Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'm not sure what is going on...


  • This topic is locked This topic is locked
2 replies to this topic

#1 sajack

sajack

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:16 PM

Posted 01 September 2009 - 02:33 PM

I can't seem to log in to anything while using internet explorer and I can't open firefox. I've run malwarebytes', superantispyware, avg, and various others. I've used a hijackthis analysis tool so I thought I would post here to see if you guys can determine if there's anyting in these logs that indicate problems. Thanks for any advice.


DDS (Ver_09-07-30.01) - NTFSx86
Run by Owner at 19:20:29.50 on Fri 01/04/2002
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.638.205 [GMT -6:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://google.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
dRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - c:\program files\libronix dls\system\FileProt.dll
Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - c:\program files\libronix dls\system\ResProt.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [2007-4-13 4064]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-8-19 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-8-19 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-8-19 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-8-19 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-8-19 297752]
R2 RioPNP;RioPNP;c:\windows\system32\drivers\RioPnP.sys [2005-10-14 6736]
S4 lxdc_device;lxdc_device;c:\windows\system32\lxdccoms.exe -service --> c:\windows\system32\lxdccoms.exe -service [?]

=============== Created Last 30 ================

2002-01-02 00:42 208,744 a------- c:\windows\system32\muweb.dll
2002-01-01 05:52 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{EF63305C-BAD7-4144-9208-D65528260864}
2002-01-01 05:52 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2002-01-01 05:51 <DIR> --d----- C:\IObit
2002-01-01 04:30 <DIR> -cd-h--- c:\windows\ie8
2002-01-01 03:06 <DIR> --d----- c:\program files\Trend Micro
2001-12-31 23:09 268,648 a------- c:\windows\system32\mucltui.dll
2001-12-31 23:09 27,496 a------- c:\windows\system32\mucltui.dll.mui
2001-12-17 05:13 54,784 ac---r-- c:\windows\system32\msvci70.dll
2001-12-17 05:12 344,064 ac------ c:\windows\system32\msvcr70.dll

==================== Find3M ====================

2008-04-08 16:17 24,192 ac------ c:\documents and settings\owner\usbsermptxp.sys
2008-04-08 16:17 22,768 ac------ c:\documents and settings\owner\usbsermpt.sys
2008-04-08 15:01 92,064 ac------ c:\documents and settings\owner\mqdmmdm.sys
2008-04-08 15:01 79,328 ac------ c:\documents and settings\owner\mqdmserd.sys
2008-04-08 15:01 5,936 ac------ c:\documents and settings\owner\mqdmwhnt.sys
2008-04-08 15:01 66,656 ac------ c:\documents and settings\owner\mqdmbus.sys
2008-04-08 15:01 9,232 ac------ c:\documents and settings\owner\mqdmmdfl.sys
2008-04-08 15:01 6,208 ac------ c:\documents and settings\owner\mqdmcmnt.sys
2008-04-08 15:01 4,048 ac------ c:\documents and settings\owner\mqdmcr.sys
2008-09-21 02:08 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092120080922\index.dat

============= FINISH: 19:21:18.96 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 9/24/2005 12:50:52 AM
System Uptime: 1/1/2002 5:53:09 AM (86 hours ago)

Motherboard: Intel Corporation | | D845GRG
Processor: Intel® Celeron® CPU 2.00GHz | J2E1 | 1999/100mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 37 GiB total, 20.488 GiB free.
D: is CDROM ()
E: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1469: 7/28/2009 5:06:08 PM - System Checkpoint
RP1470: 7/29/2009 3:00:19 AM - Software Distribution Service 3.0
RP1471: 7/30/2009 3:12:15 AM - System Checkpoint
RP1472: 7/31/2009 4:12:17 AM - System Checkpoint
RP1473: 8/1/2009 5:12:15 AM - System Checkpoint
RP1474: 8/1/2009 9:55:03 AM - Software Distribution Service 3.0
RP1475: 8/2/2009 4:14:59 PM - System Checkpoint
RP1476: 8/3/2009 6:42:10 PM - System Checkpoint
RP1477: 8/4/2009 7:34:51 PM - System Checkpoint
RP1478: 8/5/2009 8:56:36 PM - System Checkpoint
RP1479: 8/6/2009 9:34:49 PM - System Checkpoint
RP1480: 8/7/2009 11:09:11 PM - System Checkpoint
RP1481: 8/8/2009 11:34:54 PM - System Checkpoint
RP1482: 8/9/2009 11:45:02 PM - System Checkpoint
RP1483: 8/11/2009 12:41:42 AM - System Checkpoint
RP1484: 8/12/2009 1:41:45 AM - System Checkpoint
RP1485: 8/12/2009 3:00:18 AM - Software Distribution Service 3.0
RP1486: 8/13/2009 3:15:49 AM - System Checkpoint
RP1487: 8/14/2009 4:15:49 AM - System Checkpoint
RP1488: 8/15/2009 3:00:19 AM - Software Distribution Service 3.0
RP1489: 8/17/2009 2:36:28 PM - System Checkpoint
RP1490: 8/18/2009 2:39:54 PM - System Checkpoint
RP1491: 8/19/2009 3:37:37 PM - System Checkpoint
RP1492: 8/20/2009 4:03:55 PM - System Checkpoint
RP1493: 8/22/2009 9:34:32 PM - Advanced SystemCare RestorePoint
RP1494: 8/22/2009 10:05:21 PM - Software Distribution Service 3.0
RP1495: 8/23/2009 1:25:26 PM - Restore Operation
RP1496: 8/23/2009 1:37:22 PM - Restore Operation
RP1497: 8/23/2009 1:42:52 PM - Restore Operation
RP1498: 8/23/2009 8:57:09 PM - Audrey's Point
RP1499: 8/24/2009 3:00:16 AM - Software Distribution Service 3.0
RP1500: 8/24/2009 8:08:15 AM - Installed LibronixUpdate
RP1501: 8/24/2009 8:09:53 AM - Installed Batch Update
RP1502: 8/24/2009 8:11:00 AM - Installed Bible Data Type System Files
RP1503: 8/24/2009 8:11:15 AM - Installed Clause Visualizer
RP1504: 8/24/2009 8:11:26 AM - Installed Common System Files
RP1505: 8/24/2009 8:11:41 AM - Installed Graphical Query Editor
RP1506: 8/24/2009 8:11:49 AM - Installed Libronix Digital Library System
RP1507: 8/24/2009 8:12:13 AM - Installed Libronix DLS Application
RP1508: 8/24/2009 8:12:24 AM - Installed Libronix DLS Shortcuts
RP1509: 8/24/2009 8:12:36 AM - Installed LLS Resource Driver
RP1510: 8/24/2009 8:12:52 AM - Installed OEB Resource Driver
RP1511: 8/24/2009 8:13:01 AM - Installed PDF Resource Driver
RP1512: 8/24/2009 8:13:09 AM - Installed Sentence Diagramming
RP1513: 8/24/2009 8:13:17 AM - Installed Z 39.50 Library
RP1514: 8/24/2009 12:43:41 PM - Software Distribution Service 3.0
RP1515: 8/24/2009 12:47:42 PM - Software Distribution Service 3.0
RP1516: 12/31/2001 11:04:11 PM - Avg8 Update
RP1517: 8/24/2009 4:20:52 PM - Avg8 Update
RP1518: 8/25/2009 9:04:50 AM - Avg8 Update
RP1519: 8/26/2009 9:19:38 AM - System Checkpoint
RP1520: 8/26/2009 7:00:09 PM - Software Distribution Service 3.0
RP1521: 8/26/2009 7:38:18 PM - Software Distribution Service 3.0
RP1522: 8/27/2009 9:25:16 PM - Advanced SystemCare RestorePoint
RP1523: 12/31/2001 11:18:46 PM - System Checkpoint
RP1524: 1/1/2002 5:54:33 AM - Restore Operation
RP1525: 1/1/2002 2:00:38 PM - Software Distribution Service 3.0
RP1526: 1/2/2002 2:37:15 PM - System Checkpoint
RP1527: 1/3/2002 2:39:48 PM - System Checkpoint
RP1528: 1/4/2002 2:50:18 PM - System Checkpoint

==== Installed Programs ======================

Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe PhotoDeluxe 2.0
Adobe Reader 9.1.1
Adobe Type Manager 4.0
Advanced SystemCare 3
Apple Mobile Device Support
Apple Software Update
ArcSoft Software Suite
Avanquest update
AVG 8.5
Batch Update
Bible Data Type System Files
BlackBerry Desktop Software 4.2
Bonjour
Clause Visualizer
Common System Files
Critical Update for Windows Media Player 11 (KB959772)
Easy CD Creator 5 Basic
EPSON Printer Software
Gateway Drivers and Applications Recovery
Google Earth
Graphical Query Editor
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Intel® PRO Ethernet Adapter and Software
iPod for Windows 2005-10-12
iTunes
Lexmark 1300 Series
Libronix Digital Library System
Libronix DLS Application
Libronix DLS Shortcuts
Libronix Update
LLS Resource Driver
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
MobileMe Control Panel
Motorola Driver Installation
Motorola Phone Tools
Move Media Player
Mozilla Firefox (3.5.2)
MSXML 4.0 SP2 (KB954430)
Nikon Message Center
OEB Resource Driver
PDF Resource Driver
PictureProject
QuickTime
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Sentence Diagramming
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
What's Running 2.2
Windows Defender Signatures
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Z 39.50 Library

==== Event Viewer Messages From Past Week ========

8/26/2009 7:39:33 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office Outlook 2003 Junk Email Filter (KB972688).
8/26/2009 7:39:27 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Office 2003 (KB907417).
8/26/2009 7:39:16 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP.
8/22/2009 10:56:07 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdudf_xp IntelIde
8/22/2009 10:54:29 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
8/12/2009 3:12:14 AM, error: netrcacm [5002] - RCA USB Cable Modem #2 : Has determined that the adapter is not functioning properly.
8/1/2009 3:42:44 PM, error: Print [6161] - The document http://www.mapquest.com/maps?1c=Orlando&am...estin&2s=FL owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 1970565. Number of bytes printed: 1970565. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
8/1/2009 3:41:39 PM, error: Print [6161] - The document http://www.mapquest.com/maps?1c=Orlando&am...estin&2s=FL owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 1970563. Number of bytes printed: 1970563. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
8/1/2009 3:40:59 PM, error: Print [6161] - The document http://www.mapquest.com/maps?1c=Orlando&am...estin&2s=FL owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 1973170. Number of bytes printed: 1973170. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
8/1/2009 3:38:57 PM, error: Print [6161] - The document http://www.mapquest.com/maps?1c=Orlando&am...estin&2s=FL owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 2007588. Number of bytes printed: 2007588. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
7/8/2009 9:50:26 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdudf_xp
7/10/2009 5:58:08 PM, error: Print [6161] - The document http://view.websudoku.com/ owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 176292. Number of bytes printed: 176292. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
6/9/2009 8:35:32 PM, error: ialm [108] - The driver ialmrnt5 for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
6/30/2009 3:22:03 PM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
6/28/2009 4:32:37 PM, error: Print [6161] - The document http://www.facebook.com/home.php? owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 1158462. Number of bytes printed: 1158462. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
5/26/2009 5:45:23 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Cdr4_xp cdudf_xp
5/25/2009 12:32:59 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
5/25/2009 12:05:12 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
5/25/2009 11:49:39 AM, error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{6AE1BCBA-51C8-4A5A-9996-970A26579E5B} because another computer on the network has the same name. The server could not start.
5/24/2009 3:22:24 PM, error: Print [6161] - The document Student%20Life%20Rooming%20List[1].pdf owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 221036. Number of bytes printed: 221036. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
5/24/2009 2:07:05 PM, error: Dhcp [1002] - The IP address lease 192.168.1.102 for the Network Card with network address 0007E9CBC3DF has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
5/21/2009 9:24:09 PM, error: Print [6161] - The document Microsoft Word - ASCH%20Spring%20Draft-1[1].doc owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 20327164. Number of bytes printed: 20327164. Total number of pages in the document: 16. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
4/5/2009 11:25:30 PM, error: Print [6161] - The document Microsoft Word - brain pics.rtf owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 566564. Number of bytes printed: 566564. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
4/5/2009 11:25:11 PM, error: Print [6161] - The document Microsoft Word - brain pics.rtf owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 566577. Number of bytes printed: 566577. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
4/5/2009 10:00:48 AM, error: Print [6161] - The document Microsoft Word - EFTH Week 3.doc owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 9152464. Number of bytes printed: 0. Total number of pages in the document: 16. Number of pages printed: 11. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
4/23/2009 5:03:05 PM, error: Print [6161] - The document Microsoft Word - Document1 owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 777516. Number of bytes printed: 777516. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
4/16/2009 7:12:11 PM, error: Print [6161] - The document http://clearplay.com/checkoutreview.aspx?p...method=CREDITCA owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 510210. Number of bytes printed: 510210. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
4/10/2009 6:15:05 PM, error: Dhcp [1002] - The IP address lease 173.16.66.93 for the Network Card with network address 00189BCB97AC has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
3/9/2009 12:15:48 AM, error: Print [6161] - The document Microsoft Word - Lit_1_Test_2_study_guide owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 4660112. Number of bytes printed: 4660112. Total number of pages in the document: 4. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
3/7/2009 3:11:14 PM, error: Print [6161] - The document 4 x 6 in. album prints owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 200327. Number of bytes printed: 200327. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
2/28/2009 5:17:14 PM, error: Print [6161] - The document Microsoft Word - Term Paper draft.rtf owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 5671104. Number of bytes printed: 0. Total number of pages in the document: 6. Number of pages printed: 4. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
2/28/2009 5:16:38 PM, error: Print [6161] - The document Microsoft Word - Term Paper draft.rtf owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 11005532. Number of bytes printed: 0. Total number of pages in the document: 11. Number of pages printed: 1. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
2/26/2009 4:56:55 PM, error: Print [6161] - The document http://us.mc330.mail.yahoo.com/mc/showMess...box&sort=da owned by Owner failed to print on printer Lexmark 1300 Series. Data type: LEMF. Size of the spool file in bytes: 5386053. Number of bytes printed: 0. Total number of pages in the document: 9. Number of pages printed: 1. Client machine: \\MCCULLOUGH. Win32 error code returned by the print processor: 0 (0x0).
12/31/2001 11:59:21 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12/31/2001 11:58:57 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ATMhelpr AvgLdx86 AvgMfx86 cdudf_xp Fips intelppm
12/31/2001 11:57:55 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/31/2001 11:07:37 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'avginet.dll.old' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
12/31/2001 11:02:02 PM, error: W32Time [34] - The time service has detected that the system time needs to be changed by +241286813 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.1.115:123->207.46.232.182:123) is working properly.
1/1/2002 5:36:49 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
1/1/2002 5:11:59 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/1/2002 4:28:39 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}
1/1/2002 4:16:42 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
1/1/2002 3:55:16 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
1/1/2002 3:28:15 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the lxdc_device service to connect.
1/1/2002 3:28:15 AM, error: Service Control Manager [7000] - The lxdc_device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

==== End Of File ===========================

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2002/01/04 19:25
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xEDA05000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: c:\documents and settings\owner\local settings\temp\~df27db.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\owner\local settings\temp\~df44da.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: C:\Documents and Settings\All Users\Application Data\avg8\Log\ddf3a799-c4a8-4d6d-8303-ebeee56c436f
Status: Locked to the Windows API!

==EOF==

BC AdBot (Login to Remove)

 


#2 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:16 PM

Posted 16 September 2009 - 06:15 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:06:16 PM

Posted 22 September 2009 - 06:02 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users