisualTooltip\VisualToolTip.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\LClock\LClock.exe

C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RtkBtMnt.exe

C:\WINDOWS\system32\agrsmsvc.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files\Avira\AntiVir Desktop\avmailc.exe

C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Mozilla Firefox\firefox.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: SfcDisable=-99 (0xffffff9d)

BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\documents and settings\administrator\application data\flashgetbho\FlashGetBHO.dll

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [LClock] c:\program files\lclock\LClock.exe

uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [FlashGet 3] "c:\program files\flashget network\flashget 3\FlashGet3.exe" -minimize

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [VistaDrive] c:\windows\vistadrive\VistaDrive.exe

mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"

mRun: [DriveSpace] c:\program files\drive space indicator\DrvSpace.exe

mRun: [VisualTooltip] c:\program files\utilities\visualtooltip\VisualToolTip.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [AzMixerSel] c:\program files\realtek\installshield\AzMixerSel.exe

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

dRun: [LClock] c:\program files\lclock\LClock.exe

dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bluetooth.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

dPolicies-explorer: NoSMHelp = 1 (0x1)

IE: Download all links by FlashGet3 - c:\program files\flashget network\flashget 3\bho\fdgetallurl.htm

IE: Download by FlashGet3 - c:\program files\flashget network\flashget 3\bho\fdgeturl.htm

IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

LSP: c:\program files\avira\antivir desktop\avsda.dll

TCP: DhcpNameServer = 203.144.206.29 203.144.206.49

TCP: Interfaces\{C9B5EC92-0D09-4D17-8F0C-B3DA013994C1} : DhcpNameServer = 203.144.206.29 203.144.206.49

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll

mASetup: {34A19196-274E-4D75-9D30-D7A45A0A4178} - "%ProgramFiles%\Windows Sidebar\.\regsvr32.exe" /s wlsrvc.dll

mASetup: {6B9228DA-9C15-419e-856C-19E768A13BDC} - "%ProgramFiles%\Windows Sidebar\.\regsvr32.exe" /s sbdrop.dll

mASetup: {D58F39FF-953E-4F45-898F-59F243B9A523} - HIDEC /W "%VAIOTOOLS%\regtlib.exe" "%ProgramFiles%\Windows Sidebar\sidebar.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\fbvp75ap.default\

FF - plugin: c:\documents and settings\administrator\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.http.max-connections-per-server - 6

FF - user.js: network.http.max-persistent-connections-per-server - 3

.

============= SERVICES / DRIVERS ===============

.

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-8-21 36000]

R2 AntiVirMailService;Avira Mail Protection;c:\program files\avira\antivir desktop\avmailc.exe [2012-8-21 375760]

R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-8-21 86224]

R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-8-21 110032]

R2 AntiVirWebService;Avira Web Protection;c:\program files\avira\antivir desktop\avwebgrd.exe [2012-8-21 465360]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-8-21 83392]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-8-22 655944]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2011-12-8 1527104]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-8-22 22344]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-8-23 40776]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2011-7-7 10064]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-8-22 250568]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-21 113120]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-08-23 00:15:55 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-08-22 06:08:56 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-22 06:08:56 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-22 03:26:47 99840 ------w- c:\windows\system32\dllcache\srvsvc.dll

2012-08-22 03:26:45 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll

2012-08-22 03:26:45 265728 ------w- c:\windows\system32\dllcache\http.sys

2012-08-22 03:26:45 25088 ------w- c:\windows\system32\dllcache\httpapi.dll

2012-08-22 02:31:21 -------- d-----w- C:\DRMSoft

2012-08-22 01:27:52 -------- d-----w- c:\documents and settings\all users\application data\Broadcom

2012-08-22 00:29:41 -------- d-----w- c:\documents and settings\administrator\application data\BITS

2012-08-22 00:29:40 -------- d-----w- c:\documents and settings\administrator\application data\FlashgetSetup

2012-08-22 00:29:33 -------- d-----w- c:\documents and settings\administrator\application data\FlashGetBHO

2012-08-22 00:29:29 -------- d-----w- c:\program files\FlashGet Network

2012-08-22 00:29:29 -------- d-----w- c:\documents and settings\administrator\application data\FlashGet

2012-08-22 00:24:40 -------- d-----w- c:\documents and settings\administrator\local settings\application data\TechSmith

2012-08-22 00:24:20 -------- d-----w- c:\windows\system32\QuickTime

2012-08-22 00:24:11 -------- d-----w- c:\windows\system32\Flash

2012-08-22 00:23:59 -------- d-----w- c:\program files\common files\TechSmith Shared

2012-08-21 23:44:08 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes

2012-08-21 23:44:03 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-08-21 23:44:02 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-21 23:44:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-08-21 11:02:22 11136 ----a-w- c:\windows\system32\drivers\slip.sys

2012-08-21 11:02:20 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys

2012-08-21 11:02:18 10880 ----a-w- c:\windows\system32\drivers\ndisip.sys

2012-08-21 11:02:17 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys

2012-08-21 11:02:15 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys

2012-08-21 11:02:14 7552 ----a-w- c:\windows\system32\drivers\mskssrv.sys

2012-08-21 11:02:12 5376 ----a-w- c:\windows\system32\drivers\mspclock.sys

2012-08-21 11:02:10 16384 ----a-w- c:\windows\system32\ipsink.ax

2012-08-21 11:02:10 15232 ----a-w- c:\windows\system32\drivers\streamip.sys

2012-08-21 11:02:08 4992 ----a-w- c:\windows\system32\drivers\mspqm.sys

2012-08-21 11:02:04 3072 ----a-w- c:\windows\system32\drivers\audstub.sys

2012-08-21 11:01:37 91136 ----a-w- c:\windows\system32\kswdmcap.ax

2012-08-21 11:01:37 61952 ----a-w- c:\windows\system32\kstvtune.ax

2012-08-21 11:01:37 53760 ----a-w- c:\windows\system32\vfwwdm32.dll

2012-08-21 11:01:37 43008 ----a-w- c:\windows\system32\ksxbar.ax

2012-08-21 11:01:37 4096 ----a-w- c:\windows\system32\ksuser.dll

2012-08-21 11:01:37 28672 ----a-w- c:\windows\system32\vidcap.ax

2012-08-21 11:01:37 20992 ----a-w- c:\windows\system32\dshowext.ax

2012-08-21 11:01:37 129536 ----a-w- c:\windows\system32\ksproxy.ax

2012-08-21 11:01:37 121984 ----a-w- c:\windows\system32\drivers\usbvideo.sys

2012-08-21 11:01:23 57600 ----a-w- c:\windows\system32\drivers\redbook.sys

2012-08-21 11:00:26 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys

2012-08-21 11:00:01 74240 ----a-w- c:\windows\system32\usbui.dll

.

==================== Find3M ====================

.

2012-08-21 05:14:51 315392 ----a-w- c:\windows\HideWin.exe

2012-07-18 11:07:12 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-07-18 11:07:12 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll

2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll

2012-07-02 17:49:32 43520 ------w- c:\windows\system32\licmgr10.dll

2012-07-02 17:49:32 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-07-02 12:05:43 385024 ------w- c:\windows\system32\html.iec

2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 08:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 08:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 08:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 08:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 08:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 08:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 08:18:58 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 08:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

.

============= FINISH: 7:20:04.06 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 21/8/2555 11:14:56

System Uptime: 23/8/2555 6:26:35 (1 hours ago)

.

Motherboard: Acer, Inc. | | Nestos

Processor: Intel® Pentium® Dual CPU T2410 @ 2.00GHz | U2E1 | 1999/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 39 GiB total, 26.165 GiB free.

D: is FIXED (NTFS) - 110 GiB total, 52.769 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}

Description:

Device ID: ACPI\WEC1023\4&7EDBEB0&0

Manufacturer:

Name:

PNP Device ID: ACPI\WEC1023\4&7EDBEB0&0

Service:

.

==== System Restore Points ===================

.

RP1: 21/8/2555 13:54:27 - System Checkpoint

RP2: 21/8/2555 17:33:31 - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

RP3: 21/8/2555 17:34:11 - Installed OpenOffice.org 3.4

RP4: 22/8/2555 7:23:53 - Installed Camtasia Studio 5

RP5: 22/8/2555 8:00:25 - Installed Camtasia Studio 8

RP6: 22/8/2555 8:28:09 - Installed Broadcom Driver v4.170.25.12_Foxconn Installation Prog

RP7: 22/8/2555 12:48:48 - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

7-Zip 4.47 beta

Adobe Flash Player 11 Plugin

Agere Systems HDA Modem

Artisteer 3

Avira Antivirus Premium 2012

Broadcom Driver v4.170.25.12_Foxconn Installation Program

Broadcom Gigabit Integrated Controller

Broadcom Wireless LAN Driver 4.100.15.7_Negative_Foxconn

Camtasia Studio 5

Camtasia Studio 8

CCleaner

CPL All-in-One

Drive Space Indicator

DVD Decrypter (Remove Only)

FlashGet3.7

Foxit Reader

Google Chrome

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

LClock

Malwarebytes Anti-Malware version 1.62.0.1300

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 SP1

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual J# 1.1 Redistributable Package

Microsoft Visual J# 2.0 Redistributable

Microsoft Visual J# 2.0 Redistributable Package

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB925672)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser (KB925673)

NirSoft Collection

NVIDIA Drivers

OpenOffice.org 3.4

Realtek High Definition Audio Driver

Registry Mechanic 6.0

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982665)

Software Update for Web Folders

TuneUp Utilities 2011

TuneUp Utilities Language Pack (en-US)

Unlocker 1.8.5

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2718704)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB973815)

VAIOXP

Vista Drive Indicator!

Vista System Properties

WIDCOMM Bluetooth Software

Windows Driver Package - Intel (NETw4x32) net (10/31/2007 11.5.0.34)

Windows Driver Package - Intel (w29n51) net (07/25/2007 9.0.4.37)

Windows Driver Package - Intel net (10/31/2007 11.5.0.34)

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Sidebar

Windows XP Service Pack 3

WinRAR archiver

.

==== Event Viewer Messages From Past Week ========

.

21/8/2555 13:36:52, error: Service Control Manager [7000] - The TuneUp Theme Extension service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.

21/8/2555 11:24:05, error: SideBySide [9] - Syntax error in manifest or policy file "C:\Program Files\Windows Sidebar\regsvr32.exe.Manifest" on line 3. The manifest file root element must be assembly.

21/8/2555 11:24:05, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Windows Sidebar\regsvr32.exe.Manifest. Reference error message: The operation completed successfully. .

21/8/2555 11:24:05, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Windows Sidebar\regsvr32.exe.Manifest" on line 3.

21/8/2555 11:15:16, error: Setup [60055] - Windows Setup encountered non-fatal errors during installation. Please check the setuperr.log found in your Windows directory for more information.

.

==== End Of File ===========================

I still infected? Please kindly advise

Thanks!

Link to post
Share on other sites

  • Root Admin

The log you posted does not show an infection. What are you seeing?

You have the following which is not good, it basically disables file protection

mWinlogon: SfcDisable=-99 (0xffffff9d)

You also appear to be running a Realtek audio driver out of your temp folder which generally speaking nothing should run from the temp folder long term.

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RtkBtMnt.exe

FlashGet though used by many is also an easy way to download unknown and potentially infected files sort of like Torrent usage that may heavily increase your chances of becoming infected in the near future

This utility is not needed and can potentially cause harm to your computer. It is generally considered Snake Oil software by most Support Techs.

Registry Mechanic 6.0

These utilities are known to sometimes cause minor issues with some registry settings as well. Continued use is up to you but your PC really does not need most of this and there are built in tools to do most maintenance for Windows already.

TuneUp Utilities 2011

TuneUp Utilities Language Pack (en-US)

You're having multiple errors being generated from this software so you should either track down the issue and fix it or uninstall it.

Windows Sidebar

The Event Log shows that there was some type of error during the Windows installation process. Reviewing the log may provide more information as to what caused it.

21/8/2555 11:15:16, error: Setup [60055] - Windows Setup encountered non-fatal errors during installation. Please check the setuperr.log found in your Windows directory for more information.

Please see the following

MSG_NONFATAL_ERRORS

We can run some other scanners but unless you can point out in more details what you're seeing the current log appears to be clean from infection

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.