Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

seems like google redirect virus


  • This topic is locked This topic is locked
2 replies to this topic

#1 electronicallyblonde

electronicallyblonde

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:New Jersey
  • Local time:04:25 AM

Posted 05 December 2009 - 10:17 PM

ok, so i first started experiencing problems when i would go to google and when i searched something and went to click on one of the reults, i would be sent to something completely different. Now ill just be on any site and the internet window will close and some fake antivirus thing will pop up. Now this is my friends old computer and ive only had it about a month or so, so i dont know how long its been since it last had some antivirus software on here. ok so on to the details. This thing is appearantly very smart. once i started really having problems, based on other peoples suggestions on here, i scanned it with malwarebytes, full and quick scans, and a few things would come up, so i'd delete them, but still had problems. So then i tried to go to kaspersky.com and get the free virus scanner and firefox kept telling me this site doesnt exist. I've tried going on comcast.net and getting mcafee since i get it free from them, and I click download and nothing happens. Same with Norton antivirus. Seems like no matter what i do to try and get rid of this thing, it knows when im trying to get some antivirus. A friend of mine suggested deleting malwarebytes and getting a newer version, so i deleted it and went to the site, and firefox tells me it doesnt exist. So i came here again. There are 3 users on this computer, so i was using one of the names and went to create these logs you need, and when i install root repeal and try to use it, the computer froze and now that account is not working. when i sign in a screen pops up, and it looks like antivirus screen, called privacy center. If there is any other way for me to get this root repael thing, ill do my best to get it, but ive tried 3 times, and every time the computer freezes. So here are the DDS logs: Hopefully you can help! Thank you so much in advance!!

DDS (Ver_09-12-01.01) - NTFSx86
Run by Sara at 21:18:51.20 on Sat 12/05/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.767.399 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\sYSteM32\SvchOst.eXE -k fioo32
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv2.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Sara\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://aimtoday.aim.com/today/aimtoday.adp
uWindow Title = Microsoft Internet Explorer provided by Roadrunner
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = <local>;localhost
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! 工具列: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
mURLSearchHooks: Yahoo! 工具列: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: hp toolkit: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\hp\explorebar\HPTOOLKT.DLL
TB: Yahoo! 工具列: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: hp toolkit: {8f4902b6-6c04-4ade-8052-aa58578a21bd} - c:\windows\system32\Shdocvw.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
mRun: [nwiz] nwiz.exe /install
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [PS2] c:\windows\system32\ps2.exe
mRun: [checktime] c:\program files\hpselect\frontend\ct.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe
mRun: [QAGENT] c:\program files\quickenw\QAGENT.EXE
mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe
mRun: [RecoverFromReboot] c:\windows\temp\RecoverFromReboot.exe
mRun: [tgcmd] "c:\program files\support.com\bin\tgcmd.exe" /server /nosystray /deaf
mRun: [IPInSightLAN 01] "c:\program files\verizon online\visual ip insight\IPClient.exe" -l
mRun: [IPInSightMonitor 01] "c:\program files\verizon online\visual ip insight\IPMon32.exe"
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [ProfileWatcher] c:\program files\profilewatcher\profilewatcher.exe
mRun: [AlcxMonitor] ALCXMNTR.EXE
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [WUSB54Gv2] c:\program files\linksys wireless-g usb wireless network monitor\InvokeSvc3.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [ALUAlert] c:\program files\symantec\liveupdate\ALUNotify.exe
dRun: [Symantec NetDriver Warning] c:\progra~1\symnet~1\SNDWarn.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpcent~1.lnk - c:\program files\hp center\137903\shadow\ShadowBar.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpcent~2.lnk - c:\program files\hp center\137903\program\BackWeb-137903.exe
IE: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim95\aim.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INETREPL.DLL
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INETREPL.DLL
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {00000075-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/voxacm.CAB
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} - hxxp://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
DPF: {27EB254C-C724-43B1-8DD8-F3AC9ED761B2} - hxxp://client2.tvtonic.com/Webservice/Public/WXStageInstall/2.6/TVTStage1.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - c:\program files\microsoft activesync\AATP.DLL
WinCE Filter: image/bmp - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
WinCE Filter: image/gif - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
WinCE Filter: image/jpeg - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
WinCE Filter: image/xbm - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
WinCE Filter: text/asp - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\program files\microsoft activesync\CENETFLT.DLL
WinCE Filter: text/html - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\program files\microsoft activesync\CENETFLT.DLL
Notify: igfxcui - igfxsrvc.dll
AppInit_DLLs: ??p??p?p??????????:?t?n?????????????? c:\windows\system32\nagujeja.dll ,c:\windows\system32\tenugizu.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = ??p??p?p??????????:?T?n?????????????? c:\windows\system32\hanutore.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sara\applic~1\mozilla\firefox\profiles\sgkewlur.default\
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R?2 fioo32;fioo32;c:\windows\system32\SvchOst.eXE -k fioo32 [2002-8-5 14336]
R0 ppa;Iomega Parallel Port Filter Driver;c:\windows\system32\drivers\ppa.sys [2003-3-24 17792]
R1 fio32;fio32;c:\windows\system32\drivers\fio32.sys [2009-11-21 59520]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [2007-7-18 33824]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-14 24652]
S2 mrtRate;mrtRate; [x]
S3 brfilt;Brother MFC Filter Driver;c:\windows\system32\drivers\BrFilt.sys [2005-1-8 2944]
S3 BrSerWDM;Brother Serial driver;c:\windows\system32\drivers\BrSerWdm.sys [2005-1-8 61952]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\system32\drivers\BrUsbMdm.sys [2005-1-8 11008]
S3 BrUsbScn;Brother MFC USB Scanner driver;c:\windows\system32\drivers\BrUsbScn.sys [2005-1-8 10368]
S3 mamotou;mamotou;c:\windows\system32\drivers\mamotou.sys [2007-2-26 49399]
S3 rootrepeal;rootrepeal;\??\c:\windows\system32\drivers\rootrepeal.sys --> c:\windows\system32\drivers\rootrepeal.sys [?]
S3 rootrepeal2;rootrepeal2;\??\c:\windows\system32\drivers\rootrepeal2.sys --> c:\windows\system32\drivers\rootrepeal2.sys [?]
S3 xbreader;ActionReplay XBox Driver (xbreader.sys);c:\windows\system32\drivers\xbreader.sys [2004-5-30 19677]

=============== Created Last 30 ================

2009-11-29 06:46:47 0 d-----w- c:\docume~1\alluse~1\applic~1\Napster
2009-11-29 06:46:46 0 d-----w- c:\program files\Napster
2009-11-22 03:37:31 1 ----a-w- c:\windows\fdgg34353edfgdfdf
2009-11-22 03:36:22 59520 ----a-w- c:\windows\system32\drivers\fio32.sys
2009-11-22 03:36:22 50688 ----a-w- c:\windows\system32\fio32.dll
2009-11-22 03:36:05 1 ---h--w- c:\windows\tgm2.dat
2009-11-22 03:36:03 1 ---h--w- c:\windows\mmsmark3.dat
2009-11-22 03:36:02 2 ----a-w- c:\windows\0101120101465249.xxe
2009-11-22 03:36:00 2 ----a-w- c:\windows\0101120101465250.xxe
2009-11-22 03:35:55 34816 ----a-w- c:\windows\rdr_1258860954.exe
2009-11-22 03:35:54 2 ----a-w- c:\windows\010112010146116101.xxe
2009-11-22 03:34:40 2 ----a-w- c:\windows\010112010146101105.rx

==================== Find3M ====================

2004-09-05 22:15:15 35942843 -c--a-w- c:\program files\NIS2004.exe
2008-12-30 11:05:52 2098 --sh--w- c:\windows\system32\dofiziba.dll
1601-01-01 00:12:31 2048 --sha-w- c:\windows\system32\fetotava.dll
1601-01-01 00:12:31 2048 --sha-w- c:\windows\system32\fufakili.dll
1601-01-01 00:12:31 2048 --sha-w- c:\windows\system32\guhefawa.dll
1601-01-01 00:12:31 1024 --sha-w- c:\windows\system32\juyimebo.dll
2008-09-29 20:27:13 15360 --sha-w- c:\windows\system32\pafuvole.dll
1601-01-01 00:12:31 5120 --sha-w- c:\windows\system32\puyinohe.dll
1601-01-01 00:12:31 2048 --sha-w- c:\windows\system32\supiyiha.dll
1601-01-01 00:12:31 1024 --sha-w- c:\windows\system32\wewefove.dll
2008-12-30 11:05:59 2098 --sh--w- c:\windows\system32\wipalego.dll


DDS ATTACH

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 10/31/2002 12:42:27 PM
System Uptime: 12/5/2009 9:04:22 PM (0 hours ago)

Motherboard: ASUSTeK Computer INC. | | P4G533LA
Processor: Intel® Celeron® CPU 1.80GHz | PGA 478 | 1793/100mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 52 GiB total, 3.538 GiB free.
D: is FIXED (FAT32) - 5 GiB total, 0.883 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\213465BC308D01
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\213465BC308D01
Service: NIC1394

Class GUID:
Description: Network Controller
Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_00421737&REV_02\4&25296D99&0&58F0
Manufacturer:
Name: Network Controller
PNP Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_00421737&REV_02\4&25296D99&0&58F0
Service:

==== System Restore Points ===================

RP1: 9/16/2009 2:49:03 PM - System Checkpoint
RP2: 9/26/2009 6:53:45 PM - System Checkpoint
RP3: 9/27/2009 7:33:56 PM - System Checkpoint
RP4: 10/5/2009 11:43:46 PM - Installed iTunes
RP5: 10/7/2009 3:56:51 PM - System Checkpoint
RP6: 10/8/2009 4:48:10 PM - System Checkpoint
RP7: 10/9/2009 5:39:43 PM - System Checkpoint
RP8: 10/10/2009 6:39:44 PM - System Checkpoint
RP9: 10/11/2009 7:39:42 PM - System Checkpoint
RP10: 10/13/2009 12:30:11 AM - System Checkpoint
RP11: 10/14/2009 12:34:33 AM - System Checkpoint
RP12: 10/15/2009 12:41:15 AM - System Checkpoint
RP13: 10/16/2009 2:34:30 AM - System Checkpoint
RP14: 10/17/2009 5:39:05 PM - System Checkpoint
RP15: 10/18/2009 6:32:22 PM - System Checkpoint
RP16: 10/19/2009 7:32:21 PM - System Checkpoint
RP17: 10/22/2009 11:22:50 AM - System Checkpoint
RP18: 10/23/2009 1:30:53 PM - System Checkpoint
RP19: 10/24/2009 2:22:22 PM - System Checkpoint
RP20: 10/25/2009 4:29:48 PM - System Checkpoint
RP21: 10/26/2009 4:48:10 PM - System Checkpoint
RP22: 10/27/2009 5:48:07 PM - System Checkpoint
RP23: 10/28/2009 6:28:54 PM - System Checkpoint
RP24: 10/29/2009 9:53:52 PM - System Checkpoint
RP25: 10/31/2009 5:50:23 PM - System Checkpoint
RP26: 11/1/2009 6:59:31 PM - System Checkpoint
RP27: 11/2/2009 7:35:57 PM - System Checkpoint
RP28: 11/4/2009 12:22:37 AM - System Checkpoint
RP29: 11/5/2009 1:14:39 AM - System Checkpoint
RP30: 11/6/2009 1:52:15 AM - System Checkpoint
RP31: 11/7/2009 2:52:14 AM - System Checkpoint
RP32: 11/8/2009 2:52:13 AM - System Checkpoint
RP33: 11/9/2009 3:52:15 AM - System Checkpoint
RP34: 11/11/2009 8:29:08 AM - System Checkpoint
RP35: 11/12/2009 9:27:38 AM - System Checkpoint
RP36: 11/13/2009 1:11:07 PM - System Checkpoint
RP37: 11/14/2009 1:27:38 PM - System Checkpoint
RP38: 11/16/2009 12:47:34 PM - System Checkpoint
RP39: 11/17/2009 1:58:10 PM - System Checkpoint
RP40: 11/19/2009 1:58:11 PM - System Checkpoint
RP41: 11/20/2009 3:47:09 PM - System Checkpoint
RP42: 11/21/2009 4:34:13 PM - System Checkpoint
RP43: 11/22/2009 10:28:32 PM - System Checkpoint
RP44: 11/25/2009 11:01:47 AM - System Checkpoint
RP45: 11/26/2009 11:18:20 AM - System Checkpoint
RP46: 11/27/2009 12:21:25 PM - System Checkpoint
RP47: 11/28/2009 3:56:25 PM - System Checkpoint
RP48: 11/29/2009 1:46:44 AM - Installed Napster Download Manager
RP49: 11/30/2009 3:48:51 AM - System Checkpoint
RP50: 12/2/2009 3:41:39 PM - System Checkpoint

==== Installed Programs ======================


Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.1
Adobe Shockwave Player
Adobe Photoshop Album Starter Edition 3.2
AOL Instant Messenger
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
Chess Assistant Club
CLEP Sampler
Detto IntelliMover Demo
Digimax Master
DLA
FinePixViewer Ver.4.2
FUJIFILM USB Driver
getPlus®_dll
Google Updater
Grand Master Chess OnLine
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
hp center
hp deskjet 3820 series (Remove only)
hp instant support
hp learning adventure
hp toolkit
ImageMixer VCD2 for FinePix
IMG Tool (remove only)
Inactive HP Printer Drivers (Remove only)
Intel® Extreme Graphics Driver
iTunes
Java™ 6 Update 10
KBD
Lernout & Hauspie TruVoice American English TTS Engine
Linksys Wireless-G USB Network Adapter
LiveUpdate 3.0 (Symantec Corporation)
MathPlayer
Microsoft ActiveSync 3.7
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Office 97, Professional Edition
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox (3.0.15)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MUSICMATCH Jukebox
Napster Download Manager
Norton WMI Update
NVIDIA Windows 2000/XP Display Drivers
PC-Doctor for Windows
PCenter
QuickTime
RealPlayer
S3Display
S3Gamma2
S3Info2
S3Overlay
Samsung USB Driver
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Shockwave
Sierra Garden Encyclopedia
Studio
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
USB Card Reader
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual IP InSight(Verizon Online)
Web Photo Manager
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WordPerfect Productivity Pack
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Messenger
Yahoo! 工具列

==== Event Viewer Messages From Past Week ========

12/4/2009 9:34:48 PM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
12/2/2009 11:58:45 AM, error: Service Control Manager [7022] - The fioo32 service hung on starting.
12/2/2009 11:57:16 AM, error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: The system cannot find the file specified.
12/2/2009 11:52:53 PM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
11/29/2009 12:36:55 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:25 AM

Posted 19 December 2009 - 04:24 PM

Hi,

My name is Extremeboy (or EB for short), and I will be helping you with your log.

We apologize for the delay of response.

If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a RootRepeal log and a description of any remaining problems or symptoms you may still have please.

If for any reason you did not post a DDS log or RootRepeal log please refer to this page and in step #6 and Step #7 for further instructions on downloading and running DDS & RootRepeal. If you have any problems just let me know in your next reply or simply post a Hijackthis log.


For your next reply I would like to see:
-The DDS logs
---DDS.txt and Attach logs
-RootRepeal logs
-Description of any remaining problems you may still have.


Thanks again and we apologize for the delay.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:25 AM

Posted 24 December 2009 - 12:10 PM

Hello.

Due to Lack of feedback, this topic is now Closed

If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users