Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Win32/Nuqel.E, Banker & AntiVirus Soft


  • This topic is locked This topic is locked
9 replies to this topic

#1 GrlRacer

GrlRacer

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Bronx, NY
  • Local time:06:50 AM

Posted 28 March 2010 - 10:16 PM


I need your help!

When I open IE, I get redirected to porn sites & the Antivirus soft website, I get window security updates popping up, and out of date virus software popups. I am now on Firefox but just getting popups on this.

I have XP. I cannot open any programs and I tried to download rkill but it won't let me, even in safe mode. Nothing can download in safe mode either.

PLEASE HELP!


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:50 AM

Posted 28 March 2010 - 10:54 PM

Hello, see if this will work .. You will need to boot into Safe Mode with Networking.
Follow the steps in the Automated Removal Instructions section of our Tutorial..
Remove Antivirus Soft (Uninstall Guide)

If successful,post the MBAM log from there.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.


Another option if needed.


Click on Start, Then Control Panel
Click on Users
Create a new user account with Administrative Rights
Login as that user
Now run MBAM (MalwareBytes below) ,, Run a FULL scan this will search all user accounts on your machine.
Reboot your machine.
When your machine is at the login don't login into the infected account log into the new account you made.
Logout of the new account once the machine finishes booting up.
Log into your original account that was infected. Post the MBAM log.
Hopefully we are good.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 GrlRacer

GrlRacer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Bronx, NY
  • Local time:06:50 AM

Posted 28 March 2010 - 11:26 PM

Thanks for your quick reply boopme!

I followed your instructions and logged in safe mode w/networking as admin.
I followed the removal steps but my computer won't download the malwarebytes. I got this message:
"This application has failed to start because MSVBVM60.DLL was not found. Reinstalling the application may fix the problem."

I also tried to run rkill and this is the log result:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Administrator on 03/29/2010 at 0:33:12.


Processes terminated by Rkill or while it was running:


C:\Documents and Settings\Administrator\My Documents\rkill.com


Rkill completed on 03/29/2010 at 0:33:13.


What can I do now?

Edited by GrlRacer, 28 March 2010 - 11:35 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:50 AM

Posted 29 March 2010 - 03:35 PM

Hi had to figure this one out.
Your visual basic is damaged, if it was malware this might not help, please try to uninstall MBAM, run the VB installer and then try to reinstall MBAM .

1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.
2. Restart your computer (very important).
3. Download and run this utility. Mbam clean
4. It will ask to restart your computer (please allow it to).
5. Ddownload and install service pack 6 for visual basic 6.0.
From here Microsoft
6. After the computer restarts, install the latest version from here. http://www.malwarebytes.org/mbam-download.php
Launch the program.
Then go to the UPDATE tab if not done during installation and check for updates.
Restart the computer again and verify that MBAM is in the task tray and run a Quick Scan and post that log.

Edited by boopme, 29 March 2010 - 03:36 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 GrlRacer

GrlRacer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Bronx, NY
  • Local time:06:50 AM

Posted 29 March 2010 - 07:24 PM

I did everything you said (in safe mode) but I keep getting this message when I try to run Malwarebytes:

"This application has failed to start because MSVBVM60.DLL was not found. Reinstalling the application may fix the problem."

I did a google search of this and downloaded the fix for this and still no luck.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:50 AM

Posted 29 March 2010 - 07:39 PM

Hello, We need a deeper look,please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic from step 9.
If Gmer won't run,skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 GrlRacer

GrlRacer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Bronx, NY
  • Local time:06:50 AM

Posted 29 March 2010 - 08:25 PM

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 26/01/08 5:43:51 PM
System Uptime: 29/03/10 7:32:22 PM (2 hours ago)

Motherboard: ASUSTek Computer INC. | | Amberine M
Processor: AMD Athlon™ 64 Processor 3500+ | Socket 939 | 2200/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 178 GiB total, 116.674 GiB free.
D: is FIXED (FAT32) - 8 GiB total, 0.863 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Description: HID Non-User Input Data Filter (KB 911895)
Device ID: HID\VID_045E&PID_009D&MI_01&COL01\7&222A893D&0&0000
Manufacturer: Microsoft
Name: HID Non-User Input Data Filter (KB 911895)
PNP Device ID: HID\VID_045E&PID_009D&MI_01&COL01\7&222A893D&0&0000
Service: NuidFltr

Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Description: HID Non-User Input Data Filter (KB 911895)
Device ID: HID\VID_045E&PID_009D&MI_01&COL03\7&222A893D&0&0002
Manufacturer: Microsoft
Name: HID Non-User Input Data Filter (KB 911895)
PNP Device ID: HID\VID_045E&PID_009D&MI_01&COL03\7&222A893D&0&0002
Service: NuidFltr

==== System Restore Points ===================

RP230: 27/12/09 8:54:35 PM - System Checkpoint
RP231: 29/12/09 12:40:29 AM - System Checkpoint
RP232: 29/12/09 8:00:37 PM - Software Distribution Service 3.0
RP233: 30/12/09 5:38:40 PM - Software Distribution Service 3.0
RP234: 02/01/10 1:04:31 AM - System Checkpoint
RP235: 03/01/10 1:15:43 AM - Installed Vz In Home Agent
RP236: 05/01/10 5:08:03 PM - System Checkpoint
RP237: 07/01/10 8:14:38 PM - System Checkpoint
RP238: 08/01/10 8:40:47 PM - System Checkpoint
RP239: 09/01/10 8:50:15 PM - System Checkpoint
RP240: 10/01/10 3:29:25 PM - ADVANCED REGISTRY OPTIMIZER - FIRST RUN
RP241: 10/01/10 3:35:34 PM - Advanced Registry Optimizer Sun, Jan 10, 10 15:35
RP242: 10/01/10 3:50:47 PM - Advanced Registry Optimizer - Before Installation
RP243: 10/01/10 3:53:08 PM - Advanced Registry Optimizer Sun, Jan 10, 10 15:52
RP244: 10/01/10 3:54:41 PM - Advanced Registry Optimizer - Before One Click
RP245: 11/01/10 4:51:36 PM - System Checkpoint
RP246: 12/01/10 6:13:18 PM - System Checkpoint
RP247: 13/01/10 8:08:19 AM - Installed ooVoo
RP248: 13/01/10 8:04:39 PM - Software Distribution Service 3.0
RP249: 14/01/10 9:10:05 AM - Installed CuteFTP 8 Professional
RP250: 15/01/10 11:53:13 AM - System Checkpoint
RP251: 17/01/10 5:01:29 PM - System Checkpoint
RP252: 21/01/10 1:20:06 PM - System Checkpoint
RP253: 21/01/10 5:22:38 PM - Installed Uniblue DriverScanner v1.0
RP254: 21/01/10 8:01:51 PM - Software Distribution Service 3.0
RP255: 22/01/10 8:26:13 PM - System Checkpoint
RP256: 24/01/10 7:59:27 PM - System Checkpoint
RP257: 26/01/10 10:52:39 AM - System Checkpoint
RP258: 28/01/10 5:17:19 PM - Removed ooVoo
RP259: 29/01/10 9:26:08 PM - System Checkpoint
RP260: 30/01/10 9:57:55 PM - System Checkpoint
RP261: 01/02/10 1:54:40 PM - System Checkpoint
RP262: 02/02/10 6:08:30 PM - System Checkpoint
RP263: 04/02/10 10:02:57 PM - Configured Microsoft Office Home and Student 2007 Trial
RP264: 06/02/10 1:10:51 AM - System Checkpoint
RP265: 07/02/10 3:58:37 PM - System Checkpoint
RP266: 08/02/10 4:12:12 PM - System Checkpoint
RP267: 09/02/10 5:36:33 PM - System Checkpoint
RP268: 09/02/10 8:00:40 PM - Software Distribution Service 3.0
RP269: 10/02/10 11:43:34 PM - System Checkpoint
RP270: 12/02/10 2:46:50 PM - System Checkpoint
RP271: 13/02/10 3:58:58 PM - System Checkpoint
RP272: 14/02/10 4:37:19 PM - System Checkpoint
RP273: 16/02/10 9:46:15 AM - System Checkpoint
RP274: 18/02/10 2:28:59 PM - System Checkpoint
RP275: 19/02/10 8:01:54 PM - System Checkpoint
RP276: 20/02/10 8:09:47 PM - System Checkpoint
RP277: 23/02/10 6:54:51 PM - System Checkpoint
RP278: 23/02/10 8:00:42 PM - Software Distribution Service 3.0
RP279: 24/02/10 9:11:06 PM - System Checkpoint
RP280: 25/02/10 9:22:32 PM - System Checkpoint
RP281: 27/02/10 2:55:02 PM - System Checkpoint
RP282: 28/02/10 5:03:45 PM - System Checkpoint
RP283: 02/03/10 6:05:22 PM - System Checkpoint
RP284: 04/03/10 6:22:13 PM - System Checkpoint
RP285: 05/03/10 6:42:02 PM - System Checkpoint
RP286: 06/03/10 7:13:30 PM - System Checkpoint
RP287: 06/03/10 8:40:08 PM - Installed BlackBerry Device Software Updater.
RP288: 08/03/10 7:57:25 PM - System Checkpoint
RP289: 09/03/10 8:19:13 PM - System Checkpoint
RP290: 10/03/10 8:01:43 PM - Software Distribution Service 3.0
RP291: 12/03/10 7:31:39 PM - System Checkpoint
RP292: 13/03/10 8:04:18 PM - System Checkpoint
RP293: 14/03/10 8:42:56 PM - Installed BlackBerry Desktop Software 5.0.
RP294: 17/03/10 6:18:05 PM - System Checkpoint
RP295: 18/03/10 7:09:45 PM - System Checkpoint
RP296: 19/03/10 9:57:20 PM - System Checkpoint
RP297: 21/03/10 1:36:55 PM - System Checkpoint
RP298: 21/03/10 7:37:40 PM - Installed ooVoo
RP299: 22/03/10 12:01:31 AM - Removed ooVoo
RP300: 23/03/10 10:04:12 PM - System Checkpoint
RP301: 27/03/10 12:21:56 PM - System Checkpoint

==== Installed Programs ======================

Adobe Flash Player 10 Plugin
Adobe Reader 8.1.4
Adobe® Photoshop® Album Starter Edition 3.2
AiO_Scan
AiOSoftware
AOL Toolbar
AOL Toolbar for Firefox
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
Audacity 1.3.9 (Unicode)
Barnyard Invasion from HP Media Center (remove only)
Bejeweled 2 Deluxe from HP Media Center (remove only)
Big Kahuna Reef from HP Media Center (remove only)
BlackBerry Desktop Software 5.0
BlackBerry Device Software Updater
BlackBerry Theme Studio 5.0
Blackhawk Striker 2 from HP Media Center (remove only)
Blasterball 2 from HP Media Center (remove only)
Blasterball 2 Holidays from HP Media Center (remove only)
Boggle Supreme from HP Media Center (remove only)
Bonjour
Bookworm Deluxe from HP Media Center (remove only)
Bounce Symphony from HP Media Center (remove only)
BufferChm
CameraDrivers
CCleaner
Cool Edit Pro 2.0
Corel Paint Shop Pro Photo XI
Coupon Printer for Windows
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Crystal Maze from HP Media Center (remove only)
CueTour
CuteFTP 8 Professional
Destinations
DeviceManagementQFolder
Digby's Donuts from HP Media Center (remove only)
DocProc
DocumentViewer
DocumentViewerQFolder
Download Updater (AOL LLC)
Easy Internet Sign-up
Enhanced Multimedia Keyboard Solution
FATE Demo from HP Media Center (remove only)
Fax
Flip Words from HP Media Center (remove only)
FoxyTunes for Firefox
GemMaster Mystic
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
HP Boot Optimizer
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP Game Console and games
HP Image Zone 5.3
HP Image Zone for Media Center PC
HP Imaging Device Functions 5.3
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart Cameras 5.0
HP Product Detection
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HP Tunes
HPProductAssistant
HpSdpAppCoreApp
Insaniquarium Deluxe from HP Media Center (remove only)
InstantShareDevices
IntelliMover Data Transfer Demo
InterVideo WinDVD Player
iTunes
J2SE Runtime Environment 5.0
Java™ 6 Update 3
Jewel Quest from HP Media Center (remove only)
LemonWire
LG USB Modem driver
LightScribe 1.4.31.1
LiveUpdate (Symantec Corporation)
Mah Jong Quest from HP Media Center (remove only)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007 Trial
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard Edition 2003
Microsoft Office Word MUI (English) 2007
Microsoft Plus! Dancer LE
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Software Update for Web Folders (English) 12
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mirar
MobileMe Control Panel
Motorola SM56 Speakerphone Modem
Move Networks Media Player for Internet Explorer
Mozilla Firefox (3.5.8)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 4.0
muvee autoProducer unPlugged 1.1 - HPD
Netflix Movie Viewer
NewCopy
Octoshape add-in for Adobe Flash Player
Office 2003 Tour
PanoStandAlone
PC-Doctor 5 for Windows
PC VGA Camer@
PerfectDisk 2008
PhotoGallery
Polar Bowler from HP Media Center (remove only)
Polar Golfer from HP Media Center (remove only)
PSPrinters08
PSTAPlugin
Puzzle Express from HP Media Center (remove only)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QFolder
Quicken 2005
QuickTime
RandMap
Readme
RealPlayer
Ricochet Lost Worlds from HP Media Center (remove only)
RPS Burn
RPS CRT
RPS Diagnostic Utility
RPS Firewall
RPS Ksdk
RPS ParentalControl
RPS PerfectDiskStub
RPS PopupBlocker
RPS RpsCore
RPS SafeConnect
Safari
Scan
ScannerCopy
SCRABBLE Blast from HP Media Center (remove only)
SCRABBLE from HP Media Center (remove only)
SCRABBLE Rack Attack from HP Media Center (remove only)
Security Advisor
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
Shrek 2 Ogre Bowler from HP Media Center (remove only)
SkinsHP1
Slingo Deluxe from HP Media Center (remove only)
Slyder from HP Media Center (remove only)
SolutionCenter
SONAR 8 Producer Edition Trial
Sonic Encoders
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Spadester
Spybot - Search & Destroy
Status
Super Granny from HP Media Center (remove only)
Swarm from HP Media Center (remove only)
Symantec Technical Support Web Controls
Tradewinds from HP Media Center (remove only)
TrayApp
Uniblue DriverScanner 2009
Uniblue RegistryBooster
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
Updates from HP (remove only)
V CAST Music Manager
Verizon Help and Support Tool
Verizon High Speed Internet
Verizon Internet Security Suite
Verizon Servicepoint 1.5.24
Verizon Yahoo! Applications
Viewpoint Media Player
Vuze
Vz In Home Agent
WebFldrs XP
WebReg
WhereSphere
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10 Hotfix [See KB889858 for more information]
Windows Media Player Firefox Plugin
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
WinSCP 4.2.5
Yahoo! Mail Advisor
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

29/03/10 7:19:00 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the COM+ System Application service to connect.
29/03/10 7:19:00 PM, error: Service Control Manager [7000] - The COM+ System Application service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
29/03/10 7:18:56 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
29/03/10 6:09:32 PM, error: Service Control Manager [7034] - The Verizon Internet Security Suite SafeConnectAgent service terminated unexpectedly. It has done this 1 time(s).
28/03/10 6:48:55 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
28/03/10 6:43:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
27/03/10 6:01:03 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
27/03/10 12:07:11 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the SpaceQuery Service service to connect.
27/03/10 12:07:11 PM, error: Service Control Manager [7000] - The Scramby Server service failed to start due to the following error: The system cannot find the path specified.
27/03/10 11:45:16 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
27/03/10 11:11:34 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK8 eeCtrl Fips ftsata2 KLIF
27/03/10 11:10:39 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
27/03/10 11:02:47 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
27/03/10 1:45:57 PM, error: System Error [1003] - Error code 100000d1, parameter1 00000000, parameter2 0000001c, parameter3 00000001, parameter4 83d2b00c.
26/03/10 11:24:00 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK8 eeCtrl Fips ftsata2 IPSec KLIF MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
26/03/10 11:24:00 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
26/03/10 11:24:00 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
26/03/10 11:24:00 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
26/03/10 11:24:00 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
26/03/10 11:24:00 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
26/03/10 11:24:00 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
26/03/10 11:23:41 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
26/03/10 10:48:09 PM, error: Service Control Manager [7022] - The Verizon Internet Security Suite SafeConnectAgent service hung on starting.
24/03/10 6:20:37 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
24/03/10 6:20:19 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
22/03/10 8:29:13 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Radialpoint Security Services service.

==== End Of File ===========================

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:50 AM

Posted 29 March 2010 - 08:44 PM

Hello I need you to start a new topic and repost the logs.
Go here Virus, Trojan, Spyware, and Malware Removal Logs
title it Cannot Remove Antivirus Soft

Copy this link,which is tis topic in that new topic.

http://www.bleepingcomputer.com/forums/ind...03&t=305609

Let me know it you got it done.

Edited by boopme, 29 March 2010 - 08:45 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 GrlRacer

GrlRacer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Bronx, NY
  • Local time:06:50 AM

Posted 29 March 2010 - 09:51 PM

done

Edited by GrlRacer, 29 March 2010 - 09:58 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:50 AM

Posted 29 March 2010 - 10:35 PM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users