Jump to content

Recommended Posts

Dear Sir

Please Help Me Whenever I Install Malware It Stops My Internet Connection As Per The Instruction of (http://forums.malwarebytes.org/index.php?showtopic=76016) This Topic Here is The All Two(2) Reports.

Before 3 Days(on Saturday) I Was Infected With Data Recovery (A Fake Spyware or Something) I Removed Using Malware in Start Menu->Programs Some Of The Programs Folders Are Showing Empty And My PC Is Much Slow Please Help..

Antivirus - Quick Hell Total Security 12.00

One More Software - Auslogics Boot Speed

DDS.txt

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15

Run by aaa at 10:54:47 on 2011-10-18

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1013.220 [GMT 5.5:30]

.

AV: Quick Heal Total Security 12.00 *Disabled/Updated* {05C1329D-F0E0-4B19-9D15-54F9BC3ADE87}

FW: Quick Heal Firewall *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Automatic Update\AutoUpdate.exe

C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe

C:\WINDOWS\system32\NLSSRV32.EXE

C:\Program Files\Quick Heal\Quick Heal Total Security\opssvc.exe

C:\Program Files\Quick Heal\Quick Heal Total Security\quhlpsvc.exe

C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Automatic Update\AutoUpdateGUI.exe

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\Program Files\BSNL 3G Data Card\LW273\Resource\driver\MctlSuc.exe

C:\Program Files\Quick Heal\Quick Heal Total Security\onlinent.exe

C:\Documents and Settings\aaa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Program Files\Quick Heal\Quick Heal Total Security\SCANMSG.EXE

C:\Program Files\Internet Download Manager\IDMan.exe

C:\Program Files\Quick Heal\Quick Heal Total Security\UPSCHD.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Internet Download Manager\IEMonitor.exe

C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe

C:\Program Files\Mozilla Firefox 3 Beta 5\plugin-container.exe

C:\Program Files\Mozilla Firefox 3 Beta 5\plugin-container.exe

C:\Program Files\Mozilla Firefox 3 Beta 5\plugin-container.exe

C:\Documents and Settings\aaa\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe

C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE

C:\Program Files\Java\jre6\bin\jucheck.exe

C:\Documents and Settings\aaa\Application Data\Amadeus\Viewer\Showcase.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\The SmartShop\SS.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uStart Page = hxxp://www.google.co.in/

uSearch Bar = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [Google Update] "c:\documents and settings\aaa\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [skyTel] SkyTel.EXE

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Quick Heal Core UI] "c:\program files\quick heal\quick heal total security\strtupap.exe"

mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"

mRun: [s302B] c:\program files\bsnl 3g data card\lw273\resource\driver\MctlSuc.exe

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

mRunOnce: [innoSetupRegFile.0000000001] "c:\windows\is-ANFMS.exe" /REG /REGSVRMODE

dRunOnce: [RunNarrator] Narrator.exe

IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm

IE: Download with IDM - c:\program files\internet download manager\IEExt.htm

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

Trusted Zone: amadeusvista.com

Trusted Zone: amadeus.com\content

Trusted Zone: amadeus.net\content.1a

Trusted Zone: amadeusproweb.com

Trusted Zone: amadeusvista.com\Muc.http.farm6.software

Trusted Zone: amadeusvista.com\Muc.http.farm8.software

Trusted Zone: amadeusvista.com\Muc.https.farm11.software

Trusted Zone: amadeusvista.com\Muc.https.farm5.software

DPF: {051FE707-9706-11D5-A836-000102A7C938} - hxxp://certificates.amadeusvista.com/sgwadmin/common/AutoUpdateATL26P502.CAB

DPF: {096AD7BA-BC58-423E-93BE-A7CC72077040} - hxxps://vtomo.farelogix.com/ekmoinr/reservation/command/flxterminal.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F96020DD-C373-44A0-82B6-064EF0AEEAE3} - hxxp://certificates.amadeusvista.com/sgwadmin/RegSiteTools.cab

TCP: Interfaces\{30EEDAD9-44FF-40A5-9150-E8BE8F8790FC} : NameServer = 8.8.8.8,4.4.4.4,218.248.240.208

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

Notify: cryptnet32 - cryptnet32.dll

Notify: igfxcui - igfxdev.dll

Notify: TPSvc - TPSvc.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\aaa\application data\mozilla\firefox\profiles\a3uf8qqp.default\

FF - prefs.js: browser.startup.homepage -

FF - component: c:\documents and settings\aaa\application data\idm\idmmzcc5\components\idmmzcc.dll

FF - plugin: c:\documents and settings\aaa\application data\mozilla\firefox\profiles\a3uf8qqp.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll

FF - plugin: c:\documents and settings\aaa\application data\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\documents and settings\aaa\application data\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\documents and settings\aaa\local settings\application data\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60129.0\npctrlui.dll

.

============= SERVICES / DRIVERS ===============

.

R1 ggc;ggc;c:\windows\system32\drivers\ggc.sys [2011-5-2 46664]

R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2011-8-8 101616]

R2 catflt;catflt;c:\windows\system32\drivers\catflt.sys [2011-3-28 110024]

R2 Core Mail Protection;Core Mail Protection;c:\program files\quick heal\quick heal total security\EMLPROXY.EXE [2011-3-28 28104]

R2 Core Scanning ServerEx;Core Scanning ServerEx;c:\program files\quick heal\quick heal total security\SAPISSVC.EXE [2011-3-28 205768]

R2 EMLSS;EMLSS;c:\windows\system32\drivers\EMLTDI.SYS [2011-5-2 29384]

R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2010-2-2 188736]

R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-2-2 65856]

R2 Online Protection System;Online Protection System;c:\program files\quick heal\quick heal total security\OPSSVC.EXE [2011-3-28 22472]

R2 Quick Update Service;Quick Update Service;c:\program files\quick heal\quick heal total security\QUHLPSVC.EXE [2011-3-28 90568]

R3 wsnfmp;Network Filter Miniport;c:\windows\system32\drivers\wsnf.sys [2011-3-28 27464]

S0 agiktgxl;agiktgxl;c:\windows\system32\drivers\agiktgxl.sys --> c:\windows\system32\drivers\agiktgxl.sys [?]

S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys --> c:\windows\system32\drivers\is3srv.sys [?]

S0 mscank;mscank;c:\windows\system32\drivers\mscank.sys [2011-5-2 34112]

S0 szkg5;szkg5;c:\windows\system32\drivers\szkg.sys --> c:\windows\system32\drivers\szkg.sys [?]

S0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys --> c:\windows\system32\drivers\szkgfs.sys [?]

S2 Core Scanning Server;Core Scanning Server;c:\program files\quick heal\quick heal total security\SAPISSVC.EXE [2011-3-28 205768]

S2 sysmon32;Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS; [x]

S2 u4ec6c8o6;Creative ALchemy AL1 Licensing Service; [x]

S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]

S3 fcusbser;Wireless Network USB Device for Legacy Serial Communication FC;c:\windows\system32\drivers\fcusbser.sys [2011-6-13 105216]

S3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;c:\windows\system32\drivers\HSPADataCardusbmdm.sys [2010-8-19 106880]

S3 HSPADataCardusbnmea;HSPADataCard NMEA Port;c:\windows\system32\drivers\HSPADataCardusbnmea.sys [2010-8-19 106880]

S3 HSPADataCardusbser;HSPADataCard Diagnostic Port;c:\windows\system32\drivers\HSPADataCardusbser.sys [2010-8-19 106880]

S3 HSPADataCardusbvoice;HSPADataCard VoUSB Port;c:\windows\system32\drivers\HSPADataCardusbvoice.sys [2010-8-19 106880]

S3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2011-1-7 9216]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2003-6-13 30336]

S3 u302bus;HSPADataCard WMC Bus Driver (WDM);c:\windows\system32\drivers\u302bus.sys [2011-9-15 119112]

S3 u302mdfl;HSPADataCard Modem Filter;c:\windows\system32\drivers\u302mdfl.sys [2011-9-15 14920]

S3 u302mdm;HSPADataCard Modem Driver;c:\windows\system32\drivers\u302mdm.sys [2011-9-15 135880]

S3 u302mgmt;HSPADataCard USB Device Management Drivers (WDM);c:\windows\system32\drivers\u302mgmt.sys [2011-9-15 129992]

S3 VM650FVM11;UMAX AstraSlim Scanner ProdID x0104;c:\windows\system32\drivers\usb650c.sys --> c:\windows\system32\drivers\USB650C.sys [?]

S3 wsnf;Network Filter Service;c:\windows\system32\drivers\wsnf.sys [2011-3-28 27464]

S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [2010-12-31 114688]

S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\zteusbvoice.sys [2010-12-31 105856]

.

=============== Created Last 30 ================

.

2011-10-18 05:22:39 709968 ----a-w- c:\windows\is-ANFMS.exe

2011-10-18 05:10:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-10-18 05:10:36 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-18 05:10:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-15 12:47:41 -------- d-----w- c:\documents and settings\aaa\application data\STOPzilla!

2011-10-15 10:18:18 -------- d-----w- c:\program files\STOPzilla!

2011-10-15 10:17:56 -------- d-----w- c:\documents and settings\all users\application data\STOPzilla!

2011-09-20 11:53:27 -------- d-----w- c:\program files\Conduit

2011-09-20 11:52:25 -------- d-----w- c:\program files\uTorrent

2011-09-20 11:51:56 -------- d-----w- c:\documents and settings\aaa\application data\uTorrent

.

==================== Find3M ====================

.

2011-10-04 06:53:26 34112 ----a-w- c:\windows\system32\drivers\mscank.sys

2011-09-21 13:48:38 695642 ----a-w- c:\windows\unins000.exe

2011-08-26 10:38:57 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

============= FINISH: 10:55:22.28 ===============

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 06/01/2010 2:56:36 PM

System Uptime: 18/10/2011 9:51:52 AM (1 hours ago)

.

Motherboard: MSI | | Boston

Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz | Socket 775 | 1995/800mhz

Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz | Socket 775 | 1995/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 58 GiB total, 32.01 GiB free.

D: is FIXED (NTFS) - 58 GiB total, 51.776 GiB free.

E: is FIXED (NTFS) - 58 GiB total, 46.737 GiB free.

F: is FIXED (NTFS) - 58 GiB total, 51.332 GiB free.

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP36: 21/09/2010 11:00:40 AM - Quick Heal AntiMalware Restore Point

RP37: 09/10/2010 2:18:56 PM - Installed Riya

RP38: 13/10/2010 11:20:21 AM - Removed Google Talk Plugin

RP39: 19/11/2010 10:48:05 AM - Removed Google Talk Plugin

RP40: 23/11/2010 3:42:57 PM - Removed Nitro PDF Professional

RP41: 23/11/2010 3:46:22 PM - Installed Nitro PDF Professional

RP42: 21/12/2010 5:20:02 PM - Installed SpyHunter

RP43: 23/12/2010 10:14:03 AM - Removed SpyHunter

RP44: 31/12/2010 9:44:35 AM - Installed Vodafone Mobile Broadband Lite.

RP45: 31/12/2010 9:52:35 AM - Removed Vodafone Mobile Broadband Lite.

RP46: 07/01/2011 11:20:08 AM - Installed Vodafone Mobile Broadband Lite.

RP47: 10/01/2011 10:44:30 AM - Quick Heal Quick Heal Firewall Pro Restore Point: uninstall

RP48: 11/01/2011 5:53:39 PM - System Checkpoint

RP49: 07/02/2011 12:55:25 PM - Removed jetAudio

RP50: 07/02/2011 12:56:26 PM - Removed TATA Indicom Dialer.

RP51: 07/02/2011 12:57:44 PM - Removed PDFill PDF Editor with FREE PDF Writer and Tools

RP52: 22/02/2011 11:34:24 AM - Installed The SmartShop

RP53: 24/03/2011 2:41:09 PM - Installed Free Live TV

RP54: 24/03/2011 3:48:01 PM - Removed Free Live TV

RP55: 16/04/2011 9:51:11 AM - Removed Google Talk Plugin

RP56: 03/05/2011 10:08:00 AM - Removed Google Talk Plugin

RP57: 02/06/2011 8:36:39 PM - Removed Vodafone Mobile Broadband Lite.

RP58: 15/06/2011 4:55:32 PM - Quick Heal Firewall Pro Restore Point: install

RP59: 15/06/2011 5:33:29 PM - Quick Heal Firewall Pro Restore Point: uninstall

RP60: 23/06/2011 8:22:09 PM - Removed Google Talk Plugin

RP61: 29/06/2011 3:35:08 PM - Removed Google Talk Plugin

RP62: 15/08/2011 12:58:35 PM - Installed Windows XP Wdf01009.

RP63: 17/08/2011 3:38:08 PM - Removed Google Talk Plugin

RP64: 08/09/2011 3:05:27 PM - Installed Windows XP KB932823-v3.

RP65: 08/09/2011 3:12:42 PM - Installed Windows Internet Explorer 8.

RP66: 15/09/2011 5:06:11 PM - Removed Google Talk Plugin

RP67: 15/10/2011 3:47:43 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.

RP68: 15/10/2011 5:16:54 PM - Installed STOPzilla!

RP69: 15/10/2011 5:19:42 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.

RP70: 15/10/2011 6:14:19 PM - Removed STOPzilla!

RP71: 15/10/2011 6:17:31 PM - Installed STOPzilla!

RP72: 15/10/2011 6:24:12 PM - Removed STOPzilla!

RP73: 15/10/2011 6:24:34 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.

RP74: 15/10/2011 7:06:46 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.

RP75: 17/10/2011 1:08:37 PM - Auslogics Regisry Defrag - before defragmentation

.

==== Installed Programs ======================

.

µTorrent

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.2.2

Adobe Shockwave Player 11.6

Auslogics BoostSpeed

BSNL 3G Data Card

Crystal Reports for .NET Framework 2.0 (x86)

eTravel BackOffice Suite

Google Talk Plugin

hp LaserJet 1010 Series

Huawei Access Manager

Intel® Graphics Media Accelerator Driver

Internet Download Manager

Java 6 Update 15

Macromedia Flash MX

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft .NET Framework 2.0

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft National Language Support Downlevel APIs

Microsoft Office XP Professional with FrontPage

Microsoft Silverlight

Microsoft SOAP Toolkit 3.0

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server Management Studio Express

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual FoxPro 9.0 Professional - English

Miracle 6.3

Mozilla Firefox 7.0.1 (x86 en-US)

Mozilla Thunderbird (6.0)

MSVC90_x86

MSXML 4.0 SP2 (KB954430)

MSXML 6.0 Parser

Nero 6 Ultra Edition

Nitro PDF Professional

Nokia Connectivity Cable Driver

Nokia PC Suite

NVIDIA Drivers

OSSDesktop

PC Connectivity Solution

Quick Heal Total Security

REALTEK GbE & FE Ethernet PCI-E NIC Driver

Realtek High Definition Audio Driver

Riya

swMSM

TeamViewer 6

The SmartShop

Unlocker 1.9.1

VC 9.0 Runtime

Visual FoxPro 9.0 Baseline - English

Visual FoxPro 9.0 Professional - English

VLC media player 1.0.5

VoipGain

VSO Image Resizer 3.0.0.140

WebFldrs XP

Windows Driver Package - Nokia Modem (02/25/2011 4.7)

Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)

Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Live OneCare safety scanner

WinRAR archiver

.

==== Event Viewer Messages From Past Week ========

.

18/10/2011 9:53:02 AM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

17/10/2011 3:21:29 PM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

17/10/2011 3:11:18 PM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

17/10/2011 10:22:36 AM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

15/10/2011 7:43:33 PM, error: Service Control Manager [7000] - The MBAMSwissArmy service failed to start due to the following error: The system cannot find the file specified.

15/10/2011 7:24:33 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: agiktgxl szkg5 szkgfs

15/10/2011 7:23:00 PM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

15/10/2011 7:05:48 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the szserver service.

15/10/2011 6:28:50 PM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

15/10/2011 4:46:40 PM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

15/10/2011 3:52:31 PM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

15/10/2011 3:21:22 PM, error: Service Control Manager [7034] - The NLS Service service terminated unexpectedly. It has done this 1 time(s).

15/10/2011 3:16:53 PM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

15/10/2011 3:11:07 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: agiktgxl

15/10/2011 3:11:07 PM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.

15/10/2011 3:09:37 PM, error: Service Control Manager [7000] - The Windows Service Manager service failed to start due to the following error: The system cannot find the path specified.

15/10/2011 3:09:37 PM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

15/10/2011 2:37:03 PM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

15/10/2011 10:01:37 AM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

14/10/2011 10:12:16 AM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

13/10/2011 10:16:51 AM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

12/10/2011 6:04:34 PM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

12/10/2011 10:03:51 AM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

11/10/2011 10:00:02 AM, error: Service Control Manager [7000] - The Ìîíèòîð ñèñòåìíûõ ñîáûòèé DNS service failed to start due to the following error: The system cannot find the path specified.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.