Jump to content

fleet

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Ran it again. Thanks ------------------- RogueKiller V7.5.0 [05/24/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User: Administrator [Admin rights] Mode: Scan -- Date: 05/28/2012 15:56:22 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ::1 localhost 66.197.194.231 www.google-analytics.com. 66.197.194.231 ad-emea.doubleclick.net. 66.197.194.231 www.statcounter.com. 69.72.252.254 www.google-analytics.com. 69.72.252.254 ad-emea.doubleclick.net. 69.72.252.254 www.statcounter.com. ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200AAKS-75L9A0 +++++ --- User --- [MBR] c089aeafd9b98d1c636237d0d7f68bca [bSP] 57ebeff2313f991a6fe753b171cc7198 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 305204 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: Patriot Memory USB Device +++++ --- User --- [MBR] d021bc95c78d364abc454d90e6402f33 [bSP] 3cbab33dec6586a0c708d883b95bdef6 : Standard MBR Code Partition table: 0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 2015 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1].txt >> RKreport[1].txt
  2. RK Log- Thanks. ----------------------- Time : 25/05/2012 12:20:00 -------------------------- Time : 25/05/2012 12:20:29 -------------------------- Time : 25/05/2012 12:21:20 -------------------------- Time : 25/05/2012 12:21:44 -------------------------- Time : 25/05/2012 12:22:05 -------------------------- Time : 25/05/2012 15:54:09 -------------------------- Time : 25/05/2012 15:55:08 -------------------------- Time : 28/05/2012 14:12:31 -------------------------- Time : 28/05/2012 14:13:10 -------------------------- Time : 28/05/2012 14:13:34 -------------------------- Time : 28/05/2012 14:14:30 -------------------------- Time : 28/05/2012 14:14:51 --------------------------
  3. Attach.txt. ------------------- . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 22/05/2009 11:16:13 AM System Uptime: 28/05/2012 2:00:51 PM (0 hours ago) . Motherboard: Dell Inc. | | 0M858N Processor: Intel® Core2 Duo CPU E8600 @ 3.33GHz | CPU | 3324/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 298 GiB total, 263.376 GiB free. D: is CDROM () E: is CDROM (CDFS) F: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP778: 28/02/2012 9:32:26 PM - System Checkpoint RP779: 29/02/2012 11:31:16 PM - System Checkpoint RP780: 02/03/2012 1:31:07 AM - System Checkpoint RP781: 03/03/2012 1:52:19 AM - System Checkpoint RP782: 04/03/2012 3:52:20 AM - System Checkpoint RP783: 05/03/2012 5:52:20 AM - System Checkpoint RP784: 06/03/2012 7:52:11 AM - System Checkpoint RP785: 07/03/2012 8:46:06 AM - Software Distribution Service 3.0 RP786: 08/03/2012 6:22:26 PM - System Checkpoint RP787: 09/03/2012 7:04:28 PM - System Checkpoint RP788: 14/03/2012 12:51:39 PM - System Checkpoint RP789: 15/03/2012 3:00:30 AM - Software Distribution Service 3.0 RP790: 16/03/2012 12:53:43 PM - System Checkpoint RP791: 19/03/2012 5:31:37 PM - System Checkpoint RP792: 20/03/2012 5:32:51 PM - System Checkpoint RP793: 21/03/2012 6:59:10 PM - System Checkpoint RP794: 22/03/2012 12:06:25 PM - Installed TurboTax 2011. RP795: 23/03/2012 5:27:10 PM - System Checkpoint RP796: 26/03/2012 5:21:26 PM - System Checkpoint RP797: 27/03/2012 5:45:38 PM - System Checkpoint RP798: 28/03/2012 5:47:30 PM - System Checkpoint RP799: 29/03/2012 5:51:58 PM - System Checkpoint RP800: 30/03/2012 6:04:34 PM - System Checkpoint RP801: 02/04/2012 12:54:38 PM - System Checkpoint RP802: 03/04/2012 5:06:57 PM - System Checkpoint RP803: 04/04/2012 5:29:34 PM - System Checkpoint RP804: 05/04/2012 5:32:33 PM - System Checkpoint RP805: 09/04/2012 5:29:03 PM - System Checkpoint RP806: 10/04/2012 6:57:25 PM - System Checkpoint RP807: 11/04/2012 3:00:18 AM - Software Distribution Service 3.0 RP808: 16/04/2012 5:38:49 PM - System Checkpoint RP809: 17/04/2012 7:25:02 PM - System Checkpoint RP810: 19/04/2012 6:08:29 PM - System Checkpoint RP811: 20/04/2012 7:12:55 PM - System Checkpoint RP812: 21/04/2012 9:12:54 PM - System Checkpoint RP813: 22/04/2012 9:12:58 PM - System Checkpoint RP814: 23/04/2012 11:12:56 PM - System Checkpoint RP815: 25/04/2012 1:12:51 AM - System Checkpoint RP816: 26/04/2012 1:14:23 AM - System Checkpoint RP817: 27/04/2012 3:12:44 AM - System Checkpoint RP818: 28/04/2012 5:12:45 AM - System Checkpoint RP819: 29/04/2012 7:12:46 AM - System Checkpoint RP820: 30/04/2012 12:57:39 PM - System Checkpoint RP821: 01/05/2012 3:35:51 PM - System Checkpoint RP822: 02/05/2012 12:58:16 PM - Removed Skype™ 4.2 RP823: 02/05/2012 12:58:20 PM - Installed Skype™ 5.9 RP824: 03/05/2012 1:32:25 PM - System Checkpoint RP825: 04/05/2012 4:05:10 PM - System Checkpoint RP826: 07/05/2012 6:09:46 PM - System Checkpoint RP827: 08/05/2012 6:17:50 PM - System Checkpoint RP828: 09/05/2012 7:10:41 PM - System Checkpoint RP829: 10/05/2012 11:14:54 AM - Software Distribution Service 3.0 RP830: 11/05/2012 6:03:42 PM - System Checkpoint RP831: 12/05/2012 7:32:09 PM - System Checkpoint RP832: 13/05/2012 9:32:11 PM - System Checkpoint RP833: 15/05/2012 12:53:01 PM - System Checkpoint RP834: 16/05/2012 5:39:29 PM - System Checkpoint RP835: 17/05/2012 7:29:07 PM - System Checkpoint RP836: 18/05/2012 7:32:03 PM - System Checkpoint RP837: 19/05/2012 9:32:05 PM - System Checkpoint RP838: 20/05/2012 9:32:09 PM - System Checkpoint RP839: 21/05/2012 11:32:10 PM - System Checkpoint RP840: 22/05/2012 3:00:13 AM - Software Distribution Service 3.0 RP841: 22/05/2012 11:30:37 AM - Software Distribution Service 3.0 RP842: 23/05/2012 6:08:01 PM - System Checkpoint RP843: 24/05/2012 7:14:13 PM - System Checkpoint RP844: 25/05/2012 9:40:39 AM - Restore Operation RP845: 25/05/2012 11:38:16 AM - Restore Operation RP846: 25/05/2012 11:42:00 AM - Restore Operation RP847: 25/05/2012 3:00:56 PM - Installed AVG 2012 RP848: 25/05/2012 3:01:18 PM - Installed AVG 2012 RP849: 26/05/2012 3:00:15 AM - Software Distribution Service 3.0 RP850: 27/05/2012 3:49:15 AM - System Checkpoint RP851: 28/05/2012 12:07:16 PM - System Checkpoint . ==== Hosts File Hijack ====================== . Hosts: 66.197.194.231 www.google-analytics.com. Hosts: 66.197.194.231 ad-emea.doubleclick.net. Hosts: 66.197.194.231 www.statcounter.com. Hosts: 69.72.252.254 www.google-analytics.com. Hosts: 69.72.252.254 ad-emea.doubleclick.net. Hosts: 69.72.252.254 www.statcounter.com. . ==== Installed Programs ====================== . ABBYY FineReader 6.0 Sprint Adobe Acrobat 9 Pro Adobe Acrobat 9.5.1 - CPSID_83708 Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX ATI Catalyst Control Center ATI Display Driver AVG 2012 Bing Bar Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization French Catalyst Control Center Localization German Catalyst Control Center Localization Italian Catalyst Control Center Localization Japanese Catalyst Control Center Localization Korean Catalyst Control Center Localization Polish Catalyst Control Center Localization Portuguese Catalyst Control Center Localization Spanish Catalyst Control Center Localization Thai ccc-core-preinstall ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help English CCC Help French CCC Help German CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Polish CCC Help Portuguese CCC Help Spanish CCC Help Thai Choice Guard Cobian Backup 10 Critical Update for Windows Media Player 11 (KB959772) EPSON Perfection V500 Photo Scanner Driver Update EPSON Perfection V500P User's Guide EPSON Scan FileOpen Client Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB953955) Hotfix for Windows XP (KB954434) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB958347) Hotfix for Windows XP (KB959252) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) Intel® Network Connections 13.1.34.2 Intel® PRO Alerting Agent Java 6 Update 13 Junk Mail filter update Kaspersky Anti-Virus 6.0 for Windows Workstations Kaspersky Lab Network Agent Malwarebytes Anti-Malware version 1.61.0.1400 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Small Business 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 12.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6.0 Parser NICI (Shared) U.S./Worldwide (128 bit) (2.7.0-2) QuickTax 2009 Roxio Activation Module Roxio Creator Audio Roxio Creator Copy Roxio Creator Data Roxio Creator DE Roxio Creator Tools Roxio Drag-to-Disc Roxio Update Manager Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB2183461) Security Update for Windows Internet Explorer 7 (KB2360131) Security Update for Windows Internet Explorer 7 (KB2416400) Security Update for Windows Internet Explorer 7 (KB2482017) Security Update for Windows Internet Explorer 7 (KB2497640) Security Update for Windows Internet Explorer 7 (KB2530548) Security Update for Windows Internet Explorer 7 (KB2544521) Security Update for Windows Internet Explorer 7 (KB2559049) Security Update for Windows Internet Explorer 7 (KB2586448) Security Update for Windows Internet Explorer 7 (KB2618444) Security Update for Windows Internet Explorer 7 (KB2647516) Security Update for Windows Internet Explorer 7 (KB2675157) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB976325) Security Update for Windows Internet Explorer 7 (KB978207) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2491683) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960714) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Segoe UI Skype™ 5.9 Sonic CinePlayer Decoder Pack TurboTax 2010 TurboTax 2011 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition Update for Windows Internet Explorer 7 (KB976749) Update for Windows Internet Explorer 7 (KB980182) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB898461) Update for Windows XP (KB951618-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VNC 4.0 WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Media Format 11 runtime Windows Media Player 11 Windows NT Messaging Windows Presentation Foundation Windows Search 4.0 XML Paper Specification Shared Components Pack 1.0 . ==== Event Viewer Messages From Past Week ======== . 27/05/2012 10:36:10 PM, error: NETLOGON [5719] - No Domain Controller is available for domain BMTFTL due to the following: The RPC server is unavailable. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator. 25/05/2012 9:21:09 AM, error: NETLOGON [5719] - No Domain Controller is available for domain BMTFTL due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator. 25/05/2012 5:15:32 PM, error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period. 25/05/2012 2:28:42 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect. 25/05/2012 2:28:42 PM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 25/05/2012 2:28:42 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 25/05/2012 11:46:32 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume. 25/05/2012 11:42:28 AM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23). . ==== End Of File =========================== ---------------- DDS.txt ----------------- . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.5730.13 Run by Administrator at 14:06:01 on 2012-05-28 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2322 [GMT -4:00] . AV: Kaspersky Anti-Virus *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Anti-Virus *Enabled* . ============== Running Processes =============== . C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\Ati2evxx.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Intel\ASF Agent\ASFAgent.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe C:\Program Files\Microsoft\BingBar\BBSvc.EXE C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\AVG\AVG2012\avgnsx.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Cobian Backup 10\Cobian.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe C:\Program Files\FileOpen\Services\FileOpenBroker32.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Cobian Backup 10\cbInterface.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.live.com BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [second Copy 2000] "c:\program files\seccopy\SecCopy.exe" uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe" mRun: [<NO NAME>] mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Cobian Backup 10] "c:\program files\cobian backup 10\Cobian.exe" mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 6.0 for windows workstations mp4\avp.exe" mRun: [FileOpenBroker] c:\program files\fileopen\services\FileOpenBroker32.exe mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky anti-virus 6.0 for windows workstations mp4\ie_banner_deny.htm IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky anti-virus 6.0 for windows workstations mp4\scieplgn.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL Trusted Zone: //about.htm/ Trusted Zone: //Exclude.htm/ Trusted Zone: //LanguageSelection.htm/ Trusted Zone: //Message.htm/ Trusted Zone: //MyAgttryCmd.htm/ Trusted Zone: //MyAgttryNag.htm/ Trusted Zone: //MyNotification.htm/ Trusted Zone: //NOCLessUpdate.htm/ Trusted Zone: //quarantine.htm/ Trusted Zone: //ScanNow.htm/ Trusted Zone: //strings.vbs/ Trusted Zone: //Template.htm/ Trusted Zone: //Update.htm/ Trusted Zone: //VirFound.htm/ Trusted Zone: mcafee.com\* Trusted Zone: mcafeeasap.com\betavscan Trusted Zone: mcafeeasap.com\vs Trusted Zone: mcafeeasap.com\www DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1243020010406 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243021753484 DPF: {88D969C0-F192-11D4-A65F-0040963251E5} - file://c:\windows\msxml4.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab Handler: intu-qt2009 - {03947252-2355-4e9b-B446-8CCC75C43370} - c:\program files\quicktax 2009\ic2009pp.dll Handler: intu-tt2010 - {97A0575E-2309-4e75-8509-B1F9390C4DE7} - c:\program files\turbotax 2010\ic2010pp.dll Handler: intu-tt2011 - {B3B5DAD9-E96D-45b4-B636-B6CF2F773DE1} - c:\program files\turbotax 2011\ic2011pp.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll Notify: klogon - c:\windows\system32\klogon.dll AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0fo\adialhk.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll Hosts: 66.197.194.231 www.google-analytics.com. Hosts: 66.197.194.231 ad-emea.doubleclick.net. Hosts: 66.197.194.231 www.statcounter.com. Hosts: 69.72.252.254 www.google-analytics.com. Hosts: 69.72.252.254 ad-emea.doubleclick.net. . Note: multiple HOSTS entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\a4s9hyzi.default\ FF - component: c:\program files\mcafee\siteadvisor enterprise\components\McFFPlg.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592] R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2009-5-13 24064] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248] R1 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2009-11-12 126480] R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-10-1 231512] R2 ASFAgent;ASF Agent;c:\program files\intel\asf agent\ASFAgent.exe [2007-4-19 133968] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776] R2 AVP;Kaspersky Anti-Virus 6.0;c:\program files\kaspersky lab\kaspersky anti-virus 6.0 for windows workstations mp4\avp.exe [2010-3-12 311680] R2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176] R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648] R2 FileOpenManagerSvc;FileOpen Manager Service;c:\program files\fileopen\services\FileOpenManagerSvc32.exe [2011-12-9 213888] R2 klnagent;Kaspersky Lab Network Agent;c:\program files\kaspersky lab\networkagent 8\klnagent.exe [2010-10-20 141688] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-5-10 654408] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2009-5-13 144480] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2009-9-3 24848] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2009-9-14 32272] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-5-10 22344] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-10 257696] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-9 129976] S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [2004-2-13 12928] . =============== Created Last 30 ================ . 2012-05-28 14:33:47 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2012-05-25 20:36:14 -------- d-----w- C:\Stuff to Keep 2012-05-25 19:47:04 -------- d-----w- c:\documents and settings\administrator\application data\AVG2012 2012-05-25 19:12:15 -------- d--h--w- C:\$AVG 2012-05-25 19:01:35 -------- d-----w- c:\windows\system32\drivers\AVG 2012-05-25 19:01:35 -------- d-----w- c:\documents and settings\all users\application data\AVG2012 2012-05-25 19:00:57 -------- d-----w- c:\program files\AVG 2012-05-25 18:58:50 -------- d--h--w- c:\documents and settings\all users\application data\Common Files 2012-05-25 18:58:37 -------- d-----w- c:\documents and settings\all users\application data\MFAData 2012-05-25 15:53:35 -------- d-----w- C:\TDSSKiller_Quarantine 2012-05-25 13:44:45 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes 2012-05-25 13:38:06 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-05-10 15:25:47 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-10 14:13:43 22344 ----a-w- c:\windows\system32\drivers\mbam.sys . ==================== Find3M ==================== . 2012-05-25 15:45:32 187776 ----a-w- c:\windows\system32\drivers\acpi.sys 2012-05-10 15:25:47 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-11 13:26:09 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-11 13:23:21 1871360 ----a-w- c:\windows\system32\win32k.sys 2012-04-11 12:42:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-01 01:25:04 832512 ----a-w- c:\windows\system32\wininet.dll 2012-03-01 01:25:03 78336 ----a-w- c:\windows\system32\ieencode.dll 2012-03-01 01:25:03 1830912 ----a-w- c:\windows\system32\inetcpl.cpl 2012-03-01 01:25:03 17408 ----a-w- c:\windows\system32\corpol.dll 2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll . ============= FINISH: 14:06:48.50 ===============
  4. Getting the logs today. was away on the weekend. Thank you for the help will update it today.
  5. Hi I found a Malware on a PC. when I run TSD killer found- Virus.Win32.Rloader.a. after cleaning the malware I rebooted the PC and found the virus again. any solution much appritiated. Thank you
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.