Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Boopme, here is the info you requested from Fumunda


  • This topic is locked This topic is locked
5 replies to this topic

#1 Fumunda

Fumunda

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 29 May 2010 - 12:44 AM

Referred from here: http://www.bleepingcomputer.com/forums/t/318626/infected-with-unknown/ ~ OB

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 5/6/2010 1:23:57 AM
System Uptime: 5/28/2010 10:37:32 PM (0 hours ago)

Motherboard: PEGATRON CORPORATION | | Benicia
Processor: IntelŪ PentiumŪ Dual CPU E2220 @ 2.40GHz | CPU 1 | 2399/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 466 GiB total, 430.537 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_14F1&DEV_2F81&SUBSYS_000014F1&REV_01\4&3735DC3F&0&00E1
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_14F1&DEV_2F81&SUBSYS_000014F1&REV_01\4&3735DC3F&0&00E1
Service:

Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Description: USB20 Camera
Device ID: USB\VID_A168&PID_0611\6&192004ED&0&4
Manufacturer:
Name: USB20 Camera
PNP Device ID: USB\VID_A168&PID_0611\6&192004ED&0&4
Service:

==== System Restore Points ===================

RP1: 5/6/2010 1:29:28 AM - System Checkpoint
RP2: 5/6/2010 10:41:37 AM - Installed Adobe Reader 9.3.
RP3: 5/6/2010 10:46:16 AM - Installed Windows XP KB888111WXPSP2.
RP4: 5/6/2010 10:53:23 AM - Installed REALTEK GbE & FE Ethernet PCI-E NIC Driver
RP5: 5/6/2010 12:01:36 PM - Installed Microsoft Office Professional Edition 2003
RP6: 5/6/2010 1:16:51 PM - Installed AVG Free 9.0
RP7: 5/6/2010 2:49:58 PM - Installed MozyHome Remote Backup
RP8: 5/6/2010 3:38:00 PM - Removed MozyHome Remote Backup
RP9: 5/6/2010 3:40:32 PM - Installed MozyHome Remote Backup
RP10: 5/7/2010 3:00:12 AM - Software Distribution Service 3.0
RP11: 5/7/2010 8:00:37 AM - Avg8 Update
RP12: 5/7/2010 8:02:16 AM - Avg Update
RP13: 5/8/2010 3:00:13 AM - Software Distribution Service 3.0
RP14: 5/8/2010 12:24:56 PM - Software Distribution Service 3.0
RP15: 5/9/2010 12:38:49 PM - System Checkpoint
RP16: 5/10/2010 10:32:13 AM - Installed Windows XP KB932823-v3.
RP17: 5/10/2010 10:33:27 AM - Installed Windows XP KB970430.
RP18: 5/10/2010 8:34:57 PM - Software Distribution Service 3.0
RP19: 5/11/2010 8:43:10 PM - System Checkpoint
RP20: 5/11/2010 11:20:52 PM - Installed SUPERAntiSpyware Free Edition
RP21: 5/11/2010 11:27:58 PM - Software Distribution Service 3.0
RP22: 5/12/2010 8:06:42 PM - Software Distribution Service 3.0
RP23: 5/12/2010 8:14:43 PM - Software Distribution Service 3.0
RP24: 5/12/2010 8:51:41 PM - Installed NeatWorks Core Files
RP25: 5/12/2010 8:52:01 PM - Installed Neat Mobile Scanner (Silver) Driver
RP26: 5/12/2010 8:52:35 PM - Installed Neat Mobile Scanner 2008 Driver
RP27: 5/12/2010 8:52:49 PM - Installed Neat ADF Scanner 2008 Driver
RP28: 5/12/2010 8:53:07 PM - Installed Neat Mobile Scanner Driver
RP29: 5/12/2010 8:53:12 PM - Installed Neat ADF Scanner Driver
RP30: 5/12/2010 9:03:55 PM - Installed Neat Mobile Scanner (Silver) Driver
RP31: 5/12/2010 9:04:23 PM - Installed Neat Mobile Scanner 2008 Driver
RP32: 5/12/2010 9:09:08 PM - Removed Neat Mobile Scanner Driver
RP33: 5/12/2010 9:09:36 PM - Removed Neat Mobile Scanner 2008 Driver
RP34: 5/12/2010 9:10:06 PM - Removed Neat Mobile Scanner 2008 Driver
RP35: 5/12/2010 9:10:39 PM - Removed Neat Mobile Scanner (Silver) Driver
RP36: 5/12/2010 9:11:08 PM - Removed Neat Mobile Scanner (Silver) Driver
RP37: 5/12/2010 9:11:39 PM - Removed Neat ADF Scanner Driver
RP38: 5/12/2010 9:12:00 PM - Removed Neat ADF Scanner 2008 Driver
RP39: 5/12/2010 9:14:02 PM - Installed Neat Mobile Scanner (Silver) Driver
RP40: 5/12/2010 9:14:15 PM - Installed Neat Mobile Scanner 2008 Driver
RP41: 5/12/2010 9:14:30 PM - Installed Neat ADF Scanner 2008 Driver
RP42: 5/12/2010 9:14:49 PM - Installed Neat Mobile Scanner Driver
RP43: 5/12/2010 9:14:54 PM - Installed Neat ADF Scanner Driver
RP44: 5/13/2010 8:33:07 PM - Software Distribution Service 3.0
RP45: 5/13/2010 8:49:24 PM - Software Distribution Service 3.0
RP46: 5/14/2010 9:17:05 PM - System Checkpoint
RP47: 5/15/2010 12:01:42 AM - Software Distribution Service 3.0
RP48: 5/16/2010 7:05:54 AM - System Checkpoint
RP49: 5/16/2010 8:50:18 PM - Installed PhotoStudio
RP50: 5/16/2010 8:51:26 PM - Installed OmniPage SE
RP51: 5/17/2010 9:44:36 PM - System Checkpoint
RP52: 5/19/2010 5:55:54 AM - System Checkpoint
RP53: 5/20/2010 8:05:39 AM - System Checkpoint
RP54: 5/21/2010 9:41:11 PM - System Checkpoint
RP55: 5/22/2010 11:56:32 AM - Installed Quicken Home Inventory Manager.
RP56: 5/22/2010 12:03:16 PM - Installed Dino-Lite Plus and Pro
RP57: 5/22/2010 12:06:35 PM - Removed Dino-Lite Plus and Pro
RP58: 5/22/2010 12:26:28 PM - Installed Adobe Photoshop Elements 7.0.
RP59: 5/22/2010 12:52:14 PM - Application kill.
RP60: 5/22/2010 12:52:29 PM - eGames Installation
RP61: 5/22/2010 12:53:03 PM - Installation
RP62: 5/28/2010 10:39:19 PM - Software Distribution Service 3.0

==== Installed Programs ======================

Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop Elements 7.0
Adobe Photoshop.com Inspiration Browser
Adobe Reader 9.3.2
ArcSoft PhotoStudio 5.5
AVG Free 9.0
Canon MP Navigator 2.0
Canon MP500
Canon Utilities Easy-PhotoPrint
Easy-WebPrint
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IntelŪ Graphics Media Accelerator Driver
K-Lite Mega Codec Pack 5.6.1
MahJongg Master 3
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
MozyHome Remote Backup
Neat ADF Scanner 2008 Driver
Neat ADF Scanner Driver
Neat Mobile Scanner (Silver) Driver
Neat Mobile Scanner 2008 Driver
Neat Mobile Scanner Driver
NeatWorks
NeatWorks Core Files
OmniPage SE 2.0
PhotoshopdotcomInspirationBrowser
Quicken Home Inventory Manager
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980232)
SUPERAntiSpyware Free Edition
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB980302)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB980182)
WebFldrs XP
Windows Internet Explorer 8
Windows XP Service Pack 3

==== Event Viewer Messages From Past Week ========

5/27/2010 8:41:40 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips intelppm IPSec mozyFilter MRxSmb NetBIOS NetBT RasAcd Rdbss SASKUTIL Tcpip
5/27/2010 8:31:47 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.
5/27/2010 11:26:51 PM, error: System Error [1003] - Error code 100000d1, parameter1 00000000, parameter2 0000001c, parameter3 00000001, parameter4 87b6cc04.
5/25/2010 9:27:09 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips intelppm IPSec mozyFilter MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
5/25/2010 9:27:09 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2010 9:27:09 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2010 9:27:09 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2010 9:27:09 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2010 9:26:37 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/25/2010 10:01:32 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

==== End Of File ===========================


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 5/6/2010 1:23:57 AM
System Uptime: 5/28/2010 10:37:32 PM (0 hours ago)

Motherboard: PEGATRON CORPORATION | | Benicia
Processor: IntelŪ PentiumŪ Dual CPU E2220 @ 2.40GHz | CPU 1 | 2399/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 466 GiB total, 430.537 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_14F1&DEV_2F81&SUBSYS_000014F1&REV_01\4&3735DC3F&0&00E1
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_14F1&DEV_2F81&SUBSYS_000014F1&REV_01\4&3735DC3F&0&00E1
Service:

Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Description: USB20 Camera
Device ID: USB\VID_A168&PID_0611\6&192004ED&0&4
Manufacturer:
Name: USB20 Camera
PNP Device ID: USB\VID_A168&PID_0611\6&192004ED&0&4
Service:

==== System Restore Points ===================

RP1: 5/6/2010 1:29:28 AM - System Checkpoint
RP2: 5/6/2010 10:41:37 AM - Installed Adobe Reader 9.3.
RP3: 5/6/2010 10:46:16 AM - Installed Windows XP KB888111WXPSP2.
RP4: 5/6/2010 10:53:23 AM - Installed REALTEK GbE & FE Ethernet PCI-E NIC Driver
RP5: 5/6/2010 12:01:36 PM - Installed Microsoft Office Professional Edition 2003
RP6: 5/6/2010 1:16:51 PM - Installed AVG Free 9.0
RP7: 5/6/2010 2:49:58 PM - Installed MozyHome Remote Backup
RP8: 5/6/2010 3:38:00 PM - Removed MozyHome Remote Backup
RP9: 5/6/2010 3:40:32 PM - Installed MozyHome Remote Backup
RP10: 5/7/2010 3:00:12 AM - Software Distribution Service 3.0
RP11: 5/7/2010 8:00:37 AM - Avg8 Update
RP12: 5/7/2010 8:02:16 AM - Avg Update
RP13: 5/8/2010 3:00:13 AM - Software Distribution Service 3.0
RP14: 5/8/2010 12:24:56 PM - Software Distribution Service 3.0
RP15: 5/9/2010 12:38:49 PM - System Checkpoint
RP16: 5/10/2010 10:32:13 AM - Installed Windows XP KB932823-v3.
RP17: 5/10/2010 10:33:27 AM - Installed Windows XP KB970430.
RP18: 5/10/2010 8:34:57 PM - Software Distribution Service 3.0
RP19: 5/11/2010 8:43:10 PM - System Checkpoint
RP20: 5/11/2010 11:20:52 PM - Installed SUPERAntiSpyware Free Edition
RP21: 5/11/2010 11:27:58 PM - Software Distribution Service 3.0
RP22: 5/12/2010 8:06:42 PM - Software Distribution Service 3.0
RP23: 5/12/2010 8:14:43 PM - Software Distribution Service 3.0
RP24: 5/12/2010 8:51:41 PM - Installed NeatWorks Core Files
RP25: 5/12/2010 8:52:01 PM - Installed Neat Mobile Scanner (Silver) Driver
RP26: 5/12/2010 8:52:35 PM - Installed Neat Mobile Scanner 2008 Driver
RP27: 5/12/2010 8:52:49 PM - Installed Neat ADF Scanner 2008 Driver
RP28: 5/12/2010 8:53:07 PM - Installed Neat Mobile Scanner Driver
RP29: 5/12/2010 8:53:12 PM - Installed Neat ADF Scanner Driver
RP30: 5/12/2010 9:03:55 PM - Installed Neat Mobile Scanner (Silver) Driver
RP31: 5/12/2010 9:04:23 PM - Installed Neat Mobile Scanner 2008 Driver
RP32: 5/12/2010 9:09:08 PM - Removed Neat Mobile Scanner Driver
RP33: 5/12/2010 9:09:36 PM - Removed Neat Mobile Scanner 2008 Driver
RP34: 5/12/2010 9:10:06 PM - Removed Neat Mobile Scanner 2008 Driver
RP35: 5/12/2010 9:10:39 PM - Removed Neat Mobile Scanner (Silver) Driver
RP36: 5/12/2010 9:11:08 PM - Removed Neat Mobile Scanner (Silver) Driver
RP37: 5/12/2010 9:11:39 PM - Removed Neat ADF Scanner Driver
RP38: 5/12/2010 9:12:00 PM - Removed Neat ADF Scanner 2008 Driver
RP39: 5/12/2010 9:14:02 PM - Installed Neat Mobile Scanner (Silver) Driver
RP40: 5/12/2010 9:14:15 PM - Installed Neat Mobile Scanner 2008 Driver
RP41: 5/12/2010 9:14:30 PM - Installed Neat ADF Scanner 2008 Driver
RP42: 5/12/2010 9:14:49 PM - Installed Neat Mobile Scanner Driver
RP43: 5/12/2010 9:14:54 PM - Installed Neat ADF Scanner Driver
RP44: 5/13/2010 8:33:07 PM - Software Distribution Service 3.0
RP45: 5/13/2010 8:49:24 PM - Software Distribution Service 3.0
RP46: 5/14/2010 9:17:05 PM - System Checkpoint
RP47: 5/15/2010 12:01:42 AM - Software Distribution Service 3.0
RP48: 5/16/2010 7:05:54 AM - System Checkpoint
RP49: 5/16/2010 8:50:18 PM - Installed PhotoStudio
RP50: 5/16/2010 8:51:26 PM - Installed OmniPage SE
RP51: 5/17/2010 9:44:36 PM - System Checkpoint
RP52: 5/19/2010 5:55:54 AM - System Checkpoint
RP53: 5/20/2010 8:05:39 AM - System Checkpoint
RP54: 5/21/2010 9:41:11 PM - System Checkpoint
RP55: 5/22/2010 11:56:32 AM - Installed Quicken Home Inventory Manager.
RP56: 5/22/2010 12:03:16 PM - Installed Dino-Lite Plus and Pro
RP57: 5/22/2010 12:06:35 PM - Removed Dino-Lite Plus and Pro
RP58: 5/22/2010 12:26:28 PM - Installed Adobe Photoshop Elements 7.0.
RP59: 5/22/2010 12:52:14 PM - Application kill.
RP60: 5/22/2010 12:52:29 PM - eGames Installation
RP61: 5/22/2010 12:53:03 PM - Installation
RP62: 5/28/2010 10:39:19 PM - Software Distribution Service 3.0

==== Installed Programs ======================

Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop Elements 7.0
Adobe Photoshop.com Inspiration Browser
Adobe Reader 9.3.2
ArcSoft PhotoStudio 5.5
AVG Free 9.0
Canon MP Navigator 2.0
Canon MP500
Canon Utilities Easy-PhotoPrint
Easy-WebPrint
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IntelŪ Graphics Media Accelerator Driver
K-Lite Mega Codec Pack 5.6.1
MahJongg Master 3
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
MozyHome Remote Backup
Neat ADF Scanner 2008 Driver
Neat ADF Scanner Driver
Neat Mobile Scanner (Silver) Driver
Neat Mobile Scanner 2008 Driver
Neat Mobile Scanner Driver
NeatWorks
NeatWorks Core Files
OmniPage SE 2.0
PhotoshopdotcomInspirationBrowser
Quicken Home Inventory Manager
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980232)
SUPERAntiSpyware Free Edition
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB980302)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB980182)
WebFldrs XP
Windows Internet Explorer 8
Windows XP Service Pack 3

==== Event Viewer Messages From Past Week ========

5/27/2010 8:41:40 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips intelppm IPSec mozyFilter MRxSmb NetBIOS NetBT RasAcd Rdbss SASKUTIL Tcpip
5/27/2010 8:31:47 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.
5/27/2010 11:26:51 PM, error: System Error [1003] - Error code 100000d1, parameter1 00000000, parameter2 0000001c, parameter3 00000001, parameter4 87b6cc04.
5/25/2010 9:27:09 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips intelppm IPSec mozyFilter MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
5/25/2010 9:27:09 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2010 9:27:09 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2010 9:27:09 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2010 9:27:09 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2010 9:26:37 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/25/2010 10:01:32 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

==== End Of File ===========================

Edited by Orange Blossom, 29 May 2010 - 02:26 PM.


BC AdBot (Login to Remove)

 


#2 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:10:11 PM

Posted 31 May 2010 - 01:59 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE



Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#3 Fumunda

Fumunda
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 31 May 2010 - 08:55 PM

Hi Schrauber,
Did you read the info in the link at the top of the page where this came from?
I have been working on this for a week or so. The DDS log above you is the last thing that I have done on my computer. I have not turned it on since. Boopme was working with me and told me to run the DDS log, then Orange blossom closed the last thread I had going and told me to post the DDS log here and not do anything more to my computer until I heard from a moderator, so now this is where I am. I was hoping that you might have some insight from the DDS log on where to start. Since I haven't turned on the infected computer since I posted the log, this should be the most current one. I am not sure my computer will stay on long enough to run the GMER. Last time it went black in the middle of the scan. That is the problem with the computer I am trying to fix. It will be on and all of a sudden in the middle of anything I am doing it will just go black. If I hold down the turn off button it will go off, but only if I hold it down. If I start it back up after I crash the first time, it will get progressivly worse until it will just show the windows logo and it will go black again. If I leave it off for a while I can usually use it for longer.
I'll try to run the GMER in a few minutes and let you know.
Thanks.

#4 Fumunda

Fumunda
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 31 May 2010 - 11:22 PM

No such luck.
I had my computer on for 14 mins and it went to black screen right in the middle of the GMER scan.
I have not changed anything on the computer.
Turned it off after that as I cannot do anything with it until it has sat for a while.
I'm bummed.

#5 Fumunda

Fumunda
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 31 May 2010 - 11:27 PM

I give up, I need my computer, I waited about 3 weeks total and I can't stand it anymore.
This virus is pissing me off royally, so off to the shop it goes! Hope they can find it somehow without wiping it clean again. Thanks for trying guys and gals.

#6 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:10:11 PM

Posted 03 June 2010 - 11:22 AM

Since this issue appears to be resolved ... this Topic has been closed.

If your the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users