Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

antivirus 2009


  • This topic is locked This topic is locked
4 replies to this topic

#1 tmcyfz

tmcyfz

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:51 AM

Posted 20 January 2009 - 08:43 PM

I downloaded fire fox and this quit. But in internet explorer every time I open it a bar across the top comes up that says " The page you are opening is probably contains software, adware, ect. your system might at risk, click here to protect yourself with anivirus 2009". Sometimes I open IE and it just pops up with a full screen for downloading antivirus 2009. Help would be greatfully appreciated!!!!


DDS (Ver_09-01-18.01) - NTFSx86
Run by mike at 19:18:33.57 on Tue 01/20/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1526.949 [GMT -6:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\WINDOWS\system32\igfxpers.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Documents and Settings\mike\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.yahoo.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: &Research: {0b014b81-4e12-46f9-806f-55867af8fd3c} - c:\windows\system32\winsystems.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: X1IEHook Class: {52706ef7-d7a2-49ad-a615-e903858cf284} - c:\program files\netzero\qsacc\X1IEBHO.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: D-i-v-X AV Codec Pack Toolbar Helper: {e001fd9f-d3c0-4a37-8250-0af61f601ac7} - c:\program files\d-i-v-x av codec pack toolbar\v2.0.0.5\D-i-v-X_AV_Codec_Pack_Toolbar.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
BHO: EWPP - No File
TB: ZeroBar: {f0f8ecbe-d460-4b34-b007-56a92e8f84a7} - c:\program files\netzero\Toolbar.dll
TB: D-i-v-X AV Codec Pack Toolbar: {53794874-5f35-486c-ae93-d924d0e681b9} - c:\program files\d-i-v-x av codec pack toolbar\v2.0.0.5\D-i-v-X_AV_Codec_Pack_Toolbar.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [DellTransferAgent] "c:\documents and settings\all users\application data\dell\transferagent\TransferAgent.exe"
uRun: [EasyLinkAdvisor] "c:\program files\linksys easylink advisor\LinksysAgent.exe" /startup
mRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,_RunDLLEntry@16
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dlccmon.exe] "c:\program files\dell photo aio printer 924\dlccmon.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [Corel Photo Downloader] c:\program files\corel\corel photo album 6\MediaDetect.exe
mRun: [RoxioDragToDisc] "c:\program files\roxio\easy media creator 7\drag to disc\DrgToDsc.exe"
mRun: [EPSON Stylus Photo RX620 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9HA.EXE /P40 "EPSON Stylus Photo RX620 Series (Copy 1)" /O6 "USB003" /M "Stylus Photo RX620"
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [QuickCare] c:\program files\qwest\quickcare\bin\sprtcmd.exe /P QuickCare
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pictur~2.lnk - c:\program files\sony corporation\picture package\picture package menu\SonyTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pictur~1.lnk - c:\program files\sony corporation\picture package\picture package applications\Residence.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\mike\applic~1\mozilla\firefox\profiles\w9attbr5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2006-11-18 207656]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2006-11-18 605512]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2006-11-18 79240]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2006-11-18 35240]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2006-11-18 40488]
R4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-10-1 206096]
R4 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-7-31 358736]
R4 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R4 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2006-11-18 144704]
R4 sprtlisten;SupportSoft Listener Service;c:\program files\common files\supportsoft\bin\sprtlisten.exe [2008-1-8 1213728]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2006-11-18 34152]
S3 MR97310_VGA_DUAL_CAMERA;VGA Dual-Mode Camera;c:\windows\system32\drivers\mr97310v.sys [2006-7-18 99840]

=============== Created Last 30 ================

2009-01-20 18:50 <DIR> --d----- c:\docume~1\mike\applic~1\Malwarebytes
2009-01-20 18:50 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-20 18:50 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-20 18:50 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-20 18:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2008-12-30 04:16 54,156 a---h--- c:\windows\QTFont.qfn
2008-12-30 04:16 1,409 a------- c:\windows\QTFont.for

==================== Find3M ====================

2008-12-13 00:40 3,593,216 -------- c:\windows\system32\dllcache\mshtml.dll
2008-12-11 04:57 333,952 a------- c:\windows\system32\drivers\srv.sys
2008-12-11 04:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2008-10-24 05:21 455,296 -------- c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 06:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-23 06:36 286,720 -------- c:\windows\system32\dllcache\gdi32.dll
2006-04-27 19:37 1,100 a------- c:\docume~1\mike\applic~1\wklnhst.dat
2006-02-05 20:35 64,792 a------- c:\docume~1\mike\applic~1\GDIPFONTCACHEV1.DAT
2007-01-27 13:32 56 ---shr-- c:\windows\system32\2DA29D05C4.sys
2007-01-27 13:32 3,350 a--sh--- c:\windows\system32\KGyGaAvL.sys
2008-09-02 13:22 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090220080903\index.dat

============= FINISH: 19:19:29.90 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-01-18.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 1/3/2006 12:47:31 PM
System Uptime: 1/20/2009 7:04:39 PM (0 hours ago)

Motherboard: Dell Inc. | | 0JC474
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 70 GiB total, 21.22 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP972: 10/23/2008 10:58:21 AM - System Checkpoint
RP973: 10/24/2008 10:59:28 AM - System Checkpoint
RP974: 10/25/2008 3:00:21 AM - Software Distribution Service 3.0
RP975: 10/26/2008 3:17:08 AM - System Checkpoint
RP976: 10/27/2008 4:17:09 AM - System Checkpoint
RP977: 10/28/2008 5:17:06 AM - System Checkpoint
RP978: 10/29/2008 6:17:05 AM - System Checkpoint
RP979: 10/30/2008 7:17:06 AM - System Checkpoint
RP980: 10/31/2008 8:17:04 AM - System Checkpoint
RP981: 11/1/2008 9:17:04 AM - System Checkpoint
RP982: 11/2/2008 9:46:23 AM - System Checkpoint
RP983: 11/3/2008 10:17:04 AM - System Checkpoint
RP984: 11/4/2008 11:17:03 AM - System Checkpoint
RP985: 11/5/2008 12:17:02 PM - System Checkpoint
RP986: 11/6/2008 1:17:02 PM - System Checkpoint
RP987: 11/7/2008 2:17:02 PM - System Checkpoint
RP988: 11/8/2008 3:14:13 PM - System Checkpoint
RP989: 11/9/2008 3:17:01 PM - System Checkpoint
RP990: 11/10/2008 4:18:06 PM - System Checkpoint
RP991: 11/11/2008 5:17:01 PM - System Checkpoint
RP992: 11/12/2008 3:00:18 AM - Software Distribution Service 3.0
RP993: 11/13/2008 3:21:03 AM - System Checkpoint
RP994: 11/14/2008 3:22:55 AM - System Checkpoint
RP995: 11/15/2008 4:22:48 AM - System Checkpoint
RP996: 11/16/2008 4:27:09 AM - System Checkpoint
RP997: 11/17/2008 5:03:33 AM - System Checkpoint
RP998: 11/18/2008 6:03:30 AM - System Checkpoint
RP999: 11/19/2008 6:23:52 AM - System Checkpoint
RP1000: 11/20/2008 7:23:51 AM - System Checkpoint
RP1001: 11/20/2008 5:17:12 PM - Installed Actiontec Gateway
RP1002: 11/20/2008 5:18:13 PM - Installed QuickConnect
RP1003: 11/21/2008 5:53:58 PM - System Checkpoint
RP1004: 11/22/2008 6:53:56 PM - System Checkpoint
RP1005: 11/23/2008 8:37:24 PM - System Checkpoint
RP1006: 11/24/2008 8:53:55 PM - System Checkpoint
RP1007: 11/25/2008 10:41:22 PM - System Checkpoint
RP1008: 11/26/2008 10:53:53 PM - System Checkpoint
RP1009: 11/28/2008 12:53:07 PM - System Checkpoint
RP1010: 11/29/2008 5:58:36 PM - System Checkpoint
RP1011: 12/13/2008 3:27:54 AM - System Checkpoint
RP1012: 12/14/2008 4:16:28 AM - System Checkpoint
RP1013: 12/15/2008 5:16:29 AM - System Checkpoint
RP1014: 12/16/2008 6:16:28 AM - System Checkpoint
RP1015: 12/17/2008 7:16:25 AM - System Checkpoint
RP1016: 12/18/2008 3:00:16 AM - Software Distribution Service 3.0
RP1017: 12/19/2008 3:53:12 AM - System Checkpoint
RP1018: 12/20/2008 4:53:20 AM - System Checkpoint
RP1019: 12/21/2008 5:53:20 AM - System Checkpoint
RP1020: 12/22/2008 6:53:20 AM - System Checkpoint
RP1021: 12/23/2008 7:53:19 AM - System Checkpoint
RP1022: 12/24/2008 8:53:18 AM - System Checkpoint
RP1023: 12/25/2008 9:10:22 AM - System Checkpoint
RP1024: 12/26/2008 9:53:16 AM - System Checkpoint
RP1025: 12/27/2008 10:54:19 AM - System Checkpoint
RP1026: 12/28/2008 11:54:19 AM - System Checkpoint
RP1027: 12/29/2008 12:53:20 PM - System Checkpoint
RP1028: 12/30/2008 1:53:15 PM - System Checkpoint
RP1029: 12/31/2008 2:53:16 PM - System Checkpoint
RP1030: 1/1/2009 3:53:12 PM - System Checkpoint
RP1031: 1/2/2009 3:54:16 PM - System Checkpoint
RP1032: 1/3/2009 4:53:09 PM - System Checkpoint
RP1033: 1/4/2009 5:53:10 PM - System Checkpoint
RP1034: 1/5/2009 5:55:51 PM - System Checkpoint
RP1035: 1/6/2009 6:53:08 PM - System Checkpoint
RP1036: 1/7/2009 8:41:08 PM - System Checkpoint
RP1037: 1/8/2009 8:53:07 PM - System Checkpoint
RP1038: 1/9/2009 9:53:08 PM - System Checkpoint
RP1039: 1/10/2009 10:53:06 PM - System Checkpoint
RP1040: 1/11/2009 11:53:10 PM - System Checkpoint
RP1041: 1/13/2009 12:53:07 AM - System Checkpoint
RP1042: 1/14/2009 1:53:05 AM - System Checkpoint
RP1043: 1/14/2009 3:00:21 AM - Software Distribution Service 3.0
RP1044: 1/15/2009 3:16:18 AM - System Checkpoint
RP1045: 1/16/2009 4:16:14 AM - System Checkpoint
RP1046: 1/17/2009 5:16:14 AM - System Checkpoint
RP1047: 1/18/2009 5:35:54 AM - System Checkpoint
RP1048: 1/19/2009 6:33:41 PM - System Checkpoint
RP1049: 1/20/2009 5:58:36 PM - Removed Rhapsody Player Engine
RP1050: 1/20/2009 6:26:37 PM - Installed Windows NLSDownlevelMapping.
RP1051: 1/20/2009 6:27:11 PM - Installed Windows IDNMitigationAPIs.
RP1052: 1/20/2009 6:27:34 PM - Installed Windows Internet Explorer 7.

==== Installed Programs ======================

Actiontec Gateway
Adobe Download Manager 2.2 (Remove Only)
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Reader 7.1.0
AOLIcon
ArcSoft Software Suite
Camera Support Core Library
Camera Window DS
Camera Window DVC
Camera Window MC
Canon Camera Support Core Library
Canon Camera WIA Driver
Canon Camera Window DS for ZoomBrowser EX
Canon Camera Window DVC for ZoomBrowser EX
Canon Camera Window for ZoomBrowser EX
Canon EOS Kiss_N REBEL_XT 350D WIA Driver
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Digital Photo Professional 1.6.1
Canon Utilities EOS Capture 1.3
Canon Utilities PhotoStitch 3.1
Canon ZoomBrowser EX
Conexant D850 56K V.9x DFVc Modem
Consumer Complete Care Services Agreement
Corel Photo Album 6
D-i-v-X - AV Codec Pack
D-i-v-X AV Codec Pack Toolbar
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Photo AIO Printer 924
Dell System Restore
DellSupport
Digital Content Portal
Digital Line Detect
Drivers Install For Linksys Easylink Advisor
Dyno2000 Version 3.10
EarthLink setup files
EducateU
EOS Capture 1.3
EPSON CardMonitor
EPSON Copy Utility 3
EPSON PhotoCenter
EPSON PhotoStarter3.2
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
EPSON SPRX620 Reference Guide
EPSON Web-To-Page
GemMaster Mystic
Google Desktop
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB835221
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2_03
Java™ 6 Update 5
Java™ SE Runtime Environment 6 Update 1
Kids Cam Show and Share Creativity Center
LimeWire 4.18.2
Linksys EasyLink Advisor 1.6 (0032)
Living Marine Aquarium 2 Screen Saver
Macromedia Flash Player
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
McAfee SecurityCenter
MCU
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Suite 2006
Microsoft Digital Image Suite 2006 Editor
Microsoft Digital Image Suite 2006 Library
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Word 2002
Microsoft Works
Microsoft Works Suite 2006 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Modem Helper
Mozilla Firefox (3.0.5)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Musicmatch for Windows Media Player
NetWaiting
NetZero
NetZeroInstallers
OpenOffice.org Installer 1.0
Otto
PhotoStitch
Picture Package
PowerDVD 5.5
Print Lab Series
Qualxserve Service Agreement
QuickConnect
QuickTime
Qwest QuickAssist Desktop Tools
Qwest Quickcare 2.5
RAW Image Task 2.0
RealPlayer
RemoteCapture Task 1.1
Roxio Easy Media Creator 7.5 Trial
ScanToWeb
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Sonic DLA
Sonic Encoders
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sony USB Driver
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update Rollup 2 for Windows XP Media Center Edition 2005
VGA Dual-Mode Camera
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WebFldrs XP
WildTangent Web Driver
Windows Driver Package - Camera Maker (MR97310_VGA_DUAL_CAMERA) Image 07/18/2006 2.0.1.0
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Service Pack 3
Wondershare DVD Slideshow Builder 3.5.1 Trial Version
Works Upgrade

==== Event Viewer Messages From Past Week ========

1/14/2009 3:12:56 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: szkg
1/17/2009 3:12:19 AM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 00132093A046 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
1/19/2009 6:04:50 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the COM+ System Application service to connect.
1/19/2009 6:04:50 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
1/19/2009 6:04:50 PM, error: Service Control Manager [7000] - The COM+ System Application service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/20/2009 7:05:52 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde szkg

==== End Of File ===========================

Attached Files



BC AdBot (Login to Remove)

 


#2 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:04:51 PM

Posted 29 January 2009 - 03:49 AM

Hi

If you still have same problem post a fresh dds log, please.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#3 tmcyfz

tmcyfz
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:51 AM

Posted 29 January 2009 - 12:53 PM

Hi
It should be the same because I have not touched the computer since I posted the first time. Thanks for looking into it and if you need anything more let me know.

#4 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:04:51 PM

Posted 29 January 2009 - 01:28 PM

Ok. I see you have Limewire installed there. Big part of infections spreads thru P2P networks nowadays. I recommend you uninstall Limewire.


Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully and install the Recovery Console first.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should see a blue screen prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
    Remember to re-enable them afterwards.

  • Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New HijackThis log.


A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#5 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:04:51 PM

Posted 04 February 2009 - 05:04 PM

Due to inactivity, this thread will now be closed. If you need this topic reopened, please contact a Staff member. Include the address of this thread in your request. This applies only to the original topic starter. Should you have a new issue, please start a New Topic.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users