Jump to content

Can't run malware - Run-time error '-2147024769(800700f)':


Recommended Posts

Browser is slow and will not connect to some websites.  Tried downloading and running malware - get this: Run-time error '-2147024769(800700f)':

 

Ran DDS here are the logs:

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.5512  BrowserJavaVersion: 10.25.2
Run by Tom Holley at 8:58:30 on 2013-09-02
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3572.2409 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
c:\drivers\audio\r205445\stacsv.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Documents and Settings\All Users\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe
C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\IDT\WDM\sttray.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files\Citrix\ICA Client\redirector.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\Tom Holley\Application Data\AVG January 2013 Campaign\ROC_JAN2013_AV.exe
C:\Documents and Settings\Tom Holley\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe
C:\Documents and Settings\Tom Holley\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Program Files\Windows Home Server\WHSTrayApp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Teleca Shared\logger.exe
C:\WINDOWS\system32\lxeccoms.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Windows Home Server\WHSConnector.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Citrix\Receiver\Receiver.exe
C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.







BHO: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: BrowserHelper Class: {9A065C65-4EE7-4DDD-9918-F129089A894A} - c:\program files\windows home server\WHSDeskBands.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - c:\program files\lexmark printable web\bho.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll
TB: Home Server Banner: {D73E76A3-F902-45BD-8FC8-95AE8E014671} - c:\program files\windows home server\WHSDeskBands.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Home Server Banner: {D73E76A3-F902-45BD-8FC8-95AE8E014671} - c:\program files\windows home server\WHSDeskBands.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -
uRun: [ROC_ROC_JAN2013_AV] c:\documents and settings\tom holley\application data\avg january 2013 campaign\ROC_JAN2013_AV.exe /PROMPT --mid 95f62ac6650047d18935d16d6d25f0a0-2b45afa0cf27b74cb1e5a020ac0d2bb835ad58d9
uRun: [ROC_ROC_APR2013_AV] c:\documents and settings\tom holley\application data\avg april 2013 campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 95f62ac6650047d18935d16d6d25f0a0-2b45afa0cf27b74cb1e5a020ac0d2bb835ad58d9 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012
uRun: [spotify Web Helper] "c:\documents and settings\tom holley\application data\spotify\data\SpotifyWebHelper.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe"  -osboot
mRun: [lxecmon.exe] "c:\program files\lexmark pro800-pro900 series\lxecmon.exe"
mRun: [EzPrint] "c:\program files\lexmark pro800-pro900 series\ezprint.exe"
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [AESTFltr] c:\windows\system32\AESTFltr.exe /NoDlg
mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Mobile Connectivity Suite] "c:\program files\htc\htc sync\application launcher\Application Launcher.exe" /startoptions
mRun: [CitrixReceiver] "c:\documents and settings\all users\start menu\programs\citrix\Receiver Updater.lnk"
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\redirector.exe" /startup
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.1.121\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\windows\installer\{21e49794-7c13-4e84-8659-55bd378267d5}\WHSTrayApp.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: mswsock.dll
Trusted Zone: 10.1.0.241
Trusted Zone: 10.1.0.241






TCP: NameServer = 192.168.1.254
TCP: Interfaces\{C2D349B6-01A1-4777-9D7E-5A5CA12515CB} : DHCPNameServer = 192.168.1.254
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
AppInit_DLLs= c:\progra~1\citrix\icacli~1\RSHook.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages =  msv1_0 wvauth
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.62\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 192.168.1.66 HPSERVER #Windows Home Server#
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\tom holley\application data\mozilla\firefox\profiles\4mikmutz.default\
FF - prefs.js: browser.search.selectedEngine - Google


FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff5.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff6.dll
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff7.dll
FF - plugin: c:\documents and settings\tom holley\local settings\application data\citrix\plugins\104\npappdetector.dll
FF - plugin: c:\program files\citrix\ica client\npicaN.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: !HIDDEN! 2009-09-04 03:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2012-4-25 67960]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2008-12-29 320800]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2009-1-22 808296]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2009-1-22 20840]
R2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe -service --> c:\windows\system32\lxeccoms.exe -service [?]
R2 WHSConnector;Windows Home Server Connector Service;c:\program files\windows home server\WHSConnector.exe [2011-1-10 376688]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2009-3-31 112128]
R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [2009-3-31 32808]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-9-2 40776]
R3 OA001Afx;Provides a software interface to control audio effects of OA001 camera.;c:\windows\system32\drivers\OA001Afx.sys [2009-3-31 148056]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2009-3-31 144672]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2009-3-31 277440]
R4 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys --> c:\windows\system32\drivers\avgidsdriverx.sys [?]
R4 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys --> c:\windows\system32\drivers\avgidsfilterx.sys [?]
R4 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys --> c:\windows\system32\drivers\avgidshx.sys [?]
R4 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys --> c:\windows\system32\drivers\avgidsshimx.sys [?]
R4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys --> c:\windows\system32\drivers\avgrkx86.sys [?]
R4 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys --> c:\windows\system32\drivers\avgtdix.sys [?]
S0 cerc6;cerc6; [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-11-2 5174392]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
S2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxecserv.exe [2010-4-24 98984]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2013-5-19 24576]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
S3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\drivers\nvtsp50.sys --> c:\windows\system32\drivers\NvtSp50.sys [?]
S3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\drivers\PTDUBus.sys [2009-9-22 33024]
S3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\drivers\PTDUMdm.sys [2009-9-22 41344]
S3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\drivers\PTDUVsp.sys [2009-9-22 39936]
S3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\drivers\PTDUWWAN.sys [2009-9-22 59904]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2007-11-14 394952]
.
=============== Created Last 30 ================
.
2013-09-02 13:55:09    --------    d-----w-    c:\documents and settings\tom holley\application data\TuneUp Software
2013-09-02 12:53:46    40776    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2013-09-02 12:53:45    --------    d-----w-    c:\documents and settings\tom holley\application data\Malwarebytes
2013-09-02 12:52:46    --------    d-----w-    c:\documents and settings\all users\application data\Malwarebytes
2013-09-02 12:52:43    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-09-02 12:52:43    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-08-07 01:51:56    --------    d-----w-    c:\documents and settings\all users\application data\McAfee Security Scan
2013-08-07 01:51:54    --------    d-----w-    c:\program files\McAfee Security Scan
2013-08-07 01:51:42    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M  ====================
.
2013-08-21 02:35:18    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-21 02:35:18    692104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-08-07 01:51:29    867240    ----a-w-    c:\windows\system32\npDeployJava1.dll
2013-08-07 01:51:29    789416    ----a-w-    c:\windows\system32\deployJava1.dll
2013-08-07 01:51:29    144896    ----a-w-    c:\windows\system32\javacpl.cpl
.
============= FINISH:  8:58:47.07 ===============
 

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 12/30/2011 9:25:02 AM
System Uptime: 9/2/2013 7:28:38 AM (1 hours ago)
.
Motherboard: Dell Inc. |  | 0D138P
Processor: Intel Pentium III Xeon processor | Microprocessor | 1591/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 73.993 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom NetXtreme 57xx Gigabit Controller
Device ID: PCI\VEN_14E4&DEV_1680&SUBSYS_02511028&REV_10\4&F14A077&0&00E5
Manufacturer: Broadcom
Name: Broadcom NetXtreme 57xx Gigabit Controller
PNP Device ID: PCI\VEN_14E4&DEV_1680&SUBSYS_02511028&REV_10\4&F14A077&0&00E5
Service: b57w2k
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\49CE01384FC000
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\49CE01384FC000
Service: NIC1394
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
.
==== System Restore Points ===================
.
RP200: 5/19/2013 4:32:48 PM - Installed HTC Driver Installer.
RP201: 5/19/2013 4:33:21 PM - Installed HTC Sync.
RP202: 5/19/2013 4:36:37 PM - Installed Windows XP Wdf01007.
RP203: 5/25/2013 10:01:13 PM - System Checkpoint
RP204: 5/30/2013 6:07:13 PM - System Checkpoint
RP205: 6/9/2013 6:51:00 PM - System Checkpoint
RP206: 6/11/2013 9:59:33 PM - System Checkpoint
RP207: 6/16/2013 9:22:09 AM - System Checkpoint
RP208: 6/16/2013 9:57:03 AM - Removed Java 7 Update 13
RP209: 6/16/2013 9:57:18 AM - Installed Java 7 Update 21
RP210: 6/16/2013 10:02:04 AM - Removed Java 7 Update 21
RP211: 6/16/2013 10:02:26 AM - Installed Java 7 Update 21
RP212: 6/19/2013 6:34:55 PM - System Checkpoint
RP213: 7/14/2013 9:27:25 PM - System Checkpoint
RP214: 7/20/2013 3:18:15 PM - System Checkpoint
RP215: 7/21/2013 4:38:20 PM - System Checkpoint
RP216: 7/27/2013 2:16:16 PM - System Checkpoint
RP217: 7/28/2013 11:20:07 PM - System Checkpoint
RP218: 8/6/2013 8:51:03 PM - Removed Java 7 Update 21
RP219: 8/6/2013 8:51:22 PM - Installed Java 7 Update 25
RP220: 8/8/2013 5:56:46 PM - System Checkpoint
RP221: 8/9/2013 9:35:02 PM - System Checkpoint
RP222: 8/10/2013 10:15:51 PM - System Checkpoint
RP223: 8/13/2013 11:13:16 PM - System Checkpoint
RP224: 9/2/2013 8:54:45 AM - Removed AVG 2012
RP225: 9/2/2013 8:55:34 AM - Removed AVG 2012
.
==== Installed Programs ======================
.
3DVIA player 5.0.0.20
ABBYY FineReader 6.0 Sprint
Adobe Acrobat  9 Standard - English, Français, Deutsch
Adobe Acrobat 9.2.0 - CPSID_50026
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.6
Adobe SVG Viewer 3.0
All Day Battery Life Configuration
Amazon MP3 Downloader 1.0.10
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2012
BioAPI Framework
biolsp patch
Bonjour
Broadcom Management Programs
Broadcom USH Host Components
Business Contact Manager for Outlook 2007
CCleaner (remove only)
Cisco Systems VPN Client 5.0.04.0300
Citrix Authentication Manager
Citrix Online Launcher
Citrix Presentation Server Client - Web Only
Citrix Receiver
Citrix Receiver (HDX Flash Redirection)
Citrix Receiver Inside
Citrix Receiver Updater
Citrix Receiver(Aero)
Citrix Receiver(DV)
Citrix Receiver(USB)
Data Lifeguard Diagnostic for Windows
DCP32MMWrapper
Dell Control Point
Dell ControlPoint Security Manager
Dell Embassy Trust Suite by Wave Systems
Dell Security Device Driver Pack
Dell Touchpad
Dell Webcam Central
Dell Wireless WLAN Card Utility
Document Manager Lite
doPDF 6.2  printer
Dropbox
EMBASSY Security Center
EMBASSY Security Setup
ESC Home Page Plugin
FLAC 1.1.4b (remove only)
Gemalto
GIMP 2.6.8
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP MediaSmart Server 2.5
HP Update
HTC Driver Installer
HTC Sync
Integrated Webcam Driver (1.03.02.0919)  
Intel® Matrix Storage Manager
iTunes
Java 7 Update 25
Java Auto Updater
Java 6 Update 18
JavaFX 2.1.0
Junk Mail filter update
Lexmark Printable Web
Lexmark Pro800-Pro900 Series
Lexmark Toolbar
Lexmark Tools for Office
Magic MP3 Tagger 2.2.4f
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
MFCLOC
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Live Meeting 2007
Microsoft Office Professional Edition 2003
Microsoft Office Small Business Connectivity Components
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MobileMe Control Panel
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
NTRU TCG Software Stack
NVIDIA Drivers
Online Plug-in
OpenOffice.org 3.2
PANTECH UM175 Driver
Port Detective
PowerDVD
Preboot Manager
PrimeSuite Client Components
PrimeSuite Scanning Components 14.0
Private Information Manager
QuickTime
RealPlayer
Roxio Activation Module
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler 3
Roxio Update Manager
Safari
Secure Update
Security Wizards
Segoe UI
Self-service Plug-in
SO32MMWrapper
Sonic CinePlayer Decoder Pack
Spotify
swMSM
Trusted Drive Manager
tsp patch
TuneSleeve
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VoiceOver Kit
VZAccess Manager
Wave Infrastructure Installer
Wave Support Software
WebFldrs XP
WIDCOMM Bluetooth Software
Windows Driver Package - Dell Inc. PBADRV System  (01/07/2008 1.0.1.5)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Home Server Connector
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Presentation Foundation
Xilisoft Video Converter Ultimate
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
9/2/2013 7:32:12 AM, error: Service Control Manager [7022]  - The TdmService service hung on starting.
9/2/2013 7:29:44 AM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'.  It has stopped monitoring the volume.
8/29/2013 9:11:05 PM, error: Service Control Manager [7024]  - The AVGIDSAgent service terminated with service-specific error 3758213661 (0xE001CA1D).
8/29/2013 9:10:47 PM, error: Service Control Manager [7024]  - The SQL Server (MSSMLBIZ) service terminated with service-specific error 3417 (0xD59).
8/29/2013 9:10:47 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the lxecCATSCustConnectService service to connect.
8/29/2013 9:10:47 PM, error: Service Control Manager [7000]  - The lxecCATSCustConnectService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
 

 

Thanks for any help and please let me know if I did something incorrectly.

 

Tom

Link to post
Share on other sites

Hello member1066 and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please follow the instructions here:

http://forums.malwarebytes.org/index.php?showtopic=10138&page=1entry167851

Then reboot your system.

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 3

  • Download on the desktop RogueKiller
  • Quit all programs
  • Start RogueKiller.exe
  • Wait until Prescan has finished ...
  • Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.
In your next reply, post the following log files:
  • Malwarebytes' Anti-Malware log
  • RogueKiller log
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.