Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

brastia.exe malware problem


  • This topic is locked This topic is locked
2 replies to this topic

#1 monkeyspanker

monkeyspanker

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 20 April 2009 - 02:33 PM

Hi guys got issues with brastia.exe on my system have run adware SE, spybot S&D & Malware bytes but noone of them pick it up, I have run full scans with all of them & i keep getting a pop up window appearing on my desktop saying Windows has detected spyware click on window to fix issue. etc etc i then get runtime error box come up 3 at 00403DB9. here are the logs.


DDS (Ver_09-03-16.01) - NTFSx86
Run by home at 20:15:36.18 on 20/04/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional

5.1.2600.3.1252.44.1033.18.3327.2547 [GMT 1:00]

AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated)
FW: ESET Personal firewall *enabled*

============== Running Processes ===============

E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
E:\WINDOWS\System32\svchost.exe -k netsvcs
E:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\ASUS\Six Engine\SixEngine.exe
E:\WINDOWS\system32\CTHELPER.EXE
E:\Program Files\ESET\ESET Smart Security\egui.exe
E:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
E:\Program Files\Lexmark 4300 Series\ezprint.exe
E:\Program Files\Java\jre6\bin\jusched.exe
E:\WINDOWS\system32\brastia.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Webroot\Washer\wwDisp.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
svchost.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\ESET\ESET Smart Security\ekrn.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\System32\svchost.exe -k imgsvc
E:\Program Files\Webroot\Washer\WasherSvc.exe
E:\WINDOWS\system32\lxcecoms.exe
svchost
E:\Program Files\Mozilla Firefox\firefox.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Documents and Settings\home\Desktop\dds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
BHO: AcroIEHlprObj Class:

{06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - e:\program

files\adobe\acrobat 6.0\acrobat\activex\AcroIEHelper.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper:

{9030d464-4c02-4abf-8ecc-5164760863c6} - e:\program

files\common files\microsoft shared\windows

live\WindowsLiveLogin.dll
BHO: AcroIEToolbarHelper Class:

{ae7cd045-e861-484f-8273-0445ee161910} - e:\program

files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper:

{dbc80044-a445-435b-bc74-9c25c1c588a9} - e:\program

files\java\jre6\bin\jp2ssv.dll
BHO: MS extension: {e7c7ad3e-e0b2-4994-b338-f89d02aa316d} -

infow32.dll
BHO: JQSIEStartDetectorImpl Class:

{e7e6f031-17ce-4c07-bc86-eabfe594f69c} - e:\program

files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} -

e:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} -

e:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] e:\windows\system32\ctfmon.exe
uRun: [Window Washer] e:\program

files\webroot\washer\wwDisp.exe
uRun: [Skype] "e:\program files\skype\phone\Skype.exe" /nosplash

/minimized
uRun: [Pinnacle Game Profiler] "e:\program

files\kalinkosoft\pinnacle game profiler\pinnacle.exe" -atboottime
uRun: [DAEMON Tools Lite] "e:\program files\daemon tools

lite\daemon.exe" -autorun
uRun: [ISUSPM] "e:\program files\common

files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [brastia] e:\windows\system32\brastia.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Six Engine] "e:\program files\asus\six

engine\SixEngine.exe" -r
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [CTHelper] CTHELPER.EXE
mRun: [FaxCenterServer] "e:\program files\lexmark fax

solutions\fm3032.exe" /s
mRun: [egui] "e:\program files\eset\eset smart security\egui.exe"

/hide /waitservice
mRun: [XboxStat] "e:\program files\microsoft xbox 360

accessories\XboxStat.exe" silentrun
mRun: [lxcemon.exe] "e:\program files\lexmark 4300

series\lxcemon.exe"
mRun: [EzPrint] "e:\program files\lexmark 4300 series\ezprint.exe"
mRun: [StxTrayMenu] "e:\program

files\seagate\systemtray\StxMenuMgr.exe"
mRun: [<NO NAME>]
mRun: [StartCCC] "e:\program files\ati

technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "e:\program

files\java\jre6\bin\jusched.exe"
mRun: [LXCECATS] rundll32

e:\windows\system32\spool\drivers\w32x86\3\LXCEtime.dll,_RunD

LLEntry@16
mRun: [brastia] e:\windows\system32\brastia.exe
dRun: [CTFMON.EXE] e:\windows\system32\CTFMON.EXE
StartupFolder:

e:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk -

e:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
uPolicies-system: EnableProfileQuota = 1 (0x1)
IE: E&xport to Microsoft Excel -

e:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} -

%windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - e:\program

files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

{FF059E31-CC5A-4E2E-BF3B-96E929D65503} -

e:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -

hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.

cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.

cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.

cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -

hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/sw

flash.cab
Handler: skype4com -

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

e:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj -

{AAA288BA-9A4C-45B0-95D7-94D524869DB5} -

e:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath -

e:\docume~1\home\applic~1\mozilla\firefox\profiles\s6j2urmu.def

ault\
FF - prefs.js: browser.startup.homepage -

hxxp://www.evilmonkeys.co.uk/
FF - plugin: e:\documents and settings\home\application

data\mozilla\firefox\profiles\s6j2urmu.default\extensions\battlefie

ldheroespatcher@ea.com\platform\winnt_x86-msvc\plugins\npBFH

Updater.dll
FF - plugin: e:\program files\mozilla firefox\plugins\NPcol305.dll
FF - plugin: e:\program files\mozilla

firefox\plugins\NPHoldemFireLauncher.dll
FF - plugin: e:\program files\mozilla

firefox\plugins\NPMFireLauncher.dll

============= SERVICES / DRIVERS ===============

R0 mv61xx;mv61xx;e:\windows\system32\drivers\mv61xx.sys

[2008-6-10 150568]
R2 aawservice;Lavasoft Ad-Aware Service;e:\program

files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
R2 ekrn;Eset Service;e:\program files\eset\eset smart

security\ekrn.exe [2007-12-21 468224]
R2 Seagate Sync Service;Seagate Sync Service;e:\program

files\seagate\sync\SeaSyncServices.exe [2007-1-18 24120]
R2 wwEngineSvc;Window Washer Engine;e:\program

files\webroot\washer\WasherSvc.exe [2008-10-17 598856]
R3 AtiHdmiService;ATI Function Driver for HDMI

Service;e:\windows\system32\drivers\AtiHdmi.sys [2007-7-20

93696]
R3

COMMONFX.SYS;COMMONFX.SYS;e:\windows\system32\drivers\CO

MMONFX.sys [2008-6-27 99352]
R3

CTAUDFX.SYS;CTAUDFX.SYS;e:\windows\system32\drivers\CTAUDFX

.sys [2008-6-27 555032]
R3 ctgame;Game Port;e:\windows\system32\drivers\ctgame.sys

[2008-7-7 18840]
R3

CTSBLFX.SYS;CTSBLFX.SYS;e:\windows\system32\drivers\CTSBLFX.sy

s [2008-6-27 566296]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113 PCI-E Ethernet

Controller;e:\windows\system32\drivers\l1e51x86.sys [2008-10-14

36864]
S2 FAH@E:+Documents and Settings+home+My

Documents+Downloads+FarCry2+crack+[RAZOR1911][WEB SEED]

FAR CRY 2 CRACK - REAL 100% FULLY

WORKING+FAH.exe;FAH@E:+Documents and Settings+home+My

Documents+Downloads+FarCry2+crack+[RAZOR1911][WEB SEED]

FAR CRY 2 CRACK - REAL 100% FULLY

WORKING+FAH.exe;e:\documents and settings\home\my

documents\downloads\farcry2\crack\[razor1911][web seed] far cry

2 crack - real 100% fully working\fah.exe -svcstart -->

e:\documents and settings\home\my

documents\downloads\farcry2\crack\[razor1911][web seed] far cry

2 crack - real 100% fully working\FAH.exe -svcstart [?]
S3

COMMONFX;COMMONFX;e:\windows\system32\drivers\COMMONFX.

sys [2008-6-27 99352]
S3 CTAUDFX;CTAUDFX;e:\windows\system32\drivers\CTAUDFX.sys

[2008-6-27 555032]
S3

CTERFXFX.SYS;CTERFXFX.SYS;e:\windows\system32\drivers\CTERFXF

X.sys [2008-6-27 100888]
S3 CTERFXFX;CTERFXFX;e:\windows\system32\drivers\CTERFXFX.sys

[2008-6-27 100888]
S3 CTSBLFX;CTSBLFX;e:\windows\system32\drivers\CTSBLFX.sys

[2008-6-27 566296]
S3 s125bus;Sony Ericsson Device 125 driver

(WDM);e:\windows\system32\drivers\s125bus.sys [2007-4-24

83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem

Filter;e:\windows\system32\drivers\s125mdfl.sys [2007-4-24

15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem

Driver;e:\windows\system32\drivers\s125mdm.sys [2007-4-24

108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device

Management Drivers

(WDM);e:\windows\system32\drivers\s125mgmt.sys [2007-4-24

100488]

=============== Created Last 30 ================

2009-04-20 09:55 25,600 a-------

e:\windows\system32\winarps32.exe
2009-04-20 09:52 9,728 a-------

e:\windows\system32\brastia.exe
2009-04-18 20:22 246,784 a-------

e:\windows\system32\ActiveSkin.ocx
2009-04-18 20:22 112 a------- e:\windows\ActiveSkin.INI
2009-04-17 00:53 59,904 a-------

e:\windows\system32\inform.dat
2009-04-17 00:53 14,119 a------- e:\windows\system32\xma
2009-04-16 13:10 <DIR> --d----- e:\program files\Microsoft

Office Outlook Connector
2009-04-15 08:18 401,408 -c------

e:\windows\system32\dllcache\rpcss.dll
2009-04-15 08:18 284,160 -c------

e:\windows\system32\dllcache\pdh.dll
2009-04-15 08:18 473,600 -c------

e:\windows\system32\dllcache\fastprox.dll
2009-04-15 08:18 453,120 -c------

e:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 08:18 227,840 -c------

e:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 08:18 110,592 -c------

e:\windows\system32\dllcache\services.exe
2009-04-15 08:18 729,088 -c------

e:\windows\system32\dllcache\lsasrv.dll
2009-04-15 08:18 714,752 -c------

e:\windows\system32\dllcache\ntdll.dll
2009-04-15 08:18 617,472 -c------

e:\windows\system32\dllcache\advapi32.dll
2009-04-15 08:17 1,203,922 -c------

e:\windows\system32\dllcache\sysmain.sdb
2009-04-15 08:17 215,552 -c------

e:\windows\system32\dllcache\wordpad.exe
2009-04-15 08:17 2,560 --------

e:\windows\system32\xpsp4res.dll
2009-04-15 00:25 <DIR> --d----- e:\program files\Steam
2009-04-14 23:04 <DIR> --d----- e:\program files\GCFScape
2009-04-14 19:17 41,808 a-------

e:\windows\system32\xfcodec.dll
2009-04-10 08:25 <DIR> --d----- e:\program files\ATI
2009-04-08 16:42 <DIR> --d----- e:\program files\Seagate
2009-04-07 15:56 138,920 a-------

e:\windows\system32\drivers\PnkBstrK.sys

==================== Find3M

====================

2009-04-19 00:48 189,072 a-------

e:\windows\system32\PnkBstrB.exe
2009-04-07 16:30 139,152 a-------

e:\docume~1\home\applic~1\PnkBstrK.sys
2009-04-07 16:30 75,064 a-------

e:\windows\system32\PnkBstrA.exe
2009-04-07 16:30 794,408 a-------

e:\windows\system32\pbsvc.exe
2009-03-17 21:05 593,920 --------

e:\windows\system32\ati2sgag.exe
2009-03-16 22:33 3,597,312 a-------

e:\windows\system32\drivers\ati2mtag.sys
2009-03-16 21:27 442,368 a-------

e:\windows\system32\ATIDEMGX.dll
2009-03-16 21:26 328,704 a-------

e:\windows\system32\ati2dvag.dll
2009-03-16 21:17 307,200 a-------

e:\windows\system32\atiiiexx.dll
2009-03-16 21:17 204,800 a-------

e:\windows\system32\atipdlxx.dll
2009-03-16 21:16 155,648 a-------

e:\windows\system32\Oemdspif.dll
2009-03-16 21:16 26,112 a-------

e:\windows\system32\Ati2mdxx.exe
2009-03-16 21:16 43,520 a-------

e:\windows\system32\ati2edxx.dll
2009-03-16 21:16 155,648 a-------

e:\windows\system32\ati2evxx.dll
2009-03-16 21:15 602,112 a-------

e:\windows\system32\ati2evxx.exe
2009-03-16 21:13 53,248 a-------

e:\windows\system32\ATIDDC.DLL
2009-03-16 21:06 3,820,736 a-------

e:\windows\system32\ati3duag.dll
2009-03-16 21:04 11,563,008 a-------

e:\windows\system32\atioglxx.dll
2009-03-16 20:53 2,675,328 a-------

e:\windows\system32\ativvaxx.dll
2009-03-16 20:40 49,664 a-------

e:\windows\system32\atimpc32.dll
2009-03-16 20:40 49,664 a-------

e:\windows\system32\amdpcom32.dll
2009-03-16 20:36 475,136 a-------

e:\windows\system32\atikvmag.dll
2009-03-16 20:35 303,104 a-------

e:\windows\system32\atiok3x2.dll
2009-03-16 20:35 131,072 a-------

e:\windows\system32\atiadlxx.dll
2009-03-16 20:35 45,056 a-------

e:\windows\system32\aticalrt.dll
2009-03-16 20:34 45,056 a-------

e:\windows\system32\aticalcl.dll
2009-03-16 20:34 17,408 a-------

e:\windows\system32\atitvo32.dll
2009-03-16 20:34 53,248 a-------

e:\windows\system32\drivers\ati2erec.dll
2009-03-16 20:33 3,264,512 a-------

e:\windows\system32\aticaldd.dll
2009-03-16 20:28 630,784 a-------

e:\windows\system32\ati2cqag.dll
2009-03-15 11:08 430,080 a-------

e:\windows\system32\BSTIEPrintCtl1.dll
2009-03-15 11:08 417,792 a------- E:\NPcol305.dll
2009-03-09 05:19 410,984 a-------

e:\windows\system32\deploytk.dll
2009-03-06 15:22 284,160 a-------

e:\windows\system32\pdh.dll
2009-03-03 20:56 118,784 a-------

e:\windows\system32\atibtmon.exe
2009-02-23 22:39 184,394 a-------

e:\windows\system32\atiicdxx.dat
2009-02-20 09:10 666,112 --------

e:\windows\system32\wininet.dll
2009-02-20 09:10 81,920 --------

e:\windows\system32\ieencode.dll
2009-02-18 18:55 294,912 a-------

e:\windows\system32\ATIODE.exe
2009-02-12 23:08 87,608 a-------

e:\docume~1\home\applic~1\inst.exe
2009-02-12 23:08 47,360 a-------

e:\docume~1\home\applic~1\pcouffin.sys
2009-02-09 13:10 729,088 a-------

e:\windows\system32\lsasrv.dll
2009-02-09 13:10 714,752 a-------

e:\windows\system32\ntdll.dll
2009-02-09 13:10 617,472 a-------

e:\windows\system32\advapi32.dll
2009-02-09 13:10 401,408 a-------

e:\windows\system32\rpcss.dll
2009-02-09 12:13 1,846,784 a-------

e:\windows\system32\win32k.sys
2009-02-06 12:11 110,592 a-------

e:\windows\system32\services.exe
2009-02-06 12:06 2,145,280 a-------

e:\windows\system32\ntoskrnl.exe
2009-02-06 11:39 35,328 a-------

e:\windows\system32\sc.exe
2009-02-06 11:32 2,023,936 a-------

e:\windows\system32\ntkrnlpa.exe
2009-02-03 21:52 45,056 a-------

e:\windows\system32\ATIODCLI.exe
2009-02-03 20:59 56,832 a-------

e:\windows\system32\secur32.dll
2006-06-24 07:48 32,768 a----r--

e:\windows\inf\UpdateUSB.exe

============= FINISH: 20:15:43.40 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 14/10/2008 23:03:38
System Uptime: 20/04/2009 17:25:43 (3 hours ago)

Motherboard: ASUSTeK Computer INC. | | P5Q
Processor: Intel Pentium III Xeon processor | LGA 775 |

2999/333mhz

==== Disk Partitions =========================

A: is Removable
D: is CDROM (CDFS)
E: is FIXED (NTFS) - 298 GiB total, 150.789 GiB free.
F: is Removable
I: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP201: 21/01/2009 16:57:10 - System Checkpoint
RP202: 22/01/2009 18:58:42 - System Checkpoint
RP203: 23/01/2009 19:03:24 - System Checkpoint
RP204: 25/01/2009 00:33:51 - System Checkpoint
RP205: 26/01/2009 17:09:13 - System Checkpoint
RP206: 27/01/2009 17:20:33 - System Checkpoint
RP207: 29/01/2009 12:56:18 - System Checkpoint
RP208: 30/01/2009 18:32:55 - System Checkpoint
RP209: 31/01/2009 18:33:03 - System Checkpoint
RP210: 01/02/2009 20:31:31 - System Checkpoint
RP211: 03/02/2009 09:28:20 - System Checkpoint
RP212: 04/02/2009 17:14:29 - System Checkpoint
RP213: 05/02/2009 18:38:28 - System Checkpoint
RP214: 06/02/2009 19:19:13 - System Checkpoint
RP215: 07/02/2009 18:02:17 - Installed Macromedia Flash Player
RP216: 07/02/2009 22:27:46 - Installed Call of Duty® - World at

War™ 1.2 Patch
RP217: 09/02/2009 13:33:29 - System Checkpoint
RP218: 10/02/2009 13:43:39 - System Checkpoint
RP219: 11/02/2009 18:21:59 - System Checkpoint
RP220: 11/02/2009 19:55:54 - Installed MPlugin
RP221: 12/02/2009 00:18:31 - Software Distribution Service 3.0
RP222: 13/02/2009 12:05:18 - System Checkpoint
RP223: 14/02/2009 14:53:33 - System Checkpoint
RP224: 15/02/2009 19:20:50 - System Checkpoint
RP225: 16/02/2009 20:44:30 - System Checkpoint
RP226: 18/02/2009 08:36:40 - System Checkpoint
RP227: 19/02/2009 09:52:38 - System Checkpoint
RP228: 20/02/2009 12:06:59 - System Checkpoint
RP229: 21/02/2009 12:34:17 - System Checkpoint
RP230: 22/02/2009 16:06:19 - System Checkpoint
RP231: 23/02/2009 18:02:25 - System Checkpoint
RP232: 24/02/2009 18:47:45 - System Checkpoint
RP233: 25/02/2009 15:53:59 - Software Distribution Service 3.0
RP234: 25/02/2009 20:36:54 - Removed Java™ 6 Update 10
RP235: 25/02/2009 20:37:14 - Installed Java™ 6 Update 12
RP236: 26/02/2009 21:19:50 - System Checkpoint
RP237: 27/02/2009 21:24:13 - System Checkpoint
RP238: 01/03/2009 10:18:44 - System Checkpoint
RP239: 02/03/2009 20:34:10 - System Checkpoint
RP240: 03/03/2009 21:21:18 - System Checkpoint
RP241: 04/03/2009 21:25:28 - System Checkpoint
RP242: 06/03/2009 01:39:30 - System Checkpoint
RP243: 06/03/2009 01:49:31 - Software Distribution Service 3.0
RP244: 07/03/2009 10:18:27 - System Checkpoint
RP245: 08/03/2009 17:33:39 - System Checkpoint
RP246: 09/03/2009 18:33:22 - System Checkpoint
RP247: 10/03/2009 19:28:49 - System Checkpoint
RP248: 11/03/2009 00:06:44 - Installed DirectX
RP249: 12/03/2009 01:05:36 - Software Distribution Service 3.0
RP250: 13/03/2009 09:10:24 - System Checkpoint
RP251: 13/03/2009 23:21:21 - Installed Call of Duty® - World at

War™ 1.3 Patch
RP252: 14/03/2009 01:36:09 - Installed Futuremark SystemInfo
RP253: 15/03/2009 08:07:21 - System Checkpoint
RP254: 15/03/2009 20:26:05 - Installed DirectX
RP255: 17/03/2009 11:10:46 - System Checkpoint
RP256: 18/03/2009 14:03:02 - System Checkpoint
RP257: 19/03/2009 17:59:41 - System Checkpoint
RP258: 20/03/2009 18:09:51 - System Checkpoint
RP259: 21/03/2009 00:48:52 - Software Distribution Service 3.0
RP260: 22/03/2009 19:28:41 - System Checkpoint
RP261: 23/03/2009 20:03:57 - System Checkpoint
RP262: 24/03/2009 20:40:58 - System Checkpoint
RP263: 26/03/2009 18:41:29 - System Checkpoint
RP264: 27/03/2009 19:08:14 - System Checkpoint
RP265: 28/03/2009 20:03:58 - System Checkpoint
RP266: 30/03/2009 08:18:19 - System Checkpoint
RP267: 05/04/2009 22:22:28 - System Checkpoint
RP268: 07/04/2009 12:02:18 - System Checkpoint
RP269: 08/04/2009 10:30:42 - Installed Microsoft Works 6-9

Converter
RP270: 08/04/2009 16:42:02 - Installed FreeAgent Go Tools
RP271: 09/04/2009 20:01:00 - System Checkpoint
RP272: 09/04/2009 21:58:16 - Removed Steam
RP273: 09/04/2009 22:01:00 - Installed Steam
RP274: 10/04/2009 08:24:58 - Installed ATI Catalyst Control Center
RP275: 10/04/2009 08:25:56 - Installed ATI Catalyst Registration
RP276: 10/04/2009 08:26:13 - Installed World of Warcraft FREE Trial
RP277: 11/04/2009 12:24:35 - System Checkpoint
RP278: 12/04/2009 19:25:12 - System Checkpoint
RP279: 14/04/2009 11:57:42 - System Checkpoint
RP280: 15/04/2009 00:24:53 - Removed Steam
RP281: 15/04/2009 00:25:40 - Installed Steam
RP282: 15/04/2009 09:40:55 - Software Distribution Service 3.0
RP283: 16/04/2009 13:10:09 - Installed Microsoft Office Outlook

Connector
RP284: 17/04/2009 13:13:28 - System Checkpoint
RP285: 18/04/2009 13:38:42 - System Checkpoint
RP286: 18/04/2009 19:55:10 - Installed Java™ 6 Update 13
RP287: 19/04/2009 22:17:50 - System Checkpoint

==== Installed Programs ======================


3DMark06
ABBYY FineReader 6.0 Sprint
Ad-Aware
Adobe Acrobat 6.0 Professional
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Setup
Adobe Shockwave Player 11
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Alpha
Atheros Communications Inc.® AR8121/AR8113 Gigabit/Fast

Ethernet Driver
ATI - Software Uninstall Utility
ATI AVIVO Codecs
ATI Catalyst Control Center
ATI Display Driver
ATI HYDRAVISION
ATI Parental Control & Encoder
ATI Problem Report Wizard
µTorrent
Battlefield 2™
Battlefield 2142
Battlefield Heroes
Call of Duty® - World at War™
Call of Duty® - World at War™ 1.1 Patch
Call of Duty® - World at War™ 1.2 Patch
Call of Duty® - World at War™ 1.3 Patch
Call of Duty® 4 - Modern Warfare™
Call of Duty® 4 - Modern Warfare™ 1.6 Patch
Call of Duty® 4 - Modern Warfare™ 1.7 Patch
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center HydraVision Full
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
CCleaner (remove only)
Compatibility Pack for the 2007 Office system
Creative Audio Console
Emote-Launcher (remove only)
EPU-6 Engine
ESET Smart Security
Far Cry 2
Flash Slideshow Maker Pro 4.88
foobar2000 v0.9.6.3
FreeAgent Go Tools
Futuremark SystemInfo
gBurner
GCFScape 1.3.1
Grand Theft Auto IV
High Definition Audio Driver Package - KB888111
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB952287)
ImagXpress
Java™ 6 Update 13
K-Lite Codec Pack 4.1.7 (Standard)
Lexmark 4300 Series
Lexmark Fax Solutions
Magic ISO Maker v5.5 (build 0273)
Malwarebytes' Anti-Malware
marvell 61xx
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Outlook Connector
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Works 6-9 Converter
Microsoft Xbox 360 Accessories 1.1
Mozilla Firefox (3.0.8)
MPlugin
MSXML 4.0
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB925673)
Need for Speed™ Undercover
Nero ControlCenter
Nero Vision
neroxml
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)
PartitionMagic
PDF Settings
PowerQuest PartitionMagic 8.0
PunkBuster Services
Realtek High Definition Audio Driver
Rockstar Games Social Club
Security Update for CAPICOM (KB931906)
Security Update for Windows Media Player (KB952069)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB963027)
Skins
Skype™ 3.8
Spybot - Search & Destroy
Steam
TeamSpeak 2 RC2
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Visual C++ 8.0 CRT (x86) WinSXS MSM
WebFldrs XP
Window Washer
Windows Communication Foundation
Windows Genuine Advantage Notifications (KB905474)
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Service Pack 3
WinRAR archiver
WinZip 12.0
World of Warcraft FREE Trial
Xfire (remove only)
XML Paper Specification Shared Components Pack 1.0
Zune Desktop Theme

==== Event Viewer Messages From Past Week ========

18/04/2009 07:51:22, error: Service Control Manager [7000] - The

FAH@E:+Documents and Settings+home+My

Documents+Downloads+FarCry2+crack+[RAZOR1911][WEB SEED]

FAR CRY 2 CRACK - REAL 100% FULLY WORKING+FAH.exe service

failed to start due to the following error: The system cannot find

the file specified.
18/04/2009 00:04:28, error: Service Control Manager [7031] - The

Print Spooler service terminated unexpectedly. It has done this 2

time(s). The following corrective action will be taken in 60000

milliseconds: Restart the service.
17/04/2009 23:17:42, error: Service Control Manager [7034] - The

lxce_device service terminated unexpectedly. It has done this 1

time(s).
17/04/2009 23:17:39, error: Service Control Manager [7034] - The

Seagate Sync Service service terminated unexpectedly. It has done

this 1 time(s).
17/04/2009 23:17:34, error: Service Control Manager [7031] - The

Print Spooler service terminated unexpectedly. It has done this 1

time(s). The following corrective action will be taken in 60000

milliseconds: Restart the service.
17/04/2009 23:17:31, error: Service Control Manager [7034] - The

Lavasoft Ad-Aware Service service terminated unexpectedly. It has

done this 1 time(s).
14/04/2009 12:53:49, error: Print [6161] - The document Microsoft

Word - COUSINS 2008.doc owned by home failed to print on printer

Lexmark 4300 Series. Data type: LEMF. Size of the spool file in

bytes: 2290848. Number of bytes printed: 0. Total number of pages

in the document: 2. Number of pages printed: 2. Client machine:

\\HOME-5I8WR0EGV2. Win32 error code returned by the print

processor: 0 (0x0).
14/04/2009 12:49:28, error: Print [6161] - The document Microsoft

Word - COUSINS 2008.doc owned by home failed to print on printer

Lexmark 4300 Series. Data type: LEMF. Size of the spool file in

bytes: 2291696. Number of bytes printed: 0. Total number of pages

in the document: 2. Number of pages printed: 1. Client machine:

\\HOME-5I8WR0EGV2. Win32 error code returned by the print

processor: 0 (0x0).
14/04/2009 12:48:49, error: Print [6161] - The document Microsoft

Word - COUSINS 2008.doc owned by home failed to print on printer

Lexmark 4300 Series. Data type: LEMF. Size of the spool file in

bytes: 1056340. Number of bytes printed: 0. Total number of pages

in the document: 1. Number of pages printed: 16. Client machine:

\\HOME-5I8WR0EGV2. Win32 error code returned by the print

processor: 0 (0x0).
14/04/2009 10:58:55, error: Print [6161] - The document

E:\Documents and Settings\home\Local Settings\Application

Data\Mozilla\Firefox\Profiles\s6j2urmu.default\Cache\F054C220d0

1.pdf owned by home failed to print on printer Lexmark 4300

Series. Data type: LEMF. Size of the spool file in bytes: 20. Number

of bytes printed: 20. Total number of pages in the document: 0.

Number of pages printed: 0. Client machine: \\HOME-5I8WR0EGV2.

Win32 error code returned by the print processor: 123 (0x7b).

==== End Of File ===========================

Thanks for any advice.

Attached Files


Te aurdire no possum. Musa sapienum fixa est in aura

BC AdBot (Login to Remove)

 


#2 monkeyspanker

monkeyspanker
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 20 April 2009 - 04:26 PM

ok i have sorted it out and have removed the virus it was a vundo virus. so mods please close thank you to those that took the time to read the OP.
Te aurdire no possum. Musa sapienum fixa est in aura

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:10:12 AM

Posted 03 May 2009 - 11:22 PM

Thanks for informing us.

This thread is closed.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users