stonedlabradour

I think i'm infected

27 posts in this topic

dds:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Conefry at 20:00:24 on 2012-07-10

Microsoft Windows XP Professional 5.1.2600.3.1252.353.1033.18.1790.1211 [GMT 1:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe

C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\S3LoadSv.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\S3Trayp.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

D:\My Documents\Downloads\Volume2_1_1_2_159_Portable\Volume2\Volume2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.ie/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [Volume2] d:\my documents\downloads\volume2_1_1_2_159_portable\volume2\Volume2.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

mRun: [VTTimer] ;;; VTTimer.exe

mRun: [Apoint] c:\program files\apoint2k\Apoint.exe

mRun: [s3Trayp] S3Trayp.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1341942296000

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

TCP: Interfaces\{44E2C206-B6F5-407C-A352-8071FB753924} : NameServer = 89.101.160.4,89.101.160.5

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2012-4-13 22168]

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2012-6-6 11264]

R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2009-4-3 1680704]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-9-18 654408]

R2 S3LoadSv;S3LoadSv;c:\windows\system32\s3loadsv.exe [2009-1-20 69632]

R3 fspad;AVC Finger-sensing Pad Driver for Windows 2000/XP;c:\windows\system32\drivers\fspad.sys [2006-7-1 19584]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-9-18 22344]

R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2009-9-17 561152]

S1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004;c:\windows\system32\drivers\tdx.sys --> c:\windows\system32\drivers\tdx.sys [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176]

S2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-200;c:\windows\system32\svchost.exe -k NetSvcs [2004-8-3 14336]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-8-14 13224]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys --> c:\windows\system32\drivers\ewusbdev.sys [?]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-7-10 40776]

S3 WinDefend;Windows Defender;c:\windows\system32\svchost.exe -k secsvcs [2004-8-3 14336]

S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\wpro_40_1340.sys --> c:\windows\system32\drivers\WPRO_40_1340.sys [?]

.

=============== Created Last 30 ================

.

2012-07-10 18:03:00 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-07-09 08:13:25 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3d718fdf-0a1a-4285-9f9d-a918ea64b43a}\mpengine.dll

2012-07-02 08:12:15 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2012-06-29 11:22:15 -------- d-----w- c:\documents and settings\conefry\DoctorWeb

2012-06-27 09:23:51 -------- d-----w- c:\program files\Microsoft Calculator Plus

2012-06-21 12:15:03 -------- d-----w- c:\program files\CCleaner

2012-06-15 00:40:03 -------- d-----w- c:\windows\A3W_DATA

2012-06-15 00:40:03 -------- d-----w- c:\documents and settings\conefry\WINDOWS

2012-06-15 00:36:31 -------- d-----w- C:\MPS

2012-06-13 23:43:34 -------- d-----w- c:\documents and settings\conefry\application data\f-secure

2012-06-13 23:43:19 -------- d-----w- c:\documents and settings\all users\application data\F-Secure

2012-06-13 14:33:10 -------- d-----w- c:\documents and settings\conefry\local settings\application data\Sony

2012-06-12 12:23:48 1594543 ----a-w- c:\windows\WANEUninstaller.exe

2012-06-12 12:20:59 -------- d-----w- C:\Games

2012-06-12 11:54:03 -------- d-----w- c:\documents and settings\conefry\application data\DAEMON Tools Lite

2012-06-12 11:53:19 -------- d-----w- c:\documents and settings\all users\application data\DAEMON Tools Lite

2012-06-12 01:38:23 -------- d-sha-r- C:\cmdcons

2012-06-12 01:30:41 98816 ----a-w- c:\windows\sed.exe

2012-06-12 01:30:41 518144 ----a-w- c:\windows\SWREG.exe

2012-06-12 01:30:41 256000 ----a-w- c:\windows\PEV.exe

2012-06-12 01:30:41 208896 ----a-w- c:\windows\MBR.exe

.

==================== Find3M ====================

.

2012-06-12 11:54:23 477240 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-06-07 10:28:16 14392 ----a-w- c:\windows\system32\drivers\AtiPcie.sys

2012-06-02 14:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 14:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 14:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 14:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-09 11:21:41 476936 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-05-09 11:21:36 472840 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-09 09:47:37 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-04-13 23:25:55 1938272 ----a-w- c:\windows\system32\drivers\athw.sys

2012-04-13 23:25:19 69632 ----a-w- c:\windows\system32\vuins32.dll

2012-04-13 23:25:19 46592 ----a-w- c:\windows\system32\drivers\fetnd5bv.sys

2012-04-13 23:25:19 319456 ----a-w- c:\windows\system32\difxapi.dll

2012-04-13 23:25:02 40848 ----a-w- c:\windows\system32\drivers\point32.sys

2012-04-13 23:25:02 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll

2012-04-13 13:11:41 13440 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys

2012-04-13 13:04:02 10264 ----a-w- c:\windows\system32\Viagart.sys

2012-04-13 13:03:55 22168 ----a-w- c:\windows\system32\drivers\xfilt.sys

2012-04-13 13:03:54 13976 ----a-w- c:\windows\system32\drivers\videX32.sys

.

============= FINISH: 20:01:08.48 ===============

Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 17/09/2009 19:51:54

System Uptime: 10/07/2012 19:51:31 (1 hours ago)

.

Motherboard: FUJITSU SIEMENS | | AMILO PRO V3515

Processor: Intel® Core Duo CPU T2450 @ 2.00GHz | mPGA 479M | 1995/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 50 GiB total, 9.828 GiB free.

D: is FIXED (NTFS) - 62 GiB total, 15.14 GiB free.

E: is CDROM (CDFS)

F: is CDROM (CDFS)

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: MAC Bridge Miniport

Device ID: ROOT\MS_BRIDGEMP\0000

Manufacturer: Microsoft

Name: MAC Bridge Miniport

PNP Device ID: ROOT\MS_BRIDGEMP\0000

Service: BridgeMP

.

==== System Restore Points ===================

.

RP421: 06/06/2012 16:14:58 - System Checkpoint

RP422: 07/06/2012 10:08:31 - Software Distribution Service 3.0

RP423: 07/06/2012 11:28:14 - DriverScanner - 6/7/2012 11:28:03 AM

RP424: 07/06/2012 11:29:32 - Software Distribution Service 3.0

RP425: 07/06/2012 11:31:37 - Installed %1 %2.

RP426: 07/06/2012 11:34:58 - Software Distribution Service 3.0

RP427: 07/06/2012 11:46:50 - Software Distribution Service 3.0

RP428: 07/06/2012 11:59:51 - Software Distribution Service 3.0

RP429: 08/06/2012 12:58:44 - System Checkpoint

RP430: 09/06/2012 01:51:57 - Software Distribution Service 3.0

RP431: 09/06/2012 02:04:30 - Software Distribution Service 3.0

RP432: 09/06/2012 11:09:24 - Software Distribution Service 3.0

RP433: 10/06/2012 01:55:25 - Software Distribution Service 3.0

RP434: 11/06/2012 17:29:36 - Software Distribution Service 3.0

RP435: 12/06/2012 02:46:28 - Software Distribution Service 3.0

RP436: 12/06/2012 12:54:22 - SPTD setup V1.81

RP437: 13/06/2012 14:03:14 - System Checkpoint

RP438: 13/06/2012 15:29:38 - Installed Microsoft Visual C++ 2005 Redistributable

RP439: 13/06/2012 15:30:14 - Installed Sony Sound Forge Audio Studio 9.0

RP440: 13/06/2012 15:38:50 - Removed Sony Sound Forge Audio Studio 9.0d

RP441: 14/06/2012 16:20:42 - System Checkpoint

RP442: 19/06/2012 19:30:56 - System Checkpoint

RP443: 20/06/2012 10:30:44 - Installed Microsoft Fix it 50687

RP444: 21/06/2012 16:06:22 - System Checkpoint

RP445: 22/06/2012 16:47:31 - System Checkpoint

RP446: 23/06/2012 17:47:24 - System Checkpoint

RP447: 24/06/2012 18:06:46 - System Checkpoint

RP448: 25/06/2012 18:41:28 - System Checkpoint

RP449: 26/06/2012 19:16:15 - System Checkpoint

RP450: 27/06/2012 10:23:50 - Installed Microsoft Calculator Plus

RP451: 28/06/2012 14:37:31 - System Checkpoint

RP452: 29/06/2012 15:29:08 - System Checkpoint

RP453: 01/07/2012 17:29:16 - System Checkpoint

RP454: 02/07/2012 08:59:55 - Installed Java 6 Update 33

RP455: 03/07/2012 17:15:23 - System Checkpoint

RP456: 05/07/2012 00:49:38 - System Checkpoint

RP457: 06/07/2012 00:55:18 - System Checkpoint

RP458: 09/07/2012 09:21:27 - System Checkpoint

RP459: 10/07/2012 12:16:52 - System Checkpoint

.

==== Installed Programs ======================

.

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.3

Adobe Shockwave Player 11.5

ASAPI Update

Audacity 1.2.6

AVC Finger-sensing PAD Driver

CCleaner

CodeMeter Runtime Kit v4.01

Conexant HD Audio

DAEMON Tools Lite

DC-Bass Source 1.1.1

ERUNT 1.1j

ESET Online Scanner v3

Google Chrome

Google Earth Plug-in

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Java Auto Updater

Java 6 Update 33

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft .NET Framework 2.0 Language Pack - DEU

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Calculator Plus

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft DirectX Transform optional components

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

OGA Notifier 2.0.0048.0

Picasa 3

Reason 4.0

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Soft Data Fax Modem with SmartCP

Steinberg WaveLab 5.01b

TempoPerfect Metronome Software

Uniblue DriverScanner

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB978207)

VC80CRTRedist - 8.0.50727.6195

Veoh Web Player

VIA Chrome9 HC IGP Family Display 6.14.10.0193

VIA Rhine-Family Fast-Ethernet Adapter

VLC media player 1.1.7

Volume Control 1.2

Vuze

WebFldrs XP

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows XP Service Pack 3

WinRAR archiver

Worms Armageddon - New Edition

.

==== Event Viewer Messages From Past Week ========

.

10/07/2012 17:54:30, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1269.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

09/07/2012 09:13:16, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

06/07/2012 12:04:59, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

05/07/2012 15:49:28, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

05/07/2012 00:34:52, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

04/07/2012 08:40:33, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

04/07/2012 08:30:31, error: Service Control Manager [7003] - The @%SystemRoot%\system32\iphlpsvc.dll,-200 service depends on the following nonexistent service: nsi

04/07/2012 08:30:31, error: Service Control Manager [7000] - The Automatic Updates service failed to start due to the following error: %%1290

04/07/2012 08:30:31, error: Service Control Manager [7000] - The @%SystemRoot%\system32\tcpipcfg.dll,-50004 service failed to start due to the following error: The system cannot find the file specified.

03/07/2012 17:55:11, error: DCOM [10005] - DCOM got error "%1290" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

03/07/2012 16:01:22, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

03/07/2012 15:51:42, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume D:.

03/07/2012 15:51:42, error: NetBT [4307] - Initialization failed because the transport refused to open initial Addresses.

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Share this post


Link to post
Share on other sites

Hi! Thank you for the speedy response!

Malwarebytes log:

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.07.10.10

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Conefry :: CONEFRY-LAPTOP [administrator]

10/07/2012 20:37:58

mbam-log-2012-07-10 (20-37-58).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 188337

Time elapsed: 1 minute(s), 40 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Combo fix log:

ComboFix 12-07-10.01 - Conefry 10/07/2012 20:45:14.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.353.1033.18.1790.1333 [GMT 1:00]

Running from: d:\my documents\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Conefry\WINDOWS

c:\windows\system32\drivers\etc\hosts.ics

.

.

((((((((((((((((((((((((( Files Created from 2012-06-10 to 2012-07-10 )))))))))))))))))))))))))))))))

.

.

2012-07-09 08:13 . 2012-06-18 02:14 6762896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3D718FDF-0A1A-4285-9F9D-A918EA64B43A}\mpengine.dll

2012-07-02 08:12 . 2012-06-18 02:14 6762896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-07-02 07:59 . 2012-07-02 07:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

2012-06-29 11:22 . 2012-06-29 11:22 -------- d-----w- c:\documents and settings\Conefry\DoctorWeb

2012-06-27 09:23 . 2012-06-27 09:23 -------- d-----w- c:\program files\Microsoft Calculator Plus

2012-06-21 12:15 . 2012-06-21 12:15 -------- d-----w- c:\program files\CCleaner

2012-06-15 00:40 . 2012-06-22 10:27 -------- d-----w- c:\windows\A3W_DATA

2012-06-15 00:36 . 2012-06-15 00:36 -------- d-----w- C:\MPS

2012-06-13 23:43 . 2012-06-13 23:43 -------- d-----w- c:\documents and settings\Conefry\Application Data\f-secure

2012-06-13 23:43 . 2012-06-13 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure

2012-06-13 14:35 . 2012-06-13 14:35 -------- d-----w- c:\documents and settings\Conefry\Application Data\Publish Providers

2012-06-13 14:33 . 2012-06-13 14:33 -------- d-----w- c:\documents and settings\Conefry\Local Settings\Application Data\Sony

2012-06-13 14:33 . 2012-06-13 14:33 -------- d-----w- c:\documents and settings\Conefry\Application Data\Sony

2012-06-12 12:23 . 2012-06-12 12:23 1594543 ----a-w- c:\windows\WANEUninstaller.exe

2012-06-12 12:20 . 2012-06-12 12:20 -------- d-----w- C:\Games

2012-06-12 11:54 . 2012-06-21 12:28 -------- d-----w- c:\documents and settings\Conefry\Application Data\DAEMON Tools Lite

2012-06-12 11:53 . 2012-06-12 12:07 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-12 11:54 . 2009-09-26 00:16 477240 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-06-07 10:28 . 2012-06-07 10:28 14392 ----a-w- c:\windows\system32\drivers\AtiPcie.sys

2012-06-04 16:35 . 2009-09-17 18:46 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-02 14:19 . 2009-09-17 22:49 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 14:19 . 2009-09-17 22:49 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 14:19 . 2009-09-17 18:46 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 14:19 . 2009-09-17 18:46 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 14:19 . 2009-09-17 18:46 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 14:19 . 2004-08-03 13:56 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 14:19 . 2009-09-17 22:49 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 14:19 . 2009-09-17 18:46 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 14:18 . 2010-06-16 11:11 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 14:18 . 2010-06-16 11:11 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-06-02 14:18 . 2010-06-16 11:11 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-05-31 13:22 . 2004-08-03 13:56 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-09 11:21 . 2012-06-06 11:05 476936 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-05-09 11:21 . 2010-09-08 13:42 472840 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-09 09:47 . 2012-06-06 11:05 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-04-13 23:25 . 2012-04-13 23:25 1938272 ----a-w- c:\windows\system32\drivers\athw.sys

2012-04-13 23:25 . 2012-04-13 23:25 319456 ----a-w- c:\windows\system32\difxapi.dll

2012-04-13 23:25 . 2009-09-17 21:23 69632 ----a-w- c:\windows\system32\vuins32.dll

2012-04-13 23:25 . 2009-09-17 21:23 46592 ----a-w- c:\windows\system32\drivers\fetnd5bv.sys

2012-04-13 23:25 . 2012-04-13 23:25 40848 ----a-w- c:\windows\system32\drivers\point32.sys

2012-04-13 23:25 . 2012-04-13 23:25 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll

2012-04-13 13:11 . 2012-04-13 13:11 13440 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys

2012-04-13 13:04 . 2012-04-13 13:04 10264 ----a-w- c:\windows\system32\Viagart.sys

2012-04-13 13:03 . 2012-04-13 13:03 22168 ----a-w- c:\windows\system32\drivers\xfilt.sys

2012-04-13 13:03 . 2012-04-13 13:03 13976 ----a-w- c:\windows\system32\drivers\videX32.sys

.

.

((((((((((((((((((((((((((((( SnapShot@2012-06-12_01.42.56 )))))))))))))))))))))))))))))))))))))))))

.

+ 2006-12-01 23:46 . 2006-12-01 23:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll

+ 2012-07-10 19:50 . 2012-07-10 19:50 16384 c:\windows\Temp\Perflib_Perfdata_76c.dat

+ 2012-06-15 00:37 . 1994-09-20 23:00 12800 c:\windows\system32\WING32.DLL

+ 2009-09-17 21:14 . 2008-04-14 04:42 39936 c:\windows\system32\wbem\snmpthrd.dll

+ 2012-07-10 17:45 . 2012-06-02 14:19 45080 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll

+ 2012-07-10 17:45 . 2012-06-02 14:19 35864 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll

+ 2009-09-17 21:15 . 2008-04-14 04:42 33280 c:\windows\system32\snmp.exe

+ 2009-09-17 21:14 . 2008-04-14 04:41 33792 c:\windows\system32\lmmib2.dll

+ 2009-09-17 21:15 . 2008-04-14 04:41 39936 c:\windows\system32\hostmib.dll

+ 2009-09-17 21:15 . 2008-04-14 04:42 92160 c:\windows\system32\evntwin.exe

+ 2009-09-17 21:15 . 2008-04-14 04:42 24064 c:\windows\system32\evntcmd.exe

+ 2009-09-17 18:46 . 2012-06-02 14:19 53784 c:\windows\system32\dllcache\wuauclt.exe

+ 2009-09-17 21:14 . 2008-04-14 04:42 39936 c:\windows\system32\dllcache\snmpthrd.dll

+ 2009-09-17 21:15 . 2008-04-14 04:42 33280 c:\windows\system32\dllcache\snmp.exe

+ 2009-09-17 21:14 . 2008-04-14 04:41 33792 c:\windows\system32\dllcache\lmmib2.dll

+ 2009-09-17 21:15 . 2008-04-14 04:41 39936 c:\windows\system32\dllcache\hostmib.dll

+ 2009-09-17 21:15 . 2008-04-14 04:42 92160 c:\windows\system32\dllcache\evntwin.exe

+ 2009-09-17 21:15 . 2008-04-14 04:42 24064 c:\windows\system32\dllcache\evntcmd.exe

+ 2004-08-03 13:56 . 2012-06-02 14:19 97304 c:\windows\system32\dllcache\cdm.dll

+ 2006-11-17 09:46 . 2006-11-17 09:46 98304 c:\windows\system32\CddbLangNL.dll

+ 2006-11-17 09:46 . 2006-11-17 09:46 77824 c:\windows\system32\CddbLangJA.dll

+ 2006-11-17 09:46 . 2006-11-17 09:46 98304 c:\windows\system32\CddbLangFR.dll

+ 2006-11-17 09:46 . 2006-11-17 09:46 98304 c:\windows\system32\CddbLangES.dll

+ 2006-11-17 09:46 . 2006-11-17 09:46 98304 c:\windows\system32\CddbLangDE.dll

+ 2012-06-15 00:37 . 1994-09-20 23:00 92208 c:\windows\system\WING.DLL

+ 2012-06-15 00:37 . 1993-11-18 23:00 43520 c:\windows\system\MSVIDC.DRV

+ 2012-06-15 00:37 . 1993-11-18 23:00 11776 c:\windows\system\MSRLE.DRV

+ 2012-06-15 00:37 . 1993-11-18 23:00 22816 c:\windows\system\MSACM.DRV

+ 2012-06-15 00:37 . 1993-11-18 23:00 49616 c:\windows\system\MSACM.DLL

+ 2012-06-15 00:37 . 1995-03-21 23:00 50096 c:\windows\system\IYVU9.DLL

+ 2012-06-15 00:37 . 1994-09-01 23:00 65408 c:\windows\system\ICCVID.DRV

+ 2012-06-15 00:37 . 1993-11-18 23:00 14208 c:\windows\system\CTL3D.DLL

+ 2012-06-15 00:37 . 1993-11-18 23:00 12800 c:\windows\system\ACMCMPRS.DLL

+ 2012-06-02 14:19 . 2012-06-02 14:19 45080 c:\windows\SoftwareDistribution\WebSetup\wups2.dll

+ 2012-06-02 14:19 . 2012-06-02 14:19 35864 c:\windows\SoftwareDistribution\WebSetup\wups.dll

+ 2012-06-02 14:19 . 2012-06-02 14:19 53784 c:\windows\SoftwareDistribution\WebSetup\wuauclt.exe

+ 2012-06-02 14:19 . 2012-06-02 14:19 97304 c:\windows\SoftwareDistribution\WebSetup\cdm.dll

+ 2012-06-04 20:27 . 2010-07-05 13:15 26488 c:\windows\SDTemp\Download\a125f3c2923de81c1d8e6a190c228a16\update\spcustom.dll

+ 2012-06-04 20:27 . 2010-07-05 13:15 17272 c:\windows\SDTemp\Download\a125f3c2923de81c1d8e6a190c228a16\spmsg.dll

+ 2009-09-17 23:49 . 2009-05-26 11:40 26488 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\update\spcustom.dll

+ 2009-09-17 23:49 . 2009-05-26 11:40 17272 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\spmsg.dll

+ 2009-09-17 23:49 . 2009-07-03 17:06 12800 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\xpshims.dll

+ 2009-09-17 23:49 . 2009-07-03 17:06 55296 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\msfeedsbs.dll

+ 2009-09-17 23:49 . 2009-07-03 17:06 25600 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\jsproxy.dll

+ 2009-09-17 23:49 . 2009-07-03 17:09 12800 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\xpshims.dll

+ 2009-09-17 23:49 . 2009-07-03 17:09 55296 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\msfeedsbs.dll

+ 2009-09-17 23:49 . 2009-07-03 17:09 25600 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\jsproxy.dll

+ 2012-05-11 09:40 . 2010-07-05 13:15 26488 c:\windows\SDTemp\Download\3438087687b5dd8accc81e44f72f02e7\update\spcustom.dll

+ 2012-05-11 09:40 . 2010-07-05 13:15 17272 c:\windows\SDTemp\Download\3438087687b5dd8accc81e44f72f02e7\spmsg.dll

+ 2009-09-17 23:49 . 2008-07-08 13:02 26488 c:\windows\SDTemp\Download\12e31c1143e5f70785d44c867e7b3e13\update\spcustom.dll

+ 2009-09-17 23:49 . 2008-07-08 13:02 17272 c:\windows\SDTemp\Download\12e31c1143e5f70785d44c867e7b3e13\spmsg.dll

+ 2009-09-17 21:15 . 2008-04-14 04:42 8704 c:\windows\system32\snmptrap.exe

+ 2009-09-17 21:15 . 2008-04-14 04:42 6144 c:\windows\system32\snmpmib.dll

+ 2009-09-17 21:15 . 2008-04-14 04:42 8704 c:\windows\system32\dllcache\snmptrap.exe

+ 2009-09-17 21:15 . 2008-04-14 04:42 6144 c:\windows\system32\dllcache\snmpmib.dll

+ 2012-06-15 00:37 . 1994-09-20 23:00 6736 c:\windows\system\WINGDIB.DRV

+ 2012-06-15 00:37 . 1993-11-18 23:00 7168 c:\windows\system\DISPDIB.DLL

+ 2012-05-11 09:40 . 2012-04-19 11:26 8192 c:\windows\SDTemp\Download\3438087687b5dd8accc81e44f72f02e7\update\kblChecker.dll

+ 2009-09-17 21:15 . 2008-04-14 04:42 188416 c:\windows\system32\wbem\snmpsmir.dll

+ 2009-09-17 21:14 . 2008-04-14 04:42 358400 c:\windows\system32\wbem\snmpincl.dll

+ 2009-09-17 21:15 . 2008-04-14 04:42 259072 c:\windows\system32\wbem\snmpcl.dll

+ 2009-09-17 21:15 . 2008-04-14 04:42 236544 c:\windows\system32\wbem\snmp\smi2smir.exe

+ 2009-09-17 21:15 . 2008-04-14 04:42 538624 c:\windows\system32\spider.exe

+ 2012-07-10 17:45 . 2012-06-02 14:19 577048 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.6.7600.256\wuapi.dll

+ 2009-09-17 21:14 . 2008-04-14 04:42 131584 c:\windows\system32\sndrec32.exe

+ 2009-09-17 21:14 . 2008-04-14 04:42 343040 c:\windows\system32\mspaint.exe

- 2010-08-11 10:24 . 2012-01-31 12:44 237072 c:\windows\system32\MpSigStub.exe

+ 2010-08-11 10:24 . 2012-02-23 09:18 237072 c:\windows\system32\MpSigStub.exe

+ 2009-09-17 21:17 . 2008-04-14 04:42 123392 c:\windows\system32\mplay32.exe

+ 2012-07-02 08:00 . 2012-05-09 11:18 157448 c:\windows\system32\javaws.exe

+ 2012-07-02 08:00 . 2012-05-09 11:17 149256 c:\windows\system32\javaw.exe

+ 2012-07-02 08:00 . 2012-05-09 11:17 149256 c:\windows\system32\java.exe

+ 2009-09-17 21:14 . 2008-04-14 04:41 347136 c:\windows\system32\hypertrm.dll

+ 2009-09-17 19:26 . 2012-06-21 12:35 142832 c:\windows\system32\FNTCACHE.DAT

+ 2009-09-17 21:14 . 2008-04-14 04:41 101888 c:\windows\system32\evntagnt.dll

+ 2009-09-17 18:46 . 2012-06-04 16:35 210968 c:\windows\system32\dllcache\wuweb.dll

+ 2009-09-17 18:46 . 2012-06-02 14:19 329240 c:\windows\system32\dllcache\wucltui.dll

+ 2009-09-17 21:14 . 2008-04-14 04:42 214528 c:\windows\system32\dllcache\wordpad.exe

+ 2009-09-17 21:15 . 2008-04-14 04:42 538624 c:\windows\system32\dllcache\spider.exe

+ 2009-09-17 21:15 . 2008-04-14 04:42 188416 c:\windows\system32\dllcache\snmpsmir.dll

+ 2009-09-17 21:14 . 2008-04-14 04:42 358400 c:\windows\system32\dllcache\snmpincl.dll

+ 2009-09-17 21:15 . 2008-04-14 04:42 259072 c:\windows\system32\dllcache\snmpcl.dll

+ 2009-09-17 21:14 . 2008-04-14 04:42 131584 c:\windows\system32\dllcache\sndrec32.exe

+ 2009-09-17 21:15 . 2008-04-14 04:42 236544 c:\windows\system32\dllcache\smi2smir.exe

+ 2009-09-17 21:15 . 2008-04-14 04:42 281088 c:\windows\system32\dllcache\pinball.exe

+ 2009-09-17 21:14 . 2008-04-14 04:42 343040 c:\windows\system32\dllcache\mspaint.exe

- 2009-12-16 18:43 . 2009-12-16 18:43 343040 c:\windows\system32\dllcache\mspaint.exe

- 2009-09-17 18:44 . 2008-04-14 04:42 123392 c:\windows\system32\dllcache\mplay32.exe

+ 2009-09-17 21:17 . 2008-04-14 04:42 123392 c:\windows\system32\dllcache\mplay32.exe

+ 2009-09-17 21:14 . 2008-04-14 04:41 101888 c:\windows\system32\dllcache\evntagnt.dll

+ 2009-09-17 21:14 . 2008-04-14 04:42 539136 c:\windows\system32\dllcache\dialer.exe

+ 2009-09-17 21:15 . 2008-04-14 04:42 102912 c:\windows\system32\dllcache\clipbrd.exe

+ 2009-09-17 21:16 . 2008-04-14 04:42 184320 c:\windows\system32\dllcache\accwiz.exe

+ 2009-09-17 21:15 . 2008-04-14 04:42 102912 c:\windows\system32\clipbrd.exe

+ 2006-11-17 09:46 . 2006-11-17 09:46 765952 c:\windows\system32\CDDBUI.dll

+ 2006-11-17 09:46 . 2006-11-17 09:46 102400 c:\windows\system32\CddbLangIT.dll

+ 2006-11-17 09:46 . 2006-11-17 09:46 655360 c:\windows\system32\CDDBControl.dll

+ 2009-09-17 21:16 . 2008-04-14 04:42 184320 c:\windows\system32\accwiz.exe

+ 2012-06-15 00:37 . 1994-08-23 23:00 188960 c:\windows\system\WINGDE.DLL

+ 2012-06-15 00:37 . 1995-11-08 23:00 774960 c:\windows\system\IR41.DLL

+ 2012-06-15 00:37 . 1995-10-19 23:00 151744 c:\windows\system\IR32.DLL

+ 2012-06-02 14:19 . 2012-06-02 14:19 329240 c:\windows\SoftwareDistribution\WebSetup\wucltui.dll

+ 2012-06-02 14:19 . 2012-06-02 14:19 577048 c:\windows\SoftwareDistribution\WebSetup\wuapi.dll

+ 2012-06-12 01:46 . 2012-06-11 21:31 110112 c:\windows\SDTemp\Download\Install\AM_Delta_Patch_1.127.1752.0.exe

+ 2012-06-04 20:27 . 2010-07-05 13:16 382840 c:\windows\SDTemp\Download\a125f3c2923de81c1d8e6a190c228a16\update\updspapi.dll

+ 2012-06-04 20:27 . 2010-07-05 13:15 755576 c:\windows\SDTemp\Download\a125f3c2923de81c1d8e6a190c228a16\update\update.exe

+ 2012-06-04 20:27 . 2010-07-05 13:15 231288 c:\windows\SDTemp\Download\a125f3c2923de81c1d8e6a190c228a16\spuninst.exe

+ 2012-05-31 13:19 . 2012-05-31 13:19 599552 c:\windows\SDTemp\Download\a125f3c2923de81c1d8e6a190c228a16\sp3qfe\crypt32.dll

+ 2012-05-31 13:22 . 2012-05-31 13:22 599040 c:\windows\SDTemp\Download\a125f3c2923de81c1d8e6a190c228a16\sp3gdr\crypt32.dll

+ 2009-09-17 23:49 . 2009-05-26 11:40 382840 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\update\updspapi.dll

+ 2009-09-17 23:49 . 2009-05-26 11:40 755576 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\update\update.exe

+ 2009-09-17 23:49 . 2009-05-26 11:40 231288 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\spuninst.exe

+ 2009-09-17 23:49 . 2009-07-03 17:06 915456 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\wininet.dll

+ 2009-09-17 23:49 . 2009-07-03 17:06 206848 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\occache.dll

+ 2009-09-17 23:49 . 2009-07-03 17:06 594432 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\msfeeds.dll

+ 2009-09-17 23:49 . 2009-07-03 17:06 246272 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\ieproxy.dll

+ 2009-09-17 23:49 . 2009-07-03 17:06 184320 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\iepeers.dll

+ 2009-09-17 23:49 . 2009-07-03 17:06 386048 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\iedkcs32.dll

+ 2009-09-17 23:49 . 2009-07-03 11:38 173056 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\ie4uinit.exe

+ 2009-09-17 23:49 . 2009-07-03 17:09 915456 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\wininet.dll

+ 2009-09-17 23:49 . 2009-07-03 17:09 206848 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\occache.dll

+ 2009-09-17 23:49 . 2009-07-03 17:09 594432 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\msfeeds.dll

+ 2009-09-17 23:49 . 2009-07-03 17:09 246272 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\ieproxy.dll

+ 2009-09-17 23:49 . 2009-07-03 17:09 184320 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\iepeers.dll

+ 2009-09-17 23:49 . 2009-07-03 17:09 386048 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\iedkcs32.dll

+ 2009-09-17 23:49 . 2009-07-03 11:01 173056 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\ie4uinit.exe

+ 2012-05-11 09:40 . 2010-07-05 13:16 382840 c:\windows\SDTemp\Download\3438087687b5dd8accc81e44f72f02e7\update\updspapi.dll

+ 2012-05-11 09:40 . 2010-07-05 13:15 755576 c:\windows\SDTemp\Download\3438087687b5dd8accc81e44f72f02e7\update\update.exe

+ 2012-05-11 09:40 . 2010-07-05 13:15 231288 c:\windows\SDTemp\Download\3438087687b5dd8accc81e44f72f02e7\spuninst.exe

+ 2009-09-17 23:49 . 2008-07-08 13:02 382840 c:\windows\SDTemp\Download\12e31c1143e5f70785d44c867e7b3e13\update\updspapi.dll

+ 2009-09-17 23:49 . 2008-07-08 13:02 755576 c:\windows\SDTemp\Download\12e31c1143e5f70785d44c867e7b3e13\update\update.exe

+ 2009-09-17 23:49 . 2008-07-08 13:02 231288 c:\windows\SDTemp\Download\12e31c1143e5f70785d44c867e7b3e13\spuninst.exe

+ 2009-09-17 23:49 . 2009-08-07 08:00 100352 c:\windows\SDTemp\Download\12e31c1143e5f70785d44c867e7b3e13\SP3QFE\iecompat.dll

+ 2009-09-17 23:49 . 2009-08-07 08:48 100352 c:\windows\SDTemp\Download\12e31c1143e5f70785d44c867e7b3e13\SP3GDR\iecompat.dll

+ 2012-06-27 09:23 . 2012-06-27 09:23 281600 c:\windows\Installer\da57b.msi

+ 2012-06-13 14:29 . 2012-06-13 14:29 331264 c:\windows\Installer\2d42780.msi

+ 2009-09-17 18:46 . 2012-06-02 14:19 1933848 c:\windows\system32\dllcache\wuaueng.dll

+ 2012-06-02 14:19 . 2012-06-02 14:19 1933848 c:\windows\SoftwareDistribution\WebSetup\wuaueng.dll

+ 2009-09-17 23:49 . 2009-07-03 17:06 1208832 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\urlmon.dll

+ 2009-09-17 23:49 . 2009-07-19 13:17 5938176 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\mshtml.dll

+ 2009-09-17 23:49 . 2009-07-03 17:06 1985536 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\iertutil.dll

+ 2009-09-17 23:49 . 2009-07-03 17:09 1208832 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\urlmon.dll

+ 2009-09-17 23:49 . 2009-07-19 13:18 5937152 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\mshtml.dll

+ 2009-09-17 23:49 . 2009-07-03 17:09 1985536 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\iertutil.dll

+ 2009-09-17 23:49 . 2009-07-19 13:17 11068416 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\ieframe.dll

+ 2009-07-19 17:48 . 2009-07-19 17:48 11067392 c:\windows\SDTemp\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\ieframe.dll

+ 2009-04-04 10:36 . 2009-04-04 10:36 21390848 c:\windows\SDTemp\Download\156dee50d03580abe7ef37c4434fd8f1\img\mainmuisp2-en-us.msp

+ 2009-04-04 16:09 . 2009-04-04 16:09 15190016 c:\windows\SDTemp\Download\0ddd6aedc634219a630a3d38d63104e5\img\clientsharedmuisp2-en-us.msp

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay1]

@="{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F}"

[HKEY_CLASSES_ROOT\CLSID\{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F}]

2011-11-04 15:46 1196544 ----a-w- c:\program files\4Sync\ShellExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay2]

@="{C72C6188-BEF2-46E5-A89A-52F0ED75219E}"

[HKEY_CLASSES_ROOT\CLSID\{C72C6188-BEF2-46E5-A89A-52F0ED75219E}]

2011-11-04 15:46 1196544 ----a-w- c:\program files\4Sync\ShellExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay3]

@="{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7}"

[HKEY_CLASSES_ROOT\CLSID\{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7}]

2011-11-04 15:46 1196544 ----a-w- c:\program files\4Sync\ShellExt.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Volume2"="d:\my documents\Downloads\Volume2_1_1_2_159_Portable\Volume2\Volume2.exe" [2012-01-08 1577984]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2006-08-03 53248]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2005-04-16 172032]

"S3Trayp"="S3Trayp.exe" [2008-07-08 204800]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^Conefry^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk]

path=c:\documents and settings\Conefry\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

backup=c:\windows\pss\ERUNT AutoBackup.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2009-09-22 17:27 133104 ----atw- c:\documents and settings\Conefry\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

2012-04-04 14:56 981680 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]

2012-04-04 14:56 462408 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 04:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]

2011-11-28 12:36 4692296 ----a-w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Giraffic"=2 (0x2)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Games\\Worms Armageddon - New Edition\\WA.exe"=

"c:\\Program Files\\Vuze\\Azureus.exe"=

.

R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [06/06/2012 14:27 11264]

R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\CodeMeter\Runtime\bin\CodeMeter.exe [03/04/2009 04:01 1680704]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [18/09/2009 01:01 654408]

R2 S3LoadSv;S3LoadSv;c:\windows\system32\s3loadsv.exe [20/01/2009 08:22 69632]

R3 fspad;AVC Finger-sensing Pad Driver for Windows 2000/XP;c:\windows\system32\drivers\fspad.sys [01/07/2006 02:44 19584]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [18/09/2009 01:01 22344]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [13/12/2010 15:08 136176]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [14/08/2010 16:44 13224]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [13/12/2010 15:08 136176]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]

S3 WinDefend;Windows Defender;c:\windows\System32\svchost.exe -k secsvcs [03/08/2004 14:56 14336]

S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\WPRO_40_1340.sys --> c:\windows\system32\drivers\WPRO_40_1340.sys [?]

.

Contents of the 'Scheduled Tasks' folder

.

2012-07-10 c:\windows\Tasks\DriverScanner.job

- c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2012-04-13 11:56]

.

2012-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 20:53]

.

2012-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 20:53]

.

2012-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-602609370-725345543-1003Core.job

- c:\documents and settings\Conefry\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-22 17:27]

.

2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-602609370-725345543-1003UA.job

- c:\documents and settings\Conefry\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-22 17:27]

.

2012-07-10 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 16:03]

.

2012-04-14 c:\windows\Tasks\tempoperfectShakeIcon.job

- c:\program files\NCH Swift Sound\TempoPerfect\tempoperfect.exe [2012-04-14 09:43]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.ie/

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: Interfaces\{44E2C206-B6F5-407C-A352-8071FB753924}: NameServer = 89.101.160.4,89.101.160.5

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-07-10 20:51

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]

@Denied: (3) (LocalSystem)

"AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET NOD32 Antivirus\\"

"DataDir"="ESET\\ESET NOD32 Antivirus\\"

"EditionName"="Student Edition"

"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"

"LanguageId"=dword:00000409

"ProductBase"=dword:00000000

"ProductCode"="{4EAE8F8E-0C2E-4814-9A04-635AFB9050AA}"

"ProductName"="ESET NOD32 Antivirus"

"ProductType"="eav"

"ProductVersion"="3.0.684.0"

"UniqueId"="0028ED0D4AB2B756"

"ScannerBuild"=dword:00000ed0

"ScannerVersionId"=dword:00000de1

"ScannerVersion"=""

"FixId"=dword:00000005

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(2124)

c:\windows\system32\WININET.dll

c:\program files\4Sync\ShellExt.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program files\4Sync\ShellCp.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Microsoft Security Client\MsMpEng.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\S3Trayp.exe

.

**************************************************************************

.

Completion time: 2012-07-10 20:55:13 - machine was rebooted

ComboFix-quarantined-files.txt 2012-07-10 19:55

ComboFix2.txt 2012-06-12 01:44

.

Pre-Run: 10,525,065,216 bytes free

Post-Run: 10,630,033,408 bytes free

.

- - End Of File - - 1A6BC1F19F32171401AB14B03707A01D

DDS:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Conefry at 20:58:39 on 2012-07-10

Microsoft Windows XP Professional 5.1.2600.3.1252.353.1033.18.1790.1138 [GMT 1:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\S3LoadSv.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\S3Trayp.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

D:\My Documents\Downloads\Volume2_1_1_2_159_Portable\Volume2\Volume2.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.ie/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [Volume2] d:\my documents\downloads\volume2_1_1_2_159_portable\volume2\Volume2.exe

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

mRun: [VTTimer] ;;; VTTimer.exe

mRun: [Apoint] c:\program files\apoint2k\Apoint.exe

mRun: [s3Trayp] S3Trayp.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1341942296000

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

TCP: Interfaces\{44E2C206-B6F5-407C-A352-8071FB753924} : NameServer = 89.101.160.4,89.101.160.5

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2012-4-13 22168]

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2012-6-6 11264]

R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2009-4-3 1680704]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-9-18 654408]

R2 S3LoadSv;S3LoadSv;c:\windows\system32\s3loadsv.exe [2009-1-20 69632]

R3 fspad;AVC Finger-sensing Pad Driver for Windows 2000/XP;c:\windows\system32\drivers\fspad.sys [2006-7-1 19584]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-9-18 22344]

R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2009-9-17 561152]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-8-14 13224]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys --> c:\windows\system32\drivers\ewusbdev.sys [?]

S3 WinDefend;Windows Defender;c:\windows\system32\svchost.exe -k secsvcs [2004-8-3 14336]

S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\wpro_40_1340.sys --> c:\windows\system32\drivers\WPRO_40_1340.sys [?]

.

=============== Created Last 30 ================

.

2012-07-09 08:13:25 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3d718fdf-0a1a-4285-9f9d-a918ea64b43a}\mpengine.dll

2012-07-02 08:12:15 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2012-06-29 11:22:15 -------- d-----w- c:\documents and settings\conefry\DoctorWeb

2012-06-27 09:23:51 -------- d-----w- c:\program files\Microsoft Calculator Plus

2012-06-21 12:15:03 -------- d-----w- c:\program files\CCleaner

2012-06-15 00:40:03 -------- d-----w- c:\windows\A3W_DATA

2012-06-15 00:36:31 -------- d-----w- C:\MPS

2012-06-13 23:43:34 -------- d-----w- c:\documents and settings\conefry\application data\f-secure

2012-06-13 23:43:19 -------- d-----w- c:\documents and settings\all users\application data\F-Secure

2012-06-13 14:33:10 -------- d-----w- c:\documents and settings\conefry\local settings\application data\Sony

2012-06-12 12:23:48 1594543 ----a-w- c:\windows\WANEUninstaller.exe

2012-06-12 12:20:59 -------- d-----w- C:\Games

2012-06-12 11:54:03 -------- d-----w- c:\documents and settings\conefry\application data\DAEMON Tools Lite

2012-06-12 11:53:19 -------- d-----w- c:\documents and settings\all users\application data\DAEMON Tools Lite

2012-06-12 01:38:23 -------- d-sha-r- C:\cmdcons

2012-06-12 01:30:41 98816 ----a-w- c:\windows\sed.exe

2012-06-12 01:30:41 518144 ----a-w- c:\windows\SWREG.exe

2012-06-12 01:30:41 256000 ----a-w- c:\windows\PEV.exe

2012-06-12 01:30:41 208896 ----a-w- c:\windows\MBR.exe

.

==================== Find3M ====================

.

2012-06-12 11:54:23 477240 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-06-07 10:28:16 14392 ----a-w- c:\windows\system32\drivers\AtiPcie.sys

2012-06-02 14:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 14:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 14:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 14:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 14:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 14:18:58 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 14:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-09 11:21:41 476936 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-05-09 11:21:36 472840 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-09 09:47:37 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-04-13 23:25:55 1938272 ----a-w- c:\windows\system32\drivers\athw.sys

2012-04-13 23:25:19 69632 ----a-w- c:\windows\system32\vuins32.dll

2012-04-13 23:25:19 46592 ----a-w- c:\windows\system32\drivers\fetnd5bv.sys

2012-04-13 23:25:19 319456 ----a-w- c:\windows\system32\difxapi.dll

2012-04-13 23:25:02 40848 ----a-w- c:\windows\system32\drivers\point32.sys

2012-04-13 23:25:02 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll

2012-04-13 13:11:41 13440 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys

2012-04-13 13:04:02 10264 ----a-w- c:\windows\system32\Viagart.sys

2012-04-13 13:03:55 22168 ----a-w- c:\windows\system32\drivers\xfilt.sys

2012-04-13 13:03:54 13976 ----a-w- c:\windows\system32\drivers\videX32.sys

.

============= FINISH: 20:58:57.64 ===============

Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 17/09/2009 19:51:54

System Uptime: 10/07/2012 20:49:49 (0 hours ago)

.

Motherboard: FUJITSU SIEMENS | | AMILO PRO V3515

Processor: Intel® Core Duo CPU T2450 @ 2.00GHz | mPGA 479M | 1995/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 50 GiB total, 9.9 GiB free.

D: is FIXED (NTFS) - 62 GiB total, 15.136 GiB free.

E: is CDROM (CDFS)

F: is CDROM (CDFS)

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: MAC Bridge Miniport

Device ID: ROOT\MS_BRIDGEMP\0000

Manufacturer: Microsoft

Name: MAC Bridge Miniport

PNP Device ID: ROOT\MS_BRIDGEMP\0000

Service: BridgeMP

.

==== System Restore Points ===================

.

RP421: 06/06/2012 16:14:58 - System Checkpoint

RP422: 07/06/2012 10:08:31 - Software Distribution Service 3.0

RP423: 07/06/2012 11:28:14 - DriverScanner - 6/7/2012 11:28:03 AM

RP424: 07/06/2012 11:29:32 - Software Distribution Service 3.0

RP425: 07/06/2012 11:31:37 - Installed %1 %2.

RP426: 07/06/2012 11:34:58 - Software Distribution Service 3.0

RP427: 07/06/2012 11:46:50 - Software Distribution Service 3.0

RP428: 07/06/2012 11:59:51 - Software Distribution Service 3.0

RP429: 08/06/2012 12:58:44 - System Checkpoint

RP430: 09/06/2012 01:51:57 - Software Distribution Service 3.0

RP431: 09/06/2012 02:04:30 - Software Distribution Service 3.0

RP432: 09/06/2012 11:09:24 - Software Distribution Service 3.0

RP433: 10/06/2012 01:55:25 - Software Distribution Service 3.0

RP434: 11/06/2012 17:29:36 - Software Distribution Service 3.0

RP435: 12/06/2012 02:46:28 - Software Distribution Service 3.0

RP436: 12/06/2012 12:54:22 - SPTD setup V1.81

RP437: 13/06/2012 14:03:14 - System Checkpoint

RP438: 13/06/2012 15:29:38 - Installed Microsoft Visual C++ 2005 Redistributable

RP439: 13/06/2012 15:30:14 - Installed Sony Sound Forge Audio Studio 9.0

RP440: 13/06/2012 15:38:50 - Removed Sony Sound Forge Audio Studio 9.0d

RP441: 14/06/2012 16:20:42 - System Checkpoint

RP442: 19/06/2012 19:30:56 - System Checkpoint

RP443: 20/06/2012 10:30:44 - Installed Microsoft Fix it 50687

RP444: 21/06/2012 16:06:22 - System Checkpoint

RP445: 22/06/2012 16:47:31 - System Checkpoint

RP446: 23/06/2012 17:47:24 - System Checkpoint

RP447: 24/06/2012 18:06:46 - System Checkpoint

RP448: 25/06/2012 18:41:28 - System Checkpoint

RP449: 26/06/2012 19:16:15 - System Checkpoint

RP450: 27/06/2012 10:23:50 - Installed Microsoft Calculator Plus

RP451: 28/06/2012 14:37:31 - System Checkpoint

RP452: 29/06/2012 15:29:08 - System Checkpoint

RP453: 01/07/2012 17:29:16 - System Checkpoint

RP454: 02/07/2012 08:59:55 - Installed Java 6 Update 33

RP455: 03/07/2012 17:15:23 - System Checkpoint

RP456: 05/07/2012 00:49:38 - System Checkpoint

RP457: 06/07/2012 00:55:18 - System Checkpoint

RP458: 09/07/2012 09:21:27 - System Checkpoint

RP459: 10/07/2012 12:16:52 - System Checkpoint

.

==== Installed Programs ======================

.

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.3

Adobe Shockwave Player 11.5

ASAPI Update

Audacity 1.2.6

AVC Finger-sensing PAD Driver

CCleaner

CodeMeter Runtime Kit v4.01

Conexant HD Audio

DAEMON Tools Lite

DC-Bass Source 1.1.1

ERUNT 1.1j

ESET Online Scanner v3

Google Chrome

Google Earth Plug-in

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Java Auto Updater

Java 6 Update 33

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft .NET Framework 2.0 Language Pack - DEU

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Calculator Plus

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft DirectX Transform optional components

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

OGA Notifier 2.0.0048.0

Picasa 3

Reason 4.0

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Soft Data Fax Modem with SmartCP

Steinberg WaveLab 5.01b

TempoPerfect Metronome Software

Uniblue DriverScanner

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB978207)

VC80CRTRedist - 8.0.50727.6195

Veoh Web Player

VIA Chrome9 HC IGP Family Display 6.14.10.0193

VIA Rhine-Family Fast-Ethernet Adapter

VLC media player 1.1.7

Volume Control 1.2

Vuze

WebFldrs XP

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows XP Service Pack 3

WinRAR archiver

Worms Armageddon - New Edition

.

==== Event Viewer Messages From Past Week ========

.

10/07/2012 20:02:43, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1269.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

10/07/2012 17:54:30, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1269.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

09/07/2012 09:13:16, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

06/07/2012 12:04:59, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

05/07/2012 15:49:29, error: Service Control Manager [7000] - The Automatic Updates service failed to start due to the following error: %%1290

05/07/2012 15:49:28, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

05/07/2012 15:49:28, error: DCOM [10005] - DCOM got error "%1290" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

05/07/2012 00:34:52, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

04/07/2012 08:40:33, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

04/07/2012 08:30:49, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume D:.

04/07/2012 08:30:49, error: NetBT [4307] - Initialization failed because the transport refused to open initial Addresses.

04/07/2012 08:30:31, error: Service Control Manager [7003] - The @%SystemRoot%\system32\iphlpsvc.dll,-200 service depends on the following nonexistent service: nsi

04/07/2012 08:30:31, error: Service Control Manager [7000] - The @%SystemRoot%\system32\tcpipcfg.dll,-50004 service failed to start due to the following error: The system cannot find the file specified.

03/07/2012 16:01:22, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Hi,

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

Share this post


Link to post
Share on other sites

eset:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=3b72fcf5fc4ef74f9380dd221e05af7d

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-07-10 09:52:58

# local_time=2012-07-10 10:52:58 (+0000, GMT Daylight Time)

# country="Ireland"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 2976346 2976346 0 0

# compatibility_mode=1024 16777215 100 0 48060390 48060390 0 0

# compatibility_mode=5891 16776533 42 92 5008 9686604 0 0

# compatibility_mode=8192 67108863 100 0 3534974 3534974 0 0

# scanned=54661

# found=0

# cleaned=0

# scan_time=1523

My security check:

Results of screen317's Security Check version 0.99.42

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Microsoft Security Essentials

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.61.0.1400

CCleaner

Java 6 Update 33

Java version out of Date!

Adobe Flash Player 10 Flash Player out of Date!

Adobe Flash Player 10.1.53.64 Flash Player out of Date!

Adobe Reader 9 Adobe Reader out of Date!

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

Malwarebytes Anti-Malware mbamservice.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 5%

````````````````````End of Log``````````````````````

My laptop still seems to be running quite slow...it keeps running a chkdsk scan everytime i boot but maybe thats irrelevant..

Share this post


Link to post
Share on other sites

Hi,

That's a sure-tell sign that your hard drive is beginning to fail. I highly recommend backing up any important data as soon as possible.

Run TFC by OldTimer to clear temporary files:

  • Please download TFC from here and save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.

Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstall

This uninstalls all of ComboFix's components.

Delete SecurityCheck.

After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall the following program (if present):

ava™ 6 Update 33

Adobe Flash Player 10

Adobe Flash Player 10.1.53.64

Adobe Reader 9

Restart your computer.

Get the latest version of Java, Adobe Reader, and Adobe Flash Player.

Next, please run the PCPitstop Full Tests here (NOT the PCMatic scan or any other scan; simply register with the box on the left and you will be taken to the Full Tests/Overdrive Test). When the tests are complete, a results page will pop up. Copy and paste the URL of the Results screen and post it here for me.

Share this post


Link to post
Share on other sites

hmmm.. I seem to have contracted some sort of Blekko toolbar nonsense now that I cant get rid of...

Share this post


Link to post
Share on other sites

dds: .

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1

Run by Conefry at 14:32:45 on 2012-07-12

Microsoft Windows XP Professional 5.1.2600.3.1252.353.1033.18.1790.937 [GMT 1:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe

C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\S3LoadSv.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\S3Trayp.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

D:\My Documents\Downloads\Volume2_1_1_2_159_Portable\Volume2\Volume2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Smith Micro\StuffIt 2010\ArcNameService.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wscntfy.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=5CC05C89A7F983F2EAE9304FFE19D71D&tbp=homepage

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll

uRun: [Volume2] d:\my documents\downloads\volume2_1_1_2_159_portable\volume2\Volume2.exe

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [VTTimer] ;;; VTTimer.exe

mRun: [Apoint] c:\program files\apoint2k\Apoint.exe

mRun: [s3Trayp] S3Trayp.exe

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [PC Pitstop Diskmd3 Reminder] c:\program files\pcpitstop\diskmd3\Reminder-Diskmd3.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB

DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1341942296000

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} - hxxp://utilities.pcpitstop.com/DiskMD3/DiskMD3Ctrl.dll

TCP: Interfaces\{44E2C206-B6F5-407C-A352-8071FB753924} : NameServer = 89.101.160.4,89.101.160.5

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2012-4-13 22168]

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2012-6-6 11264]

R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2009-4-3 1680704]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-9-18 654408]

R2 S3LoadSv;S3LoadSv;c:\windows\system32\s3loadsv.exe [2009-1-20 69632]

R3 fspad;AVC Finger-sensing Pad Driver for Windows 2000/XP;c:\windows\system32\drivers\fspad.sys [2006-7-1 19584]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-9-18 22344]

R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2009-9-17 561152]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-8-14 13224]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys --> c:\windows\system32\drivers\ewusbdev.sys [?]

S3 WinDefend;Windows Defender;c:\windows\system32\svchost.exe -k secsvcs [2004-8-3 14336]

S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\wpro_40_1340.sys --> c:\windows\system32\drivers\WPRO_40_1340.sys [?]

.

=============== Created Last 30 ================

.

2012-07-12 12:52:22 -------- d-----w- c:\documents and settings\conefry\local settings\application data\Smith Micro

2012-07-12 12:18:37 -------- d-----w- c:\documents and settings\all users\application data\Smith Micro

2012-07-12 12:18:21 -------- d-----w- c:\program files\Smith Micro

2012-07-12 00:31:59 -------- d-----w- c:\documents and settings\all users\application data\PCPitstop

2012-07-11 23:53:12 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{60b832ec-eb5a-4f25-bcc0-bb581650fb29}\mpengine.dll

2012-07-11 23:45:55 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-07-11 23:37:00 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2012-07-11 11:44:35 -------- d-----w- c:\documents and settings\conefry\local settings\application data\Sun

2012-07-10 22:10:44 -------- d-----w- c:\program files\Oracle

2012-07-10 20:02:21 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll

2012-07-10 17:45:29 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-29 11:22:15 -------- d-----w- c:\documents and settings\conefry\DoctorWeb

2012-06-27 09:23:51 -------- d-----w- c:\program files\Microsoft Calculator Plus

2012-06-15 00:40:03 -------- d-----w- c:\windows\A3W_DATA

2012-06-15 00:36:31 -------- d-----w- C:\MPS

2012-06-13 23:43:34 -------- d-----w- c:\documents and settings\conefry\application data\f-secure

2012-06-13 23:43:19 -------- d-----w- c:\documents and settings\all users\application data\F-Secure

2012-06-13 14:33:10 -------- d-----w- c:\documents and settings\conefry\local settings\application data\Sony

.

==================== Find3M ====================

.

2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-12 12:23:51 1594543 ----a-w- c:\windows\WANEUninstaller.exe

2012-06-12 11:54:23 477240 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-06-07 10:28:16 14392 ----a-w- c:\windows\system32\drivers\AtiPcie.sys

2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 14:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 14:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 14:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 14:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 14:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 14:18:58 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 14:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-05-11 14:42:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec

2012-05-04 18:29:22 772504 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-05-04 18:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-04-13 23:25:55 1938272 ----a-w- c:\windows\system32\drivers\athw.sys

2012-04-13 23:25:19 69632 ----a-w- c:\windows\system32\vuins32.dll

2012-04-13 23:25:19 46592 ----a-w- c:\windows\system32\drivers\fetnd5bv.sys

2012-04-13 23:25:19 319456 ----a-w- c:\windows\system32\difxapi.dll

2012-04-13 23:25:02 40848 ----a-w- c:\windows\system32\drivers\point32.sys

2012-04-13 23:25:02 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll

.

============= FINISH: 14:33:10.31 ===============

attach :

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 17/09/2009 19:51:54

System Uptime: 12/07/2012 12:46:31 (2 hours ago)

.

Motherboard: FUJITSU SIEMENS | | AMILO PRO V3515

Processor: Intel® Core Duo CPU T2450 @ 2.00GHz | mPGA 479M | 1995/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 50 GiB total, 34.825 GiB free.

D: is FIXED (NTFS) - 62 GiB total, 45.984 GiB free.

E: is CDROM ()

F: is CDROM (CDFS)

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Atheros AR5005G Wireless Network Adapter

Device ID: PCI\VEN_168C&DEV_001A&SUBSYS_2052168C&REV_01\4&1A598D38&0&0899

Manufacturer: Atheros

Name: Atheros AR5005G Wireless Network Adapter

PNP Device ID: PCI\VEN_168C&DEV_001A&SUBSYS_2052168C&REV_01\4&1A598D38&0&0899

Service: AR5416

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: MAC Bridge Miniport

Device ID: ROOT\MS_BRIDGEMP\0000

Manufacturer: Microsoft

Name: MAC Bridge Miniport

PNP Device ID: ROOT\MS_BRIDGEMP\0000

Service: BridgeMP

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.5

ASAPI Update

Atheros Driver Installation Program

Audacity 1.2.6

AVC Finger-sensing PAD Driver

CodeMeter Runtime Kit v4.01

Conexant HD Audio

DAEMON Tools Lite

DC-Bass Source 1.1.1

ERUNT 1.1j

Google Chrome

Google Earth Plug-in

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Java Auto Updater

Java 7 Update 5

JavaFX 2.1.1

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft .NET Framework 2.0 Language Pack - DEU

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Calculator Plus

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft DirectX Transform optional components

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

OGA Notifier 2.0.0048.0

Picasa 3

Reason 4.0

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Soft Data Fax Modem with SmartCP

Steinberg WaveLab 5.01b

StuffIt 2010

TempoPerfect Metronome Software

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB978207)

VC80CRTRedist - 8.0.50727.6195

Veoh Web Player

VIA Chrome9 HC IGP Family Display 6.14.10.0193

VIA Rhine-Family Fast-Ethernet Adapter

VLC media player 1.1.7

Volume Control 1.2

Vuze

WebFldrs XP

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows XP Service Pack 3

WinRAR archiver

Worms Armageddon - New Edition

.

==== Event Viewer Messages From Past Week ========

.

12/07/2012 00:29:10, error: Service Control Manager [7034] - The S3LoadSv service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7034] - The CodeMeter Runtime Server service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

10/07/2012 20:02:43, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1269.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

10/07/2012 17:54:30, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1269.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

10/07/2012 04:40:20, error: NetBT [4307] - Initialization failed because the transport refused to open initial Addresses.

10/07/2012 04:40:04, error: Service Control Manager [7003] - The @%SystemRoot%\system32\iphlpsvc.dll,-200 service depends on the following nonexistent service: nsi

10/07/2012 04:40:04, error: Service Control Manager [7000] - The Automatic Updates service failed to start due to the following error: %%1290

10/07/2012 04:40:04, error: Service Control Manager [7000] - The @%SystemRoot%\system32\tcpipcfg.dll,-50004 service failed to start due to the following error: The system cannot find the file specified.

09/07/2012 09:13:16, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

09/07/2012 09:13:16, error: DCOM [10005] - DCOM got error "%1290" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

09/07/2012 09:03:37, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume D:.

06/07/2012 12:04:59, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

05/07/2012 15:49:28, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

05/07/2012 00:34:52, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Hi,

Please see:

Forum Piracy Policy

We will not assist users that are obviously using illegal software.

If any such evidence is found you will be given the benefit of the doubt and the opportunity to completely uninstall and delete any such data from your system.

During the scanning process if any further evidence shows up your topic will be closed and no further assistance will be provided.

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

This is why you keep getting reinfected.

Share this post


Link to post
Share on other sites

Ok relax i uninstalled it. and by the way i got this blekko infection of your pitstop website! :D

dds:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1

Run by Conefry at 11:36:51 on 2012-07-13

Microsoft Windows XP Professional 5.1.2600.3.1252.353.1033.18.1790.1245 [GMT 1:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe

C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\S3Trayp.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

D:\My Documents\Downloads\Volume2_1_1_2_159_Portable\Volume2\Volume2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\S3LoadSv.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\msiexec.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.ie/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll

uRun: [Volume2] d:\my documents\downloads\volume2_1_1_2_159_portable\volume2\Volume2.exe

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [VTTimer] ;;; VTTimer.exe

mRun: [Apoint] c:\program files\apoint2k\Apoint.exe

mRun: [s3Trayp] S3Trayp.exe

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [PC Pitstop Diskmd3 Reminder] c:\program files\pcpitstop\diskmd3\Reminder-Diskmd3.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB

DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1341942296000

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} - hxxp://utilities.pcpitstop.com/DiskMD3/DiskMD3Ctrl.dll

TCP: Interfaces\{44E2C206-B6F5-407C-A352-8071FB753924} : NameServer = 89.101.160.4,89.101.160.5

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2012-4-13 22168]

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2012-6-6 11264]

R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2009-4-3 1680704]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-9-18 655944]

R2 S3LoadSv;S3LoadSv;c:\windows\system32\s3loadsv.exe [2009-1-20 69632]

R3 fspad;AVC Finger-sensing Pad Driver for Windows 2000/XP;c:\windows\system32\drivers\fspad.sys [2006-7-1 19584]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-9-18 22344]

R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2009-9-17 561152]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-11 250056]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-8-14 13224]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys --> c:\windows\system32\drivers\ewusbdev.sys [?]

S3 WinDefend;Windows Defender;c:\windows\system32\svchost.exe -k secsvcs [2004-8-3 14336]

S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\wpro_40_1340.sys --> c:\windows\system32\drivers\WPRO_40_1340.sys [?]

.

=============== Created Last 30 ================

.

2012-07-13 03:24:23 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fabe8b30-1fbf-40d0-a504-43960aaaf7a7}\mpengine.dll

2012-07-12 15:31:22 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-12 15:31:22 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-12 13:35:07 6762896 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2012-07-12 12:52:22 -------- d-----w- c:\documents and settings\conefry\local settings\application data\Smith Micro

2012-07-12 12:18:37 -------- d-----w- c:\documents and settings\all users\application data\Smith Micro

2012-07-12 00:31:59 -------- d-----w- c:\documents and settings\all users\application data\PCPitstop

2012-07-11 23:45:55 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-07-11 11:44:35 -------- d-----w- c:\documents and settings\conefry\local settings\application data\Sun

2012-07-10 22:10:44 -------- d-----w- c:\program files\Oracle

2012-07-10 20:02:21 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll

2012-07-10 17:45:29 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-29 11:22:15 -------- d-----w- c:\documents and settings\conefry\DoctorWeb

2012-06-27 09:23:51 -------- d-----w- c:\program files\Microsoft Calculator Plus

2012-06-15 00:40:03 -------- d-----w- c:\windows\A3W_DATA

2012-06-15 00:36:31 -------- d-----w- C:\MPS

2012-06-13 23:43:34 -------- d-----w- c:\documents and settings\conefry\application data\f-secure

2012-06-13 23:43:19 -------- d-----w- c:\documents and settings\all users\application data\F-Secure

2012-06-13 14:33:10 -------- d-----w- c:\documents and settings\conefry\local settings\application data\Sony

.

==================== Find3M ====================

.

2012-07-03 12:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-12 12:23:51 1594543 ----a-w- c:\windows\WANEUninstaller.exe

2012-06-12 11:54:23 477240 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-06-07 10:28:16 14392 ----a-w- c:\windows\system32\drivers\AtiPcie.sys

2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 14:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 14:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 14:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 14:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 14:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 14:18:58 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 14:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-05-11 14:42:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec

2012-05-04 18:29:22 772504 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-05-04 18:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

============= FINISH: 11:37:49.18 ===============

attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 17/09/2009 19:51:54

System Uptime: 13/07/2012 11:26:44 (0 hours ago)

.

Motherboard: FUJITSU SIEMENS | | AMILO PRO V3515

Processor: Intel® Core Duo CPU T2450 @ 2.00GHz | mPGA 479M | 1994/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 50 GiB total, 34.831 GiB free.

D: is FIXED (NTFS) - 62 GiB total, 45.984 GiB free.

E: is CDROM ()

F: is CDROM (CDFS)

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: MAC Bridge Miniport

Device ID: ROOT\MS_BRIDGEMP\0000

Manufacturer: Microsoft

Name: MAC Bridge Miniport

PNP Device ID: ROOT\MS_BRIDGEMP\0000

Service: BridgeMP

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.5

ASAPI Update

Atheros Driver Installation Program

Audacity 1.2.6

AVC Finger-sensing PAD Driver

CodeMeter Runtime Kit v4.01

Conexant HD Audio

DAEMON Tools Lite

DC-Bass Source 1.1.1

ERUNT 1.1j

Google Chrome

Google Earth Plug-in

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Java Auto Updater

Java 7 Update 5

JavaFX 2.1.1

Malwarebytes Anti-Malware version 1.62.0.1300

Microsoft .NET Framework 2.0 Language Pack - DEU

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Calculator Plus

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft DirectX Transform optional components

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

OGA Notifier 2.0.0048.0

Picasa 3

Reason 4.0

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Soft Data Fax Modem with SmartCP

Steinberg WaveLab 5.01b

TempoPerfect Metronome Software

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB978207)

VC80CRTRedist - 8.0.50727.6195

Veoh Web Player

VIA Chrome9 HC IGP Family Display 6.14.10.0193

VIA Rhine-Family Fast-Ethernet Adapter

VLC media player 1.1.7

Volume Control 1.2

WebFldrs XP

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows XP Service Pack 3

WinRAR archiver

Worms Armageddon - New Edition

.

==== Event Viewer Messages From Past Week ========

.

12/07/2012 00:29:10, error: Service Control Manager [7034] - The S3LoadSv service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7034] - The CodeMeter Runtime Server service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

10/07/2012 20:02:43, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1269.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

10/07/2012 19:52:59, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume D:.

10/07/2012 19:52:43, error: Service Control Manager [7003] - The @%SystemRoot%\system32\iphlpsvc.dll,-200 service depends on the following nonexistent service: nsi

10/07/2012 19:52:43, error: Service Control Manager [7000] - The Automatic Updates service failed to start due to the following error: %%1290

10/07/2012 19:52:43, error: Service Control Manager [7000] - The @%SystemRoot%\system32\tcpipcfg.dll,-50004 service failed to start due to the following error: The system cannot find the file specified.

10/07/2012 19:26:46, error: DCOM [10005] - DCOM got error "%1290" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

10/07/2012 17:54:30, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1269.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

10/07/2012 07:39:23, error: NetBT [4307] - Initialization failed because the transport refused to open initial Addresses.

09/07/2012 09:13:16, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

06/07/2012 12:04:59, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Hi,

I said not to download anything from the PCPitStop site but I see you downloaded Diskmd anyway. Is Worms a cracked program? We are serious about our policy.

Grab a fresh copy of ComboFix, run it, and post its log.

Share this post


Link to post
Share on other sites

Wahey!! So you are still alive! I was fearing the worst there for a minute ;) Thought you left me hangin, all out on my own. Don't what I'd do with myself haha anyway relax kid! We all know what ya said and what ya didn't and nobody really gives a Profanity removed-- this is a family forum. -screen317! Now get off your high horse and let's get down to business :P Here we go:

ComboFix 12-07-14.01 - Conefry 16/07/2012 10:39:33.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.353.1033.18.1790.1367 [GMT 1:00]

Running from: d:\my documents\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((( Files Created from 2012-06-16 to 2012-07-16 )))))))))))))))))))))))))))))))

.

.

2012-07-16 09:36 . 2012-07-16 09:36 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B7240E42-93F1-44AA-9333-41B4A479ED31}\MpKsl07b88a83.sys

2012-07-16 09:36 . 2012-07-16 09:36 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B7240E42-93F1-44AA-9333-41B4A479ED31}\offreg.dll

2012-07-16 08:37 . 2012-06-18 02:14 6762896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B7240E42-93F1-44AA-9333-41B4A479ED31}\mpengine.dll

2012-07-15 02:06 . 2012-06-18 02:14 6762896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-07-12 15:31 . 2012-07-12 15:31 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-12 15:31 . 2012-07-12 15:31 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-12 12:52 . 2012-07-12 12:53 -------- d-----w- c:\documents and settings\Conefry\Local Settings\Application Data\Smith Micro

2012-07-12 12:18 . 2012-07-12 12:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Smith Micro

2012-07-12 00:31 . 2012-07-12 00:31 -------- d-----w- c:\documents and settings\All Users\Application Data\PCPitstop

2012-07-12 00:27 . 2012-07-12 00:27 -------- d--h--w- c:\program files\InstallShield Installation Information

2012-07-12 00:27 . 2012-07-12 00:27 -------- d-----w- c:\program files\Atheros

2012-07-12 00:27 . 2012-07-12 00:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Atheros

2012-07-12 00:27 . 2012-07-12 00:27 -------- d-----w- c:\program files\Common Files\InstallShield

2012-07-12 00:27 . 2012-07-12 00:27 -------- d-----w- C:\SWSetup

2012-07-11 23:46 . 2012-07-11 23:46 -------- d-----w- c:\program files\Common Files\Java

2012-07-11 23:45 . 2012-05-04 18:29 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-07-11 23:45 . 2012-07-11 23:45 -------- d-----w- c:\program files\Java

2012-07-11 11:44 . 2012-07-11 11:44 -------- d-----w- c:\documents and settings\Conefry\Local Settings\Application Data\Sun

2012-07-10 22:10 . 2012-07-10 22:10 -------- d-----w- c:\program files\Oracle

2012-07-10 22:10 . 2012-07-10 22:10 -------- d-----w- c:\documents and settings\Conefry\Application Data\Oracle

2012-07-10 20:02 . 2012-05-11 14:42 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll

2012-07-10 17:45 . 2012-06-02 14:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-07-02 07:59 . 2012-07-02 07:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

2012-06-29 11:22 . 2012-06-29 11:22 -------- d-----w- c:\documents and settings\Conefry\DoctorWeb

2012-06-27 09:23 . 2012-06-27 09:23 -------- d-----w- c:\program files\Microsoft Calculator Plus

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-03 12:46 . 2009-09-18 00:01 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-13 13:19 . 2004-08-03 12:17 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-12 12:23 . 2012-06-12 12:23 1594543 ----a-w- c:\windows\WANEUninstaller.exe

2012-06-12 11:54 . 2009-09-26 00:16 477240 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-06-07 10:28 . 2012-06-07 10:28 14392 ----a-w- c:\windows\system32\drivers\AtiPcie.sys

2012-06-05 15:50 . 2009-09-17 21:17 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 15:50 . 2004-08-03 13:56 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 16:35 . 2009-09-17 18:46 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-04 04:32 . 2004-08-03 13:56 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 14:19 . 2009-09-17 22:49 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 14:19 . 2009-09-17 22:49 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 14:19 . 2009-09-17 18:46 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 14:19 . 2009-09-17 18:46 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 14:19 . 2009-09-17 22:49 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 14:19 . 2009-09-17 18:46 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 14:19 . 2009-09-17 18:46 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 14:19 . 2004-08-03 13:56 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 14:19 . 2009-09-17 22:49 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 14:19 . 2009-09-17 18:46 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 14:19 . 2009-09-17 18:46 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 14:18 . 2010-06-16 11:11 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 14:18 . 2010-06-16 11:11 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-06-02 14:18 . 2010-06-16 11:11 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-05-31 13:22 . 2004-08-03 13:56 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-16 15:08 . 2004-08-03 13:56 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42 . 2004-08-03 13:56 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-05-11 14:42 . 2004-08-03 13:56 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-05-11 11:38 . 2004-08-03 11:59 385024 ----a-w- c:\windows\system32\html.iec

2012-05-04 18:29 . 2012-06-06 11:05 772504 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-05-04 18:29 . 2010-09-08 13:42 687504 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-04 13:16 . 2004-08-03 12:18 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32 . 2004-08-03 22:59 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46 . 2009-09-17 18:44 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay1]

@="{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F}"

[HKEY_CLASSES_ROOT\CLSID\{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F}]

2011-11-04 15:46 1196544 ----a-w- c:\program files\4Sync\ShellExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay2]

@="{C72C6188-BEF2-46E5-A89A-52F0ED75219E}"

[HKEY_CLASSES_ROOT\CLSID\{C72C6188-BEF2-46E5-A89A-52F0ED75219E}]

2011-11-04 15:46 1196544 ----a-w- c:\program files\4Sync\ShellExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4SyncOverlay3]

@="{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7}"

[HKEY_CLASSES_ROOT\CLSID\{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7}]

2011-11-04 15:46 1196544 ----a-w- c:\program files\4Sync\ShellExt.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Volume2"="d:\my documents\Downloads\Volume2_1_1_2_159_Portable\Volume2\Volume2.exe" [2012-01-08 1577984]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2006-08-03 53248]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2005-04-16 172032]

"S3Trayp"="S3Trayp.exe" [2008-07-08 204800]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^Conefry^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk]

path=c:\documents and settings\Conefry\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

backup=c:\windows\pss\ERUNT AutoBackup.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2009-09-22 17:27 133104 ----atw- c:\documents and settings\Conefry\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

2012-07-03 12:46 973488 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]

2012-07-03 12:46 462920 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 04:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]

2011-11-28 12:36 4692296 ----a-w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Giraffic"=2 (0x2)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Games\\Worms Armageddon - New Edition\\WA.exe"=

.

R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [06/06/2012 14:27 11264]

R1 MpKsl07b88a83;MpKsl07b88a83;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B7240E42-93F1-44AA-9333-41B4A479ED31}\MpKsl07b88a83.sys [16/07/2012 10:36 29904]

R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\CodeMeter\Runtime\bin\CodeMeter.exe [03/04/2009 04:01 1680704]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [18/09/2009 01:01 655944]

R2 S3LoadSv;S3LoadSv;c:\windows\system32\s3loadsv.exe [20/01/2009 08:22 69632]

R3 fspad;AVC Finger-sensing Pad Driver for Windows 2000/XP;c:\windows\system32\drivers\fspad.sys [01/07/2006 02:44 19584]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [18/09/2009 01:01 22344]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [13/12/2010 15:08 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11/07/2012 12:40 250056]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [14/08/2010 16:44 13224]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [13/12/2010 15:08 136176]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]

S3 WinDefend;Windows Defender;c:\windows\System32\svchost.exe -k secsvcs [03/08/2004 14:56 14336]

S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\WPRO_40_1340.sys --> c:\windows\system32\drivers\WPRO_40_1340.sys [?]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MPKSL07B88A83

.

Contents of the 'Scheduled Tasks' folder

.

2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 15:31]

.

2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 20:53]

.

2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 20:53]

.

2012-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-602609370-725345543-1003Core.job

- c:\documents and settings\Conefry\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-22 17:27]

.

2012-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-602609370-725345543-1003UA.job

- c:\documents and settings\Conefry\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-22 17:27]

.

2012-07-16 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 16:03]

.

2012-04-14 c:\windows\Tasks\tempoperfectShakeIcon.job

- c:\program files\NCH Swift Sound\TempoPerfect\tempoperfect.exe [2012-04-14 09:43]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.ie/

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 89.101.160.4 89.101.160.5

DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} - hxxp://utilities.pcpitstop.com/DiskMD3/DiskMD3Ctrl.dll

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-PC Pitstop Diskmd3 Reminder - c:\program files\PCPitstop\DiskMD3\Reminder-Diskmd3.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-07-16 10:43

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]

@Denied: (3) (LocalSystem)

"AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET NOD32 Antivirus\\"

"DataDir"="ESET\\ESET NOD32 Antivirus\\"

"EditionName"="Student Edition"

"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"

"LanguageId"=dword:00000409

"ProductBase"=dword:00000000

"ProductCode"="{4EAE8F8E-0C2E-4814-9A04-635AFB9050AA}"

"ProductName"="ESET NOD32 Antivirus"

"ProductType"="eav"

"ProductVersion"="3.0.684.0"

"UniqueId"="0028ED0D4AB2B756"

"ScannerBuild"=dword:00000ed0

"ScannerVersionId"=dword:00000de1

"ScannerVersion"=""

"FixId"=dword:00000005

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(3948)

c:\windows\system32\WININET.dll

c:\program files\4Sync\ShellExt.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Completion time: 2012-07-16 10:45:40

ComboFix-quarantined-files.txt 2012-07-16 09:45

ComboFix2.txt 2012-07-10 19:55

.

Pre-Run: 37,421,948,928 bytes free

Post-Run: 37,428,887,552 bytes free

.

- - End Of File - - 3E14E8E36783D82261A765B7D17C139C

Share this post


Link to post
Share on other sites

I'm going to ask my manager to step in for me here.

Share this post


Link to post
Share on other sites

STEP 1

Please run the following mbam-clean removal tool as you're using older version files of Malwarebytes and it will correct that.

Please do the following and let us know if this corrects the issue for you or not.

  • Download and run mbam-clean.exe from here
  • It will ask to restart your computer, please allow it to do so very important
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
    • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
      You can also look up your ID and Key from the Registry and copy and paste it to a Notepad document before running the mbam-clean utility.
      Location for Windows x86

      HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware

      Location for Windows x64

      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware

    • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
      Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.

STEP 2

Run a new DDS scan and post back as attachments both logs.

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.


    When done, DDS will open two (2) logs:
  1. DDS.txt
  2. Attach.txt

  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file in most cases.

Share this post


Link to post
Share on other sites

Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 17/09/2009 19:51:54

System Uptime: 17/07/2012 19:41:48 (0 hours ago)

.

Motherboard: FUJITSU SIEMENS | | AMILO PRO V3515

Processor: Intel® Core Duo CPU T2450 @ 2.00GHz | mPGA 479M | 1995/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 50 GiB total, 34.593 GiB free.

D: is FIXED (NTFS) - 62 GiB total, 44.777 GiB free.

E: is CDROM ()

F: is CDROM (CDFS)

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: MAC Bridge Miniport

Device ID: ROOT\MS_BRIDGEMP\0000

Manufacturer: Microsoft

Name: MAC Bridge Miniport

PNP Device ID: ROOT\MS_BRIDGEMP\0000

Service: BridgeMP

.

==== System Restore Points ===================

.

RP1: 17/07/2012 00:17:42 - System Checkpoint

RP2: 17/07/2012 19:39:43 - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.5

ASAPI Update

Atheros Driver Installation Program

Audacity 1.2.6

AVC Finger-sensing PAD Driver

CodeMeter Runtime Kit v4.01

Conexant HD Audio

DAEMON Tools Lite

DC-Bass Source 1.1.1

ERUNT 1.1j

Google Chrome

Google Earth Plug-in

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Java Auto Updater

Java 7 Update 5

JavaFX 2.1.1

Malwarebytes Anti-Malware version 1.62.0.1300

Microsoft .NET Framework 2.0 Language Pack - DEU

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Calculator Plus

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft DirectX Transform optional components

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

OGA Notifier 2.0.0048.0

Picasa 3

Reason 4.0

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Soft Data Fax Modem with SmartCP

Steinberg WaveLab 5.01b

TempoPerfect Metronome Software

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB978207)

VC80CRTRedist - 8.0.50727.6195

Veoh Web Player

VIA Chrome9 HC IGP Family Display 6.14.10.0193

VIA Rhine-Family Fast-Ethernet Adapter

VLC media player 1.1.7

Volume Control 1.2

WebFldrs XP

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows XP Service Pack 3

WinRAR archiver

Worms Armageddon - New Edition

.

==== Event Viewer Messages From Past Week ========

.

14/07/2012 13:36:09, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1557.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

14/07/2012 05:52:56, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1557.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

12/07/2012 00:29:10, error: Service Control Manager [7034] - The S3LoadSv service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7034] - The CodeMeter Runtime Server service terminated unexpectedly. It has done this 1 time(s).

12/07/2012 00:29:10, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

10/07/2012 20:02:43, error: Service Control Manager [7000] - The Automatic Updates service failed to start due to the following error: %%1290

10/07/2012 20:02:43, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1269.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

10/07/2012 20:02:43, error: DCOM [10005] - DCOM got error "%1290" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

10/07/2012 19:52:59, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume D:.

10/07/2012 19:52:43, error: Service Control Manager [7003] - The @%SystemRoot%\system32\iphlpsvc.dll,-200 service depends on the following nonexistent service: nsi

10/07/2012 19:52:43, error: Service Control Manager [7000] - The @%SystemRoot%\system32\tcpipcfg.dll,-50004 service failed to start due to the following error: The system cannot find the file specified.

10/07/2012 17:54:30, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1269.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8007050a Error description:

10/07/2012 07:39:23, error: NetBT [4307] - Initialization failed because the transport refused to open initial Addresses.

.

==== End Of File ===========================

DDS:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1

Run by Conefry at 19:49:49 on 2012-07-17

Microsoft Windows XP Professional 5.1.2600.3.1252.353.1033.18.1790.1141 [GMT 1:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe

C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

C:\WINDOWS\system32\S3LoadSv.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\S3Trayp.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

D:\My Documents\Downloads\Volume2_1_1_2_159_Portable\Volume2\Volume2.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Conefry\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.ie/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll

uRun: [Volume2] d:\my documents\downloads\volume2_1_1_2_159_portable\volume2\Volume2.exe

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

mRun: [VTTimer] ;;; VTTimer.exe

mRun: [Apoint] c:\program files\apoint2k\Apoint.exe

mRun: [s3Trayp] S3Trayp.exe

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB

DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1341942296000

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} - hxxp://utilities.pcpitstop.com/DiskMD3/DiskMD3Ctrl.dll

TCP: DhcpNameServer = 89.101.160.4 89.101.160.5

TCP: Interfaces\{44E2C206-B6F5-407C-A352-8071FB753924} : DhcpNameServer = 89.101.160.4 89.101.160.5

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2012-4-13 22168]

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2012-6-6 11264]

R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2009-4-3 1680704]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-17 655944]

R2 S3LoadSv;S3LoadSv;c:\windows\system32\s3loadsv.exe [2009-1-20 69632]

R3 fspad;AVC Finger-sensing Pad Driver for Windows 2000/XP;c:\windows\system32\drivers\fspad.sys [2006-7-1 19584]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-17 22344]

R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2009-9-17 561152]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-11 250056]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-8-14 13224]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-13 136176]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys --> c:\windows\system32\drivers\ewusbdev.sys [?]

S3 WinDefend;Windows Defender;c:\windows\system32\svchost.exe -k secsvcs [2004-8-3 14336]

S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\wpro_40_1340.sys --> c:\windows\system32\drivers\WPRO_40_1340.sys [?]

.

=============== Created Last 30 ================

.

2012-07-17 18:48:04 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1f1a50c6-0033-4546-86b8-51dcefd9b961}\mpengine.dll

2012-07-17 18:31:44 -------- d-----w- c:\documents and settings\conefry\application data\Malwarebytes

2012-07-17 18:30:10 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-07-17 18:30:08 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-17 18:30:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-07-16 09:38:04 98816 ----a-w- c:\windows\sed.exe

2012-07-16 09:38:04 518144 ----a-w- c:\windows\SWREG.exe

2012-07-16 09:38:04 256000 ----a-w- c:\windows\PEV.exe

2012-07-16 09:38:04 208896 ----a-w- c:\windows\MBR.exe

2012-07-15 02:06:45 6762896 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2012-07-12 15:31:22 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-12 15:31:22 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-12 12:52:22 -------- d-----w- c:\documents and settings\conefry\local settings\application data\Smith Micro

2012-07-12 12:18:37 -------- d-----w- c:\documents and settings\all users\application data\Smith Micro

2012-07-12 00:31:59 -------- d-----w- c:\documents and settings\all users\application data\PCPitstop

2012-07-11 23:45:55 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-07-11 11:44:35 -------- d-----w- c:\documents and settings\conefry\local settings\application data\Sun

2012-07-10 22:10:44 -------- d-----w- c:\program files\Oracle

2012-07-10 20:02:21 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll

2012-07-10 17:45:29 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-29 11:22:15 -------- d-----w- c:\documents and settings\conefry\DoctorWeb

2012-06-27 09:23:51 -------- d-----w- c:\program files\Microsoft Calculator Plus

.

==================== Find3M ====================

.

2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-12 12:23:51 1594543 ----a-w- c:\windows\WANEUninstaller.exe

2012-06-12 11:54:23 477240 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-06-07 10:28:16 14392 ----a-w- c:\windows\system32\drivers\AtiPcie.sys

2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 14:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 14:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 14:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 14:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 14:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 14:18:58 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 14:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-05-11 14:42:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec

2012-05-04 18:29:22 772504 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-05-04 18:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

============= FINISH: 19:50:56.70 ===============

Share this post


Link to post
Share on other sites

sorted! Thanks so much! That was far easier than i thought, sorry for wasting your time on that issue!

Share this post


Link to post
Share on other sites

No problem,, you're quite welcome.

Yeah, pretty easy. I'm thinking of maybe making my own video on how to remove them from different browsers.

Go ahead and remove Combofix now. Click on START - RUN and type in COMBOFIX.EXE /UNINSTALL

and it should remove itself from your computer.

I'll go ahead then and close your post soon unless you have any other issues or questions, please let me know.

Cheers

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.