Jump to content

"whitesnake" infection


Recommended Posts

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 1/6/2010 7:44:15 PM

System Uptime: 2/19/2013 1:27:02 PM (1 hours ago)

.

Motherboard: PEGATRON CORPORATION | | Benicia

Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz | CPU 1 | 2400/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 452 GiB total, 349.506 GiB free.

D: is FIXED (NTFS) - 13 GiB total, 13.306 GiB free.

E: is FIXED (NTFS) - 466 GiB total, 137.91 GiB free.

F: is CDROM ()

H: is Removable

I: is Removable

J: is Removable

L: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP491: 2/17/2013 7:16:53 PM - Windows Backup

RP492: 2/18/2013 5:07:16 PM - Installed calibre

RP493: 2/19/2013 12:30:39 PM - Removed Philips SPC 900NC PC Camera

RP494: 2/19/2013 12:31:19 PM - Removed Skype™ 5.1

RP495: 2/19/2013 12:32:10 PM - Removed Tether

RP496: 2/19/2013 12:48:29 PM - Norton_Power_Eraser_20130219124825230

.

==== Installed Programs ======================

.

"Nero SoundTrax Help

64 Bit HP CIO Components Installer

7-Zip 9.20 (x64 edition)

AC-3 ACM Decompressor

AC3Filter 1.63b

Add or Remove Adobe Creative Suite 3 Master Collection

Adobe Acrobat 8 Professional

Adobe After Effects CS3

Adobe After Effects CS3 Presets

Adobe AIR

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe BridgeTalk Plugin CS3

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Color - Photoshop Specific

Adobe Color Common Settings

Adobe Color EU Extra Settings

Adobe Color JA Extra Settings

Adobe Color NA Recommended Settings

Adobe Community Help

Adobe Contribute CS3

Adobe Creative Suite 3 Master Collection

Adobe Default Language CS3

Adobe Device Central CS3

Adobe Dreamweaver CS3

Adobe Encore CS3

Adobe Encore CS3 Codecs

Adobe ExtendScript Toolkit 2

Adobe Extension Manager CS3

Adobe Fireworks CS3

Adobe Flash CS3

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Flash Video Encoder

Adobe Fonts All

Adobe Help Viewer CS3

Adobe Illustrator CS3

Adobe InDesign CS3

Adobe InDesign CS3 Icon Handler

Adobe Linguistics CS3

Adobe Media Player

Adobe MotionPicture Color Files

Adobe PDF Library Files

Adobe Photoshop CS3

Adobe Premiere Pro CS3

Adobe Premiere Pro CS3 Functional Content

Adobe Premiere Pro CS3 Third Party Content

Adobe Reader 9.5.2

Adobe Setup

Adobe SING CS3

Adobe Soundbooth CS3

Adobe Soundbooth CS3 Codecs

Adobe Stock Photos CS3

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe Version Cue CS3 Server

Adobe Video Profiles

Adobe WAS CS3

Adobe WinSoft Linguistics Plugin

Adobe XMP DVA Panels CS3

Adobe XMP Panels CS3

Advertising Center

AHV content for Acrobat and Flash

AIO_Scan

Amazon Kindle

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

ATI Catalyst Registration

AutocompletePro

AVG 2011

Avi2Dvd 0.6.1

AviSynth 2.5

AVStoDVD 2.5.1

Bonjour

BufferChm

calibre

CARIS Easy View 2.0.0.1

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center HydraVision Full

Catalyst Control Center InstallProxy

ccc-core-static

ccc-utility64

CCC Help English

CDBurnerXP

Cisco WebEx Meeting Center for Firefox or Chrome

Cisco WebEx Meeting Center for Internet Explorer

Cisco WebEx Meetings

Compatibility Pack for the 2007 Office system

Copy

CoreAAC Audio Decoder (remove only)

Creative Centrale

Creative Software Update

Dell Driver Download Manager

Dell TrueMobile 2300 Control Utility

Dell TrueMobile 2300 Wireless Broadband Router Control Utility

Destinations

DeviceDiscovery

DJ_AIO_03_F4200_Software_Min

DocProc

DolbyFiles

DVD Decrypter (Remove Only)

DVD Shrink 3.2

DVDFab 6.2.1.8 (31/12/2009)

F4200

Fax

ffdshow [rev 3299] [2010-03-03]

FlipShare

FormatFactory 2.96

Google Chrome

Google Earth

Google SketchUp 7

Google Update Helper

GPBaseService2

High-Definition Video Playback 10

HiJackThis

HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3

HP Imaging Device Functions 13.0

HP Photosmart Essential 3.5

HP Update

HPDiagnosticAlert

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

Hulu Desktop

HuluDesktopIntegration

iCloud

ImagXpress

ImgBurn

Intel® Rapid Storage Technology

iTunes

Java 7 Update 10

Java Auto Updater

Java 6 Update 22

Java 6 Update 26

K-Lite Codec Pack 5.7.0 (Full)

Kies mini

LightScribe System Software

LockHunter version 1.0 beta 3, 64 bit edition

Malwarebytes Anti-Malware version 1.70.0.1100

Maretron N2KView

Maretron N2KView Installer 3.4.4

MarketResearch

Media Player Classic

Menu Templates - Starter Kit

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Mouse and Keyboard Center

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Word Viewer 2003

Microsoft Primary Interoperability Assemblies 2005

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft_VC80_ATL_x86

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

MKVToolNix 5.7.0

MobileMe Control Panel

Movie Templates - Starter Kit

MozBackup 1.4.10

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

Mozilla Thunderbird 17.0.2 (x86 en-US)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MUSK Codec Pack v6.0

Nero 10 ClipartPack

Nero 10 Menu TemplatePack 1

Nero 10 Menu TemplatePack 2

Nero 10 Menu TemplatePack 3

Nero 10 Menu TemplatePack Basic

Nero 10 Movie ThemePack 1

Nero 10 Movie ThemePack 2

Nero 10 Movie ThemePack Basic

Nero 10 Sample ImagePack

Nero 10 Sample Videos

Nero 9

Nero BackItUp 10

Nero BackItUp 10 Help (CHM)

Nero BackItUp and Burn

Nero Burning ROM 10

Nero Burning ROM Help

Nero BurningROM 10 Help (CHM)

Nero BurnRights

Nero BurnRights 10

Nero BurnRights 10 Help (CHM)

Nero BurnRights Help

Nero Control Center 10

Nero ControlCenter

Nero Core Components 10

Nero CoverDesigner

Nero CoverDesigner 10

Nero CoverDesigner 10 Help (CHM)

Nero CoverDesigner Help

Nero Disc Copy Gadget

Nero Disc Copy Gadget Help

Nero DiscSpeed

Nero DiscSpeed 10

Nero DiscSpeed 10 Help (CHM)

Nero DiscSpeed Help

Nero Dolby Files 10

Nero DriveSpeed

Nero DriveSpeed Help

Nero Express

Nero Express 10

Nero Express 10 Help (CHM)

Nero Express Help

Nero InfoTool

Nero InfoTool 10

Nero InfoTool 10 Help (CHM)

Nero InfoTool Help

Nero Installer

Nero Live

Nero Live Help

Nero MediaHub 10

Nero MediaHub 10 Help (CHM)

Nero Multimedia Suite 10

Nero PhotoSnap

Nero PhotoSnap Help

Nero Recode

Nero Recode 10

Nero Recode 10 Help (CHM)

Nero Recode Help

Nero Rescue Agent

Nero RescueAgent

Nero RescueAgent 10

Nero RescueAgent 10 Help (CHM)

Nero RescueAgent Help

Nero ShowTime

Nero SoundTrax 10

Nero SoundTrax 10 Help (CHM)

Nero StartSmart

Nero StartSmart 10

Nero StartSmart 10 Help (CHM)

Nero StartSmart Help

Nero Update

Nero Vision

Nero Vision 10

Nero Vision 10 Help (CHM)

Nero Vision Help

Nero WaveEditor

Nero WaveEditor 10

Nero WaveEditor 10 Help (CHM)

NeroBurningROM

NeroExpress

NeroLiveGadget

NeroLiveGadget Help

neroxml

Network64

Nikon Scan

Norton Security Suite

OCR Software by I.R.I.S. 13.0

Octoshape add-in for Adobe Flash Player

OpenCPN 2.3.1

OpenOffice.org 3.3

PDF Settings

PicPick

PS_AIO_02_ProductContext

PS_AIO_02_Software

PS_AIO_02_Software_Min

PxMergeModule

QuickPar 0.9

QuickTime

Safari

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

SES Driver

SmartWebPrinting

SolutionCenter

SoundTrax

Spybot - Search & Destroy

Status

SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49

SUPERAntiSpyware

SUPERAntiSpyware Free Edition

Times Reader

Toolbox

TrayApp

UnloadSupport

Unlocker 1.8.9

Unlocker 1.9.0-x64

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Visual C++ 8.0 Runtime Setup Package (x64)

Visual Studio 2008 x64 Redistributables

VLC media player 2.0.2

VueScan

WebReg

Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0)

Windows Media Player Firefox Plugin

WinPatrol

WinRAR archiver

Xvid 1.2.2 final uninstall

.

==== Event Viewer Messages From Past Week ========

.

2/19/2013 2:06:22 PM, Error: PCTCore [280] -

2/19/2013 12:56:01 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

2/19/2013 12:54:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

2/19/2013 12:34:01 PM, Error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.

2/19/2013 1:27:59 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535

2/19/2013 1:27:59 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535

2/19/2013 1:27:59 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

2/19/2013 1:27:23 PM, Error: Service Control Manager [7023] - The HP CUE DeviceDiscovery Service service terminated with the following error: The specified module could not be found.

2/18/2013 6:27:03 PM, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on J: cannot be read.

2/18/2013 6:21:20 PM, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on H: cannot be read.

2/18/2013 4:39:43 PM, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on L: cannot be read.

2/18/2013 3:22:04 PM, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on I: cannot be read.

2/14/2013 5:10:27 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

2/13/2013 6:06:28 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

2/13/2013 11:13:51 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR6.

.

==== End Of File ===========================

Link to post
Share on other sites

Welcome to the forum, please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs here.....DDS.txt and Attach.txt

<====><====><====><====><====><====><====><====>

Next.......

Please remove any usb or external drives from the computer before you run this scan!

Quit all running programs.

Please download and run RogueKiller to your desktop.

http://tigzy.geeksto...ueKillerX64.exe <---use this one for 64 bit systems

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>
The removal of malware isn't instantaneous, please be patient.

<+>Please stick with me until I give you the "all clear".

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.