Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not sure if system is clean


  • This topic is locked This topic is locked
3 replies to this topic

#1 Sodium OH

Sodium OH

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 11 June 2009 - 03:38 PM

My first topic can be found here:

http://www.bleepingcomputer.com/forums/t/233272/google-search-results/

As suggested, here are the logs:

_______________

First, DDS.txt


DDS (Ver_09-05-14.01) - NTFSx86
Run by HP_Owner at 16:26:16.53 on Thu 06/11/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.102 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\AGRSMMSG.exe
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Owner.YOUR-F78BF48CE2\Desktop\abcd\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.aol.com/
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://shop.trendmicro.com/tmasy/eol.html?X=300&Y=300&WIDTH=690&HEIGHT=480
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: HP view: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\KEM.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\npjpi150.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243740071282
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {FA010552-4A27-4cb1-A1BB-3E2D697F1639} - No File
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-30 325896]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-5-30 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-30 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-20 298776]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 getPlus® Helper;getPlus® Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2009-5-31 33176]

=============== Created Last 30 ================

2009-06-10 00:27 246,272 -------- c:\windows\system32\dllcache\ieproxy.dll
2009-06-10 00:27 12,800 -------- c:\windows\system32\dllcache\xpshims.dll
2009-06-10 00:27 1,985,024 -------- c:\windows\system32\dllcache\iertutil.dll
2009-06-10 00:27 11,064,832 -------- c:\windows\system32\dllcache\ieframe.dll
2009-06-07 12:35 9,072 -------- c:\windows\system32\drivers\cdr4_xp.sys
2009-06-07 12:35 9,200 -------- c:\windows\system32\drivers\cdralw2k.sys
2009-06-07 12:34 --d----- c:\windows\system32\IOSUBSYS
2009-06-03 17:29 --d----- c:\program files\Safer Networking
2009-06-03 12:18 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-06-03 12:18 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-03 12:17 --d----- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-03 12:16 --d----- c:\program files\Bonjour
2009-06-01 10:44 0 a------- c:\docume~1\hp_own~1.you\applic~1\wklnhst.dat
2009-05-31 13:07 --d----- c:\windows\system32\LogFiles
2009-05-31 12:06 --d----- c:\program files\IZArc
2009-05-31 11:55 --d----- c:\documents and settings\hp_owner.your-f78bf48ce2\Tracing
2009-05-31 11:52 --d----- c:\program files\Windows Live SkyDrive
2009-05-31 11:47 --d----- c:\program files\common files\Windows Live
2009-05-31 11:23 --d----- c:\program files\CCleaner
2009-05-31 10:35 --d----- c:\windows\system32\scripting
2009-05-31 10:35 --d----- c:\windows\system32\bits
2009-05-31 10:11 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2009-05-31 10:10 198,656 a------- c:\windows\system32\CNMLM7I.DLL
2009-05-31 10:10 195,072 a------- c:\windows\system32\CNCC450.DLL
2009-05-31 10:10 139,264 a------- c:\windows\system32\CNCL450.DLL
2009-05-31 10:10 106,496 a------- c:\windows\system32\cncisco.dll
2009-05-31 10:10 37,888 a------- c:\windows\system32\CNCI450.DLL
2009-05-31 10:01 25,856 a------- c:\windows\system32\drivers\usbprint.sys
2009-05-31 09:56 --d----- c:\docume~1\hp_own~1.you\applic~1\Malwarebytes
2009-05-31 09:56 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-31 09:56 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-05-31 09:56 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-31 09:54 32,128 a------- c:\windows\system32\drivers\usbccgp.sys
2009-05-31 09:48 --d-h--- C:\$AVG8.VAULT$
2009-05-31 02:38 --d----- c:\program files\File Shredder
2009-05-31 02:31 --d----- c:\program files\SpywareBlaster
2009-05-31 01:36 --d----- c:\docume~1\hp_own~1.you\applic~1\AOL
2009-05-31 01:23 --d----- c:\docume~1\alluse~1\applic~1\DAEMON Tools Lite
2009-05-31 01:23 --d----- c:\program files\DAEMON Tools Toolbar
2009-05-31 01:23 --d----- c:\program files\DAEMON Tools Lite
2009-05-31 01:17 721,904 a------- c:\windows\system32\drivers\sptd.sys
2009-05-31 01:17 --d----- c:\docume~1\hp_own~1.you\applic~1\DAEMON Tools Lite
2009-05-31 01:13 --d----- c:\docume~1\hp_own~1.you\applic~1\scar5
2009-05-31 01:12 --dshr-- C:\cmdcons
2009-05-31 01:05 163,840 a------- c:\windows\system32\igfxres.dll
2009-05-31 01:04 221,184 a------- c:\windows\system32\wmpns.dll
2009-05-31 01:04 1,828 a--shr-- c:\windows\system32\drivers\103C_HP_CPC_PX743AA-ABA a1110n_YC_0Pavi_QCNH519_E53NAheBLU2_47_IGuppy_SASUSTek Computer INC._V1.03_B3.08_T050509_WXH2_L409_M504_J160_7Intel_8Celeron_93.07_#050723_N10EC8139_Z11C1048C_G80862562_OHP DVD Writer 640c.MRK
2009-05-31 01:04 --d----- c:\docume~1\hp_own~1.you\applic~1\Symantec
2009-05-31 01:03 --d----- c:\documents and settings\hp_owner.your-f78bf48ce2\WINDOWS
2009-05-31 01:03 --d----- c:\documents and settings\HP_Owner.YOUR-F78BF48CE2
2009-05-31 00:56 12,160 a------- c:\windows\system32\drivers\mouhid.sys
2009-05-31 00:56 10,368 a------- c:\windows\system32\drivers\hidusb.sys
2009-05-31 00:32 268,648 a------- c:\windows\system32\mucltui.dll
2009-05-31 00:32 27,496 a------- c:\windows\system32\mucltui.dll.mui
2009-05-31 00:31 --dshr-- c:\windows\system32\dllcache
2009-05-30 23:54 276,992 -------- c:\windows\system32\wmphoto.dll
2009-05-30 23:54 69,120 -------- c:\windows\system32\wlanapi.dll
2009-05-30 23:54 712,704 -------- c:\windows\system32\windowscodecs.dll
2009-05-30 23:54 346,112 -------- c:\windows\system32\windowscodecsext.dll
2009-05-30 23:52 155,136 -------- c:\windows\system32\mssha.dll
2009-05-30 23:51 19,569 a------- c:\windows\005542_.tmp
2009-05-30 23:40 138,496 -------- c:\windows\system32\dllcache\afd.sys
2009-05-30 23:40 144,896 -------- c:\windows\system32\dllcache\schannel.dll
2009-05-30 23:40 284,160 -------- c:\windows\system32\dllcache\pdh.dll
2009-05-30 23:39 473,600 -------- c:\windows\system32\dllcache\fastprox.dll
2009-05-30 23:39 401,408 -------- c:\windows\system32\dllcache\rpcss.dll
2009-05-30 23:39 227,840 -------- c:\windows\system32\dllcache\wmiprvse.exe
2009-05-30 23:39 110,592 -------- c:\windows\system32\dllcache\services.exe
2009-05-30 23:39 453,120 -------- c:\windows\system32\dllcache\wmiprvsd.dll
2009-05-30 23:39 729,088 -------- c:\windows\system32\dllcache\lsasrv.dll
2009-05-30 23:39 617,472 -------- c:\windows\system32\dllcache\advapi32.dll
2009-05-30 23:39 714,752 -------- c:\windows\system32\dllcache\ntdll.dll
2009-05-30 23:39 2,189,056 -------- c:\windows\system32\dllcache\ntoskrnl.exe
2009-05-30 23:39 2,145,280 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-05-30 23:39 2,023,936 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2009-05-30 23:38 203,136 -------- c:\windows\system32\dllcache\rmcast.sys
2009-05-30 23:38 333,952 -------- c:\windows\system32\dllcache\srv.sys
2009-05-30 23:37 8,461,312 -------- c:\windows\system32\dllcache\shell32.dll
2009-05-30 23:37 691,712 -------- c:\windows\system32\dllcache\inetcomm.dll
2009-05-30 23:36 455,296 -------- c:\windows\system32\dllcache\mrxsmb.sys
2009-05-30 23:35 1,847,168 -------- c:\windows\system32\dllcache\win32k.sys
2009-05-30 23:34 337,408 -------- c:\windows\system32\dllcache\netapi32.dll
2009-05-30 23:29 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-05-30 23:29 215,552 -------- c:\windows\system32\dllcache\wordpad.exe
2009-05-30 23:24 --d----- c:\windows\system32\PreInstall
2009-05-30 23:12 --dsh--- c:\documents and settings\hp_owner.your-f78bf48ce2\IECompatCache
2009-05-30 23:12 --dsh--- c:\documents and settings\hp_owner.your-f78bf48ce2\PrivacIE
2009-05-30 23:09 --dsh--- c:\documents and settings\hp_owner.your-f78bf48ce2\IETldCache
2009-05-30 23:02 26,144 a------- c:\windows\system32\spupdsvc.exe
2009-05-30 22:57 102,912 -------- c:\windows\system32\dllcache\iecompat.dll
2009-05-30 22:49 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-30 22:49 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-30 22:49 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-30 22:48 --d----- c:\windows\system32\drivers\Avg
2009-05-30 22:48 --d----- c:\docume~1\hp_own~1.you\applic~1\AVGTOOLBAR
2009-05-30 22:36 24,960 a----r-- c:\windows\system32\drivers\ATWPKT2.SYS
2009-05-30 22:36 --d----- c:\windows\system32\SoftwareDistribution
2009-05-30 22:36 33,588 a----r-- c:\windows\system32\drivers\wanatw4.sys
2009-05-28 12:39 244 a---h--- C:\sqmnoopt19.sqm
2009-05-28 12:39 232 a---h--- C:\sqmdata19.sqm
2009-05-27 09:37 --d----- c:\windows\Ask & Record Toolbar
2009-05-26 17:18 90,112 a------- c:\windows\system32\QuickTimeVR.qtx
2009-05-26 17:18 57,344 a------- c:\windows\system32\QuickTime.qts
2009-05-23 20:57 --d----- c:\docume~1\alluse~1\applic~1\TVU Networks
2009-05-14 10:34 8,412 a------- C:\rr.clt

==================== Find3M ====================

2009-05-13 01:15 5,936,128 a------- c:\windows\system32\dllcache\mshtml.dll
2009-05-13 01:15 915,456 a------- c:\windows\system32\wininet.dll
2009-05-13 01:15 915,456 a------- c:\windows\system32\dllcache\wininet.dll
2009-05-07 11:32 345,600 a------- c:\windows\system32\localspl.dll
2009-05-07 11:32 345,600 -------- c:\windows\system32\dllcache\localspl.dll
2009-05-01 14:30 3,366,912 a------- c:\windows\system32\GPhotos.scr
2009-04-30 17:22 1,207,808 a------- c:\windows\system32\dllcache\urlmon.dll
2009-04-30 17:22 25,600 a------- c:\windows\system32\dllcache\jsproxy.dll
2009-04-30 17:22 385,536 a------- c:\windows\system32\dllcache\iedkcs32.dll
2009-04-30 07:21 173,056 a------- c:\windows\system32\dllcache\ie4uinit.exe
2009-04-17 08:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-15 10:51 585,216 a------- c:\windows\system32\rpcrt4.dll
2009-04-15 10:51 585,216 -------- c:\windows\system32\dllcache\rpcrt4.dll
2009-03-21 10:06 989,696 -------- c:\windows\system32\dllcache\kernel32.dll
2005-09-11 22:09 4,008,448 ac------ c:\program files\epson10190.exe

============= FINISH: 16:27:23.39 ===============


Second, Attach.txt


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 5/31/2009 1:01:30 AM
System Uptime: 6/10/2009 3:47:13 AM (37 hours ago)

Motherboard: ASUSTek Computer INC. | | Guppy
Processor: Intel® Celeron® CPU 3.06GHz | PGA 478 | 3066/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 142 GiB total, 112.377 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 1.252 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
K: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 5/31/2009 1:24:10 AM - Configured easy Internet sign-up
RP2: 5/31/2009 1:33:53 AM - Removed Adobe Acrobat - Reader 6.0.2 Update
RP3: 5/30/2009 10:48:44 PM - Installed AVG Free 8.5
RP4: 5/30/2009 10:57:13 PM - Software Distribution Service 3.0
RP5: 5/30/2009 11:02:24 PM - Installed Windows Internet Explorer 8.
RP6: 5/30/2009 11:03:59 PM - Software Distribution Service 3.0
RP7: 5/30/2009 11:23:09 PM - Software Distribution Service 3.0
RP8: 5/30/2009 11:55:17 PM - Software Distribution Service 3.0
RP9: 5/31/2009 12:15:30 AM - Removed Norton Security Center
RP10: 5/31/2009 12:41:54 AM - Software Distribution Service 3.0
RP11: 5/31/2009 1:17:35 AM - SPTD setup V1.58
RP12: 5/31/2009 1:54:13 AM - Software Distribution Service 3.0
RP13: 5/31/2009 2:46:06 AM - Installed Windows Defender
RP14: 5/31/2009 2:47:01 AM - Software Distribution Service 3.0
RP15: 5/31/2009 10:12:22 AM - Software Distribution Service 3.0
RP16: 5/31/2009 10:57:57 AM - Software Distribution Service 3.0
RP17: 5/31/2009 11:27:53 AM - Removed Adobe Reader 6.0.1
RP18: 5/31/2009 11:28:15 AM - Installed Adobe Reader 9.1.
RP19: 5/31/2009 1:04:13 PM - Installed Windows Media Player 10
RP20: 5/31/2009 1:06:21 PM - Software Distribution Service 3.0
RP21: 5/31/2009 1:26:19 PM - Software Distribution Service 3.0
RP22: 5/31/2009 11:05:46 PM - Software Distribution Service 3.0
RP23: 6/1/2009 1:16:51 PM - Removed Microsoft Office Standard Edition 2003
RP24: 5/11/2008 1:33:10 PM - Installed Microsoft Office Professional Edition 2003
RP25: 6/1/2009 1:49:31 PM - 060109
RP26: 6/1/2009 2:48:28 PM - Software Distribution Service 3.0
RP27: 6/1/2009 2:50:03 PM - Software Distribution Service 3.0
RP28: 6/1/2009 3:34:12 PM - Software Distribution Service 3.0
RP29: 6/2/2009 10:38:27 AM - Software Distribution Service 3.0
RP30: 6/3/2009 11:58:47 AM - Configured iTunes
RP31: 6/3/2009 12:17:08 PM - Installed iTunes
RP32: 6/4/2009 6:24:56 PM - System Checkpoint
RP33: 6/4/2009 8:10:36 PM - Software Distribution Service 3.0
RP34: 6/5/2009 9:26:29 PM - System Checkpoint
RP35: 6/6/2009 10:12:28 PM - System Checkpoint
RP36: 6/7/2009 11:12:31 PM - System Checkpoint
RP37: 6/9/2009 12:12:28 AM - System Checkpoint
RP38: 6/9/2009 2:12:10 AM - Software Distribution Service 3.0
RP39: 6/10/2009 2:12:36 AM - System Checkpoint
RP40: 6/10/2009 3:03:02 AM - Software Distribution Service 3.0
RP41: 6/11/2009 3:55:53 AM - System Checkpoint

==== Installed Programs ======================

Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1.1
Agere Systems PCI Soft Modem
AiO_Scan
AiOSoftware
Apple Mobile Device Support
Apple Software Update
AVG Free 8.5
Bonjour
BufferChm
CameraDrivers
Canon MP450
CCleaner (remove only)
Choice Guard
Copy
CP_AtenaShokunin1Config
cp_dwSharkTaleAlbums1
cp_dwSharkTaleCards1
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CP_PLSBusinessFlyers
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Destinations
Director
DocProc
DocumentViewer
Easy Internet Sign-up
Fax
File Shredder 2.0
FileAlyzer
Help and Support Additions
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Boot Optimizer
HP Deskjet Printer Preload
HP Help and Support 4.0
HP Image Zone 4.8.6
HP Image Zone Plus 4.8.6
HP Organize
HP Photosmart Cameras 4.5
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Software Update
HPIZplus450
HpSdpAppCoreApp
HPSystemDiagnostics
InstantShare
Intel® Extreme Graphics Driver
IntelliMover Data Transfer Demo
InterVideo WinDVD Player
iTunes
IZArc 4.0 beta 1
J2SE Runtime Environment 5.0
KBD
LS_HSI
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Professional Edition 2003
Microsoft Plus! Dancer LE
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSVCRT
MSXML 4.0 SP2 (KB954430)
muvee autoProducer 4.0
PanoStandAlone
PC-Doctor for Windows
PhotoGallery
Photosmart 320,370,7400,8100,8400 Series
Picasa 3
PrintScreen
PS2
PSPrinters06
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QFolder
QuickProjects
QuickTime
Readme
RealPlayer
Remove Microsoft Money 2005 installer
Remove Quicken New User Edition installer
Remove WeatherBug installer
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Segoe UI
SkinsHP1
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
SpySubtract
SpywareBlaster 4.2
TrayApp
Unload
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Updates from HP
WebFldrs XP
WebReg
Windows Defender
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Messenger

==== Event Viewer Messages From Past Week ========

6/7/2009 8:28:57 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/6/2009 12:22:37 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/6/2009 12:21:34 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/6/2009 1:24:30 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/10/2009 3:35:50 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
6/10/2009 3:35:08 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).

==== End Of File ===========================

____

thx in advance!

BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 AM

Posted 20 June 2009 - 05:24 PM

Hi

My name is Extremeboy (or EB for short), and I will be helping you with your log.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

If you do not make a reply in 5 days, we will need to close your topic.

You may want to keep the link to this topic in your favourites. Alternatively, you can click the Posted Image button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.

Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply.
  • Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just post back here so that we know you're still here.



If you still require assistance post a new set of DDS Logs and a description of any remaining problems or symptoms you may still have please.

If for any reason you did not post a DDS log please refer to this page and in step #6 there is instructions on downloading and running DDS. IF you have any problems just let me know in your next reply or simply post a Hijackthis log.

Thanks again and we apologzie for the delay.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 AM

Posted 22 June 2009 - 04:58 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 5-7 from the last day I replied initially, the topic will need to be closed.

Thanks for understanding.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 AM

Posted 25 June 2009 - 04:52 PM

Hello.

Due to Lack of feedback, this topic is now Closed.

If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic in the Hijackthis-Malware Removal forum.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users