Jump to content

Recommended Posts

When I started the desktop tonight, MAM Pro advised of a problem:  Protection partially enabled.  In the Protection tab, the "Enable malicious website blocking" box could not checked.

As instructed, DDS.txt and Attach.txt contents are pasted below.

 

Thank you so much for any help you can provide.

--rkib

 

**********************************************************************************

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.25.2
Run by Ron at 20:35:16 on 2013-10-02
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2046.1336 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\NCNETWORKSDM\bin\sprtcmd.exe
C:\Program Files\Razer Barracuda AC-1 Gaming Audio Card\Customapp\PROGRAM\RAZER BARRACUDA AC-1 GAMING AUDIO CARD.EXE
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Verizon\VSP\ServicepointService.exe
C:\Program Files\NCNETWORKSDM\bin\sprtsvc.exe
C:\Program Files\NCNETWORKSDM\bin\tgsrvc.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.

mWinlogon: SFCDisable = dword:-99
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Ant.com browser helper (video detector): {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - c:\program files\ant.com\ie add-on\Download.dll
BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - c:\program files\aol toolbar\aoltb.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Verizon Broadband Toolbar: {A057A204-BACC-4D26-8398-26FADCF27386} - c:\program files\verizon_broad\verizon_broad.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Verizon Broadband Toolbar: {A057A204-BACC-4D26-8398-26FADCF27386} - c:\program files\verizon_broad\verizon_broad.dll
TB: Ant.com Video Downloader toolbar: {2E924F4F-67F0-4BD8-9560-49F468E843D2} - c:\program files\ant.com\ie add-on\anttoolbar.dll
TB: AOL Toolbar: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - c:\program files\aol toolbar\aoltb.dll
TB: Verizon Broadband Toolbar: {A057A204-BACC-4D26-8398-26FADCF27386} - c:\program files\verizon_broad\verizon_broad.dll
TB: Ant.com Video Downloader toolbar: {2E924F4F-67F0-4BD8-9560-49F468E843D2} - c:\program files\ant.com\ie add-on\anttoolbar.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files\aol toolbar\aoltb.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Cmaudio8788] RunDll32 cmicnfgp.cpl,CMICtrlWnd
mRun: [NCNETWORKSDM] "c:\program files\ncnetworksdm\bin\sprtcmd.exe" /P NCNETWORKSDM
mRun: [TaskTray] <no file>
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32
StartupFolder: c:\docume~1\ron\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - c:\program files\ant.com\ie add-on\Download.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: mswsock.dll






DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

TCP: Interfaces\{8998730C-EF45-4BE9-A179-CE2A3D1ADF62} : NameServer = 137.230.255.248
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\ron\application data\mozilla\firefox\profiles\jpqtwpqu.default\
FF - prefs.js: browser.search.selectedEngine - Bing


FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\program files\pc tools\pc tools security\bdt\firefox\platform\winnt_x86-msvc\components\libheuristic.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\ron\application data\mozilla\plugins\npatgpc.dll
FF - plugin: c:\progra~1\micros~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\browser\plugins\npatgpc.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\thinkorswim\npthinkorswim.dll
FF - plugin: c:\program files\thinkorswim\nptossc.dll
FF - plugin: c:\program files\verizon\vsp\nprpspa.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-08-17 21:59; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\ron\application data\mozilla\firefox\profiles\jpqtwpqu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: !HIDDEN! 2011-04-15 22:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R2 AntUpdaterService;Ant Toolbar updater service;c:\program files\ant.com\ie add-on\AntUpdaterService.exe [2011-6-29 520216]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-15 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-17 682344]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-14 994360]
R2 ServicepointService;ServicepointService;c:\program files\verizon\vsp\ServicepointService.exe [2011-5-7 668912]
R2 sprtsvc_ncnetworksdm;SupportSoft Sprocket Service (ncnetworksdm);c:\program files\ncnetworksdm\bin\sprtsvc.exe [2010-6-17 206120]
R2 tgsrvc_ncnetworksdm;SupportSoft Repair Service (ncnetworksdm);c:\program files\ncnetworksdm\bin\tgsrvc.exe [2010-6-17 185640]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-8-28 92632]
R3 cmudaxp;Razer Barracuda AC-1 Gaming Interface;c:\windows\system32\drivers\cmudaxp.sys [2011-1-15 1423360]
R3 Eacfilt;Eacfilt Miniport;c:\windows\system32\drivers\eacfilt.sys [2010-3-1 26112]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-17 21104]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-10-2 40776]
R3 NT_NvcA;Nortel VPN Adapter;c:\windows\system32\drivers\ntnvca.sys [2010-3-1 40016]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S0 ybmtqrwl;ybmtqrwl;c:\windows\system32\drivers\uujp.sys --> c:\windows\system32\drivers\uujp.sys [?]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-10-14 399416]
S3 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2011-1-16 401920]
S3 IPSECEXT;Nortel Extranet Access Protocol;c:\windows\system32\drivers\ipsecw2k.sys [2010-3-1 89088]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2008-1-2 342784]
S4 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshim.sys --> c:\windows\system32\drivers\AVGIDSShim.Sys [?]
S4 NvcSvcMgr;Nortel VPN Client;c:\program files\nortel\nortel vpn client\NvcSvcMgr.exe [2010-3-1 595296]
.
=============== Created Last 30 ================
.
2013-10-02 23:53:41 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-09-18 00:07:59 8704 ----a-w- c:\program files\mozilla firefox\plugins\webex\1226\WbxLCPOffset.dll
.
==================== Find3M  ====================
.
2013-07-24 22:12:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-24 22:12:48 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-24 22:12:48 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-24 22:12:48 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-01-11 01:00:09 19242584 ----a-w- c:\program files\Dropbox 1.6.13.exe
2012-09-08 14:12:29 10288512 ----a-w- c:\program files\mseinstall.exe
2012-03-04 13:29:30 62901952 ----a-w- c:\program files\mpam-fe.exe
2012-03-04 02:31:55 22012750 ----a-w- c:\program files\vlc-2.0.0-win32.exe
2012-01-16 14:46:44 16897824 ----a-w- c:\program files\jre-6u29-windows-i586.exe
2012-01-16 14:37:50 7717072 ----a-w- c:\program files\Firefox Setup 3.6.25.exe
2012-01-16 14:37:00 3089568 ----a-w- c:\program files\install_flash_player_10.exe
2012-01-16 14:36:41 3127456 ----a-w- c:\program files\install_flash_player_10_active_x.exe
2012-01-16 14:35:45 713472 ----a-w- c:\program files\RealPlayer.exe
2012-01-16 14:30:40 1754456 ----a-w- c:\program files\PSISetup.exe
2011-12-23 00:19:17 20401624 ----a-w- c:\program files\TomTomHOME2winlatest.exe
2011-12-08 03:09:01 11803136 ----a-w- c:\program files\nbr2player.msi
2011-04-16 03:32:14 16758560 ----a-w- c:\program files\jre-6u24-windows-i586-s.exe
.
============= FINISH: 20:35:43.04 ===============
 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/1/2008 11:54:51 PM
System Uptime: 10/2/2013 6:36:41 PM (2 hours ago)
.
Motherboard: http://www.abit.com.tw/ |  | IP35 Pro(Intel P35-ICH9R)
Processor: Intel® Core2 Duo CPU     E8400  @ 3.00GHz | Socket 775 | 3006/334mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 427 GiB total, 400.269 GiB free.
D: is FIXED (NTFS) - 39 GiB total, 10.98 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Realtek High Definition Audio
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_147B0000&REV_1000\4&39DDA908&0&0001
Manufacturer: Realtek
Name: Realtek High Definition Audio
PNP Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_147B0000&REV_1000\4&39DDA908&0&0001
Service: IntcAzAudAddService
.
Class GUID:
Description:
Device ID: ACPI\ABT2005\3&2411E6FE&0
Manufacturer:
Name:
PNP Device ID: ACPI\ABT2005\3&2411E6FE&0
Service:
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Nortel VPN Adapter
Device ID: ROOT\NET\0001
Manufacturer: Nortel Networks
Name: Nortel VPN Adapter #2
PNP Device ID: ROOT\NET\0001
Service: NT_NvcA
.
==== System Restore Points ===================
.
RP189: 7/7/2013 8:54:51 PM - System Checkpoint
RP190: 7/9/2013 6:21:33 PM - System Checkpoint
RP191: 7/10/2013 9:13:43 PM - System Checkpoint
RP192: 7/13/2013 8:25:57 PM - System Checkpoint
RP193: 7/15/2013 7:15:19 PM - System Checkpoint
RP194: 7/16/2013 7:50:25 PM - System Checkpoint
RP195: 7/18/2013 7:21:50 PM - System Checkpoint
RP196: 7/21/2013 8:36:24 AM - System Checkpoint
RP197: 7/22/2013 7:41:59 PM - System Checkpoint
RP198: 7/24/2013 5:12:42 PM - Installed Java 7 Update 25
RP199: 7/25/2013 7:59:59 PM - System Checkpoint
RP200: 7/27/2013 6:55:30 AM - Removed Network Recording Player
RP201: 7/28/2013 7:19:49 PM - System Checkpoint
RP202: 7/30/2013 8:25:44 PM - System Checkpoint
RP203: 8/3/2013 1:01:29 PM - System Checkpoint
RP204: 8/5/2013 6:56:18 PM - System Checkpoint
RP205: 8/6/2013 7:07:58 PM - System Checkpoint
RP206: 8/7/2013 8:03:04 PM - System Checkpoint
RP207: 8/11/2013 7:29:49 PM - System Checkpoint
RP208: 8/14/2013 8:20:47 PM - System Checkpoint
RP209: 8/17/2013 2:32:41 PM - System Checkpoint
RP210: 8/22/2013 6:57:13 PM - System Checkpoint
RP211: 8/24/2013 12:16:29 AM - System Checkpoint
RP212: 8/27/2013 8:41:03 PM - System Checkpoint
RP213: 8/30/2013 12:27:27 AM - System Checkpoint
RP214: 8/31/2013 2:18:50 AM - System Checkpoint
RP215: 9/1/2013 2:58:22 AM - System Checkpoint
RP216: 9/2/2013 2:58:58 AM - System Checkpoint
RP217: 9/3/2013 8:49:46 PM - System Checkpoint
RP218: 9/5/2013 7:24:52 PM - System Checkpoint
RP219: 9/6/2013 7:55:05 PM - System Checkpoint
RP220: 9/8/2013 6:29:26 PM - System Checkpoint
RP221: 9/9/2013 6:57:14 PM - System Checkpoint
RP222: 9/10/2013 7:28:56 PM - System Checkpoint
RP223: 9/11/2013 8:06:48 PM - System Checkpoint
RP224: 9/12/2013 8:54:04 PM - System Checkpoint
RP225: 9/14/2013 1:27:20 PM - System Checkpoint
RP226: 9/15/2013 8:17:35 PM - System Checkpoint
RP227: 9/17/2013 8:34:47 PM - System Checkpoint
RP228: 9/21/2013 9:18:11 AM - System Checkpoint
RP229: 9/22/2013 2:57:53 PM - System Checkpoint
RP230: 9/23/2013 5:38:16 PM - System Checkpoint
RP231: 9/25/2013 7:20:51 PM - System Checkpoint
RP232: 9/26/2013 8:28:27 PM - System Checkpoint
RP233: 9/28/2013 5:24:55 PM - System Checkpoint
RP234: 9/30/2013 6:58:20 PM - System Checkpoint
RP235: 10/1/2013 8:39:24 PM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Amazon Games & Software Downloader
AnswerWorks 5.0 English Runtime
Ant.com IE add-on
AOL Toolbar
Apple Application Support
Apple Software Update
Belarc Advisor 8.1
Camera Window
Canon Camera WIA Driver
Canon Camera Window for ZoomBrowser EX
Canon PhotoRecord
Canon PowerShot G3 WIA Driver
Canon Utilities File Viewer Utility 1.2
Canon Utilities PhotoStitch 3.1
Canon Utilities RemoteCapture 2.7
Canon Utilities ZoomBrowser EX
CCleaner
Cisco WebEx Meetings
Compatibility Pack for the 2007 Office system
DefaultTab
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Download Updater (AOL Inc.)
Driver Performer
DriverTuner 3.1.0.0
Dropbox
ERUNT 1.1j
File Type Assistant
File Viewer Utility 1.2.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB959765)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB969084)
Java 7 Update 25
Java Auto Updater
Java 6 Update 38
Jing
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Access Runtime 2010
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access Runtime 2010
Microsoft Office Access Runtime MUI (English) 2010
Microsoft Office OneNote 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office XP Professional with FrontPage
Microsoft OneNote 2010
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 14
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 24.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB973688)
Nero - Burning Rom
Network Recording Player
Nortel VPN Client
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA WDM Drivers
OpenAL
PhotoStitch
Picasa 3
Quicken 2009
QuickTime
Razer Barracuda AC-1 Gaming Audio Card
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
RemoteCapture 2.7.2
RSA SecurID Software Token
SeaTools for Windows
Secunia PSI (2.0.0.4003)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2483614)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Spinco Download Manager
Super Journal
thinkorswim
thinkorswim from TD AMERITRADE
TomTom HOME
TomTom HOME Visual Studio Merge Modules
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Verizon Broadband Toolbar (IE only)
Verizon High Speed Internet
Verizon Servicepoint 3.5.10
Visual Studio C++ 10.0 Runtime
VLC media player 2.0.7
Vz In Home Agent
WebEx Event Manager for Firefox or Chrome
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows PowerShell 1.0
.
==== Event Viewer Messages From Past Week ========
.
9/29/2013 8:26:22 PM, error: PSched [14103]  - QoS [Adapter {BD8C0BEE-6732-4BB2-8DEB-168081F2F3EA}]: The netcard driver failed the query for OID_GEN_LINK_SPEED.
9/29/2013 1:29:12 PM, error: PSched [14103]  - QoS [Adapter {8998730C-EF45-4BE9-A179-CE2A3D1ADF62}]: The netcard driver failed the query for OID_GEN_LINK_SPEED.
9/27/2013 6:55:15 AM, error: PSched [14103]  - QoS [Adapter NDISWANIP]: The netcard driver failed the query for OID_GEN_LINK_SPEED.
9/27/2013 1:07:58 AM, error: PlugPlayManager [12]  - The device 'ATAPI DVD A  DH20A4P' (IDE\CdRomATAPI_DVD_A__DH20A4P____________________9P59____\6&2d220c74&0&0.0.0) disappeared from the system without first being prepared for removal.
9/26/2013 7:06:58 PM, error: Service Control Manager [7023]  - The Computer Browser service terminated with the following error:  The specified service does not exist as an installed service.
10/1/2013 6:52:24 PM, error: Dhcp [1001]  - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00508DBD7968.  The following error occurred:  The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
.
==== End Of File ===========================
 

Link to post
Share on other sites

  • Root Admin

One or more of the identified infections is related to a nasty rootkit component which is difficult to remove. Rootkits and backdoor Trojans are very dangerous because they use advanced techniques (backdoors) as a means of accessing a computer system that bypasses security mechanisms and steal sensitive information which they send back to the hacker. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Remote attackers use backdoor Trojans and rootkits as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge.

If your computer was used for online banking, has credit card information or other sensitive data on it, you should immediately disconnect from the Internet until your system is cleaned. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums from a CLEAN COMPUTER.  You should consider them to be compromised. You should change each password by using a different computer and not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Although the rootkit has been identified and may be removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume that because this malware has been removed the computer is now secure. In some instances an infection may have caused so much damage to your system that it cannot be completely cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, delete the partition, reformat and reinstall the Operating System.

Please read:

 

 


Should you decide not to follow this advice, we will do our best to help clean the computer of any infections but we cannot guarantee it to be trustworthy or that the removal will be successful. If you wish to proceed, disinfection will require more time and more advanced tools.

Please let us know how you would like to proceed.

 



Message borrowed from quietman7 with minor wording and link changes

Link to post
Share on other sites

Thank you for the instant reply yesterday, and my apologies for the delayed response.  I replied last eve to the email, but did not realize I had to post here.

Immediately after reading your response, I changed passwords to my important accounts using a separate PC.

Since the computer can never be trusted w/o a complete make-over, I'll head that direction.

Thank you again for the quick and thorough reply.
Unless you have other recommendations, I will consider this forum entry
closed.

Thanks again.
rkib
 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.