Jump to content

Rootkit TDSS, Backdoor Bot, Stolen Data, more


Recommended Posts

Hi,

I ran a Malware scan yesterday and found I had several infections.

Rootkit TDSS, Stolen Data, Trojan DNS Changer, Backdoor Bot, Malware Trace, Pum.Bad proxy security center, Pum Disabled, security center. This is from my MBAM log.

Here is the DDS logs,

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.5730.13

Run by Mary at 22:50:57 on 2011-10-19

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.639.130 [GMT -4:00]

.

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\AOL Computer Checkup\AOLDefragSrv.exe

C:\WINDOWS\System32\cisvc.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\netdde.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\AOL\1139109529\ee\AOLSoftware.exe

C:\Program Files\Verizon\McciTrayApp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\American Express inSite\inSite.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wuauclt.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://google.com/

uInternet Settings,ProxyOverride = <local>

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

uURLSearchHooks: AOL Radio Toolbar Search Class: {69224684-5682-419b-9fe4-ef7946ee3319} - c:\program files\aol radio toolbar\aolradiotb.dll

mURLSearchHooks: AOL Radio Toolbar Search Class: {69224684-5682-419b-9fe4-ef7946ee3319} - c:\program files\aol radio toolbar\aolradiotb.dll

mWinlogon: Userinit=c:\windows\system32\userinit.exe,userinit.exe,

BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: AOL Radio Toolbar Loader: {2abdb2f7-4cbf-4939-ba12-fddc827b6a2d} - c:\program files\aol radio toolbar\aolradiotb.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: inSite: {74f6c5a9-0ead-4a71-891e-376a838df1f0} - c:\program files\american express insite\inSiteIE.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: AOL Radio Toolbar: {9167da98-6f9b-46f1-991d-826cae46cab6} - c:\program files\aol radio toolbar\aolradiotb.dll

TB: inSite: {e8558d71-5e4e-4217-b608-d2f5d3623ae3} - c:\program files\american express insite\inSiteIE.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [HostManager] "c:\program files\common files\aol\1139109529\ee\AOLSoftware.exe"

mRun: [Verizon_McciTrayApp] "c:\program files\verizon\McciTrayApp.exe"

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\insite.lnk - c:\program files\american express insite\inSite.exe

IE: &AOL Radio Toolbar Search - c:\documents and settings\all users\application data\aol radio toolbar\ietoolbar\resources\en-us\local\search.html

IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

IE: {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - {301DA1EE-F65C-4188-A417-9E915CC8FBFA} - c:\program files\microsoft money\system\mnyviewer.dll

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab

DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} - hxxp://www1.snapfish.com/SnapfishOutlookImport.cab

DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} - hxxp://o.aolcdn.com/pictures/ap/Resources/2.0.6.9/cab/aolpPlugins.10.6.0.4.cab

DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www1.snapfish.com/SnapfishActivia.cab

DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab

DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 167.206.254.1 167.206.254.2

TCP: Interfaces\{8F75AAFF-1897-4FA8-BC88-437B6F2165B0} : DhcpNameServer = 167.206.254.1 167.206.254.2

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-10-19 320856]

R2 AOLDiskOptimizer;AOLDiskOptimizer;c:\program files\aol computer checkup\AOLDefragSrv.exe [2011-9-26 248328]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-10-19 20568]

R2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-2 136176]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-10 24652]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-10-19 442200]

S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-10-19 44768]

S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\google\google desktop search\GoogleDesktop.exe [2006-11-13 30192]

.

=============== Created Last 30 ================

.

2011-10-20 01:27:10 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-10-20 01:26:42 41184 ----a-w- c:\windows\avastSS.scr

2011-10-20 01:26:21 -------- d-----w- c:\program files\AVAST Software

2011-10-20 01:26:21 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software

2011-10-19 06:32:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-19 04:27:01 -------- d-----w- c:\documents and settings\mary\application data\Malwarebytes

2011-10-19 04:26:48 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-10-19 04:26:42 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-19 04:26:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-09-27 02:49:45 2576 ----a-w- c:\windows\system32\ASOROSet.bin

2011-09-27 01:16:43 13832 ----a-w- c:\windows\system32\roboot.exe

2011-09-27 01:16:28 -------- d-----w- c:\program files\AOL Computer Checkup

2011-09-21 16:41:51 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys

2011-09-21 16:41:51 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys

.

==================== Find3M ====================

.

2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-05 22:04:56 1409 ----a-w- c:\windows\QTFont.for

.

============= FINISH: 22:52:41.17 ===============

Next -

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 2/2/2006 8:45:12 AM

System Uptime: 10/19/2011 9:19:28 PM (1 hours ago)

.

Motherboard: Intel Corporation | | D845PT

Processor: Intel® Pentium® 4 CPU 1.60GHz | J1E1 | 1594/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 128 GiB total, 101.694 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}

Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard

Device ID: ACPI\PNP0303\4&268D196D&0

Manufacturer: (Standard keyboards)

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard

PNP Device ID: ACPI\PNP0303\4&268D196D&0

Service: i8042prt

.

Class GUID: {4D36E969-E325-11CE-BFC1-08002BE10318}

Description: Standard floppy disk controller

Device ID: ACPI\PNP0700\4&268D196D&0

Manufacturer: (Standard floppy disk controllers)

Name: Standard floppy disk controller

PNP Device ID: ACPI\PNP0700\4&268D196D&0

Service: fdc

.

==== System Restore Points ===================

.

RP1818: 6/30/2011 5:42:56 PM - Software Distribution Service 3.0

RP1819: 7/1/2011 6:12:12 PM - System Checkpoint

RP1820: 7/2/2011 6:18:33 PM - System Checkpoint

RP1821: 7/3/2011 7:06:29 PM - System Checkpoint

RP1822: 7/4/2011 8:06:29 PM - System Checkpoint

RP1823: 7/5/2011 9:06:29 PM - System Checkpoint

RP1824: 7/7/2011 12:39:20 AM - System Checkpoint

RP1825: 7/8/2011 9:59:07 AM - System Checkpoint

RP1826: 7/11/2011 5:53:54 PM - System Checkpoint

RP1827: 7/13/2011 12:20:12 PM - System Checkpoint

RP1828: 7/14/2011 1:18:57 PM - System Checkpoint

RP1829: 7/15/2011 11:30:03 AM - Software Distribution Service 3.0

RP1830: 7/17/2011 11:39:08 AM - System Checkpoint

RP1831: 7/18/2011 11:56:09 AM - System Checkpoint

RP1832: 7/19/2011 6:00:08 PM - System Checkpoint

RP1833: 7/21/2011 2:18:34 PM - System Checkpoint

RP1834: 7/22/2011 2:25:22 PM - System Checkpoint

RP1835: 7/25/2011 3:43:00 PM - System Checkpoint

RP1836: 7/27/2011 2:40:58 PM - System Checkpoint

RP1837: 8/1/2011 11:39:44 AM - System Checkpoint

RP1838: 8/2/2011 7:24:29 PM - System Checkpoint

RP1839: 8/4/2011 5:14:58 PM - System Checkpoint

RP1840: 8/5/2011 7:41:06 PM - System Checkpoint

RP1841: 8/7/2011 2:57:58 PM - System Checkpoint

RP1842: 8/8/2011 3:29:13 PM - System Checkpoint

RP1843: 8/9/2011 4:29:14 PM - System Checkpoint

RP1844: 8/10/2011 5:29:14 PM - System Checkpoint

RP1845: 8/11/2011 3:00:37 AM - Software Distribution Service 3.0

RP1846: 8/12/2011 3:35:18 AM - System Checkpoint

RP1847: 8/13/2011 4:35:18 AM - System Checkpoint

RP1848: 8/14/2011 5:35:18 AM - System Checkpoint

RP1849: 8/15/2011 6:35:18 AM - System Checkpoint

RP1850: 8/16/2011 7:35:18 AM - System Checkpoint

RP1851: 8/17/2011 8:35:18 AM - System Checkpoint

RP1852: 8/18/2011 10:54:23 AM - System Checkpoint

RP1853: 8/19/2011 2:46:40 PM - System Checkpoint

RP1854: 8/22/2011 9:38:12 AM - System Checkpoint

RP1855: 8/23/2011 4:16:57 PM - System Checkpoint

RP1856: 8/24/2011 11:04:14 AM - Software Distribution Service 3.0

RP1857: 8/25/2011 11:46:05 PM - System Checkpoint

RP1858: 9/5/2011 6:36:24 PM - System Checkpoint

RP1859: 9/21/2011 1:10:23 PM - System Checkpoint

RP1860: 9/25/2011 9:24:14 PM - System Checkpoint

RP1861: 9/26/2011 8:14:08 PM - Software Distribution Service 3.0

RP1862: 9/26/2011 9:17:40 PM - AOL Computer Checkup - First Install

RP1863: 10/17/2011 11:46:16 PM - System Checkpoint

RP1864: 10/19/2011 9:18:17 PM - avast! Free Antivirus Setup

RP1865: 10/19/2011 9:26:20 PM - avast! Free Antivirus Setup

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

4500_Help

Adobe Flash Player 10 Plugin

Adobe Flash Player 11 ActiveX

Adobe Reader 7.0.8

AIM 7

AIM Toolbar

AOL Coach Version 1.0(Build:20030807.3)

AOL Computer Checkup

AOL Instant Messenger

AOL Pictures Tools (version 10.6.0.4)

AOL Radio Toolbar

AOL Uninstaller (Choose which Products to Remove)

Apple Software Update

avast! Free Antivirus

Backup Dell-Installed Programs

BPD_HPSU

bpd_scan

BPDSoftware

BPDSoftware_Ini

BufferChm

Conexant HSF V92 56K RTAD Speakerphone PCI Modem

Critical Update for Windows Media Player 11 (KB959772)

D2300

D2300_Help

Destination Component

DeviceDiscovery

Download Updater (AOL LLC)

Easy CD Creator 5 Basic

EPSON Printer Software

Express Burn Uninstall

Fax

Google Chrome

Google Desktop

Google Update Helper

GPBaseService

GPBaseService2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Customer Participation Program 10.0

HP Imaging Device Functions 10.0

HP Officejet J4500 Series

HP Photosmart and Deskjet 7.0 Software

HP Photosmart Essential

HP Solution Center 13.0

HP Update

hph_ProductContext

hph_readme

hph_software

hph_software_req

HPPhotoSmartExpress

HPProductAssistant

HPSSupply

Image Expert 2000 v3.2

inSite

iPod for Windows 2005-10-12

IrfanView (remove only)

iTunes

J2SE Runtime Environment 5.0 Update 1

J4500

Java 6 Update 11

Learn2 Player (Uninstall Only)

LimeWire 5.1.2

LiveReg (Symantec Corporation)

Malwarebytes' Anti-Malware version 1.51.2.1300

MarketResearch

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Encarta Encyclopedia Standard 2002

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Money 2002

Microsoft Money 2002 System Pack

Microsoft National Language Support Downlevel APIs

Microsoft Picture It! Photo 2002

Microsoft Streets and Trips 2002

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Word 2002

Microsoft Works 2002 Setup Launcher

Microsoft Works 6.0

Microsoft Works Suite Add-in for Microsoft Word

MSVCSetup

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MusicMatch Jukebox

Plaxo Toolbar for Outlook and Outlook Express

ProductContext

QuickTime

RealPlayer Basic

RegCure

Scan

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2530548)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2559049)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB974455)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB978207)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 9 (KB911565)

Security Update for Windows Media Player 9 (KB917734)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956390)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958215)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960714)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Shop for HP Supplies

SolutionCenter

Spybot - Search & Destroy

Status

Toolbox

TrayApp

Unload

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 7 (KB976749)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2616676-v2)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Verizon Help and Support Tool

Viewpoint Manager (Remove Only)

Viewpoint Media Player

Viewpoint Toolbar

Vz In Home Agent

WavePad Uninstall

WebFldrs XP

WebReg

Windows Genuine Advantage v1.3.0254.0

Windows Internet Explorer 7

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

Works Suite OS Pack

Works Synchronization

.

==== Event Viewer Messages From Past Week ========

.

10/19/2011 9:32:44 PM, error: Service Control Manager [7034] - The avast! Antivirus service terminated unexpectedly. It has done this 5 time(s).

10/19/2011 9:31:07 PM, error: Service Control Manager [7034] - The avast! Antivirus service terminated unexpectedly. It has done this 4 time(s).

10/19/2011 2:52:00 AM, error: Service Control Manager [7034] - The avast! Antivirus service terminated unexpectedly. It has done this 3 time(s).

10/19/2011 2:51:31 AM, error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

10/19/2011 2:51:27 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the avast! Antivirus service, but this action failed with the following error: An instance of the service is already running.

10/19/2011 2:45:14 AM, error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

10/19/2011 2:45:14 AM, error: Service Control Manager [7022] - The avast! Antivirus service hung on starting.

10/19/2011 2:32:14 AM, error: Service Control Manager [7000] - The Indexing Service service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.

10/19/2011 2:30:43 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

10/18/2011 11:59:31 PM, error: Print [19] - Sharing printer failed + 1722, Printer HP Deskjet D2300 series share name Printer.

10/17/2011 11:51:17 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service hpqcxs08 with arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

10/17/2011 11:28:40 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt

10/17/2011 11:28:40 PM, error: Service Control Manager [7024] - The Routing and Remote Access service terminated with service-specific error 340 (0x154).

10/17/2011 11:28:40 PM, error: Service Control Manager [7023] - The Human Interface Device Access service terminated with the following error: The system cannot find the file specified.

10/17/2011 11:28:40 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AOL Connectivity Service service to connect.

10/17/2011 11:28:40 PM, error: Service Control Manager [7000] - The AOL Connectivity Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

MBAM Quarantine the items. Should I delete them from the Quarantine folder? I am never sure of this.

I also installed Avast and can't seem to run or update it. The system is slowing and freezing up. Any help would be appreciated.

Thanks!

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.