I Think I'm Infected

[LotusBud]

I have used various virus scanners to scan my computer including Macafee, Malwarebytes, and the Microsoft Safety Scanner. And all of them have gotton some Trojans deleted. I've tried to scan my computer agian with these scanners but no more malwares were found, however I still thinkthat my computer is infected because I can't turn on my automatic updates and when I go to the Windows Update page and I try to get a Mircosoft Update, it also won't let me and there's an error message. Another thing that adds to I'm feeling unsafe about my computer is that the Microsoft Scanner said that I had a "Backdoor:Win32/Cycbot.B" trojan and I looked it up and that trojan is severe. And one source even said that my computer is compromised even though the trojan has been deleted.

I don't really know anything about these viruses/trojans so what I suspect, might be wrong. Please help.

Thank You

I attached the logs that I got from Malwarebyte.

mbam-log-2011-07-15 (11-43-35).txtmbam-log-2011-07-13 (13-58-17).txtmbam-log-2011-07-12 (15-54-15).txt

[screen317]

Hi and welcome to Malwarebytes.

In the future, please post all logs directly into your reply instead of attaching them.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

[LotusBud]

Hello,

Thanks for replying.

Here is the Log from the Malwarebytes quick scan:-----------------------------------------------------------------

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7183

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

7/17/2011 11:44:58 PM

mbam-log-2011-07-17 (23-44-58).txt

Scan type: Quick scan

Objects scanned: 175321

Time elapsed: 15 minute(s), 12 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

-----------------------------------------------------------------

And here are the two logs from the DDS Scan

Log number one: (It saved with the name "attach")-----------------------------------------------------------------

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-07-14.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 9/11/2009 5:20:58 PM

System Uptime: 7/17/2011 10:55:17 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0KD882

Processor: Genuine Intel® CPU T2400 @ 1.83GHz | Microprocessor | 1828/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 67 GiB total, 23.473 GiB free.

D: is FIXED (NTFS) - 21 GiB total, 21.095 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: Dell USB Smartcard Keyboard

Device ID: USB\VID_413C&PID_2100&MI_01\6&350D7620&0&0001

Manufacturer:

Name: Dell USB Smartcard Keyboard

PNP Device ID: USB\VID_413C&PID_2100&MI_01\6&350D7620&0&0001

Service:

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: 1394 Net Adapter

Device ID: V1394\NIC1394\2A33AD41354FC000

Manufacturer: Microsoft

Name: 1394 Net Adapter

PNP Device ID: V1394\NIC1394\2A33AD41354FC000

Service: NIC1394

.

==== System Restore Points ===================

.

RP486: 6/28/2011 1:46:34 PM - System Checkpoint

RP487: 6/29/2011 12:18:42 AM - Software Distribution Service 3.0

RP488: 6/29/2011 9:46:03 AM - Software Distribution Service 3.0

RP489: 6/30/2011 10:47:13 PM - System Checkpoint

RP490: 7/2/2011 3:37:59 PM - System Checkpoint

RP491: 7/4/2011 3:42:58 PM - System Checkpoint

RP492: 7/7/2011 10:42:35 PM - System Checkpoint

RP493: 7/9/2011 3:03:10 PM - System Checkpoint

RP494: 7/10/2011 4:16:55 PM - System Checkpoint

RP495: 7/11/2011 6:42:04 PM - System Checkpoint

RP496: 7/12/2011 10:47:25 AM - Installed Java 6 Update 26

RP497: 7/12/2011 12:06:12 PM - Removed Java 6 Update 16

RP498: 7/12/2011 12:07:26 PM - Removed Acrobat.com

RP499: 7/12/2011 1:01:08 PM - Installed Windows Internet Explorer 8.

RP500: 7/14/2011 12:56:21 PM - System Checkpoint

RP501: 7/15/2011 11:08:40 AM - Installed Windows Internet Explorer 8.

RP502: 7/15/2011 12:06:28 PM - Software Distribution Service 3.0

RP503: 7/16/2011 4:55:47 PM - System Checkpoint

.

==== Installed Programs ======================

.

µTorrent

924PLC32

ABBYY FineReader 6.0 Sprint

Adobe AIR

Adobe Digital Editions

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.4.0

Adobe Shockwave Player 11.6

Akamai NetSession Interface

AMR to MP3 Converter 1.4

AOLIcon

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Bluetooth Stack for Windows by Toshiba

Bonjour

Broadcom Management Programs

Brother MFL-Pro Suite

Chinese Simplified Fonts Support For Adobe Reader 9

Citrix XenApp Plugin for Hosted Apps

Conexant HDA D110 MDC V.92 Modem

Corel Photo Album 6

D-i-v-X AVI Codec Pack Pro 2.4.0

Dell Digital Jukebox Driver

Dell Driver Download Manager

Dell Media Experience

Dell Photo AIO Printer 924

Dell Support 3.1

Dell System Restore

Digital Content Portal

Digital Line Detect

DivX Setup

Documentation & Support Launcher

EducateU

ELIcon

ffdshow (remove only)

Games, Music, & Photos Launcher

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Format 11 SDK (KB973442)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Intel® Graphics Media Accelerator Driver

Intel® PROSet/Wireless Software

iTunes

Jasc Paint Shop Pro Studio, Dell Editon

Java Auto Updater

Java 6 Update 26

Juniper Networks Host Checker

Juniper Networks Secure Application Manager

Juniper Networks Setup Client

Learn2 Player (Uninstall Only)

LiveUpdate 2.6 (Symantec Corporation)

Malwarebytes' Anti-Malware version 1.51.1.1800

McAfee Agent

McAfee AntiSpyware Enterprise Module

McAfee Host Intrusion Prevention

McAfee VirusScan Enterprise

mCore

MCU

mDrWiFi

mHlpDell

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Basic Edition 2003

Microsoft Office File Validation Add-In

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher 2007

Microsoft Office Publisher 2007 Trial

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word Viewer 2003

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.9

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft WinUsb 1.0

mIWA

mLogView

mMHouse

Modem Helper

Move Media Player

mPfMgr

mPfWiz

mProSafe

mSSO

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Musicmatch® Jukebox

mWlsSafe

mWMI

mXML

mZConfig

Nationwide VPN

NetWaiting

OGA Notifier 2.0.0048.0

OpenOffice.org 3.1

OverDrive Media Console

PaperPort 8.0 SE

Picasa 3

PowerDVD 5.7

Qualxserve Service Agreement

QuickSet

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

RealUpgrade 1.1

SAMSUNG Intelli-studio

Search Assist

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2509488)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 9 Series (KB969878)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Sonic Copy Module

Sonic DLA

Sonic Express Labeler

Sonic MyDVD Plus

Sonic RecordNow Audio

Sonic RecordNow Data

Sonic Update Manager

swMSM

Synaptics Pointing Device Driver

TomTom HOME 2.8.0.2146

TomTom HOME Visual Studio Merge Modules

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 System (KB2539530)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VC80CRTRedist - 8.0.50727.4053

Viewpoint Media Player

Vpskeys 4.3

WebCyberCoach 3.2 Dell

WebFldrs XP

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Notifications (KB905474)

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

.

==== Event Viewer Messages From Past Week ========

.

7/15/2011 11:14:19 AM, error: System Error [1003] - Error code 100000d1, parameter1 005c0065, parameter2 00000002, parameter3 00000008, parameter4 005c0065.

7/15/2011 11:05:06 AM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001302B37465. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

7/12/2011 11:48:11 AM, error: Service Control Manager [7022] - The McAfee McShield service hung on starting.

7/12/2011 11:46:13 AM, error: Service Control Manager [7000] - The Zune Bus Enumerator Driver service failed to start due to the following error: The system cannot find the file specified.

7/12/2011 11:46:13 AM, error: Service Control Manager [7000] - The Nortel Extranet Access Protocol service failed to start due to the following error: The system cannot find the file specified.

7/12/2011 10:54:39 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer WONGS-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AF31CAE8-5524-4B13-. The master browser is stopping or an election is being forced.

7/11/2011 4:14:26 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer NGATRANPC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AF31CAE8-5524-4B13. The master browser is stopping or an election is being forced.

7/11/2011 12:17:18 AM, error: Dhcp [1002] - The IP address lease 192.168.2.6 for the Network Card with network address 001302B37465 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

7/11/2011 11:17:13 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Akamai service.

.

==== End Of File ===========================

-----------------------------------------------------------------

Log number two: (this one is saved with the title named "dds")-----------------------------------------------------------------

DDS (Ver_2011-07-14.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by Sally Wong at 23:48:07 on 2011-07-17

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.104 [GMT -4:00]

.

AV: *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

AV: VirusScan Enterprise + AntiSpyware Enterprise *Enabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

FW: McAfee Host Intrusion Prevention Firewall *Enabled*

FW: *Disabled*

.

============== Running Processes ================

.

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\Brmfrmps.exe

C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe

C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe

C:\Program Files\McAfee\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\mfevtps.exe

C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

C:\Program Files\McAfee\Common Framework\naPrdMgr.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe

C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe

C:\Program Files\Scansoft\PaperPort\pptd40nt.exe

C:\program files\real\realplayer\update\realsched.exe

C:\Program Files\McAfee\Common Framework\udaterui.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Sally Wong\Start Menu\Programs\uTorrent.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe

C:\Program Files\McAfee\Common Framework\McTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

c:\program files\common files\installshield\updateservice\isuspm.exe

C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe

C:\WINDOWS\system32\dlcccoms.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe

C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe

C:\WINDOWS\system32\BRMFRSMG.EXE

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\wbem\wmiprvse.exe

c:\dell\E-center\gtb.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k Akamai

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.igoogle.com/

uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us

uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us

uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us

uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us

mSearchAssistant = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [uTorrent] "c:\documents and settings\sally wong\start menu\programs\uTorrent.exe"

mRun: [igfxtray] c:\windows\system32\igfxtray.exe

mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

mRun: [igfxpers] c:\windows\system32\igfxpers.exe

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"

mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [ECenter] "c:\dell\e-center\gtb.exe"

mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall

mRun: [McAfee Host Intrusion Prevention Tray] "c:\program files\mcafee\host intrusion prevention\FireTray.exe"

mRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,_RunDLLEntry@16

mRun: [dlccmon.exe] "c:\program files\dell photo aio printer 924\dlccmon.exe"

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [iMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE

mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [shStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe

mRun: [indexSearch] c:\program files\scansoft\paperport\IndexSearch.exe

mRun: [setDefPrt] c:\program files\brother\brmfl03a\BrStDvPt.exe

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nwepo.lnk - c:\program files\network associates\NWePO.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

Trusted Zone: agencyanywhere.agency.ni.nwie.net

Trusted Zone: agencyanywhere.agency.ni.nwie.net

Trusted Zone: skilldialogue.com

Trusted Zone: skilldialogue.com

Trusted Zone: skillport.com

Trusted Zone: skillport.com

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {9916D178-71C8-4764-969C-95B9B67A1F76} - hxxps://onestop.nationwide.com/one-stop-web/scan/OneStopScan.CAB

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://agents.nationwide.com/dana-cached/sc/JuniperSetupClient.cab

TCP: NameServer = 192.168.2.1 192.168.2.1

TCP: Interfaces\{AF31CAE8-5524-4B13-93DB-D16BE9FC3A75} : DHCPNameServer = 192.168.2.1 192.168.2.1

Handler: ipp - <Clsid value has no data>

Handler: msdaipp - <Clsid value has no data>

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "c:\program files\outlook express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "c:\program files\outlook express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

IFEO: Your Image File Name Here without a path - ntsd -d

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-9-11 343920]

R1 NEOFLTR_650_15699;Juniper Networks TDI Filter Driver (NEOFLTR_650_15699);c:\windows\system32\drivers\NEOFLTR_650_15699.SYS [2010-7-14 85360]

R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-11 14336]

R2 enterceptAgent;McAfee Host Intrusion Prevention Service;c:\program files\mcafee\host intrusion prevention\FireSvc.exe [2009-6-25 1489984]

R2 McAfeeEngineService;McAfee Engine Service;c:\program files\mcafee\virusscan enterprise\engineserver.exe [2010-3-25 22816]

R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2011-1-12 120128]

R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\mcshield.exe [2010-3-25 147472]

R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\vstskmgr.exe [2010-3-25 66880]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2009-9-11 70728]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2010-12-10 92008]

R3 Eacfilt;Eacfilt Miniport;c:\windows\system32\drivers\eacfilt.sys [2009-9-11 9817]

R3 FirehkMP;FirehkMP;c:\windows\system32\drivers\firehk.sys [2009-9-11 44680]

R3 HIPK;McAfee Inc. HIPK;c:\windows\system32\drivers\HIPK.sys [2009-9-11 110384]

R3 HIPPSK;McAfee Inc. HIPPSK;c:\windows\system32\drivers\HIPPSK.sys [2009-9-11 38200]

R3 HIPQK;McAfee Inc. HIPQK;c:\windows\system32\drivers\HIPQK.sys [2009-9-11 35584]

R3 hips;McAfee HIPSCore Service;c:\program files\mcafee\host intrusion prevention\hipscore\HIPSvc.exe [2009-12-1 35696]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-9-11 91832]

R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-9-11 43288]

S1 mferkdk;VSCore mferkdk;\??\c:\program files\mcafee\virusscan enterprise\mferkdk.sys --> c:\program files\mcafee\virusscan enterprise\mferkdk.sys [?]

S2 IPSECEXT;Nortel Extranet Access Protocol;c:\windows\system32\drivers\ipsecw2k.sys [2009-9-11 117696]

S3 brfilt;Brother MFC Filter Driver;c:\windows\system32\drivers\BrFilt.sys [2011-1-28 2944]

S3 BrSerWDM;Brother WDM Serial driver;c:\windows\system32\drivers\BrSerWdm.sys [2011-1-28 61952]

S3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\system32\drivers\BrUsbMdm.sys [2011-1-28 11008]

S3 BrUsbScn;Brother MFC USB Scanner driver;c:\windows\system32\drivers\BrUsbScn.sys [2011-1-28 10368]

S3 Firehk;McAfee NDIS Intermediate Filter;c:\windows\system32\drivers\firehk.sys [2009-9-11 44680]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-7-5 66600]

.

=============== Created Last 30 ================

.

2011-07-18 02:58:12 39816 ----a-w- c:\windows\system32\HIPIS0e011aa.dll

2011-07-15 15:07:18 -------- dc-h--w- c:\windows\ie8

2011-07-12 18:37:07 -------- d-----w- c:\documents and settings\sally wong\application data\Malwarebytes

2011-07-12 18:36:58 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-07-12 18:36:55 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-07-12 18:36:51 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-12 18:36:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-07-12 17:36:11 -------- d--h--w- c:\windows\PIF

2011-07-12 16:10:38 -------- d-----w- c:\windows\system32\Adobe

2011-07-02 19:00:17 -------- d-----w- c:\documents and settings\sally wong\application data\Corel Photo Album

2011-07-02 19:00:11 -------- d-----w- c:\documents and settings\sally wong\local settings\application data\Corel Photo Album

2011-07-02 18:59:22 88 --sh--r- c:\windows\system32\8EB169608E.sys

2011-07-02 18:59:22 4182 --sha-w- c:\windows\system32\KGyGaAvL.sys

2011-06-18 13:39:39 -------- d-----w- c:\documents and settings\sally wong\application data\Intelli-studio

2011-06-18 13:39:27 -------- d-----w- c:\program files\Samsung

.

==================== Find3M ====================

.

2011-07-12 16:10:17 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-06-08 19:02:30 348160 ----a-w- c:\windows\system32\msvcr71.dll

2011-06-02 17:53:02 94208 ----a-w- c:\windows\system32\dpl100.dll

2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-05-04 08:52:22 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-05-04 06:25:49 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-04-29 17:25:27 151552 ----a-w- c:\windows\system32\schannel.dll

2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-04-26 11:07:50 33280 ----a-w- c:\windows\system32\csrsrv.dll

2011-04-26 11:07:50 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll

2011-04-25 16:11:11 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-04-25 16:11:11 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-04-25 12:01:22 385024 ----a-w- c:\windows\system32\html.iec

2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys

2004-05-06 15:37:08 311808 ----a-w- c:\program files\FINMUIff.msp

.

============= FINISH: 23:49:14.95 ===============

-----------------------------------------------------------------

On the log from the dds scan, it says that I shouldn't post it unless aske to... is it safe to post that info on the internet?

Thanks again!

[screen317]

Hi,

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

• When the tool is finished, it will produce a report for you.
  
• Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

[screen317]

Topic re-opened at request of topic starter.

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!