Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Did I have an intrusion and what did they get? part 2


  • This topic is locked This topic is locked
2 replies to this topic

#1 catdog02895

catdog02895

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 03 August 2009 - 02:39 PM

Hello,

I was instructed to move this post to this forum. So I have repeated the original plus the dds files.
I have a friend that had her bank account compromised and actually had funds taken out. She was told to have her computers checked. I have scanned and cleaned many computers, but finding the offending infection/malware in order to track its stolen information hasn't been something I've looked into. Is it possible to determine if the computer was compromised, and if so, where and how? I was wondering if it could be determined from the infected files where the perpetrators may have stolen some personal data, i.e. bank account info, prior to removing the infected files?



DDS (Ver_09-07-30.01) - NTFSx86
Run by cyndi at 15:30:45.90 on 2009-08-03
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.448 [GMT -4:00]

AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe
C:\Program Files\Dell Photo AIO Printer 944\memcard.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\dlcdcoms.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\cyndi\Local Settings\Temporary Internet Files\Content.IE5\JT31RR1K\dds[1].scr

============== Pseudo HJT Report ===============

mDefault_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101664&gct=&gc=1&q=
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\2.0.1121.2472\swg.dll
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [DLCDCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCDtime.dll,_RunDLLEntry@16
mRun: [dlcdmon.exe] "c:\program files\dell photo aio printer 944\dlcdmon.exe"
mRun: [MemoryCardManager] "c:\program files\dell photo aio printer 944\memcard.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
Notify: igfxcui - igfxdev.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]
R1 klif;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2008-10-27 226832]
R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [2007-9-18 34916]
R3 dlcd_device;dlcd_device;c:\windows\system32\dlcdcoms.exe -service --> c:\windows\system32\dlcdcoms.exe -service [?]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2009-4-25 28672]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-8-3 38160]
S0 xwB41;xwB41;c:\windows\system32\drivers\xwb41.sys --> c:\windows\system32\drivers\xwB41.sys [?]
S2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe -r --> c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe -r [?]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S2 oseseclogon;Office Source Engine oseseclogon;š%€|x srv --> š%€|x srv [?]

=============== Created Last 30 ================

2009-08-03 11:47 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 11:46 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-03 11:46 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-03 11:36 21,504 a------- c:\windows\system32\hidserv.dll
2009-08-03 11:36 21,504 a------- c:\windows\system32\dllcache\hidserv.dll
2009-07-23 10:30 91 a------- c:\windows\system32\vsfocedelwknem.dat
2009-07-23 10:19 40,448 a------- c:\windows\system32\vsfocevsacomop.dll
2009-07-23 10:19 2,684 a------- c:\windows\system32\vsfoceyjdhcgjh.dat
2009-07-12 16:28 2,414,360 a------- c:\windows\system32\d3dx9_31.dll
2009-07-12 16:28 <DIR> --d----- c:\windows\Logs
2009-07-12 16:28 <DIR> --d----- c:\program files\Sony Online Entertainment

==================== Find3M ====================

2009-08-03 11:34 13,922,080 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-08-03 11:34 778,272 a--sh--- c:\windows\system32\drivers\fidbox2.dat
2009-08-03 11:34 188,576 a--sh--- c:\windows\system32\drivers\fidbox.idx
2009-08-03 11:34 65,972 a--sh--- c:\windows\system32\drivers\fidbox2.idx
2009-07-18 12:00 1,509,888 a------- c:\windows\system32\dllcache\shdocvw.dll
2009-07-18 12:00 3,069,440 a------- c:\windows\system32\dllcache\mshtml.dll
2009-07-15 13:05 33,808 a------- c:\windows\system32\drivers\klbg.sys
2009-07-15 13:05 105,395 a------- c:\windows\system32\drivers\klin.dat
2009-07-15 13:05 94,643 a------- c:\windows\system32\drivers\klick.dat
2009-06-30 13:28 3,182 a------- c:\docume~1\cyndi\applic~1\wklnhst.dat
2009-06-22 07:40 18,432 a------- c:\windows\system32\dllcache\iedw.exe
2009-06-16 10:55 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 10:55 82,432 a------- c:\windows\system32\fontsub.dll
2009-06-16 10:55 119,808 -------- c:\windows\system32\dllcache\t2embed.dll
2009-06-16 10:55 82,432 -------- c:\windows\system32\dllcache\fontsub.dll
2009-06-03 15:24 1,291,264 a------- c:\windows\system32\quartz.dll
2009-06-03 15:24 1,291,264 a------- c:\windows\system32\dllcache\quartz.dll
2009-05-07 11:44 344,064 a------- c:\windows\system32\localspl.dll
2009-05-07 11:44 344,064 -------- c:\windows\system32\dllcache\localspl.dll
2007-10-10 12:27 630,784 a------- c:\documents and settings\cyndi\GoToAssist_chat2way__317_en.exe
2009-02-22 14:39 56 ---shr-- c:\windows\system32\F2527A8EFD.sys
2007-09-20 16:02 8 ---shr-- c:\windows\system32\FD8E7A52F2.sys
2009-02-22 14:39 5,852 a--sh--- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 15:31:11.00 ===============





UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 2007-09-18 14:02:55
System Uptime: 2009-08-03 11:35:04 (4 hours ago)

Motherboard: Dell Inc. | | 0JC474
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 51 GiB total, 26.688 GiB free.
D: is FIXED (NTFS) - 18 GiB total, 2.788 GiB free.
E: is CDROM (CDFS)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP172: 2009-07-23 10:19:57 - Installed iTunes
RP173: 2009-07-23 10:19:58 - System Checkpoint
RP174: 2009-07-23 10:19:58 - Software Distribution Service 3.0
RP175: 2009-07-23 10:19:58 - System Checkpoint
RP176: 2009-07-23 10:19:58 - System Checkpoint
RP177: 2009-07-23 10:19:59 - System Checkpoint
RP178: 2009-07-23 10:19:59 - System Checkpoint
RP179: 2009-07-23 10:19:59 - Software Distribution Service 3.0
RP180: 2009-07-23 10:19:59 - System Checkpoint
RP181: 2009-07-23 10:19:59 - System Checkpoint
RP182: 2009-07-23 10:19:59 - System Checkpoint
RP183: 2009-07-23 10:20:00 - System Checkpoint
RP184: 2009-07-23 10:20:00 - System Checkpoint
RP185: 2009-07-23 10:20:00 - System Checkpoint
RP186: 2009-07-23 10:20:00 - System Checkpoint
RP187: 2009-07-23 10:20:00 - System Checkpoint
RP188: 2009-07-23 10:20:00 - Software Distribution Service 3.0
RP189: 2009-07-23 10:20:01 - Software Distribution Service 3.0
RP190: 2009-07-23 10:20:01 - System Checkpoint
RP191: 2009-07-23 10:20:02 - System Checkpoint
RP192: 2009-07-23 10:20:02 - System Checkpoint
RP193: 2009-07-23 10:20:02 - System Checkpoint
RP194: 2009-07-23 10:20:02 - System Checkpoint
RP195: 2009-07-23 10:20:02 - System Checkpoint
RP196: 2009-07-23 10:20:02 - System Checkpoint
RP197: 2009-07-23 10:20:03 - System Checkpoint
RP198: 2009-07-23 10:20:03 - System Checkpoint
RP199: 2009-07-23 10:20:03 - System Checkpoint
RP200: 2009-07-23 10:20:03 - Installed DirectX
RP201: 2009-07-23 10:20:03 - System Checkpoint
RP202: 2009-07-23 10:20:03 - Software Distribution Service 3.0
RP203: 2009-07-23 10:20:03 - System Checkpoint
RP204: 2009-07-23 10:20:04 - System Checkpoint
RP205: 2009-07-23 10:20:04 - System Checkpoint
RP206: 2009-07-23 10:20:04 - System Checkpoint
RP207: 2009-07-23 10:20:04 - System Checkpoint
RP208: 2009-07-25 06:54:45 - System Checkpoint
RP209: 2009-07-26 07:10:10 - System Checkpoint
RP210: 2009-07-27 09:45:41 - System Checkpoint
RP211: 2009-07-28 10:44:07 - System Checkpoint
RP212: 2009-07-28 23:32:28 - Software Distribution Service 3.0
RP213: 2009-08-03 14:57:31 - System Checkpoint

==== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1)
ABBYY FineReader 6.0 Sprint
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
Adobe Shockwave Player
America Online (Choose which version to remove)
AOLIcon
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Bonjour
Conexant D850 56K V.9x DFVc Modem
Corel Paint Shop Pro X
Corel Photo Album 6
Coupon Printer for Windows
DAO 3.5
Dell CinePlayer
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Photo AIO Printer 944
Dell System Restore
Digital Content Portal
Digital Line Detect
Documentation & Support Launcher
EarthLink setup files
EducateU
ELIcon
ESPNMotion
Free Realms Installer
FrostWire 4.18.0
Games, Music, & Photos Launcher
Google Earth
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB908673)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB952287)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections
Internet Service Offers Launcher
iTunes
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Java 2 Runtime Environment, SE v1.4.2_03
Java™ 6 Update 2
Kaspersky Internet Security 2009
Learn2 Player (Uninstall Only)
LibUSB-Win32-0.1.12.1
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Standard 2006
Microsoft Digital Image Standard 2006 Editor
Microsoft Digital Image Standard 2006 Library
Microsoft Encarta Encyclopedia Standard 2006
Microsoft Money 2006
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007 Trial
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Software Update for Web Folders (English) 12
Microsoft Works
Microsoft Works Suite 2006 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Modem Helper
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Musicmatch for Windows Media Player
Musicmatch® Jukebox
NetWaiting
NetZeroInstallers
Norton PC Checkup
Otto
Quicken Basic 2000
QuickTime
RealPlayer Basic
Roxio DLA
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Visio 2007 (KB947590)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB973346)
Sonic Activation Module
Sonic Encoders
Sonic Update Manager
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Outlook 2007 (KB969907)
Update for Outlook 2007 Junk Email Filter (kb971933)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update Rollup 2 for Windows XP Media Center Edition 2005
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Installer 3.1 (KB893803)
Windows Live installer
Windows Live Mail
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890927
Windows XP Hotfix - KB891781
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB912067
Works Upgrade

==== Event Viewer Messages From Past Week ========

2009-08-03 15:20:52, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the ShellHWDetection service.
2009-08-03 11:45:46, error: Removable Storage Service [106] - Multisided media 1 could not be identified in library HP v100w USB Device. RSM attempted to flip the media to identify the second side but could not because the media was in use by another process. This media has been forced into the Unrecognized pool and left in the disabled state. Perform a full inventory or eject the media and re-insert it into the library to fix this situation.
2009-08-03 11:30:56, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the dmserver service.
2009-08-03 11:29:56, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NtmsSvc service.
2009-08-03 11:29:21, error: Removable Storage Service [111] - RSM could not load media in drive Drive 0 of library HP v100w USB Device.
2009-07-28 15:37:08, error: Service Control Manager [7024] - The Media Center Extender Service service terminated with service-specific error 2147500037 (0x80004005).
2009-07-28 15:37:02, error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.

==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:12:28 PM

Posted 13 August 2009 - 01:50 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#3 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:01:28 PM

Posted 20 August 2009 - 08:49 PM

Due to lack of feedback, this topic has been closed.
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users