Jump to content

pum.disabled.securitycenter


Recommended Posts

Hello xmyriadx and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and post your log files:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.02.02

Windows XP Service Pack 2 x86 NTFS

Internet Explorer 7.0.5730.13

Owner :: JOHNCOMPUTER [administrator]

5/7/2013 3:18:19 AM

mbam-log-2013-05-07 (03-18-19).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 229582

Time elapsed: 9 minute(s), 52 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 7.0.6000.17055 BrowserJavaVersion: 10.21.2

Run by Owner at 12:47:06 on 2013-05-07

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.389 [GMT -7:00]

.

.

============== Running Processes ================

.

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Common Files\AOL\1133070972\ee\AOLSoftware.exe

C:\WINDOWS\CTHELPER.EXE

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\SCANJET\PrecisionScanLT\hppwrsav.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Owner\Local Settings\Application Data\Plaxo\3.34.0.3\PlaxoHelper_en.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe

C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\CA\eTrust Antivirus\InoRpc.exe

C:\Program Files\CA\eTrust Antivirus\InoRT.exe

C:\Program Files\CA\eTrust Antivirus\InoTask.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

mStart Page = hxxp://www.google.com

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [PlaxoUpdate] c:\documents and settings\owner\local settings\application data\plaxo\3.34.0.3\PlaxoHelper_en.exe -a

uRun: [setDefaultMIDI] MIDIDef.exe

uRun: [NBJ] "c:\program files\ahead\nero backitup\NBJ.exe"

uRun: [PlaxoSysTray] c:\documents and settings\owner\local settings\application data\plaxo\3.34.0.3\PlaxoSysTray.exe

uRun: [cdloader] "c:\documents and settings\owner\application data\mjusbsp\cdloader2.exe" MAGICJACK

mRun: [igfxtray] c:\windows\system32\igfxtray.exe

mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

mRun: [igfxpers] c:\windows\system32\igfxpers.exe

mRun: [WinampAgent] c:\program files\winamp\winampa.exe

mRun: [HostManager] c:\program files\common files\aol\1133070972\ee\AOLSoftware.exe

mRun: [iPHSend] c:\program files\common files\aol\iphsend\IPHSend.exe

mRun: [CTHelper] CTHELPER.EXE

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [hppwrsav] c:\scanjet\precisionscanlt\hppwrsav.exe

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

mRun: [instaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {22D4879A-92DB-470D-8A83-E158797D8176} - file://d:\components\Liquid.ocx

DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab

DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} - hxxp://www.live365.com/players/play365.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{0FFCBAEC-A418-46DC-A054-9B777C2BFCBE} : DHCPNameServer = 208.57.0.11 208.57.0.10

TCP: Interfaces\{CFDC12A6-56D7-4DAC-876E-46FE39F51938} : DHCPNameServer = 192.168.2.1

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Notify: dimsntfy - <no file>

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

STS: fairydom - <orphaned>

LSA: Notification Packages = scecli scecli scecli scecli scecli

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\7tzv7ke8.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/

FF - plugin: c:\documents and settings\owner\application data\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin.dll

FF - plugin: c:\program files\canon\mycamera download plugin\NPCIG.dll

FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npagent.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll

FF - plugin: c:\program files\picasa2\npPicasa2.dll

FF - plugin: c:\program files\picasa2\npPicasa3.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

FF - ExtSQL: !HIDDEN! 2010-09-30 21:41; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

.

============= SERVICES / DRIVERS ===============

.

R0 sonyhcb;Sony Digital Imaging Base;c:\windows\system32\drivers\sonyhcb.sys [2005-5-16 6097]

R2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\belkin\belkin usb print and storage center\BkBackupScheduler.exe [2012-8-20 152576]

R2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\belkin\belkin usb print and storage center\Bkapcs.exe [2012-8-20 49152]

R2 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [2012-8-20 246936]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 PPSCAN;PPSCAN;c:\windows\system32\drivers\ppscan.sys [2010-1-16 91520]

S3 DPS24USB;AKAI DPS24 Driver;c:\windows\system32\drivers\DPS24USB.sys [2008-6-11 12273]

S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\mcafee security scan\3.0.318\mcchsvc.exe" --> c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [?]

S3 sonyhcs;Sony Digital Imaging Video;c:\windows\system32\drivers\sonyhcs.sys [2005-5-16 299923]

S3 SUSTUCAM;Susteen USB Cable Modem Driver;c:\windows\system32\drivers\sustucam.sys [2009-1-7 47360]

S3 SUSTUCAP;Susteen USB Cable Port Driver;c:\windows\system32\drivers\sustucap.sys [2009-1-7 47360]

S3 SUSTUCAU;Susteen USB Cable USB Driver;c:\windows\system32\drivers\sustucau.sys [2009-1-7 28032]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2013-05-02 22:03:09 -------- d-----w- c:\documents and settings\owner\local settings\application data\Sun

2013-05-02 12:16:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-02 12:16:40 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-02 12:14:21 144896 ----a-w- c:\windows\system32\javacpl.cpl

2013-05-02 12:14:11 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-04-25 06:20:01 -------- d-----w- C:\TDSSKiller_Quarantine

2013-04-17 05:03:08 -------- d-----w- c:\program files\VideoLAN

.

==================== Find3M ====================

.

2013-05-02 12:13:48 866720 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-05-02 12:13:48 788896 ----a-w- c:\windows\system32\deployJava1.dll

2013-04-04 21:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-12 08:10:56 237088 ------w- c:\windows\system32\MpSigStub.exe

2004-03-11 20:27:22 40960 ----a-w- c:\program files\Uninstall_CDS.exe

2006-05-03 19:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll

2007-02-21 20:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll

2008-03-16 22:30:52 216064 --sha-r- c:\windows\system32\nbDX.dll

2010-01-07 07:00:00 107520 --sha-r- c:\windows\system32\TAKDSDecoder.dll

.

============= FINISH: 12:48:02.28 ===============

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 5/26/2005 6:40:06 PM

System Uptime: 5/7/2013 11:51:08 AM (1 hours ago)

.

Motherboard: Dell Computer Corp. | | 0R8060

Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/533mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 149 GiB total, 11.517 GiB free.

D: is CDROM ()

E: is CDROM ()

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}

Description: E-MU E-DSP Audio Processor (WDM)

Device ID: PCI\VEN_1102&DEV_0008&SUBSYS_40021102&REV_00\4&1C660DD6&0&08F0

Manufacturer: Creative Technology, Ltd.

Name: E-MU E-DSP Audio Processor (WDM)

PNP Device ID: PCI\VEN_1102&DEV_0008&SUBSYS_40021102&REV_00\4&1C660DD6&0&08F0

Service: ctaud2k

.

==== System Restore Points ===================

.

RP1041: 5/2/2013 5:02:07 AM - System Checkpoint

RP1042: 5/2/2013 5:04:31 AM - Removed Java 6 Update 35

RP1043: 5/2/2013 5:13:39 AM - Installed Java 7 Update 21

RP1044: 5/7/2013 12:32:46 PM - System Checkpoint

.

==== Installed Programs ======================

.

2Wire Wireless Client

3D Windows XP Screen Saver

7-Zip 9.20

Adobe Flash Player 11 Plugin

Adobe Photoshop 7.0

Adobe Reader X (10.1.6)

AIM for Windows

Amazon MP3 Downloader 1.0.15

American Flag Screen Saver

AmpliTube LE

ANWIDA Soft Spazio 1.0 DEMO

AOL Toolbar

AOL Uninstaller (Choose which Products to Remove)

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Audacity 1.2.6

Belarc Advisor 7.0

Belkin Setup and Router Monitor

Belkin USB Print and Storage Center

BitTorrent 4.0.2

Bonjour

BrowseToSave 1.74

CA eTrust Antivirus

Cakewalk VST Adapter 4

CANON iMAGE GATEWAY MyCamera Download Plugin

CANON iMAGE GATEWAY Task for ZoomBrowser EX

Canon MOV Decoder

Canon MOV Encoder

Canon MovieEdit Task for ZoomBrowser EX

Canon Utilities Digital Photo Professional 3.10

Canon Utilities EOS Sample Music

Canon Utilities EOS Utility

Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX

Canon Utilities Movie Uploader for YouTube

Canon Utilities PhotoStitch

Canon Utilities Picture Style Editor

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

Collab

ConvertHelper 2.2

DataPilot

Digital Audio System

discWelder BRONZE Trial (E-MU)

DivX Content Uploader

DivX Web Player

DownloadTerms

DreamStation DXi2

Driver Detective

DVD Shrink 3.2

DVD Solution

DVDFab Decrypter 2.9.7.7

DVDFab Platinum 3.2.0.0 Ghosthunter release

ExtractNow

Facebook Plug-In

FixWindowsUpdate

FL Studio 6

FLAC Installer 1.1.2a (remove only)

Free Music Zilla

GadgetBox Expansion

GEAR 32bit Driver Installer

Google Updater

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB914440)

Hotfix for Windows XP (KB915865)

Hotfix for Windows XP (KB926239)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP PrecisionScan LT Software

Intel® Extreme Graphics 2 Driver

Intel® PRO Network Adapters and Drivers

IrfanView (remove only)

iTunes

Java 7 Update 21

Java Auto Updater

JussDrop

Kjaerhus Audio MPL-1 v1.02 VST

Live 4.1.5

LiveReg (Symantec Corporation)

LiveUpdate 1.80 (Symantec Corporation)

LookInMyPC

magicJack

Malwarebytes Anti-Malware version 1.75.0.1300

Medi@Show

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office Professional Edition 2003

Microsoft Silverlight

Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Mozilla Firefox 20.0.1 (x86 en-US)

Mozilla Maintenance Service

MSN

MSN Music Assistant

MSXML 6 Service Pack 2 (KB973686)

Multimedia Launcher

Nero 6 Ultra Edition

Netflix Movie Viewer

OGA Notifier 2.0.0048.0

PCFriendly

Picasa 3

Plaxo Toolbar for Windows

Power2Go 3.0

PowerDirector

PowerDVD

PowerProducer

QuickTime

RealPlayer

Realtek AC'97 Audio

Riva FLV Encoder 2.0

SBC Yahoo! DSL Home Networking Installer

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 Series (KB969878)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB883939)

Security Update for Windows XP (KB890046)

Security Update for Windows XP (KB893756)

Security Update for Windows XP (KB896358)

Security Update for Windows XP (KB896422)

Security Update for Windows XP (KB896423)

Security Update for Windows XP (KB896424)

Security Update for Windows XP (KB896428)

Security Update for Windows XP (KB896688)

Security Update for Windows XP (KB899587)

Security Update for Windows XP (KB899588)

Security Update for Windows XP (KB899589)

Security Update for Windows XP (KB899591)

Security Update for Windows XP (KB900725)

Security Update for Windows XP (KB901017)

Security Update for Windows XP (KB901214)

Security Update for Windows XP (KB902400)

Security Update for Windows XP (KB903235)

Security Update for Windows XP (KB904706)

Security Update for Windows XP (KB905414)

Security Update for Windows XP (KB905749)

Security Update for Windows XP (KB905915)

Security Update for Windows XP (KB908519)

Security Update for Windows XP (KB908531)

Security Update for Windows XP (KB911562)

Security Update for Windows XP (KB911567)

Security Update for Windows XP (KB911927)

Security Update for Windows XP (KB912812)

Security Update for Windows XP (KB912919)

Security Update for Windows XP (KB913446)

Security Update for Windows XP (KB913580)

Security Update for Windows XP (KB914388)

Security Update for Windows XP (KB914389)

Security Update for Windows XP (KB916281)

Security Update for Windows XP (KB917159)

Security Update for Windows XP (KB917344)

Security Update for Windows XP (KB917422)

Security Update for Windows XP (KB917953)

Security Update for Windows XP (KB918118)

Security Update for Windows XP (KB918439)

Security Update for Windows XP (KB918899)

Security Update for Windows XP (KB919007)

Security Update for Windows XP (KB920213)

Security Update for Windows XP (KB920214)

Security Update for Windows XP (KB920670)

Security Update for Windows XP (KB920683)

Security Update for Windows XP (KB920685)

Security Update for Windows XP (KB921398)

Security Update for Windows XP (KB921503)

Security Update for Windows XP (KB921883)

Security Update for Windows XP (KB922616)

Security Update for Windows XP (KB922819)

Security Update for Windows XP (KB923191)

Security Update for Windows XP (KB923414)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB923694)

Security Update for Windows XP (KB923980)

Security Update for Windows XP (KB924191)

Security Update for Windows XP (KB924270)

Security Update for Windows XP (KB924496)

Security Update for Windows XP (KB924667)

Security Update for Windows XP (KB925454)

Security Update for Windows XP (KB925486)

Security Update for Windows XP (KB925902)

Security Update for Windows XP (KB926255)

Security Update for Windows XP (KB926436)

Security Update for Windows XP (KB927779)

Security Update for Windows XP (KB927802)

Security Update for Windows XP (KB928090)

Security Update for Windows XP (KB928255)

Security Update for Windows XP (KB928843)

Security Update for Windows XP (KB929123)

Security Update for Windows XP (KB929969)

Security Update for Windows XP (KB930178)

Security Update for Windows XP (KB931261)

Security Update for Windows XP (KB931768)

Security Update for Windows XP (KB931784)

Security Update for Windows XP (KB932168)

Security Update for Windows XP (KB933566)

Security Update for Windows XP (KB933729)

Security Update for Windows XP (KB935839)

Security Update for Windows XP (KB935840)

Security Update for Windows XP (KB936021)

Security Update for Windows XP (KB937143)

Security Update for Windows XP (KB937894)

Security Update for Windows XP (KB938127)

Security Update for Windows XP (KB938829)

Security Update for Windows XP (KB939653)

Security Update for Windows XP (KB941202)

Security Update for Windows XP (KB941568)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB941644)

Security Update for Windows XP (KB942615)

Security Update for Windows XP (KB943460)

Security Update for Windows XP (KB943485)

Security Update for Windows XP (KB944338-v2)

Security Update for Windows XP (KB944653)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958470)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971032)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB977165-v2)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981350)

Security Update for Windows XP (KB982381)

SMPlayer 0.6.9

SONAR LE

Sony DVD Architect 3.0

Sony Media Manager 2.0

Sony Media Manager 2.2

Sony Noise Reduction Plug-In 2.0h

Sony Sound Forge 9.0

Sony Vegas 7.0

SoundMAX

Speccy

Steinberg Cubase LE

SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49

SureThing CD Labeler Deluxe 3.1

Susteen Launcher

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows XP (KB894391)

Update for Windows XP (KB896727)

Update for Windows XP (KB898461)

Update for Windows XP (KB900485)

Update for Windows XP (KB910437)

Update for Windows XP (KB911280)

Update for Windows XP (KB914882)

Update for Windows XP (KB916595)

Update for Windows XP (KB920872)

Update for Windows XP (KB922582)

Update for Windows XP (KB925720)

Update for Windows XP (KB927891)

Update for Windows XP (KB929338)

Update for Windows XP (KB930916)

Update for Windows XP (KB931836)

Update for Windows XP (KB933360)

Update for Windows XP (KB936357)

Update for Windows XP (KB938828)

Update for Windows XP (KB942763)

Update for Windows XP (KB942840)

Update for Windows XP (KB946627)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB980182)

USB-IrDA Adapter

VIA Rhine-Family Fast Ethernet Adapter

Video Mover

Voxengo Elephant VST 2.7

Voxengo Polysquasher VST 1.5

Voxengo Voxformer VST 1.9

Voxengo Warmifier VST 1.6

WaveLab Lite

WebFldrs XP

Winamp (remove only)

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage v1.3.0254.0

Windows Imaging Component

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 7

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Hotfix - KB873333

Windows XP Hotfix - KB873339

Windows XP Hotfix - KB885250

Windows XP Hotfix - KB885835

Windows XP Hotfix - KB885836

Windows XP Hotfix - KB886185

Windows XP Hotfix - KB887742

Windows XP Hotfix - KB888113

Windows XP Hotfix - KB888302

Windows XP Hotfix - KB890175

Windows XP Hotfix - KB890859

Windows XP Hotfix - KB890923

Windows XP Hotfix - KB891781

Windows XP Hotfix - KB893066

Windows XP Hotfix - KB893086

WinRAR archiver

WinZip

.

==== Event Viewer Messages From Past Week ========

.

5/2/2013 5:34:58 AM, error: Microsoft Antimalware [2001] -

5/2/2013 4:50:12 AM, error: Service Control Manager [7034] - The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).

5/2/2013 4:50:12 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

5/2/2013 4:50:12 AM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).

5/2/2013 4:50:12 AM, error: Service Control Manager [7034] - The eTrust Antivirus RPC Server service terminated unexpectedly. It has done this 1 time(s).

5/2/2013 4:50:12 AM, error: Service Control Manager [7034] - The eTrust Antivirus Realtime Server service terminated unexpectedly. It has done this 1 time(s).

5/2/2013 4:50:12 AM, error: Service Control Manager [7034] - The eTrust Antivirus Job Server service terminated unexpectedly. It has done this 1 time(s).

5/2/2013 4:50:12 AM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).

5/2/2013 4:50:12 AM, error: Service Control Manager [7034] - The Belkin Network USB Helper service terminated unexpectedly. It has done this 1 time(s).

5/2/2013 4:50:12 AM, error: Service Control Manager [7034] - The Belkin Local Backup Service service terminated unexpectedly. It has done this 1 time(s).

5/2/2013 4:50:12 AM, error: Service Control Manager [7034] - The AffinegyService service terminated unexpectedly. It has done this 1 time(s).

5/2/2013 4:50:12 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

5/2/2013 4:50:11 AM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

5/2/2013 2:05:06 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde uagp35 ViaIde

5/1/2013 4:08:56 PM, error: Service Control Manager [7000] - The MSSQL$SONY_MEDIAMGR service failed to start due to the following error: The system cannot find the file specified.

5/1/2013 3:32:04 PM, error: Service Control Manager [7000] - The Upload Manager service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.

5/1/2013 3:31:31 PM, error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.

.

==== End Of File ===========================

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.07.10

Windows XP Service Pack 2 x86 NTFS

Internet Explorer 7.0.5730.13

Owner :: JOHNCOMPUTER [administrator]

5/7/2013 6:16:25 PM

mbam-log-2013-05-07 (18-16-25).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 230246

Time elapsed: 8 minute(s), 31 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

I deleted the checked bugs.

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 2) 32 bits version

Started in : Normal mode

User : Owner [Admin rights]

Mode : Scan -- Date : 05/08/2013 02:26:12

| ARK || FAK || MBR |

¤¤¤ Bad processes : 3 ¤¤¤

[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\Owner\Local Settings\Application Data\Plaxo\3.34.0.3\plx_hook.dll [x] -> UNLOADED

[sUSP PATH] CTHELPER.EXE -- C:\WINDOWS\CTHELPER.EXE [-] -> KILLED [TermProc]

[sUSP PATH] PlaxoHelper_en.exe -- C:\Documents and Settings\Owner\Local Settings\Application Data\Plaxo\3.34.0.3\PlaxoHelper_en.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 10 ¤¤¤

[RUN][sUSP PATH] HKCU\[...]\Run : PlaxoUpdate (C:\Documents and Settings\Owner\Local Settings\Application Data\Plaxo\3.34.0.3\PlaxoHelper_en.exe -a) [7] -> FOUND

[RUN][sUSP PATH] HKCU\[...]\Run : PlaxoSysTray (C:\Documents and Settings\Owner\Local Settings\Application Data\Plaxo\3.34.0.3\PlaxoSysTray.exe) [7] -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-1202660629-1972579041-682003330-1003[...]\Run : PlaxoUpdate (C:\Documents and Settings\Owner\Local Settings\Application Data\Plaxo\3.34.0.3\PlaxoHelper_en.exe -a) [7] -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-1202660629-1972579041-682003330-1003[...]\Run : PlaxoSysTray (C:\Documents and Settings\Owner\Local Settings\Application Data\Plaxo\3.34.0.3\PlaxoSysTray.exe) [7] -> FOUND

[TASK][sUSP PATH] TidyNetwork Update.job : C:\Documents and Settings\Owner\Local Settings\Application Data\TidyNetwork.com\tidy2update.exe -> FOUND

[TASK][ROGUE ST] schedule!361528573.job : C:\Documents and Settings\All Users\Application Data\BetterSoft\GadgetBox Updater\GadgetBox Updater.exe /schedule /profile "c:\documents and settings\all users\application data\bettersoft\gadgetbox updater\361528573.ini" [x] -> FOUND

[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1600BB-22GUA0 +++++

--- User ---

[MBR] 0591b30d5e19f0bb9cd202f93736a28b

[bSP] d7d29d7d0480c48d114cc72a4e5b3658 : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152625 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_05082013_02d0226.txt >>

RKreport[1]_S_05082013_02d0226.txt

Link to post
Share on other sites

Is this a severe virus that will hack all my info out of my computer?

No, it's not.

I was freaking out when I read about this virus, was I over reacting?

I think so.

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.

    [*]Check "YES, I accept the Terms of Use."

    [*]Click the Start button.

    [*]Accept any security warnings from your browser.

    [*]Under Scan Settings, check "Scan Archives" and "Remove found threats"

    [*]Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

    [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

    [*]When the scan completes, click List Threats

    [*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

    [*]Click the Back button.

    [*]Click the Finish button.

Link to post
Share on other sites

C:\Documents and Settings\Owner\Local Settings\Application Data\Bundled software uninstaller\biclient.exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined

C:\Documents and Settings\Owner\Local Settings\temp\biclient.exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined

C:\Documents and Settings\Owner\Local Settings\temp\bundlesweetimsetup.exe probably a variant of Win32/SweetIM.C application cleaned by deleting - quarantined

C:\Documents and Settings\Owner\Local Settings\temp\DeltaTB.exe Win32/Toolbar.Babylon.E application cleaned by deleting - quarantined

C:\Documents and Settings\Owner\Local Settings\temp\Shortcut_bundlesweetimsetup.exe probably a variant of Win32/SweetIM.C application cleaned by deleting - quarantined

C:\RECYCLER\S-1-5-21-1202660629-1972579041-682003330-1003\Dc8.exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined

Link to post
Share on other sites

Glad I could help! :)

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Next, uninstall ESET Online Scanner.

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

  • 2 weeks later...

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.