 resycled\boot.com, is not a valid Win32application |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Forum Guidelines
Read this topic before posting a log. DO NOT post a ComboFix log unless requested to. Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  |
 Dec 16 2008, 05:16 PM
Post
#1
|
|
|
New Member  Group: Members Posts: 1 Joined: 16-December 08 Member No.: 270,412  |
DDS (Version 1.1.0) - NTFSx86 Run by Bunny at 23:55:49.10 on Tue 12/16/2008 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_07 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1526.998 [GMT 2:00] ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Seekeen\seekeen.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe C:\WINDOWS\System32\svchost.exe -kbdx C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Creative\Mixer\CTSVolFE.exe C:\Program Files\Seekeen\seekeen.exe C:\WINDOWS\stsystra.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Dell Support\DSAgnt.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Veoh Networks\Veoh\VeohClient.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Nonoh.net\Nonoh\Nonoh.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\System32\NOTEPAD.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Documents and Settings\Bunny\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://my.freeze.com/?AcquisitionID=34417961-6f03-473e-ae62-1594a30084a5&s=&ipc= uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com mStart Page = hxxp://home.sweetim.com mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll uURLSearchHooks: {EEE6C35D-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll TB: {D0943516-5076-4020-A3B5-AEFAF26AB263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll TB: {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - c:\program files\bitdefender\bitdefender 2008\IEToolbar.dll TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup uRun: [YSearchProtection] c:\program files\yahoo!\search protection\SearchProtection.exe uRun: [Veoh] "c:\program files\veoh networks\veoh\VeohClient.exe" /VeohHide uRun: [<NO NAME>] uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [msnmsgr] ~"c:\program files\msn messenger\msnmsgr.exe" /background uRun: [Yahoo! Pager] ~"c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet uRun: [Nonoh] "c:\program files\nonoh.net\nonoh\Nonoh.exe" -nosplash -minimized uRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe" mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless mRun: [CTSVolFE.exe] "c:\program files\creative\mixer\CTSVolFE.exe" /r mRun: [SigmatelSysTrayApp] stsystra.exe mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe" mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2008\IEShow.exe" mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2008\bdagent.exe" mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - c:\program files\winferno\pc confidential\PCConfidential.exe IE: {925DAB62-F9AC-4221-806A-057BFB1014AA} - c:\program files\winferno\pc confidential\PCConfidential.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - {6FAC4823-815E-4361-836E-46D65ED2550B} - c:\program files\smart-shopper\bin\2.5.1\Smrt-Shpr.dll IE: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - {4CF088BD-BE95-40a5-BE9B-677F8683EDEA} - c:\program files\smart-shopper\bin\2.5.1\Smrt-Shpr.dll IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - c:\program files\winferno\pc confidential\PCConfidential.exe IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll IE: {925DAB62-F9AC-4221-806A-057BFB1014AA} - c:\program files\winferno\pc confidential\PCConfidential.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe TCP: {2D23A9A5-D2E3-4D6B-AE49-42DEA38AB749} = 193.140.41.94 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL AppInit_DLLs: bukgmw.dll SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\bunny\applic~1\mozilla\firefox\profiles\pinwqbeo.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: browser.search.selectedEngine - SweetIM Search FF - prefs.js: browser.startup.homepage - hxxp://home.sweetim.com FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q= FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll FF - plugin: c:\program files\picasa2\npPicasa2.dll FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll FF - plugin: c:\program files\yahoo!\shared\npYState.dll ============= SERVICES / DRIVERS =============== R2 Seekeen Service;Seekeen Service;"c:\program files\seekeen\seekeen.exe" "c:\program files\seekeen\seekeen.dll" Service [] S2 B375F8CAA86AA5FA;B375F8CAA86AA5FA;\??\c:\documents and settings\bunny\desktop\b375f8caa86aa5fa\B375F8CAA86AA5FA [] S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2007-9-7 32512] =============== Created Last 30 ================ 2008-12-16 20:13 <DIR> --d----- c:\docume~1\bunny\applic~1\Malwarebytes 2008-12-16 20:12 15,504 a------- c:\windows\system32\drivers\mbam.sys 2008-12-16 20:12 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-16 20:12 <DIR> -cd----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2008-12-16 20:12 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2008-12-16 12:25 <DIR> -cd----- C:\spoolerlogs 2008-12-16 08:49 70,144 a------- c:\windows\system32\opnlKBtq.dll 2008-12-16 08:49 225 -c-shr-- C:\autorun.inf 2008-12-13 10:28 394 a------- c:\windows\capture.ini 2008-12-13 10:18 1,890 a--sh--- c:\windows\system32\KGyGaAvL.sys 2008-12-13 10:18 56 ---shr-- c:\windows\system32\350EEDF385.sys 2008-12-13 10:17 <DIR> --d----- c:\program files\common files\Corel 2008-12-13 10:16 <DIR> --d----- c:\program files\Corel 2008-12-13 10:09 <DIR> --d----- c:\program files\CorelDRAW Graphics Suite 12 Installer 2008-12-11 14:33 <DIR> --d----- c:\program files\Free Offers from Freeze.com 2008-12-11 14:33 <DIR> --d----- c:\program files\common files\Winferno 2008-12-11 14:33 212,240 a------- c:\windows\system32\Richtx32.ocx 2008-12-11 14:07 835,584 a------- c:\windows\system32\WINCTL4.OCX 2008-12-11 14:07 495,616 a------- c:\windows\system32\WINUTIL5.DLL 2008-12-11 14:07 393,216 a------- c:\windows\system32\WINLCTL5.DLL 2008-12-11 14:07 <DIR> --d----- c:\program files\Winferno 2008-12-11 14:03 <DIR> --d----- c:\program files\Seekeen 2008-12-11 14:02 <DIR> --d----- c:\program files\Smart-Shopper 2008-12-11 14:02 <DIR> --d----- c:\docume~1\bunny\applic~1\Smart-Shopper 2008-12-07 16:20 5,525,504 a------- c:\windows\system32\setb0.tmp 2008-12-03 08:00 69,632 a--shr-- c:\windows\sysproc.dll 2008-12-03 08:00 124,688 a------- c:\windows\MSWINSCK.OCX ==================== Find3M ==================== 2008-12-16 22:19 81,984 a------- c:\windows\system32\bdod.bin 2008-11-05 22:36 57,588 a---h--- c:\windows\system32\mlfcache.dat 2008-10-15 23:12 262,144 a------- C:\ntuser.dat 2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll 2007-08-30 14:39 774,144 ac------ c:\program files\RngInterstitial.dll 2007-02-25 12:06 122,880 a--shr-- c:\windows\system32\blat.dll 2007-02-25 12:06 115,200 a--shr-- c:\windows\system32\blat.exe ============= FINISH: 23:56:33.87 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Version 1.0) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 7/23/2007 11:56:26 PM System Uptime: 12/16/2008 9:56:39 PM (2 hours ago) Motherboard: Dell Inc. | | 0KD882 Processor: Genuine Intel® CPU T2050 @ 1.60GHz | Microprocessor | 1595/133mhz Processor: Genuine Intel® CPU T2050 @ 1.60GHz | Microprocessor | 1595/133mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 29 GiB total, 9.005 GiB free. D: is FIXED (NTFS) - 25 GiB total, 7.996 GiB free. E: is CDROM () F: is Removable G: is Removable ==== Disabled Device Manager Items ============= Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Video Controller (VGA Compatible) Device ID: PCI\VEN_8086&DEV_27A2&SUBSYS_01BD1028&REV_03\3&61AAA01 &0&10 Manufacturer: Name: Video Controller (VGA Compatible) PNP Device ID: PCI\VEN_8086&DEV_27A2&SUBSYS_01BD1028&REV_03\3&61AAA01 &0&10 Service: Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Video Controller Device ID: PCI\VEN_8086&DEV_27A6&SUBSYS_01BD1028&REV_03\3&61AAA01 &0&11 Manufacturer: Name: Video Controller PNP Device ID: PCI\VEN_8086&DEV_27A6&SUBSYS_01BD1028&REV_03\3&61AAA01 &0&11 Service: Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: 1394 Net Adapter Device ID: V1394\NIC1394\38D9D941374FC000 Manufacturer: Microsoft Name: 1394 Net Adapter PNP Device ID: V1394\NIC1394\38D9D941374FC000 Service: NIC1394 Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Base System Device Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_01BD1028&REV_01\4&2FE911E 8&0&0AF0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_01BD1028&REV_01\4&2FE911E 8&0&0AF0 Service: Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Base System Device Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_01BD1028&REV_0A\4&2FE911E 8&0&0BF0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_01BD1028&REV_0A\4&2FE911E 8&0&0BF0 Service: Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Base System Device Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_01BD1028&REV_05\4&2FE911E 8&0&0CF0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_01BD1028&REV_05\4&2FE911E 8&0&0CF0 Service: Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318} Description: Conexant Setup API Device ID: ROOT\UIUSYS\0000 Manufacturer: Name: Conexant Setup API PNP Device ID: ROOT\UIUSYS\0000 Service: ==== System Restore Points =================== RP1073: 11/21/2008 7:02:36 PM - Software Distribution Service 3.0 RP1074: 11/21/2008 10:00:19 PM - Software Distribution Service 3.0 RP1075: 11/22/2008 10:00:17 PM - Software Distribution Service 3.0 RP1076: 11/23/2008 10:00:18 PM - Software Distribution Service 3.0 RP1077: 11/24/2008 9:29:38 AM - Software Distribution Service 3.0 RP1078: 11/24/2008 12:28:50 PM - Installed Java™ 6 Update 7 RP1079: 11/24/2008 2:48:40 PM - Software Distribution Service 3.0 RP1080: 11/27/2008 10:36:40 AM - Software Distribution Service 3.0 RP1081: 11/27/2008 7:30:35 PM - Software Distribution Service 3.0 RP1082: 11/28/2008 8:49:28 AM - Software Distribution Service 3.0 RP1083: 11/28/2008 10:00:17 PM - Software Distribution Service 3.0 RP1084: 11/28/2008 11:24:39 PM - Software Distribution Service 3.0 RP1085: 11/29/2008 10:52:24 AM - Software Distribution Service 3.0 RP1086: 11/29/2008 10:00:18 PM - Software Distribution Service 3.0 RP1087: 11/30/2008 12:41:40 AM - Software Distribution Service 3.0 RP1088: 11/30/2008 2:48:05 PM - Software Distribution Service 3.0 RP1089: 11/30/2008 9:13:56 PM - Software Distribution Service 3.0 RP1090: 12/1/2008 8:43:03 PM - Software Distribution Service 3.0 RP1091: 12/2/2008 9:07:05 PM - Software Distribution Service 3.0 RP1092: 12/3/2008 8:54:06 AM - Removed SweetIM for Messenger 2.5 RP1093: 12/3/2008 8:54:15 AM - Installed SweetIM for Messenger 2.6 RP1094: 12/3/2008 1:40:36 PM - Software Distribution Service 3.0 RP1095: 12/4/2008 12:14:34 AM - Software Distribution Service 3.0 RP1096: 12/4/2008 2:26:36 PM - Software Distribution Service 3.0 RP1097: 12/4/2008 10:00:18 PM - Software Distribution Service 3.0 RP1098: 12/4/2008 10:59:46 PM - Software Distribution Service 3.0 RP1099: 12/5/2008 10:00:17 PM - Software Distribution Service 3.0 RP1100: 12/5/2008 10:19:28 PM - Software Distribution Service 3.0 RP1101: 12/6/2008 9:55:25 PM - Software Distribution Service 3.0 RP1102: 12/7/2008 4:03:08 PM - Installed Windows Media Player 11 RP1103: 12/7/2008 4:20:23 PM - Installed Windows Media Player 10 RP1104: 12/7/2008 10:00:19 PM - Software Distribution Service 3.0 RP1105: 12/8/2008 2:16:49 AM - Software Distribution Service 3.0 RP1106: 12/8/2008 10:00:18 PM - Software Distribution Service 3.0 RP1107: 12/9/2008 12:23:19 AM - Software Distribution Service 3.0 RP1108: 12/9/2008 10:00:18 PM - Software Distribution Service 3.0 RP1109: 12/10/2008 10:00:19 PM - Software Distribution Service 3.0 RP1110: 12/11/2008 12:27:05 AM - Software Distribution Service 3.0 RP1111: 12/11/2008 10:00:19 PM - Software Distribution Service 3.0 RP1112: 12/12/2008 12:52:32 AM - Software Distribution Service 3.0 RP1113: 12/12/2008 7:50:49 AM - Software Distribution Service 3.0 RP1114: 12/13/2008 10:16:41 AM - Installed CorelDRAW Graphics Suite 12 RP1115: 12/13/2008 10:00:17 PM - Software Distribution Service 3.0 RP1116: 12/14/2008 2:28:37 AM - Software Distribution Service 3.0 RP1117: 12/14/2008 5:21:02 PM - Installed Windows Media Player 10 RP1118: 12/14/2008 10:00:17 PM - Software Distribution Service 3.0 RP1119: 12/15/2008 1:30:32 AM - Software Distribution Service 3.0 RP1120: 12/15/2008 10:00:18 PM - Software Distribution Service 3.0 RP1121: 12/15/2008 11:24:16 PM - Software Distribution Service 3.0 RP1122: 12/16/2008 8:56:56 AM - Last known good configuration RP1123: 12/16/2008 8:43:19 PM - Software Distribution Service 3.0 RP1124: 12/16/2008 9:55:23 PM - Software Distribution Service 3.0 ==== Installed Programs ====================== Adobe Flash Player 10 Plugin Adobe Flash Player ActiveX Adobe Photoshop 7.0 Adobe Reader 7.1.0 Apple Software Update BitDefender Antivirus 2008 Broadcom 440x 10/100 Integrated Controller Broadcom Management Programs Conexant HDA D110 MDC V.92 Modem CorelDRAW Graphics Suite 12 Dell Mobile Broadband Card Utility Dell Support 3.2 Dell Wireless WLAN Card DellSupport Digital Line Detect DivX Content Uploader DivX Web Player Easy WiFi Radar Demo 1.0 FLV Player 1.3.3 Hero DVD Player Hotfix for Windows XP (KB952287) ICatch (VI) PC Camera Intel® PROSet/Wireless Software Java™ 6 Update 2 Java™ 6 Update 3 Java™ 6 Update 7 K-Lite Codec Pack 3.4.5 Standard Malwarebytes' Anti-Malware Map Button (Windows Live Toolbar) mCore mDriver mDrWiFi mHlpDell Microfit for Windows Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft Visual C++ 2005 Redistributable mIWA Mixer mLogView mMHouse Mouse Suite for Laptop Computers Mozilla Firefox (3.0.4) mPfMgr mPfWiz mProSafe MSN mSSO MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) mWlsSafe mWMI mXML mZConfig Nero Suite Network Stumbler 0.4.0 (remove only) Nonoh OneCare Advisor (Windows Live Toolbar) PC Confidential 2008 Picasa 2 QuickSet QuickTime RealPlayer Rhapsody Player Engine Roxio DLA Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB911562) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914388) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB917344) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918118) Security Update for Windows XP (KB918439) Security Update for Windows XP (KB919007) Security Update for Windows XP (KB920213) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB920685) Security Update for Windows XP (KB921503) Security Update for Windows XP (KB922819) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB924270) Security Update for Windows XP (KB924496) Security Update for Windows XP (KB924667) Security Update for Windows XP (KB925902) Security Update for Windows XP (KB926255) Security Update for Windows XP (KB926436) Security Update for Windows XP (KB927802) Security Update for Windows XP (KB928255) Security Update for Windows XP (KB928843) Security Update for Windows XP (KB929123) Security Update for Windows XP (KB930178) Security Update for Windows XP (KB931784) Security Update for Windows XP (KB932168) Security Update for Windows XP (KB935839) Security Update for Windows XP (KB935840) Security Update for Windows XP (KB936021) Security Update for Windows XP (KB938127) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB938829) Security Update for Windows XP (KB941202) Security Update for Windows XP (KB941568) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB941644) Security Update for Windows XP (KB941693) Security Update for Windows XP (KB943055) Security Update for Windows XP (KB943460) Security Update for Windows XP (KB943485) Security Update for Windows XP (KB944338) Security Update for Windows XP (KB944533) Security Update for Windows XP (KB944653) Security Update for Windows XP (KB945553) Security Update for Windows XP (KB946026) Security Update for Windows XP (KB948590) Security Update for Windows XP (KB948881) Security Update for Windows XP (KB950749) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB953838) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB958644) Seekeen 1.0 build 132 SetPoint SigmaTel Audio Smart Menus (Windows Live Toolbar) SmartShopper Sound Blaster ADVANCED MB Drivers Sound Blaster Audigy ADVANCED MB Demo SPSS 11.0 for Windows SPSS 13.0 for Windows SweetIM for Messenger 2.6 SweetIM Toolbar for Internet Explorer 3.3 Synaptics Pointing Device Driver Update for Windows XP (KB894391) Update for Windows XP (KB900485) Update for Windows XP (KB908531) Update for Windows XP (KB910437) Update for Windows XP (KB911280) Update for Windows XP (KB916595) Update for Windows XP (KB920872) Update for Windows XP (KB922582) Update for Windows XP (KB927891) Update for Windows XP (KB930916) Update for Windows XP (KB933360) Update for Windows XP (KB936357) VeohTV BETA VideoLAN VLC media player 0.8.5 Virtual DJ - Atomix Productions WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Live Messenger Windows Live Sign-in Assistant Windows Live Toolbar Windows Media Format Runtime Windows Media Player 10 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB891781 Winferno Registry Power Cleaner WinRAR archiver WordWeb Yahoo! Browser Services Yahoo! Install Manager Yahoo! Internet Mail Yahoo! Messenger Yahoo! Search Protection Yahoo! Toolbar ==== Event Viewer Messages From Past Week ======== 12/13/2008 9:02:08 AM, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The specified driver is invalid. 12/13/2008 9:02:08 AM, error: Service Control Manager [7023] - The Server service terminated with the following error: The specified driver is invalid. 12/12/2008 6:54:53 AM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume D:. 12/10/2008 9:22:26 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 12/10/2008 8:26:02 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0018DE145513. The following error occurred: The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 12/10/2008 1:53:38 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0018DE145513. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 12/14/2008 11:10:00 AM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity. 12/14/2008 11:10:01 AM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2. 12/14/2008 11:10:01 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. . 12/14/2008 11:10:01 AM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity. 12/14/2008 11:10:01 AM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2. 12/14/2008 11:10:01 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program BitDefender Log File !!!!! Product : BitDefender Antivirus 2008 Version : BitDefender UIScanner v.11 Log date : 10:15:45 16/12/2008 Log path : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1229415345_1_02.xml Scan Paths:Path0000: C:\ Path0001: D:\ Scan Options:Scan for viruses : Yes Scan for adware : Yes Scan for spyware : Yes Scan for applications : Yes Scan for dialers : Yes Scan for rootkits : Yes Target selection options:Scan registry keys : Yes Scan cookies : Yes Scan boot sectors : Yes Scan memory processes : Yes Scan archives : Yes Scan runtime packers : Yes Scan emails : Yes Scan all files : Yes Heuristic Scan : Yes Scanned extensions : Excluded extensions : Target ProcessingDefault action for infected objects : Disinfect Default action for suspicious objects : None Default action for hidden objects : None Scan engines summaryNumber of virus signatures : 2353324 Archive plugins : 45 Email plugins : 6 Scan plugins : 13 Archive plugins : 45 System plugins : 5 Unpack plugins : 7 Overall scan summaryScanned items : 229103 Infected items : 15 Suspicious items : 0 Resolved items : 15 Individual viruses found : 13 Scanned directories : 7635 Scanned boot sectors : 6 Scanned archives : 2359 Input-output errors : 31 Scan time : 00:01:21:10 Files per second : 46 Scanned processes summaryScanned : 58 Infected : 0 Scanned registry keys summaryScanned : 998 Infected : 0 Scanned cookies summaryScanned : 1158 Infected : 0 Remaining issues:Object Name Threat Name Final Status Resolved issues:Object Name Threat Name Final Status [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@112.2o7[2].txt Cookie.2o7 Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@atdmt[1].txt Cookie.ATDMT Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@goal.adbureau[2].txt Cookie.AdBureau Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@adrevolver[2].txt Cookie.Adrevolver Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@media.adrevolver[1].txt Cookie.Adrevolver Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@advertising[1].txt Cookie.Advertising Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@doubleclick[2].txt Cookie.DoubleClick Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@rubiconproject[2].txt Cookie.Rub Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@counter1.sextracker[1].txt Cookie.SexTracker Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@sextracker[1].txt Cookie.SexTracker Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@smartadserver[1].txt Cookie.SmartAdServer Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@statcounter[2].txt Cookie.Statcounter Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@tradedoubler[1].txt Cookie.TradeDoubler Deleted [System]=]C:\Documents and Settings\Bunny\Cookies\bunny@tribalfusion[2].txt Cookie.TribalFusion Deleted C:\Documents and Settings\Bunny\Local Settings\Temp\tmp28.tmp Trojan.Agent.ALLE Deleted Objects that were not scanned:Object Name Reason Final Status C:\Dell\Drivers\R142668\config.bin=]profiles.xml Password-Protected No action was possible C:\Dell\Drivers\R142668\config.bin=]registry.xml Password-Protected No action was possible C:\Dell\Drivers\R142668\systemid.zip=]SystemID.txt Password-Protected No action was possible C:\Dell\Drivers\R142669\config.bin=]profiles.xml Password-Protected No action was possible C:\Dell\Drivers\R142669\config.bin=]registry.xml Password-Protected No action was possible C:\Dell\Drivers\R142669\systemid.zip=]SystemID.txt Password-Protected No action was possible C:\Dell\Drivers\R142984\config.bin=]profiles.xml Password-Protected No action was possible C:\Dell\Drivers\R142984\config.bin=]registry.xml Password-Protected No action was possible C:\Dell\Drivers\R142984\systemid.zip=]SystemID.txt Password-Protected No action was possible C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\ENU_\Data1.cab=]WebSearchENU.pdf Password-Protected No action was possible C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\ENU_\Data1.cab=]RdrMsgSplash.pdf Password-Protected No action was possible C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig710\ENU\Data1.cab=]WebSearchENU.pdf Password-Protected No action was possible C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig710\ENU\Data1.cab=]RdrMsgENU.pdf Password-Protected No action was possible C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig710\ENU\Data1.cab=]RdrMsgSplash.pdf Password-Protected No action was possible Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. . 12/16/2008 9:21:04 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} ==== End Of File =========================== |
 |
 
|
|
Dec 25 2008, 06:23 PM
Post
#2
|
|
 Bleepin' Conundrum Group: Global Moderator Posts: 19,461 Joined: 26-April 04 From: 65 miles due East of the "Logic Free Zone", in Md, USA Member No.: 235 |
Hello and welcome to Bleeping Computer
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far. Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware. Thanks and again sorry for the delay. We need to see some information about what is happening in your machine. Please perform the following scan:
disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE R, K -------------------- The only easy day was yesterday.
...some do, some don't; some will, some won't (WR) |
|
|
|
|
Jan 2 2009, 07:37 PM
Post
#3
|
|
|
Bleepin' Conundrum Group: Global Moderator Posts: 19,461 Joined: 26-April 04 From: 65 miles due East of the "Logic Free Zone", in Md, USA Member No.: 235 |
Due to the lack of feedback, this Topic is now closed.
If you still have problems, please Start a new topic. R, K -------------------- The only easy day was yesterday.
...some do, some don't; some will, some won't (WR) |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 4th July 2009 - 08:44 PM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.