2 replies to this topic

[Quolli]

Hi, one of my computers has recently been infected with a nasty Trojan (check here for the infected computer: http://forums.malwar...howtopic=111508). This computer is one that I assume is clean, but nevertheless I have been browsing on the aforementioned infected PC for about a week. I would like to confirm that this PC is indeed clean and that the Trojan hasn't managed to travel through the network to this PC. The computers are connected via an Internet router. Both computers have a working Firewall.

Thank you for your time.

Here are my two DDS logs

DDS

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Allan at 22:35:37 on 2012-06-22
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.511.115 [GMT 10:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3F2.EXE
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Documents and Settings\Allan\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Allan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Allan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Allan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Allan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Allan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Allan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Allan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblfs.exe
C:\Documents and Settings\Allan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Allan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com.au
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\allan\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit
mRun: [IMJPMIG8.1] c:\windows\ime\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [EPSON Stylus Photo R310 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I3F2.EXE /P30 "EPSON Stylus Photo R310 Series" /O6 "USB001" /M "Stylus Photo R310"
mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\imaget~1.lnk - c:\program files\sony corporation\image transfer\SonyTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2012\ie_banner_deny.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1302403017357
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1302403099747
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{66AF9C4C-95F0-40B9-A7F7-278AEF530258} : DhcpNameServer = 192.168.0.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: klogon - c:\windows\system32\klogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2011-3-4 133208]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2011-3-4 11352]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2012-6-17 565552]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-18 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-11 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-30 116608]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe [2011-4-24 202296]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2011-4-10 54760]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2011-3-10 34608]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2001-8-23 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-06-21 08:43:21 -------- d-----w- c:\windows\system32\SoftwareDistribution
2012-06-17 08:48:23 97961 ----a-w- c:\windows\system32\drivers\klick.dat
2012-06-17 08:48:23 115369 ----a-w- c:\windows\system32\drivers\klin.dat
2012-06-17 08:46:34 -------- d-----w- c:\program files\Kaspersky Lab
2012-06-17 08:46:33 -------- d-----w- c:\documents and settings\all users\application data\Kaspersky Lab
2012-06-14 10:47:11 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-06-02 11:15:32 -------- d-----w- c:\documents and settings\allan\local settings\application data\Nero
.
==================== Find3M ====================
.
2012-06-02 05:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 05:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 05:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 05:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 05:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 05:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 05:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 05:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec
2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-04 05:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 22:40:25.65 ===============


Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/04/2011 12:32:07 PM
System Uptime: 22/06/2012 5:03:40 PM (5 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | 8IPE1000
Processor: Intel® Pentium® 4 CPU 2.80GHz | Socket 478 | 2813/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 128 GiB total, 35.069 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_04B8&PID_0803&MI_00\6&3234BB87&0&0000
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_04B8&PID_0803&MI_00\6&3234BB87&0&0000
Service: USBSTOR
.
==== System Restore Points ===================
.
RP350: 25/03/2012 8:04:41 PM - System Checkpoint
RP351: 28/03/2012 9:26:57 AM - System Checkpoint
RP352: 29/03/2012 9:12:15 PM - System Checkpoint
RP353: 2/04/2012 9:47:15 AM - System Checkpoint
RP354: 3/04/2012 7:32:24 PM - System Checkpoint
RP355: 4/04/2012 8:29:00 PM - System Checkpoint
RP356: 5/04/2012 8:41:29 PM - System Checkpoint
RP357: 7/04/2012 10:04:53 AM - System Checkpoint
RP358: 8/04/2012 11:29:01 AM - System Checkpoint
RP359: 9/04/2012 7:38:06 PM - System Checkpoint
RP360: 11/04/2012 6:53:26 PM - System Checkpoint
RP361: 12/04/2012 6:42:22 PM - Software Distribution Service 3.0
RP362: 12/04/2012 9:07:56 PM - Software Distribution Service 3.0
RP363: 14/04/2012 7:20:28 PM - System Checkpoint
RP364: 16/04/2012 10:21:55 AM - System Checkpoint
RP365: 17/04/2012 7:45:09 PM - System Checkpoint
RP366: 19/04/2012 11:19:02 AM - System Checkpoint
RP367: 21/04/2012 7:44:05 PM - System Checkpoint
RP368: 23/04/2012 8:00:29 AM - System Checkpoint
RP369: 24/04/2012 6:45:51 PM - System Checkpoint
RP370: 25/04/2012 7:23:49 PM - System Checkpoint
RP371: 27/04/2012 7:30:36 PM - System Checkpoint
RP372: 28/04/2012 7:45:01 PM - System Checkpoint
RP373: 29/04/2012 8:46:18 PM - System Checkpoint
RP374: 1/05/2012 2:21:22 PM - System Checkpoint
RP375: 2/05/2012 7:27:48 PM - System Checkpoint
RP376: 3/05/2012 7:53:15 PM - System Checkpoint
RP377: 4/05/2012 7:53:50 PM - System Checkpoint
RP378: 6/05/2012 7:42:28 PM - System Checkpoint
RP379: 7/05/2012 7:44:56 PM - System Checkpoint
RP380: 8/05/2012 7:56:29 PM - System Checkpoint
RP381: 9/05/2012 8:38:21 PM - System Checkpoint
RP382: 11/05/2012 4:00:45 PM - Software Distribution Service 3.0
RP383: 12/05/2012 7:17:44 PM - System Checkpoint
RP384: 14/05/2012 7:49:42 AM - System Checkpoint
RP385: 14/05/2012 9:56:26 AM - Software Distribution Service 3.0
RP386: 15/05/2012 7:37:51 PM - System Checkpoint
RP387: 16/05/2012 7:53:38 PM - System Checkpoint
RP388: 17/05/2012 10:03:35 PM - System Checkpoint
RP389: 19/05/2012 5:22:59 AM - System Checkpoint
RP390: 21/05/2012 6:30:49 PM - System Checkpoint
RP391: 22/05/2012 7:30:04 PM - System Checkpoint
RP392: 22/05/2012 9:14:43 PM - Software Distribution Service 3.0
RP393: 24/05/2012 10:59:00 PM - System Checkpoint
RP394: 26/05/2012 6:49:01 PM - System Checkpoint
RP395: 27/05/2012 7:16:15 PM - System Checkpoint
RP396: 29/05/2012 8:21:59 PM - System Checkpoint
RP397: 31/05/2012 7:09:12 PM - System Checkpoint
RP398: 2/06/2012 6:58:33 PM - System Checkpoint
RP399: 3/06/2012 7:31:15 PM - System Checkpoint
RP400: 4/06/2012 7:08:54 PM - Software Distribution Service 3.0
RP401: 5/06/2012 7:20:23 PM - System Checkpoint
RP402: 6/06/2012 9:42:46 PM - System Checkpoint
RP403: 8/06/2012 4:57:48 PM - System Checkpoint
RP404: 9/06/2012 6:38:56 PM - System Checkpoint
RP405: 10/06/2012 7:24:38 PM - System Checkpoint
RP406: 12/06/2012 5:28:31 PM - System Checkpoint
RP407: 13/06/2012 6:31:24 PM - System Checkpoint
RP408: 14/06/2012 8:58:29 PM - Software Distribution Service 3.0
RP409: 16/06/2012 7:20:31 PM - System Checkpoint
RP410: 17/06/2012 6:34:15 PM - Removed ESET NOD32 Antivirus
RP411: 17/06/2012 6:46:22 PM - Installed Kaspersky Internet Security 2012.
RP412: 18/06/2012 7:23:38 PM - System Checkpoint
RP413: 19/06/2012 7:35:29 PM - System Checkpoint
RP414: 20/06/2012 8:10:25 PM - System Checkpoint
RP415: 21/06/2012 9:09:12 PM - System Checkpoint
.
==== Installed Programs ======================
.
"Nero SoundTrax Help
Adobe Acrobat 5.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Advertising Center
ArcSoft PhotoStudio 2000
Auslogics BoostSpeed
Auslogics Disk Defrag ScreenSaver
Bing Bar
CCleaner
Combined Community Codec Pack 2010-10-10
Compatibility Pack for the 2007 Office system
DolbyFiles
DVDFab 6.0.2.0 (June 24, 2009)
DVDFab Platinum 2.9.8.0
Enable S3 for USB Device
EPSON CardMonitor
EPSON PhotoQuicker3.5
EPSON PhotoStarter3.1
EPSON Print CD
EPSON PRINT Image Framer Tool2.1
EPSON Printer Software
ESPR310 Reference Guide
ESPR310 Software Guide
FileASSASSIN
Google Chrome
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB954550-v5)
HP USB Disk Storage Format Tool
Image Transfer
ImageMixer for Sony
ImagXpress
Junk Mail filter update
Kaspersky Internet Security 2012
Malwarebytes Anti-Malware version 1.61.0.1400
Menu Templates - Starter Kit
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
MicroStaff WINASPI
Movie Templates - Starter Kit
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 9
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero Installer
Nero Live
Nero Live Help
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero RescueAgent Help
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
neroxml
NVIDIA Display Driver
OmniPage Pro 9.0
PCI SoftV92 Modem
PIF DESIGNER2.1
PMB
Realtek AC'97 Audio
RTLSetup
Scan Manager 5.2
ScanToWeb
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB923789)
Segoe UI
Sony USB Driver
SoundTrax
SUPERAntiSpyware
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR 4.00 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
17/06/2012 9:57:42 PM, error: Dhcp [1002] - The IP address lease 192.168.0.2 for the Network Card with network address 0050FCCF0CEF has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
16/06/2012 5:02:28 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
16/06/2012 5:02:28 PM, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

[Maurice Naggar]

Hello Quoli,

The DDS log does not show signs of infection.

Start your Kaspersky a-v. Do an update run. Do a full system scan. Anything tagged as "virus" or "malware"?

Start your MBAM. Do an Update / Check for Updates. Do a quick scan. Anything tagged?

Do an online scan at 1 of these websites:
Turn off 'your' antivirus before the Online scan. Re-Enable after all done.

ESET Online Scanner

http://quickscan.bitdefender.com]BitDefender Quickscan

Trend Micro Housecall

F-Secure Online Scanner

Panda ActiveScan

Anything tagged as "virus" or "malware"?

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!