Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Koobface virus? bad results via search engines


  • This topic is locked This topic is locked
2 replies to this topic

#1 zindon

zindon

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 06 December 2008 - 02:46 PM

My wife thinks she infected the computer via facebook, and we do have symptoms of the Koobface virus
<hxxp://www.reuters.com/article/newsOne/idUSTRE4B37LV20081204?rpc=60>

Most notably, any search entered into a search engine (google, yahoo, etc) yields phony results. Nothing else is going wrong right now, from what I can tell. Here's my log:

======================

Logfile of random's system information tool 1.04 (written by random/random)
Run by XXXXX at 2008-12-06 14:36:35
Microsoft Windows XP Professional Service Pack 1
System drive C: has 5 GB (15%) free of 35 GB
Total RAM: 511 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:36:53 PM, on 12/6/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Ascentive\Performance Center\ApcMain.exe
C:\Documents and Settings\Brian\Desktop\Unused Desktop Shortcuts\SonyTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Brian\Desktop\RSIT.exe
C:\Program Files\trend micro\Brian.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.ne2.attbb.net:8000
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.ne2.attbb.net
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SAClient] "C:\Program Files\Comcast\BBClient\Programs\RegCon.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [STOPzilla] "C:\Program Files\STOPzilla!\Stopzilla.exe" /autorun
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [PicasaNet] "C:\Program Files\Hello\Hello.exe" -b
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
O4 - HKCU\..\Run: [PC SpeedScan Pro] C:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe -m
O4 - HKCU\..\Run: [Antispyware] C:\Program Files\Antispyware\Antispyware.exe -boot
O4 - HKLM\..\Policies\Explorer\Run: [C:\WINDOWS\System32\issrch.exe] C:\WINDOWS\System32\issrch.exe
O4 - HKCU\..\Policies\Explorer\Run: [wmsden] C:\WINDOWS\System32\wmsden.exe
O4 - HKUS\S-1-5-21-299502267-1647877149-725345543-1004\..\Run: [AIM] C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl (User 'Courtney')
O4 - HKUS\S-1-5-21-299502267-1647877149-725345543-1004\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Courtney')
O4 - HKUS\S-1-5-21-299502267-1647877149-725345543-1004\..\Run: [H049RUNtU] fonntui.exe (User 'Courtney')
O4 - HKUS\S-1-5-21-299502267-1647877149-725345543-1004\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" (User 'Courtney')
O4 - Global Startup: Image Transfer.lnk = C:\Documents and Settings\Brian\Desktop\Unused Desktop Shortcuts\SonyTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - https://objects.aol.com/mcafee/molbin/share...83/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1221330250437
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers...ll/pinstall.cab
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/..._2/axofupld.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/...login-devel.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - https://objects.aol.com/mcafee/molbin/share...,20/McGDMgr.cab
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{404D3601-7DE5-4DDD-8CD4-FAC19D1523A6}: NameServer = 24.92.226.52,24.92.226.48,24.92.226.176,24.92.226.84
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

--
End of file - 8335 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Antispyware Scheduled Scan.job
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (BDW-Brian).job
C:\WINDOWS\tasks\McAfee.com Update Check (BDW-Brian).job
C:\WINDOWS\tasks\McAfee.com Update Check (BDW-Courtney).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BA52B914-B692-46c4-B683-905236F6F655} - McAfee VirusScan - c:\progra~1\mcafee.com\vso\mcvsshl.dll [2003-08-18 114743]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2002-08-29 842268]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2002-06-21 290816]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2002-08-14 46592]
"AdaptecDirectCD"=C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe [2003-01-17 684032]
"HPDJ Taskbar Utility"=C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe [2003-07-28 188416]
"SAClient"=C:\Program Files\Comcast\BBClient\Programs\RegCon.exe []
"Zone Labs Client"=C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe []
"STOPzilla"=C:\Program Files\STOPzilla!\Stopzilla.exe /autorun []
"VSOCheckTask"=c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe [2003-08-08 122880]
"VirusScan Online"=c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe [2003-08-17 163840]
"MCAgentExe"=c:\PROGRA~1\mcafee.com\agent\mcagent.exe [2003-08-27 245760]
"MCUpdateExe"=C:\PROGRA~1\mcafee.com\agent\mcupdate.exe [2003-08-21 180224]
"PicasaNet"=C:\Program Files\Hello\Hello.exe -b []
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2006-07-15 180269]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-08-15 271672]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-02-03 385024]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"C:\WINDOWS\System32\issrch.exe"=C:\WINDOWS\System32\issrch.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-11-15 1670144]
"Yahoo! Pager"=C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet []
"Performance Center"=C:\Program Files\Ascentive\Performance Center\ApcMain.exe [2008-04-29 3239936]
"PC SpeedScan Pro"=C:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe [2008-04-29 1839104]
"Antispyware"=C:\Program Files\Antispyware\Antispyware.exe -boot []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"wmsden"=C:\WINDOWS\System32\wmsden.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Image Transfer.lnk - C:\Documents and Settings\Brian\Desktop\Unused Desktop Shortcuts\SonyTray.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2006-09-28 73728]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2008-12-06 14:35:25 ----D---- C:\Program Files\trend micro
2008-12-06 14:35:20 ----DC---- C:\rsit
2008-12-04 23:36:44 ----D---- C:\Documents and Settings\Brian\Application Data\Antispyware
2008-09-14 16:14:41 ----D---- C:\Documents and Settings\Brian\Application Data\Ascentive
2008-09-13 13:29:04 ----D---- C:\WINDOWS\System32\PreInstall
2008-09-13 13:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-09-13 13:28:02 ----A---- C:\WINDOWS\imsins.BAK
2008-09-13 13:27:38 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-09-13 13:24:50 ----A---- C:\WINDOWS\System32\wups2.dll
2008-09-13 13:24:50 ----A---- C:\WINDOWS\System32\wucltui.dll.mui
2008-09-13 13:24:49 ----A---- C:\WINDOWS\System32\wuaueng.dll.mui
2008-09-13 13:24:47 ----A---- C:\WINDOWS\System32\wuapi.dll.mui
2008-09-13 13:24:46 ----D---- C:\WINDOWS\System32\SoftwareDistribution

======List of files/folders modified in the last 3 months======

2008-12-06 14:35:43 ----D---- C:\WINDOWS\Prefetch
2008-12-06 14:35:25 ----AD---- C:\Program Files
2008-12-06 14:30:30 ----D---- C:\Program Files\Mozilla Firefox
2008-12-06 13:55:37 ----D---- C:\WINDOWS\Tasks
2008-12-06 12:54:13 ----D---- C:\WINDOWS\Debug
2008-12-06 12:53:59 ----AD---- C:\WINDOWS\system32
2008-12-06 12:53:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-06 12:52:51 ----SHD---- C:\WINDOWS\Installer
2008-12-05 19:09:23 ----D---- C:\WINDOWS\System32\CatRoot2
2008-12-05 19:07:48 ----RSHDC---- C:\WINDOWS\System32\dllcache
2008-12-04 17:52:47 ----D---- C:\WINDOWS\Temp
2008-11-27 10:23:46 ----D---- C:\Documents and Settings\Brian\Application Data\Image Zone Express
2008-11-13 20:02:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-06 07:38:12 ----D---- C:\WINDOWS\Help
2008-09-28 09:23:11 ----SD---- C:\Documents and Settings\Brian\Application Data\Microsoft
2008-09-13 13:35:14 ----D---- C:\WINDOWS\SoftwareDistribution
2008-09-13 13:29:17 ----HD---- C:\WINDOWS\inf
2008-09-13 13:29:13 ----AD---- C:\WINDOWS
2008-09-13 13:28:56 ----HD---- C:\WINDOWS\$hf_mig$
2008-09-13 13:27:06 ----D---- C:\WINDOWS\LastGood

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2006-09-05 3968]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\System32\drivers\Cdr4_xp.sys [2006-08-24 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\System32\drivers\Cdralw2k.sys [2006-08-24 2560]
R1 cdudf_XP;cdudf_XP; C:\WINDOWS\System32\drivers\cdudf_XP.sys [2003-01-17 240640]
R1 pwd_2K;pwd_2K; C:\WINDOWS\System32\drivers\pwd_2K.sys [2003-01-17 134426]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\System32\drivers\UdfReadr_xp.sys [2003-01-17 206464]
R1 VIAPFD;VIAPFD; C:\WINDOWS\System32\Drivers\VIAPFD.SYS [2001-12-18 3279]
R3 ALCXWDM;Service for Avance AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2002-08-30 667255]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2002-06-20 472576]
R3 FETNDISB;D-Link PCI Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\dlkfet5b.sys [2005-07-01 43008]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2006-09-19 15664]
R3 mmc_2K;mmc_2K; C:\WINDOWS\System32\drivers\mmc_2K.sys [2003-01-17 30406]
R3 NaiFiltr;NaiFiltr; C:\WINDOWS\System32\DRIVERS\NaiFiltr.sys [2002-03-13 23296]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-08-29 19328]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-08-29 51968]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2002-08-29 24960]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-29 19328]
S1 ASPI32;ASPI32; C:\WINDOWS\System32\drivers\ASPI32.sys []
S1 DW;DW; C:\WINDOWS\System32\drivers\DW.sys []
S3 brfilt;Brother MFC Filter Driver; C:\WINDOWS\System32\Drivers\Brfilt.sys [2001-08-17 2944]
S3 BrSerWDM;Brother Serial driver; C:\WINDOWS\System32\Drivers\BrSerWdm.sys [2001-08-17 60416]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\WINDOWS\System32\Drivers\BrUsbMdm.sys [2001-08-17 11008]
S3 BrUsbScn;Brother MFC USB Scanner driver; C:\WINDOWS\System32\Drivers\BrUsbScn.sys [2001-08-17 10368]
S3 dvd_2K;dvd_2K; C:\WINDOWS\System32\drivers\dvd_2K.sys [2003-01-17 25674]
S3 dwusbdnt;dwusbdnt; C:\WINDOWS\System32\DRIVERS\dwusbdnt.sys [2002-05-24 10368]
S3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 mf;mf; C:\WINDOWS\System32\DRIVERS\mf.sys [2001-08-23 62208]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2001-08-17 23070]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2002-08-29 28160]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 14208]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2006-09-28 204800]
R2 MCVSRte;McAfee.com VirusScan Online Realtime Engine; c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe [2003-08-08 106496]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-08-15 501048]
R3 McShield;McAfee.com McShield; c:\PROGRA~1\mcafee.com\vso\mcshield.exe [2002-03-13 225375]
S2 Brother XP spl Service;BrSplService; C:\WINDOWS\System32\brsvc01a.exe [2002-04-11 57344]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 mcupdmgr.exe;McAfee SecurityCenter Update Manager; C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe [2003-08-21 245760]

-----------------EOF-----------------


Thanks for any help!

Edited by Orange Blossom, 11 February 2013 - 02:50 AM.
Deactivate link. ~ OB


BC AdBot (Login to Remove)

 


#2 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:05:16 AM

Posted 16 December 2008 - 09:08 AM

We apologize for the delay in responding to your request for help. We are volunteer staff at Bleeping Computer and get overwhelmed at times with the large number of users seeking help. We are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate your letting us know. If not, please perform the following steps so we can have a look at the current condition of your computer. If you have not done so, include a description of your problem along with any steps you may have performed so far.

When you have completed the steps below, a staff member will review the log and provide instructions for you to get your computer clean and free of malware.

Thanks and we apologize for the delay.

We need to see current information on what is happening in your computer. Please perform the following scan:
  • Please download DDS by sUBs from one of the following links. Save it to your desktop.
  • After downloading the tool:
  • Double click on the DDS icon, allow it to run. Please note: If the scan fails to run, you may have to disable any script protection running.
  • A small box, which gives an explanation about the tool, will open. No input is needed, the scan is running.
  • Notepad will open with the results, click No to the Optional_Scan.
  • Follow the instructions that pop up for posting the results.
  • Close the program window and delete the program from your desktop.
  • Enable your antivirus and anti-spyware protection.
  • Reconnect to the Internet.

You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#3 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:05:16 AM

Posted 21 December 2008 - 02:34 PM

This subject is now closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users