Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Total Security Virus


  • This topic is locked This topic is locked
2 replies to this topic

#1 luke

luke

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 20 August 2009 - 05:45 PM

I've been infected with the Total Security Virus. I read the tutorial off the forums on how to remove it. I was unable to get any of the programs that were suggested to run as his virus closes all windows/blocks certain programs. I restarted in safe mode and ran a virus scan w/ my virus scanner (trend micro) It found one file and I deleted it. (It didnt seem like it was a file associated with the TSV, but then agian what do i know =P) I then restarted and evrything loaded up fine and seem to have taken care of the problem. However i still notice .exe programs running in my task manager that I have never seen b4 and they look suspicious. Im not confident that Ive gotten rid of TSV... so here i am =D I d/l the Malwarebyte program suggested and did a quick scan, nothing
Here are the attach and DDS files. I cant get the root repel program to work, i get an error message when i hit scan that says DeviceIoControl Error! Error Code = 0X0

Attach File


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 8/30/2006 1:12:20 AM
System Uptime: 8/20/2009 4:30:23 PM (1 hours ago)

Motherboard: Dell Inc. | | 0WG864
Processor: IntelŪ PentiumŪ 4 CPU 3.06GHz | Microprocessor | 3059/533mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 70 GiB total, 11.203 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP787: 5/23/2009 9:48:58 AM - System Checkpoint
RP788: 5/24/2009 10:00:58 AM - System Checkpoint
RP789: 5/25/2009 12:21:36 PM - System Checkpoint
RP790: 5/26/2009 12:56:07 PM - System Checkpoint
RP791: 5/27/2009 1:44:06 PM - System Checkpoint
RP792: 5/28/2009 2:08:06 PM - System Checkpoint
RP793: 5/29/2009 7:23:30 PM - System Checkpoint
RP794: 5/30/2009 7:44:05 PM - System Checkpoint
RP795: 5/31/2009 8:44:04 PM - System Checkpoint
RP796: 6/1/2009 9:26:22 PM - System Checkpoint
RP797: 6/2/2009 10:10:49 PM - System Checkpoint
RP798: 6/4/2009 2:08:58 AM - System Checkpoint
RP799: 6/5/2009 1:02:10 PM - System Checkpoint
RP800: 6/6/2009 6:03:15 PM - System Checkpoint
RP801: 6/7/2009 9:42:39 PM - System Checkpoint
RP802: 6/8/2009 10:18:30 PM - System Checkpoint
RP803: 6/9/2009 10:39:05 PM - System Checkpoint
RP804: 6/10/2009 11:18:26 PM - System Checkpoint
RP805: 6/12/2009 1:03:53 AM - System Checkpoint
RP806: 6/12/2009 3:00:15 AM - Software Distribution Service 3.0
RP807: 6/13/2009 3:15:58 AM - System Checkpoint
RP808: 6/14/2009 5:37:43 PM - System Checkpoint
RP809: 6/15/2009 6:04:39 PM - System Checkpoint
RP810: 6/16/2009 8:50:57 PM - System Checkpoint
RP811: 6/17/2009 9:02:50 PM - System Checkpoint
RP812: 6/18/2009 9:19:18 PM - System Checkpoint
RP813: 6/19/2009 10:41:20 PM - System Checkpoint
RP814: 6/20/2009 11:34:30 PM - System Checkpoint
RP815: 6/22/2009 10:41:50 AM - System Checkpoint
RP816: 6/23/2009 7:58:19 PM - System Checkpoint
RP817: 6/24/2009 8:18:54 PM - System Checkpoint
RP818: 6/25/2009 9:48:48 PM - System Checkpoint
RP819: 6/26/2009 10:04:44 PM - System Checkpoint
RP820: 6/27/2009 11:04:44 PM - System Checkpoint
RP821: 6/29/2009 12:04:44 AM - System Checkpoint
RP822: 6/30/2009 1:04:48 AM - System Checkpoint
RP823: 7/1/2009 2:04:45 AM - System Checkpoint
RP824: 7/2/2009 3:04:45 AM - System Checkpoint
RP825: 7/3/2009 4:04:46 AM - System Checkpoint
RP826: 7/3/2009 10:25:28 PM - Software Distribution Service 3.0
RP827: 7/5/2009 2:43:57 AM - System Checkpoint
RP828: 7/6/2009 3:04:46 AM - System Checkpoint
RP829: 7/7/2009 4:04:39 AM - System Checkpoint
RP830: 7/8/2009 5:04:34 AM - System Checkpoint
RP831: 7/9/2009 6:04:33 AM - System Checkpoint
RP832: 7/10/2009 7:04:33 AM - System Checkpoint
RP833: 7/11/2009 8:04:34 AM - System Checkpoint
RP834: 7/12/2009 9:04:35 AM - System Checkpoint
RP835: 7/14/2009 10:22:40 AM - System Checkpoint
RP836: 7/15/2009 7:59:41 AM - Software Distribution Service 3.0
RP837: 7/16/2009 3:41:26 PM - System Checkpoint
RP838: 7/17/2009 8:56:52 PM - System Checkpoint
RP839: 7/18/2009 11:04:32 PM - System Checkpoint
RP840: 7/19/2009 11:41:37 PM - System Checkpoint
RP841: 7/21/2009 12:19:48 AM - System Checkpoint
RP842: 7/22/2009 1:19:47 AM - System Checkpoint
RP843: 7/23/2009 2:19:47 AM - System Checkpoint
RP844: 7/24/2009 3:19:47 AM - System Checkpoint
RP845: 7/25/2009 4:19:47 AM - System Checkpoint
RP846: 7/26/2009 4:32:49 AM - System Checkpoint
RP847: 7/27/2009 5:32:50 AM - System Checkpoint
RP848: 7/28/2009 6:32:51 AM - System Checkpoint
RP849: 7/29/2009 3:53:14 PM - System Checkpoint
RP850: 7/30/2009 4:37:13 PM - System Checkpoint
RP851: 7/30/2009 8:36:54 PM - Removed Get High Speed Internet!
RP852: 7/30/2009 8:38:17 PM - Removed LiveUpdate Notice (Symantec Corporation)
RP853: 7/31/2009 9:37:13 PM - System Checkpoint
RP854: 8/1/2009 10:37:14 PM - System Checkpoint
RP855: 8/2/2009 4:38:44 PM - Software Distribution Service 3.0
RP856: 8/3/2009 5:37:44 PM - System Checkpoint
RP857: 8/4/2009 6:36:36 PM - System Checkpoint
RP858: 8/5/2009 7:36:36 PM - System Checkpoint
RP859: 8/6/2009 8:37:41 PM - System Checkpoint
RP860: 8/7/2009 9:37:41 PM - System Checkpoint
RP861: 8/9/2009 6:13:45 PM - System Checkpoint
RP862: 8/13/2009 9:15:05 AM - System Checkpoint
RP863: 8/14/2009 3:00:18 AM - Software Distribution Service 3.0
RP864: 8/15/2009 5:54:46 AM - System Checkpoint
RP865: 8/16/2009 6:05:41 AM - System Checkpoint
RP866: 8/17/2009 7:05:39 AM - System Checkpoint
RP867: 8/18/2009 8:05:39 AM - System Checkpoint
RP868: 8/19/2009 9:05:39 AM - System Checkpoint
RP869: 8/20/2009 10:05:36 AM - System Checkpoint

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0.9
Adobe Shockwave Player 11.5
AOLIcon
Apple Mobile Device Support
Apple Software Update
Bonjour
Conexant D850 56K V.9x DFVc Modem
Corel Photo Album 6
Dell CinePlayer
Dell Driver Reset Tool
Dell Game Console
Dell Photo AIO Printer 924
Dell Resource CD
Dell System Restore
Digital Content Portal
Digital Line Detect
Documentation & Support Launcher
EducateU
Games, Music, & Photos Launcher
High Definition Audio Driver Package - KB835221
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB952287)
IntelŪ Graphics Media Accelerator Driver
IntelŪ Matrix Storage Manager
IntelŪ PRO Network Connections
Internet Service Offers Launcher
iTunes
J2SE Runtime Environment 5.0 Update 6
Jasc Paint Shop Pro Studio GDI+ Patch
Jasc Paint Shop Pro Studio, Dell Editon
Jasc Paint Shop Pro Studio.01 , Dell Edition Patch
Left 4 Dead
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft IntelliPoint 6.01
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Plus! Photo Story 2 LE
Microsoft WinUsb 1.0
Microsoft Works
Modem Helper
Mozilla Firefox (3.5.2)
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
NetWaiting
NVIDIA Drivers
NVIDIA PhysX
NVIDIA WDM Drivers
PCsync
QuickTime
Roxio DLA
SearchAssist
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Sonic Activation Module
Sonic Encoders
Steam
System Requirements Lab
TD AMERITRADE StrategyDesk 1.3
Trend Micro Internet Security
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Ventrilo Client
WebFldrs XP
Windows Easy Transfer
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live installer
Windows Live Mail
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB912067
Windows XP Service Pack 3
World of Warcraft

==== Event Viewer Messages From Past Week ========

8/20/2009 4:19:30 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
8/20/2009 4:18:44 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip tmtdi
8/20/2009 4:18:44 PM, error: Service Control Manager [7001] - The Trend Micro Proxy Service service depends on the Trend Micro TDI Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/20/2009 4:18:44 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
8/20/2009 4:18:44 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/20/2009 4:18:44 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/20/2009 4:18:44 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
8/20/2009 4:18:44 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/20/2009 4:18:44 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/20/2009 4:18:01 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
8/20/2009 4:17:34 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
8/20/2009 4:17:32 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/20/2009 4:11:17 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 76 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:11:12 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 75 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:11:06 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 74 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:11:01 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 73 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:10:56 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 72 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:10:50 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 71 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:10:44 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 70 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:10:39 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 69 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:10:33 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 68 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:10:28 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 67 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:10:22 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 66 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:10:17 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 65 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:10:11 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 64 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:10:06 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 63 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:10:00 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 62 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:09:55 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 61 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:09:49 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 60 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:09:44 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 59 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:09:38 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 58 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:09:33 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 57 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:09:27 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 56 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:09:22 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 55 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:09:16 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 54 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:09:11 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 53 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:09:05 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 52 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:09:00 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 51 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:08:54 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 50 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:08:49 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 49 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:08:43 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 48 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:08:38 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 47 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:08:33 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 46 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:08:27 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 45 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:08:22 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 44 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:08:16 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 43 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:08:11 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 42 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:08:05 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 41 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:08:00 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 40 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:07:54 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 39 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:07:49 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 38 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:07:43 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 37 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:07:38 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 36 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:07:32 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 35 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:07:27 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 34 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:07:21 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 33 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:07:16 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 32 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:07:10 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 31 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:07:05 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 30 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:06:59 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 29 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:06:54 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 28 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:06:48 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 27 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:06:43 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 26 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 4:04:25 PM, error: Service Control Manager [7034] - The Trend Micro Unauthorized Change Prevention Service service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 4:04:25 PM, error: Service Control Manager [7034] - The Trend Micro Personal Firewall service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 4:03:26 PM, error: Service Control Manager [7000] - The Machine Debug Manager service failed to start due to the following error: The pipe has been ended.
8/20/2009 3:53:06 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
8/20/2009 3:53:06 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/20/2009 3:52:55 PM, error: Service Control Manager [7034] - The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 3:52:06 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 9 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/20/2009 3:51:05 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 8 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/20/2009 3:50:05 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 7 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/20/2009 3:49:04 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 6 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/20/2009 3:48:04 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/20/2009 3:47:03 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/20/2009 3:46:19 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Media Center Extender Service service to connect.
8/20/2009 3:46:19 PM, error: Service Control Manager [7000] - The Media Center Extender Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/20/2009 3:46:13 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 25 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:46:08 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 24 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:46:03 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/20/2009 3:46:02 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 23 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:57 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 22 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:51 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 21 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:46 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 20 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:40 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 19 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:35 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 18 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:29 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 17 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:24 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 16 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:19 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 15 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:19 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Media Center Receiver Service service to connect.
8/20/2009 3:45:14 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 14 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:08 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 13 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:03 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 12 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:45:02 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/20/2009 3:44:57 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 11 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:52 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 10 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:46 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 9 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:41 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 8 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:35 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 7 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:30 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 6 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:24 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:19 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:13 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:11 PM, error: Service Control Manager [7034] - The COM+ System Application service terminated unexpectedly. It has done this 3 time(s).
8/20/2009 3:44:08 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:05 PM, error: Service Control Manager [7031] - The COM+ System Application service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:04 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 3:44:04 PM, error: Service Control Manager [7031] - The COM+ System Application service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
8/20/2009 3:44:03 PM, error: Service Control Manager [7034] - The IMAPI CD-Burning COM Service service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 3:44:03 PM, error: Service Control Manager [7034] - The dlcc_device service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 3:44:02 PM, error: Service Control Manager [7034] - The Trend Micro Proxy Service service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 3:44:02 PM, error: Service Control Manager [7034] - The Trend Micro Central Control Component service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 3:44:02 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 3:44:02 PM, error: Service Control Manager [7034] - The Media Center Scheduler Service service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 3:44:02 PM, error: Service Control Manager [7034] - The IntelŪ Matrix Storage Event Monitor service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 3:44:02 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
8/20/2009 3:44:02 PM, error: Service Control Manager [7031] - The Media Center Receiver Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:02 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
8/20/2009 3:44:02 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/20/2009 3:44:02 PM, error: Service Control Manager [7022] - The Trend Micro Central Control Component service hung on starting.
8/20/2009 3:43:58 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Trend Micro Personal Firewall service to connect.
8/20/2009 3:43:58 PM, error: Service Control Manager [7000] - The Trend Micro Personal Firewall service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/20/2009 3:43:58 PM, error: Service Control Manager [7000] - The Machine Debug Manager service failed to start due to the following error: The pipe state is invalid.
8/15/2009 12:28:13 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer TRAVIS-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{626C877D-A334-4FAF. The master browser is stopping or an election is being forced.
8/13/2009 8:52:00 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
8/13/2009 8:52:00 AM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL. Reference error message: The operation completed successfully. .
8/13/2009 8:52:00 AM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
8/13/2009 10:58:06 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

==== End Of File ===========================






DDS File


DDS (Ver_09-07-30.01) - NTFSx86
Run by Neil Bell at 17:19:45.89 on Thu 08/20/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2076 [GMT -5:00]

AV: Trend Micro Internet Security *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: Trend Micro Personal Firewall *enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
svchost.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Documents and Settings\Neil Bell\Desktop\iexplore.exe.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
svchost
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\World of Warcraft\Repair.exe
C:\Documents and Settings\Neil Bell\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = www.yahoo.com/
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3061113
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {B7B76DD6-B6F0-4443-AF81-6A3ECF12A57D} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ttool] c:\windows\9129837.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)" -"file:///D:/bc_campbell_concepts_5/media/objects/3993/4089385/assets/interactivemedia/eb1e/C03/C0301/st03/media.html"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,_RunDLLEntry@16
mRun: [dlccmon.exe] "c:\program files\dell photo aio printer 924\dlccmon.exe"
mRun: [<NO NAME>]
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [PromoReg] c:\windows\temp\_ex-68.exe
mRun: [10696094] c:\documents and settings\all users\application data\10696094\10696094.exe
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\documents and settings\neil bell\start menu\programs\startup\ikowin32.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: eBay Search - c:\program files\ebay\ebay toolbar2\eBayTb.dll/RCSearch.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
Trusted Zone: ameritrade.com\wwws
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1163783304330
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\neilbe~1\applic~1\mozilla\firefox\profiles\7zmom0ru.default\
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPOJI610.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2008-10-27 50192]
R2 TmPfw;Trend Micro Personal Firewall;c:\program files\trend micro\internet security\TmPfw.exe [2008-10-27 497008]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2008-7-30 36368]
R2 TmProxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2008-10-27 677128]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-8-20 38160]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2008-7-30 335376]

=============== Created Last 30 ================

2009-08-20 16:58 <DIR> --d----- c:\docume~1\neilbe~1\applic~1\Malwarebytes
2009-08-20 16:58 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-20 16:58 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-20 16:58 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-08-20 16:58 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-20 16:17 664 a------- c:\windows\system32\d3d9caps.dat
2009-08-20 16:12 <DIR> --d----- c:\program files\Enigma Software Group
2009-08-20 15:40 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Blizzard Entertainment
2009-08-20 13:01 27,648 a------- c:\windows\9129837.exe
2009-08-20 12:58 <DIR> --d----- c:\docume~1\alluse~1\applic~1\10696094
2009-08-13 16:00 128,512 -------- c:\windows\system32\dllcache\dhtmled.ocx
2009-08-13 16:00 1,315,328 -------- c:\windows\system32\dllcache\msoe.dll
2009-08-05 04:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll
2009-07-21 19:09 1,693,696 a------- c:\windows\system32\ltclr13n.dll
2009-07-21 19:09 453,120 a------- c:\windows\system32\ltkrn13n.dll
2009-07-21 19:09 445,440 a------- c:\windows\system32\ltimg13n.dll
2009-07-21 19:09 388,608 a------- c:\windows\system32\lfcmp13n.dll
2009-07-21 19:09 265,216 a------- c:\windows\system32\ltdis13n.dll
2009-07-21 19:09 246,272 a------- c:\windows\system32\lfj2k13n.dll
2009-07-21 19:09 206,848 a------- c:\windows\system32\ltefx13n.dll
2009-07-21 19:09 189,976 a------- c:\windows\system32\mfimgvwr.ocx
2009-07-21 19:09 154,112 a------- c:\windows\system32\ltfil13n.dll
2009-07-21 19:09 142,848 a------- c:\windows\system32\lftif13n.dll
2009-07-21 19:09 90,112 a------- c:\windows\system32\lfjbg13n.dll
2009-07-21 19:09 73,728 a------- c:\windows\system32\lffax13n.dll
2009-07-21 19:09 <DIR> --d----- c:\program files\MFInstall

==================== Find3M ====================

2009-08-09 20:47 602 a------- c:\docume~1\neilbe~1\applic~1\wklnhst.dat
2009-08-05 04:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-07-19 08:33 3,597,824 a------- c:\windows\system32\dllcache\mshtml.dll
2009-07-19 08:32 6,067,200 -------- c:\windows\system32\dllcache\ieframe.dll
2009-07-17 14:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-17 14:01 58,880 -------- c:\windows\system32\dllcache\atl.dll
2009-07-13 10:08 286,720 a------- c:\windows\system32\wmpdxm.dll
2009-07-13 10:08 286,720 -------- c:\windows\system32\dllcache\wmpdxm.dll
2009-07-13 10:08 5,537,792 -------- c:\windows\system32\dllcache\wmp.dll
2009-06-29 06:07 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-06-29 06:07 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-06-29 03:35 634,632 -------- c:\windows\system32\dllcache\iexplore.exe
2009-06-29 03:33 2,452,872 -------- c:\windows\system32\dllcache\ieapfltr.dat
2009-06-29 03:33 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2009-06-16 09:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 09:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-16 09:36 119,808 -------- c:\windows\system32\dllcache\t2embed.dll
2009-06-16 09:36 81,920 -------- c:\windows\system32\dllcache\fontsub.dll
2009-06-12 07:31 80,896 a------- c:\windows\system32\tlntsess.exe
2009-06-12 07:31 80,896 -------- c:\windows\system32\dllcache\tlntsess.exe
2009-06-12 07:31 76,288 a------- c:\windows\system32\telnet.exe
2009-06-12 07:31 76,288 -------- c:\windows\system32\dllcache\telnet.exe
2009-06-10 09:19 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-06-10 09:19 2,066,432 -------- c:\windows\system32\dllcache\mstscax.dll
2009-06-10 09:13 84,992 a------- c:\windows\system32\avifil32.dll
2009-06-10 09:13 84,992 -------- c:\windows\system32\dllcache\avifil32.dll
2009-06-10 08:28 3,510,272 a------- c:\windows\system32\nvgames.dll
2009-06-10 08:28 4,022,272 a------- c:\windows\system32\nvdisps.dll
2009-06-10 08:28 13,758,464 a------- c:\windows\system32\nvcpl.dll
2009-06-10 08:28 168,004 a------- c:\windows\system32\nvsvc32.exe
2009-06-10 08:28 143,360 a------- c:\windows\system32\nvcolor.exe
2009-06-10 08:28 86,016 a------- c:\windows\system32\nvmctray.dll
2009-06-10 08:28 229,376 a------- c:\windows\system32\nvmccs.dll
2009-06-10 06:03 9,998,336 a------- c:\windows\system32\nvoglnt.dll
2009-06-10 06:03 8,087,712 a------- c:\windows\system32\dllcache\nv4_mini.sys
2009-06-10 06:03 5,908,608 a------- c:\windows\system32\nv4_disp.dll
2009-06-10 06:03 1,720,320 a------- c:\windows\system32\nvcuda.dll
2009-06-10 06:03 1,580,550 a------- c:\windows\system32\nvdata.bin
2009-06-10 06:03 1,310,720 a------- c:\windows\system32\nvcuvenc.dll
2009-06-10 06:03 815,104 a------- c:\windows\system32\nvapi.dll
2009-06-10 06:03 671,744 a------- c:\windows\system32\nvcuvid.dll
2009-06-10 06:03 457,248 a------- c:\windows\system32\nvudisp.exe
2009-06-10 06:03 151,552 a------- c:\windows\system32\nvcodins.dll
2009-06-10 06:03 151,552 a------- c:\windows\system32\nvcod.dll
2009-06-10 01:14 132,096 a------- c:\windows\system32\wkssvc.dll
2009-06-10 01:14 132,096 -------- c:\windows\system32\dllcache\wkssvc.dll
2009-06-04 16:39 457,248 a------- c:\windows\system32\nvuninst.exe
2009-06-03 14:09 1,291,264 a------- c:\windows\system32\quartz.dll
2009-06-03 14:09 1,291,264 -------- c:\windows\system32\dllcache\quartz.dll
2009-05-29 13:36 2,060,288 a------- c:\windows\system32\usbaaplrc.dll
2007-11-16 10:43 88 ---shr-- c:\windows\system32\3969C8D4B3.sys
2009-04-25 15:25 88 ---shr-- c:\windows\system32\A6CE5D4753.sys
2009-04-25 15:26 6,008 a--sh--- c:\windows\system32\KGyGaAvL.sys
2008-08-01 08:05 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008080120080802\index.dat

============= FINISH: 17:23:54.12 ===============




Thx a ton for helping me with this. /Salute

could I also get some help with getting rid of all the other garbage on there that i dont need? Thx again =D

Edited by luke, 20 August 2009 - 05:48 PM.


BC AdBot (Login to Remove)

 


#2 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:10:11 PM

Posted 31 August 2009 - 11:26 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#3 harrythook

harrythook


  • Security Colleague
  • 4,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia
  • Local time:04:11 PM

Posted 12 September 2009 - 05:57 AM

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.
All others please read The Preparation Guide before starting your topic.

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users