Jump to content

Recommended Posts

Hello ~ Please help. Computer has picked up something and I can't run Mbam or Gmer. Posted 5 days ago, but have not gotten a reply. Was told to PM a moderator to look at my other message, but figured this would be easier.

I have ran the DDS, here is log file:

DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK

Internet Explorer: 9.0.8112.16421

Run by Susan at 18:46:18 on 2011-10-01

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.2370 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\SYSTEM32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\3410614825:3592795700.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Explorer.EXE

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page =

uStart Page = hxxp://www.yahoo.com/

uSearch Bar =

mStart Page = hxxp://en.us.acer.yahoo.com

mDefault_Page_URL = hxxp://en.us.acer.yahoo.com

uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\YTNavAssist.dll

mURLSearchHooks: H - No File

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll

BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File

BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll

BHO: BrowserHelper Class: {8a9d74f9-560b-4fe7-abeb-3b2e638e5cd6} - c:\program files\sgpsa\SearchAssistant.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [ZIBBrzONx0v2b3n8234A] c:\users\susan\appdata\roaming\yvss2obf3mg5q6w\Y8ffRL9hTqjUe.exe

uRun: [installIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe

mRun: [bisonInst0402] c:\windows\BR040286.exe

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"

mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\x86\eDSloader.exe

mRun: [LManager] c:\progra~1\launch~1\LManager.exe

mRun: [eRecoveryService]

mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe

mRun: [Acer Product Registration] "c:\program files\acer\acer registration\ACE1.exe" /startup

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [skytel] Skytel.exe

mRun: [FBSSA] c:\program files\sgpsa\ie3sh.exe

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe

mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume

mRun: [Reader Library Launcher] c:\program files\sony\reader\data\bin\launcher\Reader Library Launcher.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\users\susan\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} - hxxps://setup.bellsouth.net/wizlet/PWReset/static/controls/WebflowActiveXInstaller_6-1-2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 24.177.176.38 97.81.22.195 24.178.162.3

TCP: Interfaces\{650B49CC-5E86-45BC-96CE-D1BC12B978B1} : DhcpNameServer = 24.177.176.38 97.81.22.195 24.178.162.3

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Notify: igfxcui - igfxdev.dll

.

============= SERVICES / DRIVERS ===============

.

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-7-22 180736]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]

S2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-11-7 464264]

S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-11-7 234888]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 FileOpenManagerSvc;FileOpenManagerSvc;c:\programdata\fileopen\services\FileOpenManagerSvc32.exe [2011-3-9 212352]

S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-23 135664]

S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]

S2 UniversalCommunicationServer;Universal Communication Server;"c:\program files\bernina\ucs\universalcommunicationserver.exe" --> c:\program files\bernina\ucs\UniversalCommunicationServer.exe [?]

S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-23 135664]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-10-01 22:01:22 -------- d--h--w- c:\programdata\Common Files

2011-10-01 21:55:13 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-01 21:52:07 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7fd29e97-27ed-4912-879e-ce09daa95d00}\offreg.dll

2011-10-01 21:44:21 -------- d-----w- c:\users\susan\appdata\roaming\Malwarebytes

2011-10-01 21:44:17 -------- d-----w- c:\programdata\Malwarebytes

2011-10-01 21:44:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-01 21:39:21 -------- d-----w- c:\users\susan\appdata\roaming\jrrNtxxA0uc2i

2011-10-01 21:39:21 -------- d-----w- c:\users\susan\appdata\roaming\bbF3pnG5aHd

2011-10-01 21:36:49 -------- d-----w- c:\users\susan\appdata\roaming\OonG4amH6W7E8Tq

2011-10-01 21:36:49 -------- d-----w- c:\users\susan\appdata\roaming\fCwkIVrlOtPuSiD

2011-10-01 21:31:18 2417664 ----a-w- c:\users\susan\appdata\roaming\wmplayer.exe

2011-10-01 21:30:40 -------- d-----w- c:\users\susan\appdata\roaming\ByxA1uvS2b3m5Q6

2011-10-01 21:30:39 -------- d-----w- c:\users\susan\appdata\roaming\p4G5sQJ6E8R9Tez

2011-10-01 01:02:27 -------- d-----w- c:\users\susan\appdata\roaming\oonF4amH5W7E8Rq

2011-10-01 01:02:26 -------- d-----w- c:\users\susan\appdata\roaming\pibD3nG4aHsKfqY

2011-10-01 00:55:52 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7fd29e97-27ed-4912-879e-ce09daa95d00}\mpengine.dll

2011-10-01 00:49:17 -------- d-----w- c:\users\susan\appdata\roaming\OekIBrzONx

2011-10-01 00:49:16 -------- d-----w- c:\users\susan\appdata\roaming\I2obF4mG5Q6E

2011-09-30 00:30:36 2417664 ----a-w- c:\users\susan\appdata\roaming\java.exe

2011-09-30 00:13:53 2417664 ----a-w- c:\users\susan\appdata\roaming\iexplore.exe

2011-09-30 00:10:36 -------- d-----w- c:\users\susan\appdata\roaming\O8fL9qjUkBOyAuS

2011-09-30 00:10:35 -------- d-----w- c:\users\susan\appdata\roaming\lhTXweBrzNxu

2011-09-30 00:00:51 -------- d-----w- c:\users\susan\appdata\roaming\SG4aQH6sW7E9TqY

2011-09-30 00:00:51 -------- d-----w- c:\users\susan\appdata\roaming\nXqjYCekIrNx0c2

2011-09-29 23:55:02 -------- d-----w- c:\users\susan\appdata\roaming\ZTZqhYCwkVlBx0c

2011-09-29 23:55:02 -------- d-----w- c:\users\susan\appdata\roaming\h1ivD3onFaHs

2011-09-29 20:18:04 -------- d-----w- c:\users\susan\appdata\roaming\HdEK8fRZ9TwUeI

2011-09-29 20:18:04 -------- d-----w- c:\users\susan\appdata\roaming\FzPNycA1uDoFpGs

2011-09-29 20:07:26 -------- d-----w- c:\users\susan\appdata\roaming\R9hTXqjUCkBzNx0

2011-09-29 20:07:26 -------- d-----w- c:\users\susan\appdata\roaming\qvS2ibF3pGaHdKf

2011-09-29 20:07:15 -------- d-----w- c:\users\susan\appdata\roaming\yvSS2obF3mG5Q6W

2011-09-29 20:07:14 -------- d-----w- c:\users\susan\appdata\roaming\jsQQJ6dEKfRZh

2011-09-17 13:39:58 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-09-05 13:26:14 -------- d-----w- c:\users\susan\appdata\roaming\FileOpen

2011-09-05 13:21:29 -------- d-----w- c:\program files\FileOpen

2011-09-05 13:21:28 -------- d-----w- c:\programdata\FileOpen

.

==================== Find3M ====================

.

2011-08-10 09:43:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-22 02:54:43 1797632 ----a-w- c:\windows\system32\jscript9.dll

2011-07-22 02:48:26 1126912 ----a-w- c:\windows\system32\wininet.dll

2011-07-22 02:44:36 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-11 13:25:35 2048 ----a-w- c:\windows\system32\tzres.dll

2011-07-06 15:31:47 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

.

=========

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 6/6/2008 11:52:21 PM

System Uptime: 10/1/2011 4:49:38 PM (2 hours ago)

.

Motherboard: Acer | | Columbia

Processor: Intel® Core™2 Duo CPU T5550 @ 1.83GHz | U2E1 | 1828/166mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 112 GiB total, 71.144 GiB free.

D: is FIXED (NTFS) - 112 GiB total, 111.379 GiB free.

E: is CDROM ()

F: is Removable

G: is CDROM (CDFS)

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft ISATAP Adapter

Device ID: ROOT\*ISATAP\0004

Manufacturer: Microsoft

Name: Microsoft ISATAP Adapter #5

PNP Device ID: ROOT\*ISATAP\0004

Service: tunnel

.

==== System Restore Points ===================

.

RP758: 9/29/2011 2:38:44 PM - Windows Update

RP759: 9/30/2011 7:55:33 PM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

2007 Microsoft Office system

32 Bit HP CIO Components Installer

Acer Assist

Acer Crystal Eye

Acer Crystal Eye Webcam

Acer eDataSecurity Management

Acer eLock Management

Acer Empowering Technology

Acer eNet Management

Acer ePower Management

Acer ePresentation Management

Acer eSettings Management

Acer GridVista

Acer Mobility Center Plug-In

Acer Registration

Acer ScreenSaver

Activation Assistant for the 2007 Microsoft Office suites

Adobe AIR

Adobe Digital Editions

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.1.3

AIO_Scan

ATT-PRT22

Belarc Advisor 7.2

Bing Bar

Bing Rewards Client Installer

Broadcom Gigabit Integrated Controller

BufferChm

Business Contact Manager for Outlook 2007 SP2

C4380

C4380_doccd

C4380_Help

CCScore

Copy

CustomerResearchQFolder

Destination Component

DeviceDiscovery

DeviceManagementQFolder

DocProc

DocProcQFolder

Embroidery Software

ESSBrwr

ESSCDBK

ESScore

ESSgui

ESSini

ESSPCD

ESSPDock

ESSTOOLS

essvatgt

eSupportQFolder

Fax

fflink

FileOpen Client

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

HDAUDIO Soft Data Fax Modem with SmartCP

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Customer Participation Program 9.0

HP Imaging Device Functions 9.0

HP OCR Software 9.0

HP Photosmart All-In-One Software 9.0

HP Photosmart Essential 2.01

HP Photosmart Essential2.01

HP Smart Web Printing

HP Solution Center 9.0

HP Update

HPProductAssistant

HPSSupply

InstallIQ Updater

Intel PROSet Wireless

Intel® Graphics Media Accelerator Driver

Intel® PROSet/Wireless WiFi Software

Java Auto Updater

Java™ 6 Update 26

Kodak EasyShare software

Launch Manager

LightScribe 1.4.142.1

Malwarebytes' Anti-Malware version 1.51.2.1300

MarketResearch

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Default Manager

Microsoft Office 2003 Web Components

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Hybrid 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Small Business Connectivity Components

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft UI Engine

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mobile Broadband Drivers

MobileMe Control Panel

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXMLInstaller

netbrdg

NTI Backup NOW! 4.7

NTI CD & DVD-Maker

NTI Shadow

OfotoXMI

OGA Notifier 2.0.0048.0

PanoStandAlone

PowerDVD

PRS-500 USB driver

PS_AIO_02_ProductContext

PS_AIO_02_Software

PS_AIO_02_Software_min

PSSWCORE

Reader Library by Sony

Realtek High Definition Audio Driver

Scan

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553074)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2553073)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

SFR

SHASTA

skin0001

SKINXSDK

SolutionCenter

Spelling Dictionaries Support For Adobe Reader 8

staticcr

Status

Synaptics Pointing Device Driver

Texas Instruments PCIxx21/x515/xx12 drivers.

TIPCI

TomTom HOME 2.8.2.2264

TomTom HOME Visual Studio Merge Modules

Toolbox

TrayApp

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2583910)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Outlook 2007 Junk Email Filter (KB2553110)

VideoBuzz

VideoToolkit01

VPRINTOL

Vuze Toolbar

WebReg

WIRELESS

Yahoo! BrowserPlus 2.9.8

Yahoo! Software Update

Yahoo! Toolbar

YouTube Downloader 3.0

.

==== Event Viewer Messages From Past Week ========

.

9/30/2011 8:00:57 PM, Error: EventLog [6008] - The previous system shutdown at 7:58:06 PM on 9/30/2011 was unexpected.

9/29/2011 2:39:50 PM, Error: volsnap [20] - The shadow copies of volume C: were aborted because of a failed free space computation.

9/24/2011 7:08:36 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{650B49CC-5E86-45BC-96CE-D1BC12B978B1} because another computer on the network has the same name. The server could not start.

9/24/2011 7:08:36 PM, Error: netbt [4321] - The name "SUSAN-PC :20" could not be registered on the interface with IP address 10.0.0.2. The computer with the IP address 10.0.0.19 did not allow the name to be claimed by this computer.

9/24/2011 7:08:36 PM, Error: netbt [4321] - The name "SUSAN-PC :0" could not be registered on the interface with IP address 10.0.0.2. The computer with the IP address 10.0.0.19 did not allow the name to be claimed by this computer.

10/1/2011 5:01:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

10/1/2011 4:52:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

10/1/2011 4:52:02 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: spldr Wanarpv6

10/1/2011 4:52:02 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.

10/1/2011 4:52:02 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

10/1/2011 4:52:02 PM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.

10/1/2011 4:51:41 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21

10/1/2011 4:51:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

10/1/2011 4:51:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

10/1/2011 4:51:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

10/1/2011 4:51:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

10/1/2011 4:45:00 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.0.0.2 for the Network Card with network address 001CBF9B1894 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

10/1/2011 4:38:57 PM, Error: Service Control Manager [7000] - The Universal Communication Server service failed to start due to the following error: The system cannot find the file specified.

10/1/2011 4:38:57 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.