Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bogus Search Results from Google.com


  • This topic is locked This topic is locked
2 replies to this topic

#1 badbrad

badbrad

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:39 PM

Posted 15 December 2008 - 07:46 PM

Hi,

When I access Google.com from either IE7 or FireFox 3, I get bogus results for anything I search for. For example, if I search for 'wikipedia' I get, as the first three results:

bottomdollar.com
find-more-here.com
crackle.com/c/the_karate_kid_i

etc ..

I believe it is the result of either installing a codec (I think it was ac3) in response to a movie DL'ed from piratebay or visiting 'p*rntube.com' or something like that. I was running bitdefender 10 at the time, though it was uninstalled when I get the log dump. I have since removed the codec. I have done a full kaspersky scan, bitdefender 10 scan and adaware scan, but they don't find anything.

AltaVista is OK, etc.

Other things I noticed. The microsoft updater did a 'funny' update about that time. I didn't look like the usual, but I trusted it because it sort of looked like the MS updater.

Any help would be appreciated.

Thanks,

Brad

Please find below DDS and access logs. The Online Kasperky scann yielded no viruses.

Oh, also, I had Kaspersky 10 installed, but I had to uninstall it in order to run the free online scan. klif.ddl kept giving me a BSOD.

===============
Monday, December 15, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, December 15, 2008 05:35:27
Records in database: 1461989


Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
C:\
D:\

Scan statistics
Files scanned 122709
Threat name 0
Infected objects 0
Suspicious objects 0
Duration of the scan 02:37:49

No malware has been detected. The scan area is clean.
The selected area was scanned.
======================

DDS (Version 1.0.1) - NTFSx86
Run by brad at 16:34:36.59 on Mon 12/15/2008
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.547 [GMT -8:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Documents and Settings\brad\Local Settings\Temp\jkos-brad\binaries\ScanningProcess.exe
C:\Documents and Settings\brad\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\googleafe\GoogleAE.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [ToolBoxFX] "c:\program files\hp\toolboxfx\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [DNS7reminder] "c:\program files\nuance\naturallyspeaking9\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\nuance\naturallyspeaking9\Ereg.ini
mRun: [LXCFCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCFtime.dll,_RunDLLEntry@16
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\brad\applic~1\mozilla\firefox\profiles\2bqzf79m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google

============= SERVICES / DRIVERS ===============

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S3 AngelUsb;Angel USB MPEG Device;c:\windows\system32\drivers\AngelUsb.sys [2006-3-3 375424]
S3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\drivers\bthprint.sys [2006-4-8 36480]
S3 TEUSBMU;Panasonic Analog PBX USB Main Unit driver;c:\windows\system32\drivers\TEUSBMU.sys [2007-9-3 20992]
S3 Tosrfpcc;Bluetooth PC Card Controller from Toshiba;c:\windows\system32\drivers\tosrfpcc.sys [2002-8-1 160672]
S3 TVAUSBMU;Panasonic Voice Processing System USB Main Unit driver;c:\windows\system32\drivers\TVAUSBMU.sys [2007-9-5 20992]

=============== Created Last 30 ================

2008-12-14 09:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2008-12-13 22:56 10 a------- c:\windows\bdinit.ini
2008-12-10 16:42 <DIR> --d----- c:\docume~1\brad\applic~1\OpenOffice.org
2008-12-10 16:39 <DIR> --d----- c:\program files\JRE
2008-12-10 16:39 <DIR> --d----- c:\program files\OpenOffice.org 3
2008-11-23 09:17 7,680 a--sh--- c:\windows\Thumbs.db
2008-11-23 08:00 410,976 a------- c:\windows\system32\deploytk.dll

==================== Find3M ====================

2008-12-14 09:36 81,984 a------- c:\windows\system32\bdod.bin
2008-10-28 14:36 823,296 a------- c:\windows\system32\divx_xx0c.dll
2008-10-28 14:36 823,296 a------- c:\windows\system32\divx_xx07.dll
2008-10-28 14:35 815,104 a------- c:\windows\system32\divx_xx0a.dll
2008-10-28 14:35 802,816 a------- c:\windows\system32\divx_xx11.dll
2008-10-28 14:35 684,032 a------- c:\windows\system32\DivX.dll
2008-10-24 03:21 455,296 a------- c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 03:21 455,296 -------- c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 04:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-23 04:36 286,720 -------- c:\windows\system32\dllcache\gdi32.dll
2008-10-17 02:08 3,593,216 a------- c:\windows\system32\dllcache\mshtml.dll
2008-10-16 14:13 1,809,944 a------- c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 14:13 202,776 a------- c:\windows\system32\dllcache\wuweb.dll
2008-10-16 14:12 323,608 a------- c:\windows\system32\dllcache\wucltui.dll
2008-10-16 14:12 561,688 a------- c:\windows\system32\dllcache\wuapi.dll
2008-10-16 14:09 92,696 a------- c:\windows\system32\dllcache\cdm.dll
2008-10-16 14:09 51,224 a------- c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 14:08 34,328 a------- c:\windows\system32\dllcache\wups.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-16 05:11 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2008-10-16 05:11 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2008-10-15 08:34 337,408 -------- c:\windows\system32\dllcache\netapi32.dll
2008-10-14 23:06 633,632 -------- c:\windows\system32\dllcache\iexplore.exe
2008-10-14 23:04 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2008-10-03 02:02 247,326 a------- c:\windows\system32\strmdll.dll
2008-10-03 02:02 247,326 -------- c:\windows\system32\dllcache\strmdll.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-25 00:03 524,288 a------- c:\windows\system32\DivXsm.exe
2008-09-25 00:03 196,608 a------- c:\windows\system32\dtu100.dll
2008-09-25 00:03 81,920 a------- c:\windows\system32\dpl100.dll
2008-09-25 00:03 53,248 a------- c:\windows\system32\dpuGUI10.dll
2008-09-25 00:03 593,920 a------- c:\windows\system32\dpuGUI11.dll
2008-09-25 00:03 344,064 a------- c:\windows\system32\dpus11.dll
2008-09-25 00:03 57,344 a------- c:\windows\system32\dpv11.dll
2008-09-25 00:03 294,912 a------- c:\windows\system32\dpu11.dll
2008-09-25 00:03 294,912 a------- c:\windows\system32\dpu10.dll
2008-09-25 00:03 161,096 a------- c:\windows\system32\DivXCodecVersionChecker.exe
2008-09-19 13:57 3,596,288 a------- c:\windows\system32\qt-dx331.dll
2008-09-19 13:55 1,044,480 a------- c:\windows\system32\libdivx.dll
2008-09-19 13:55 200,704 a------- c:\windows\system32\ssldivx.dll
2008-09-19 13:54 12,288 a------- c:\windows\system32\DivXWMPExtType.dll
2008-06-20 19:39 60,888 a------- c:\docume~1\brad\applic~1\GDIPFONTCACHEV1.DAT
2008-06-07 18:02 2,115 a------- c:\docume~1\brad\applic~1\SAS7_000.DAT
2007-12-20 10:49 216 -------- c:\documents and settings\brad\hsqlprefs.dat
2006-11-20 18:01 92,064 -------- c:\documents and settings\brad\mqdmmdm.sys
2006-11-20 18:01 79,328 -------- c:\documents and settings\brad\mqdmserd.sys
2006-11-20 18:01 66,656 -------- c:\documents and settings\brad\mqdmbus.sys
2006-11-20 18:01 25,600 -------- c:\documents and settings\brad\usbsermptxp.sys
2006-11-20 18:01 22,768 -------- c:\documents and settings\brad\usbsermpt.sys
2006-11-20 18:01 9,232 -------- c:\documents and settings\brad\mqdmmdfl.sys
2006-11-20 18:01 6,208 -------- c:\documents and settings\brad\mqdmcmnt.sys
2006-11-20 18:01 5,936 -------- c:\documents and settings\brad\mqdmwhnt.sys
2006-11-20 18:01 4,048 -------- c:\documents and settings\brad\mqdmcr.sys
2006-03-11 08:08 56 ---shr-- c:\windows\system32\2F73870573.sys
2008-08-18 21:09 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008081820080819\index.dat

============= FINISH: 16:35:18.90 ===============
==========================================================

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Version 1.0)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/8/2006 7:48:28 PM
System Uptime: 12/15/2008 9:25:26 AM (7 hours ago)

Motherboard: Dell Inc. | | 0HC416
Processor: Intel® Pentium® M processor 1.86GHz | Microprocessor | 1060/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 50 GiB total, 17.077 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {7240100F-6512-4548-8418-9EBB5C6A1A94}
Description: Bluetooth RFBUS from TOSHIBA
Device ID: ROOT\BLUETOOTH\0000
Manufacturer: TOSHIBA
Name: Bluetooth RFBUS from TOSHIBA
PNP Device ID: ROOT\BLUETOOTH\0000
Service: tosrfbd

Class GUID: {7240100F-6512-4548-8418-9EBB5C6A1A94}
Description: Bluetooth PC Card Controller from Toshiba
Device ID: ROOT\BLUETOOTH\0001
Manufacturer: Toshiba
Name: Bluetooth PC Card Controller from Toshiba
PNP Device ID: ROOT\BLUETOOTH\0001
Service: tosrfpcc

Class GUID: {7240100F-6512-4548-8418-9EBB5C6A1A94}
Description: Bluetooth PC Card Controller from Toshiba
Device ID: ROOT\BLUETOOTH\0002
Manufacturer: Toshiba
Name: Bluetooth PC Card Controller from Toshiba
PNP Device ID: ROOT\BLUETOOTH\0002
Service: tosrfpcc

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

µTorrent
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Reader 7.1.0
Adobe Shockwave Player
AOLIcon
Apple Software Update
AutoUpdate
Avanquest update
Base by Base- Genome Alignment Comparison
Bluetooth Stack for Windows by Toshiba
Broadcom Management Programs
CDisplay 1.8
Compatibility Pack for the 2007 Office system
Conexant HDA D110 MDC V.92 Modem
Dell CinePlayer
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Support 3.1
Dell System Restore
Digital Line Detect
DivX Codec
DivX Converter
DivX Player
DivX Web Player
Dragon NaturallySpeaking 9
E-Filing Plugins
ELIcon
GemMaster Mystic
GeneDoc
Google
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP LaserJet 3050/3052/3055/3390/3392 2.0
HP Update
hppFaxDrv3390
hppFaxUtility
hppFonts
hppIOFiles
hppLJ3390
hppManuals3390
hppscan3390
hppScanTo
hppSendFax
hppTooCool
hppToolBoxFX
hpzTLBXFX
IIS 6.0 Resource Kit Tools
Intel® Graphics Media Accelerator Driver for Mobile
Intel® PROSet/Wireless Software
Internal Network Card Power Management
Ipswitch WS_FTP Home 2007
Jalview
Java™ 6 Update 10
JFreeChart 1.0.8 Demo
Lexmark 730 Series
Macromedia Fireworks MX 2004
mCore
mDriver
mDrWiFi
mHelp
Microsoft .NET Compact Framework 2.0 SP2
Microsoft .NET Compact Framework 3.5
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Device Emulator version 3.0 - ENU
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual Studio 6.0 Enterprise Edition
Microsoft Web Publishing Wizard 1.53
Microsoft Works 6-9 Converter
mIWA
mLogView
mMHouse
Motorola Driver Installation 3.4.0
Motorola Phone Tools
Move Networks Media Player for Internet Explorer
Mozilla Firefox (3.0.4)
mPfMgr
mPfWiz
mProSafe
MSDN Library - Visual Studio 6.0a
MSN Messenger 7.5
mSSO
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
mToolkit
mWlsSafe
mXML
mZConfig
Octoshape add-in for Adobe Flash Player
OpenOffice.org 3.0
QFolder
QuickBooks Pro 2008
Quicken 2007
QuickSet
QuickTime
RealPlayer
Roxio Backup MyPC
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Scan
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Skype™ 3.8
Sonic Activation Module
Sonic Encoders
Sonic Update Manager
SupportSoft Assisted Service
Synaptics Pointing Device Driver
TIF Bates 7
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Assistant
Viewpoint Media Player
Visual Studio Tools for the Office system 3.0 Runtime
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Defender Signatures
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Mobile 5.0 SDK R2 for Pocket PC
Windows Mobile 5.0 SDK R2 for Smartphone
Windows Server 2003 Service Pack 1 Administration Tools Pack
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Service Pack 3
WinRAR archiver
WinZip
XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages ===================

12/10/2008 4:31:47 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the JavaQuickStarterService service.
12/10/2008 11:43:32 AM, error: Service Control Manager [7000] - The lxcf_device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/10/2008 11:43:32 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the lxcf_device service to connect.
12/10/2008 11:43:32 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service lxcf_device with arguments "" in order to run the server: {323CE21C-A448-40AA-BA74-7FCF1E44106F}
12/10/2008 11:32:45 AM, error: Service Control Manager [7000] - The BDRsDrv service failed to start due to the following error: The system cannot find the file specified.
12/10/2008 11:32:45 AM, error: Service Control Manager [7000] - The BDFsDrv service failed to start due to the following error: The system cannot find the file specified.
12/10/2008 11:32:45 AM, error: Service Control Manager [7000] - The bdfdll service failed to start due to the following error: The system cannot find the file specified.
12/9/2008 3:44:39 PM, error: Removable Storage Service [111] - RSM could not load media in drive Drive 0 of library SanDisk U3 Titanium USB Device.
12/9/2008 8:27:40 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the McrdSvc service.
12/8/2008 5:24:48 PM, error: Dhcp [1002] - The IP address lease 192.168.1.93 for the Network Card with network address 0014229DF888 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
12/13/2008 10:23:05 AM, error: Service Control Manager [7034] - The BitDefender Virus Shield service terminated unexpectedly. It has done this 1 time(s).
12/13/2008 10:50:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/13/2008 10:51:04 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
12/13/2008 10:51:26 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
12/13/2008 10:51:26 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/13/2008 10:51:26 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/13/2008 10:51:26 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/13/2008 10:51:26 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPDRV Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip Tosrfcom
12/13/2008 10:51:56 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12/13/2008 11:09:56 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: APPDRV Fips intelppm Tosrfcom
12/14/2008 9:52:51 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
12/14/2008 8:32:07 PM, error: System Error [1003] - Error code 100000d4, parameter1 a78cc938, parameter2 000000ff, parameter3 00000001, parameter4 80542675.
12/14/2008 10:11:59 PM, error: System Error [1003] - Error code 100000d4, parameter1 a7bcd938, parameter2 000000ff, parameter3 00000001, parameter4 80542675.
12/14/2008 10:12:02 PM, error: System Error [1003] - Error code 100000d4, parameter1 a7b55938, parameter2 000000ff, parameter3 00000001, parameter4 80542675.

==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 badbrad

badbrad
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:39 PM

Posted 16 December 2008 - 07:16 PM

Hi,

I have fixed the problem by running Malware Byte's anti malware

The problem looks like it was one of these, I'm going with the Rootkit.Agent

Files Infected:
C:\WINDOWS\system32\sysaudio.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent)

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,947 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:39 PM

Posted 23 December 2008 - 09:24 PM

Hello badbrad,

Thank you for letting us know. I'm glad that your computer problems have been fixed. Since this issue seems to be resolved, this thread will now be closed.

In case you experience any problems with the computer, please start a new topic.

Happy computing,

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users