BleepingComputer.com: resycled\boot.com

Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

resycled\boot.com is not a valid Win32application

#1 User is offline   faboney 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 1
  • Joined: 16-December 08

Posted 16 December 2008 - 05:16 PM

my laptop was attacked by the 360 antivirus and i performed the removal the forum directed by downloading a MBAM. it cleaned and was slightly fasted. But when i attemoted to open my C and D drives i kept reading resycled\boot.com is not a valid Win32application. i have followed the instructions on the forum going to Control panel, selecting Run>regedit etc and the virus will not go. the laptop is still slow and i am using but the BitDefender and not Kapersky.

DDS (Version 1.1.0) - NTFSx86
Run by Bunny at 23:55:49.10 on Tue 12/16/2008
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1526.998 [GMT 2:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Seekeen\seekeen.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\System32\svchost.exe -kbdx
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\Program Files\Seekeen\seekeen.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nonoh.net\Nonoh\Nonoh.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\System32\NOTEPAD.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Documents and Settings\Bunny\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://my.freeze.com/?AcquisitionID=34417961-6f03-473e-ae62-1594a30084a5&s=&ipc=
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
mStart Page = hxxp://home.sweetim.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uURLSearchHooks: {EEE6C35D-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows

live\WindowsLiveLogin.dll
BHO: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {D0943516-5076-4020-A3B5-AEFAF26AB263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll
TB: {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - c:\program files\bitdefender\bitdefender 2008\IEToolbar.dll
TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [YSearchProtection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [Veoh] "c:\program files\veoh networks\veoh\VeohClient.exe" /VeohHide
uRun: [<NO NAME>]
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [msnmsgr] ~"c:\program files\msn messenger\msnmsgr.exe" /background
uRun: [Yahoo! Pager] ~"c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
uRun: [Nonoh] "c:\program files\nonoh.net\nonoh\Nonoh.exe" -nosplash -minimized
uRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [CTSVolFE.exe] "c:\program files\creative\mixer\CTSVolFE.exe" /r
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2008\IEShow.exe"
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2008\bdagent.exe"
mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat

7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - c:\program files\winferno\pc confidential\PCConfidential.exe
IE: {925DAB62-F9AC-4221-806A-057BFB1014AA} - c:\program files\winferno\pc confidential\PCConfidential.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program

files\java\jre1.6.0_07\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} -

c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - {6FAC4823-815E-4361-836E-46D65ED2550B} - c:\program

files\smart-shopper\bin\2.5.1\Smrt-Shpr.dll
IE: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - {4CF088BD-BE95-40a5-BE9B-677F8683EDEA} - c:\program

files\smart-shopper\bin\2.5.1\Smrt-Shpr.dll
IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - c:\program files\winferno\pc confidential\PCConfidential.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program

files\yahoo!\common\yiesrvc.dll
IE: {925DAB62-F9AC-4221-806A-057BFB1014AA} - c:\program files\winferno\pc confidential\PCConfidential.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} -

c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: {2D23A9A5-D2E3-4D6B-AE49-42DEA38AB749} = 193.140.41.94
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
AppInit_DLLs: bukgmw.dll
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\bunny\applic~1\mozilla\firefox\profiles\pinwqbeo.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - hxxp://home.sweetim.com
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\yahoo!\shared\npYState.dll

============= SERVICES / DRIVERS ===============

R2 Seekeen Service;Seekeen Service;"c:\program files\seekeen\seekeen.exe" "c:\program files\seekeen\seekeen.dll" Service []
S2 B375F8CAA86AA5FA;B375F8CAA86AA5FA;\??\c:\documents and settings\bunny\desktop\b375f8caa86aa5fa\B375F8CAA86AA5FA []
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2007-9-7 32512]

=============== Created Last 30 ================

2008-12-16 20:13 <DIR> --d----- c:\docume~1\bunny\applic~1\Malwarebytes
2008-12-16 20:12 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-16 20:12 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-16 20:12 <DIR> -cd----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2008-12-16 20:12 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2008-12-16 12:25 <DIR> -cd----- C:\spoolerlogs
2008-12-16 08:49 70,144 a------- c:\windows\system32\opnlKBtq.dll
2008-12-16 08:49 225 -c-shr-- C:\autorun.inf
2008-12-13 10:28 394 a------- c:\windows\capture.ini
2008-12-13 10:18 1,890 a--sh--- c:\windows\system32\KGyGaAvL.sys
2008-12-13 10:18 56 ---shr-- c:\windows\system32\350EEDF385.sys
2008-12-13 10:17 <DIR> --d----- c:\program files\common files\Corel
2008-12-13 10:16 <DIR> --d----- c:\program files\Corel
2008-12-13 10:09 <DIR> --d----- c:\program files\CorelDRAW Graphics Suite 12 Installer
2008-12-11 14:33 <DIR> --d----- c:\program files\Free Offers from Freeze.com
2008-12-11 14:33 <DIR> --d----- c:\program files\common files\Winferno
2008-12-11 14:33 212,240 a------- c:\windows\system32\Richtx32.ocx
2008-12-11 14:07 835,584 a------- c:\windows\system32\WINCTL4.OCX
2008-12-11 14:07 495,616 a------- c:\windows\system32\WINUTIL5.DLL
2008-12-11 14:07 393,216 a------- c:\windows\system32\WINLCTL5.DLL
2008-12-11 14:07 <DIR> --d----- c:\program files\Winferno
2008-12-11 14:03 <DIR> --d----- c:\program files\Seekeen
2008-12-11 14:02 <DIR> --d----- c:\program files\Smart-Shopper
2008-12-11 14:02 <DIR> --d----- c:\docume~1\bunny\applic~1\Smart-Shopper
2008-12-07 16:20 5,525,504 a------- c:\windows\system32\setb0.tmp
2008-12-03 08:00 69,632 a--shr-- c:\windows\sysproc.dll
2008-12-03 08:00 124,688 a------- c:\windows\MSWINSCK.OCX

==================== Find3M ====================

2008-12-16 22:19 81,984 a------- c:\windows\system32\bdod.bin
2008-11-05 22:36 57,588 a---h--- c:\windows\system32\mlfcache.dat
2008-10-15 23:12 262,144 a------- C:\ntuser.dat
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2007-08-30 14:39 774,144 ac------ c:\program files\RngInterstitial.dll
2007-02-25 12:06 122,880 a--shr-- c:\windows\system32\blat.dll
2007-02-25 12:06 115,200 a--shr-- c:\windows\system32\blat.exe

============= FINISH: 23:56:33.87 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Version 1.0)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/23/2007 11:56:26 PM
System Uptime: 12/16/2008 9:56:39 PM (2 hours ago)

Motherboard: Dell Inc. | | 0KD882
Processor: Genuine Intel® CPU T2050 @

1.60GHz | Microprocessor | 1595/133mhz
Processor: Genuine Intel® CPU T2050 @

1.60GHz | Microprocessor | 1595/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 29 GiB total, 9.005 GiB free.
D: is FIXED (NTFS) - 25 GiB total, 7.996 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller (VGA Compatible)
Device ID:

PCI\VEN_8086&DEV_27A2&SUBSYS_01BD1028&REV_03\3&61AAA01

&0&10
Manufacturer:
Name: Video Controller (VGA Compatible)
PNP Device ID:

PCI\VEN_8086&DEV_27A2&SUBSYS_01BD1028&REV_03\3&61AAA01

&0&10
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller
Device ID:

PCI\VEN_8086&DEV_27A6&SUBSYS_01BD1028&REV_03\3&61AAA01

&0&11
Manufacturer:
Name: Video Controller
PNP Device ID:

PCI\VEN_8086&DEV_27A6&SUBSYS_01BD1028&REV_03\3&61AAA01

&0&11
Service:

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\38D9D941374FC000
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\38D9D941374FC000
Service: NIC1394

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Base System Device
Device ID:

PCI\VEN_1180&DEV_0843&SUBSYS_01BD1028&REV_01\4&2FE911E

8&0&0AF0
Manufacturer:
Name: Base System Device
PNP Device ID:

PCI\VEN_1180&DEV_0843&SUBSYS_01BD1028&REV_01\4&2FE911E

8&0&0AF0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Base System Device
Device ID:

PCI\VEN_1180&DEV_0592&SUBSYS_01BD1028&REV_0A\4&2FE911E

8&0&0BF0
Manufacturer:
Name: Base System Device
PNP Device ID:

PCI\VEN_1180&DEV_0592&SUBSYS_01BD1028&REV_0A\4&2FE911E

8&0&0BF0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Base System Device
Device ID:

PCI\VEN_1180&DEV_0852&SUBSYS_01BD1028&REV_05\4&2FE911E

8&0&0CF0
Manufacturer:
Name: Base System Device
PNP Device ID:

PCI\VEN_1180&DEV_0852&SUBSYS_01BD1028&REV_05\4&2FE911E

8&0&0CF0
Service:

Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: Conexant Setup API
Device ID: ROOT\UIUSYS\0000
Manufacturer:
Name: Conexant Setup API
PNP Device ID: ROOT\UIUSYS\0000
Service:

==== System Restore Points ===================

RP1073: 11/21/2008 7:02:36 PM - Software Distribution

Service 3.0
RP1074: 11/21/2008 10:00:19 PM - Software Distribution

Service 3.0
RP1075: 11/22/2008 10:00:17 PM - Software Distribution

Service 3.0
RP1076: 11/23/2008 10:00:18 PM - Software Distribution

Service 3.0
RP1077: 11/24/2008 9:29:38 AM - Software Distribution

Service 3.0
RP1078: 11/24/2008 12:28:50 PM - Installed Java™ 6

Update 7
RP1079: 11/24/2008 2:48:40 PM - Software Distribution

Service 3.0
RP1080: 11/27/2008 10:36:40 AM - Software Distribution

Service 3.0
RP1081: 11/27/2008 7:30:35 PM - Software Distribution

Service 3.0
RP1082: 11/28/2008 8:49:28 AM - Software Distribution

Service 3.0
RP1083: 11/28/2008 10:00:17 PM - Software Distribution

Service 3.0
RP1084: 11/28/2008 11:24:39 PM - Software Distribution

Service 3.0
RP1085: 11/29/2008 10:52:24 AM - Software Distribution

Service 3.0
RP1086: 11/29/2008 10:00:18 PM - Software Distribution

Service 3.0
RP1087: 11/30/2008 12:41:40 AM - Software Distribution

Service 3.0
RP1088: 11/30/2008 2:48:05 PM - Software Distribution

Service 3.0
RP1089: 11/30/2008 9:13:56 PM - Software Distribution

Service 3.0
RP1090: 12/1/2008 8:43:03 PM - Software Distribution

Service 3.0
RP1091: 12/2/2008 9:07:05 PM - Software Distribution

Service 3.0
RP1092: 12/3/2008 8:54:06 AM - Removed SweetIM for

Messenger 2.5
RP1093: 12/3/2008 8:54:15 AM - Installed SweetIM for

Messenger 2.6
RP1094: 12/3/2008 1:40:36 PM - Software Distribution

Service 3.0
RP1095: 12/4/2008 12:14:34 AM - Software Distribution

Service 3.0
RP1096: 12/4/2008 2:26:36 PM - Software Distribution

Service 3.0
RP1097: 12/4/2008 10:00:18 PM - Software Distribution

Service 3.0
RP1098: 12/4/2008 10:59:46 PM - Software Distribution

Service 3.0
RP1099: 12/5/2008 10:00:17 PM - Software Distribution

Service 3.0
RP1100: 12/5/2008 10:19:28 PM - Software Distribution

Service 3.0
RP1101: 12/6/2008 9:55:25 PM - Software Distribution

Service 3.0
RP1102: 12/7/2008 4:03:08 PM - Installed Windows Media

Player 11
RP1103: 12/7/2008 4:20:23 PM - Installed Windows Media

Player 10
RP1104: 12/7/2008 10:00:19 PM - Software Distribution

Service 3.0
RP1105: 12/8/2008 2:16:49 AM - Software Distribution

Service 3.0
RP1106: 12/8/2008 10:00:18 PM - Software Distribution

Service 3.0
RP1107: 12/9/2008 12:23:19 AM - Software Distribution

Service 3.0
RP1108: 12/9/2008 10:00:18 PM - Software Distribution

Service 3.0
RP1109: 12/10/2008 10:00:19 PM - Software Distribution

Service 3.0
RP1110: 12/11/2008 12:27:05 AM - Software Distribution

Service 3.0
RP1111: 12/11/2008 10:00:19 PM - Software Distribution

Service 3.0
RP1112: 12/12/2008 12:52:32 AM - Software Distribution

Service 3.0
RP1113: 12/12/2008 7:50:49 AM - Software Distribution

Service 3.0
RP1114: 12/13/2008 10:16:41 AM - Installed CorelDRAW

Graphics Suite 12
RP1115: 12/13/2008 10:00:17 PM - Software Distribution

Service 3.0
RP1116: 12/14/2008 2:28:37 AM - Software Distribution

Service 3.0
RP1117: 12/14/2008 5:21:02 PM - Installed Windows

Media Player 10
RP1118: 12/14/2008 10:00:17 PM - Software Distribution

Service 3.0
RP1119: 12/15/2008 1:30:32 AM - Software Distribution

Service 3.0
RP1120: 12/15/2008 10:00:18 PM - Software Distribution

Service 3.0
RP1121: 12/15/2008 11:24:16 PM - Software Distribution

Service 3.0
RP1122: 12/16/2008 8:56:56 AM - Last known good

configuration
RP1123: 12/16/2008 8:43:19 PM - Software Distribution

Service 3.0
RP1124: 12/16/2008 9:55:23 PM - Software Distribution

Service 3.0

==== Installed Programs ======================

Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Photoshop 7.0
Adobe Reader 7.1.0
Apple Software Update
BitDefender Antivirus 2008
Broadcom 440x 10/100 Integrated Controller
Broadcom Management Programs
Conexant HDA D110 MDC V.92 Modem
CorelDRAW Graphics Suite 12
Dell Mobile Broadband Card Utility
Dell Support 3.2
Dell Wireless WLAN Card
DellSupport
Digital Line Detect
DivX Content Uploader
DivX Web Player
Easy WiFi Radar Demo 1.0
FLV Player 1.3.3
Hero DVD Player
Hotfix for Windows XP (KB952287)
ICatch (VI) PC Camera
Intel® PROSet/Wireless Software
Java™ 6 Update 2
Java™ 6 Update 3
Java™ 6 Update 7
K-Lite Codec Pack 3.4.5 Standard
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
mCore
mDriver
mDrWiFi
mHlpDell
Microfit for Windows
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English)

2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English)

2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English)

2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English)

12
Microsoft Visual C++ 2005 Redistributable
mIWA
Mixer
mLogView
mMHouse
Mouse Suite for Laptop Computers
Mozilla Firefox (3.0.4)
mPfMgr
mPfWiz
mProSafe
MSN
mSSO
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
mWlsSafe
mWMI
mXML
mZConfig
Nero Suite
Network Stumbler 0.4.0 (remove only)
Nonoh
OneCare Advisor (Windows Live Toolbar)
PC Confidential 2008
Picasa 2
QuickSet
QuickTime
RealPlayer
Rhapsody Player Engine
Roxio DLA
Security Update for Windows Media Player 6.4

(KB925398)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB958644)
Seekeen 1.0 build 132
SetPoint
SigmaTel Audio
Smart Menus (Windows Live Toolbar)
SmartShopper
Sound Blaster ADVANCED MB Drivers
Sound Blaster Audigy ADVANCED MB Demo
SPSS 11.0 for Windows
SPSS 13.0 for Windows
SweetIM for Messenger 2.6
SweetIM Toolbar for Internet Explorer 3.3
Synaptics Pointing Device Driver
Update for Windows XP (KB894391)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
VeohTV BETA
VideoLAN VLC media player 0.8.5
Virtual DJ - Atomix Productions
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Winferno Registry Power Cleaner
WinRAR archiver
WordWeb
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

12/13/2008 9:02:08 AM, error: Service Control Manager

[7001] - The Computer Browser service depends on the

Server service which failed to start because of the

following error: The specified driver is invalid.
12/13/2008 9:02:08 AM, error: Service Control Manager

[7023] - The Server service terminated with the

following error: The specified driver is invalid.
12/12/2008 6:54:53 AM, error: Ntfs [55] - The file

system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume D:.
12/10/2008 9:22:26 PM, error: W32Time [17] - Time

Provider NtpClient: An error occurred during DNS

lookup of the manually configured peer

'time.windows.com,0x1'. NtpClient will try the DNS

lookup again in 15 minutes. The error was: A socket

operation was attempted to an unreachable host.

(0x80072751)
12/10/2008 8:26:02 PM, error: Dhcp [1001] - Your

computer was not assigned an address from the network

(by the DHCP Server) for the Network Card with network

address 0018DE145513. The following error occurred:

The semaphore timeout period has expired. . Your

computer will continue to try and obtain an address on

its own from the network address (DHCP) server.
12/10/2008 1:53:38 PM, error: Dhcp [1001] - Your

computer was not assigned an address from the network

(by the DHCP Server) for the Network Card with network

address 0018DE145513. The following error occurred:

The operation was canceled by the user. . Your

computer will continue to try and obtain an address on

its own from the network address (DHCP) server.
12/14/2008 11:10:00 AM, error: SideBySide [61] -

Syntax error in manifest or policy file "C:\Program

Files\Apple Software

Update\Plugins\EXEInstallPlugin.dll.Manifest" on line

2. The required attribute version is missing from

element assemblyIdentity.
12/14/2008 11:10:01 AM, error: SideBySide [58] -

Syntax error in manifest or policy file "C:\Program

Files\Apple Software

Update\Plugins\EXEInstallPlugin.dll.Manifest" on line

2.
12/14/2008 11:10:01 AM, error: SideBySide [59] -

Generate Activation Context failed for C:\Program

Files\Apple Software

Update\Plugins\EXEInstallPlugin.dll.Manifest.

Reference error message: The operation completed

successfully. .
12/14/2008 11:10:01 AM, error: SideBySide [61] -

Syntax error in manifest or policy file "C:\Program

Files\Apple Software

Update\Plugins\MSIInstallPlugin.dll.Manifest" on line

2. The required attribute version is missing from

element assemblyIdentity.
12/14/2008 11:10:01 AM, error: SideBySide [58] -

Syntax error in manifest or policy file "C:\Program

Files\Apple Software

Update\Plugins\MSIInstallPlugin.dll.Manifest" on line

2.
12/14/2008 11:10:01 AM, error: SideBySide [59] -

Generate Activation Context failed for C:\Program


BitDefender Log File !!!!!
Product : BitDefender Antivirus 2008
Version : BitDefender UIScanner v.11
Log date : 10:15:45 16/12/2008
Log path : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1229415345_1_02.xml

Scan Paths:Path0000: C:\
Path0001: D:\


Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes


Target selection options:Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : Yes
Scan runtime packers : Yes
Scan emails : Yes
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions :
Excluded extensions :


Target ProcessingDefault action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None


Scan engines summaryNumber of virus signatures : 2353324
Archive plugins : 45
Email plugins : 6
Scan plugins : 13
Archive plugins : 45
System plugins : 5
Unpack plugins : 7


Overall scan summaryScanned items : 229103
Infected items : 15
Suspicious items : 0
Resolved items : 15
Individual viruses found : 13
Scanned directories : 7635
Scanned boot sectors : 6
Scanned archives : 2359
Input-output errors : 31
Scan time : 00:01:21:10
Files per second : 46


Scanned processes summaryScanned : 58
Infected : 0


Scanned registry keys summaryScanned : 998
Infected : 0


Scanned cookies summaryScanned : 1158
Infected : 0


Remaining issues:Object Name Threat Name Final Status


Resolved issues:Object Name Threat Name Final Status
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@112.2o7[2].txt Cookie.2o7 Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@atdmt[1].txt Cookie.ATDMT Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@goal.adbureau[2].txt Cookie.AdBureau Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@adrevolver[2].txt Cookie.Adrevolver Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@media.adrevolver[1].txt Cookie.Adrevolver Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@advertising[1].txt Cookie.Advertising Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@doubleclick[2].txt Cookie.DoubleClick Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@rubiconproject[2].txt Cookie.Rub Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@counter1.sextracker[1].txt Cookie.SexTracker Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@sextracker[1].txt Cookie.SexTracker Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@smartadserver[1].txt Cookie.SmartAdServer Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@statcounter[2].txt Cookie.Statcounter Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@tradedoubler[1].txt Cookie.TradeDoubler Deleted
[System]=]C:\Documents and Settings\Bunny\Cookies\bunny@tribalfusion[2].txt Cookie.TribalFusion Deleted
C:\Documents and Settings\Bunny\Local Settings\Temp\tmp28.tmp Trojan.Agent.ALLE Deleted


Objects that were not scanned:Object Name Reason Final Status
C:\Dell\Drivers\R142668\config.bin=]profiles.xml Password-Protected No action was possible
C:\Dell\Drivers\R142668\config.bin=]registry.xml Password-Protected No action was possible
C:\Dell\Drivers\R142668\systemid.zip=]SystemID.txt Password-Protected No action was possible
C:\Dell\Drivers\R142669\config.bin=]profiles.xml Password-Protected No action was possible
C:\Dell\Drivers\R142669\config.bin=]registry.xml Password-Protected No action was possible
C:\Dell\Drivers\R142669\systemid.zip=]SystemID.txt Password-Protected No action was possible
C:\Dell\Drivers\R142984\config.bin=]profiles.xml Password-Protected No action was possible
C:\Dell\Drivers\R142984\config.bin=]registry.xml Password-Protected No action was possible
C:\Dell\Drivers\R142984\systemid.zip=]SystemID.txt Password-Protected No action was possible
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\ENU_\Data1.cab=]WebSearchENU.pdf Password-Protected No action was possible
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\ENU_\Data1.cab=]RdrMsgSplash.pdf Password-Protected No action was possible
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig710\ENU\Data1.cab=]WebSearchENU.pdf Password-Protected No action was possible
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig710\ENU\Data1.cab=]RdrMsgENU.pdf Password-Protected No action was possible
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig710\ENU\Data1.cab=]RdrMsgSplash.pdf Password-Protected No action was possible



Files\Apple Software

Update\Plugins\MSIInstallPlugin.dll.Manifest.

Reference error message: The operation completed

successfully. .
12/16/2008 9:21:04 AM, error: DCOM [10005] - DCOM got

error "%1058" attempting to start the service wuauserv

with arguments "" in order to run the server:

{E60687F7-01A1-40AA-86AC-DB1CBF673334}

==== End Of File ===========================

#2 User is offline   KoanYorel 

  • Bleepin' Conundrum
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Staff Emeritus
  • Posts: 19,461
  • Joined: 26-April 04
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA

Posted 25 December 2008 - 06:23 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are

trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but

sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform

the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description

of your problem, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in

working order clean and free of malware.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool,

disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#3 User is offline   KoanYorel 

  • Bleepin' Conundrum
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Staff Emeritus
  • Posts: 19,461
  • Joined: 26-April 04
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA

Posted 02 January 2009 - 07:37 PM

Due to the lack of feedback, this Topic is now closed.

If you still have problems, please Start a new topic.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users