Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

need help removing Auto e-mail virus (msn/hotmail)


  • This topic is locked This topic is locked
14 replies to this topic

#1 Jaycat

Jaycat

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 16 June 2011 - 03:32 PM

Hey,

I think my computer is infected with some virus that auto sends e-mails to my friends list when I log into msn or hotmail (unsure which) as I keep getting undelivered message spam.

I've run some anti-virus such as MBAM, Superanti spyware, spybot search and destroy and norton but I still seem to have the virus (I keep getting undelivered message notifications)

I do have a Hijackthis log (posted below) and I would be grateful for any help anyone could give.





Hijackthis log:


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Norton Utilities 14\nu.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\BT Home Hub\Help\bin\mpbtn.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\System32\svchost.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Hijack This\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [NortonUtilities] C:\Program Files\Norton Utilities 14\nu.exe /H
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1766253218-1745489305-838298268-500\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Administrator')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: BT Broadband Desktop Help.lnk = C:\Program Files\BT Home Hub\Help\bin\matcli.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 13122 bytes

BC AdBot (Login to Remove)

 


#2 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:46 AM

Posted 25 June 2011 - 12:00 PM

Hi,

Please read and follow steps given here to see if that resolves your problem.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#3 Jaycat

Jaycat
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 26 June 2011 - 07:55 AM

The first thing I tried when I found out my account was sending out e-mails was to change the password and questions but the emails continued as far as I know, and now my hotmail is blocking me from logging in (I need to contact customer support), this leads me to believe it's something still on my computer.

Edited by Jaycat, 26 June 2011 - 08:07 AM.


#4 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:46 AM

Posted 26 June 2011 - 05:01 PM

Hi,

I can take a closer look but that needs some extra tools.

Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds file to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop. Post them back to your topic.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#5 Jaycat

Jaycat
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 26 June 2011 - 06:53 PM

DDS:

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 6.0.2900.2180
Run by Compaq_Administrator at 0:44:03 on 2011-06-27
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.2046.1383 [GMT 1:00]
.
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Norton Utilities 14\nu.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\BT Home Hub\Help\bin\mpbtn.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
mDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
mSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\norton internet security\engine\18.6.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\norton internet security\engine\18.6.0.29\ips\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: CNavExtBho Class: {a8f38d8d-e480-4d52-b7a2-731bb6995fdd} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\norton internet security\engine\18.6.0.29\coIEPlg.dll
uRun: [NortonUtilities] c:\program files\norton utilities 14\nu.exe /H
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [PCDrProfiler]
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\btbroa~1.lnk - c:\program files\bt home hub\help\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{6538C46C-1BBE-4EBA-BBD1-12A6B68572F0} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
TCP: Interfaces\{8BD30C18-6E3E-48E1-B43C-79C5BABA261F} : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1206000.01d\symds.sys [2011-5-10 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1206000.01d\symefa.sys [2011-5-10 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.5.0.125\definitions\bashdefs\20110616.003\BHDrvx86.sys [2011-6-16 810616]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1206000.01d\ironx86.sys [2011-5-10 136312]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2011-5-25 1336712]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-6-14 366640]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\norton internet security\engine\18.6.0.29\ccsvchst.exe [2011-5-10 130008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-5-10 105592]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.5.0.125\definitions\ipsdefs\20110624.050\IDSXpx86.sys [2011-6-25 355256]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-6-14 22712]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.5.0.125\definitions\virusdefs\20110626.002\NAVENG.SYS [2011-6-26 86008]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.5.0.125\definitions\virusdefs\20110626.002\NAVEX15.SYS [2011-6-26 1542392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-13 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-13 135664]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\29.tmp --> c:\windows\system32\29.tmp [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-06-16 12:29:10 -------- d-----w- c:\program files\Sophos
2011-06-14 17:21:40 -------- d-----w- c:\windows\system32\NtmsData
2011-06-14 00:38:38 -------- d-----w- c:\documents and settings\compaq_administrator\application data\Malwarebytes
2011-06-14 00:38:19 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-14 00:38:18 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-06-14 00:38:14 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-14 00:38:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-13 20:20:57 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-06-13 20:20:57 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-06-13 20:13:11 -------- d-----w- c:\documents and settings\compaq_administrator\application data\SUPERAntiSpyware.com
2011-06-13 20:13:11 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-06-13 20:12:59 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-06-13 20:08:51 -------- d-----w- c:\program files\CCleaner
2011-06-11 21:31:42 388096 ----a-r- c:\documents and settings\compaq_administrator\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-06-11 21:31:41 -------- d-----w- c:\program files\Hijack This
2011-06-09 13:48:34 -------- d-----w- c:\documents and settings\compaq_administrator\local settings\application data\NPE
2011-06-07 14:49:18 26176 ---ha-w- c:\windows\system32\hamachi.sys
.
==================== Find3M ====================
.
2011-05-10 02:20:32 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2011-05-10 02:20:32 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-04-30 16:34:54 259604 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-04-30 16:34:54 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-04-30 16:34:51 259604 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-04-25 15:46:18 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-25 15:46:18 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-25 14:00:37 94208 ----a-w- c:\windows\DUMP610b.tmp
2011-04-25 13:54:36 94208 ----a-w- c:\windows\DUMP6bba.tmp
2011-04-25 13:52:53 94208 ----a-w- c:\windows\DUMP6504.tmp
2011-04-25 13:51:34 94208 ----a-w- c:\windows\DUMP660d.tmp
2011-04-25 13:50:12 94208 ----a-w- c:\windows\DUMP6438.tmp
2011-04-25 13:48:35 94208 ----a-w- c:\windows\DUMP662c.tmp
2011-04-25 13:46:57 94208 ----a-w- c:\windows\DUMP6541.tmp
2011-04-25 13:45:19 94208 ----a-w- c:\windows\DUMP6707.tmp
2011-04-25 13:43:42 94208 ----a-w- c:\windows\DUMP64d4.tmp
2011-04-25 13:42:03 94208 ----a-w- c:\windows\DUMP6457.tmp
2011-04-25 13:40:26 94208 ----a-w- c:\windows\DUMP6570.tmp
2011-04-25 13:38:48 94208 ----a-w- c:\windows\DUMP6503.tmp
2011-04-25 13:37:10 94208 ----a-w- c:\windows\DUMP6793.tmp
2011-04-25 13:35:31 94208 ----a-w- c:\windows\DUMP9af7.tmp
2011-04-15 11:29:48 94208 ----a-w- c:\windows\DUMP473a.tmp
2011-04-15 11:28:17 94208 ----a-w- c:\windows\DUMP4a18.tmp
2011-04-15 11:26:46 94208 ----a-w- c:\windows\DUMP4c7a.tmp
2011-04-15 11:25:13 94208 ----a-w- c:\windows\DUMP539e.tmp
2011-04-08 05:14:00 944232 ----a-w- c:\windows\system32\nvdispco3220140.dll
2011-04-08 05:14:00 855656 ----a-w- c:\windows\system32\nvgenco322060.dll
2011-04-08 05:14:00 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-08 05:14:00 5210112 ----a-w- c:\windows\system32\nvcuda.dll
2011-04-08 05:14:00 4111232 ----a-w- c:\windows\system32\nv4_disp.dll
2011-04-08 05:14:00 2770536 ----a-w- c:\windows\system32\nvcuvid.dll
2011-04-08 05:14:00 2116894 ----a-w- c:\windows\system32\nvdata.bin
2011-04-08 05:14:00 2074216 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-04-08 05:14:00 2027008 ----a-w- c:\windows\system32\nvapi.dll
2011-04-08 05:14:00 14856192 ----a-w- c:\windows\system32\nvoglnt.dll
2011-04-08 05:14:00 13000704 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-08 05:14:00 12501600 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-04-07 21:15:38 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-04-07 21:15:38 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-04-07 21:15:34 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-04-07 21:15:34 13891176 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 21:15:34 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 21:15:32 155752 ----a-w- c:\windows\system32\nvsvc32.exe
2011-04-07 21:15:32 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-04-06 15:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 15:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 15:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 15:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-31 03:00:09 516216 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\srtsp.sys
2011-03-31 03:00:09 50168 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\srtspx.sys
.
============= FINISH: 0:45:16.18 ===============

#6 Jaycat

Jaycat
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 26 June 2011 - 06:54 PM

Attach :


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 25/04/2011 15:31:16
System Uptime: 26/06/2011 11:27:28 (13 hours ago)
.
Motherboard: ASUSTek Computer INC. | | Basswood
Processor: Intel® Core™2 CPU 6400 @ 2.13GHz | Socket 775 | 2133/266mhz
Processor: Intel® Core™2 CPU 6400 @ 2.13GHz | Socket 775 | 2133/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 226 GiB total, 56.036 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 0.689 GiB free.
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMTSSTCORP_CD/DVDW_TS-H653L_______________0414____\4&8C8DABA&0&0.1.0
Manufacturer: (Standard CD-ROM drives)
Name: TSSTcorp CD/DVDW TS-H653L
PNP Device ID: IDE\CDROMTSSTCORP_CD/DVDW_TS-H653L_______________0414____\4&8C8DABA&0&0.1.0
Service: cdrom
.
==== System Restore Points ===================
.
RP1: 25/04/2011 15:42:36 - Installed Microsoft Visual C++ 2005 Redistributable
RP2: 25/04/2011 15:42:52 - Installed DirectX
RP3: 25/04/2011 15:47:51 - Installed Windows XP WIC.
RP4: 25/04/2011 15:49:05 - Installed Windows XP KB954708.
RP5: 25/04/2011 15:49:17 - Installed DirectX
RP6: 25/04/2011 16:45:44 - Installed Java™ 6 Update 24
RP7: 25/04/2011 17:55:13 - Logitech Webcam Software v12.10.1110
RP8: 26/04/2011 20:54:41 - System Checkpoint
RP9: 27/04/2011 02:20:24 - Software Distribution Service 3.0
RP10: 27/04/2011 19:12:33 - Software Distribution Service 3.0
RP11: 27/04/2011 23:53:57 - Software Distribution Service 3.0
RP12: 28/04/2011 01:20:38 - Software Distribution Service 3.0
RP13: 28/04/2011 12:34:43 - Software Distribution Service 3.0
RP14: 29/04/2011 02:04:17 - Software Distribution Service 3.0
RP15: 29/04/2011 17:03:21 - Software Distribution Service 3.0
RP16: 30/04/2011 02:06:37 - Installed %1 %2.
RP17: 30/04/2011 02:06:46 - Printer Driver Microsoft XPS Document Writer Installed
RP18: 30/04/2011 02:14:25 - Installed Microsoft XNA Framework Redistributable 3.1
RP19: 30/04/2011 02:14:30 - Installed DirectX
RP20: 30/04/2011 02:22:02 - Installed Microsoft XNA Framework Redistributable 3.1
RP21: 30/04/2011 02:37:17 - Installed Microsoft XNA Framework Redistributable 4.0
RP22: 30/04/2011 02:42:47 - Installed Microsoft XNA Framework Redistributable 3.1
RP23: 30/04/2011 03:00:23 - Software Distribution Service 3.0
RP24: 30/04/2011 04:13:50 - Software Distribution Service 3.0
RP25: 01/05/2011 03:00:16 - Software Distribution Service 3.0
RP26: 01/05/2011 03:13:46 - Software Distribution Service 3.0
RP27: 02/05/2011 01:49:01 - Software Distribution Service 3.0
RP28: 02/05/2011 13:30:53 - Software Distribution Service 3.0
RP29: 02/05/2011 18:16:41 - Software Distribution Service 3.0
RP30: 03/05/2011 02:32:34 - Software Distribution Service 3.0
RP31: 04/05/2011 02:51:13 - Software Distribution Service 3.0
RP32: 05/05/2011 01:49:02 - Installed DirectX
RP33: 05/05/2011 01:49:22 - Installed DirectX
RP34: 05/05/2011 03:00:20 - Software Distribution Service 3.0
RP35: 05/05/2011 03:11:15 - Software Distribution Service 3.0
RP36: 06/05/2011 03:00:29 - Software Distribution Service 3.0
RP37: 06/05/2011 03:32:28 - Software Distribution Service 3.0
RP38: 06/05/2011 16:14:04 - Installed iTunes
RP39: 07/05/2011 02:24:52 - Software Distribution Service 3.0
RP40: 07/05/2011 15:44:34 - Software Distribution Service 3.0
RP41: 07/05/2011 17:30:25 - Removed iTunes
RP42: 08/05/2011 02:18:00 - Software Distribution Service 3.0
RP43: 08/05/2011 12:34:08 - Software Distribution Service 3.0
RP44: 09/05/2011 02:23:18 - Software Distribution Service 3.0
RP45: 09/05/2011 16:26:47 - Installed iTunes
RP46: 10/05/2011 03:00:28 - Software Distribution Service 3.0
RP47: 10/05/2011 03:16:16 - Software Distribution Service 3.0
RP48: 10/05/2011 13:51:16 - Unsigned driver install
RP49: 10/05/2011 13:54:18 - Removed iTunes
RP50: 10/05/2011 15:34:27 - Removed Apple Application Support
RP51: 10/05/2011 15:36:09 - Removed Apple Mobile Device Support
RP52: 10/05/2011 15:37:57 - Installed iTunes
RP53: 10/05/2011 23:33:43 - Software Distribution Service 3.0
RP54: 11/05/2011 23:38:08 - System Checkpoint
RP55: 12/05/2011 23:40:03 - System Checkpoint
RP56: 14/05/2011 03:00:14 - Software Distribution Service 3.0
RP57: 14/05/2011 04:00:50 - Software Distribution Service 3.0
RP58: 15/05/2011 03:00:15 - Software Distribution Service 3.0
RP59: 15/05/2011 03:57:17 - Software Distribution Service 3.0
RP60: 16/05/2011 03:00:15 - Software Distribution Service 3.0
RP61: 16/05/2011 21:00:02 - Removed Skype™ 4.2
RP62: 17/05/2011 03:00:17 - Software Distribution Service 3.0
RP63: 17/05/2011 03:54:10 - Software Distribution Service 3.0
RP64: 17/05/2011 22:26:11 - Installed LogMeIn Hamachi
RP65: 17/05/2011 23:02:15 - Removed LogMeIn Hamachi
RP66: 17/05/2011 23:02:50 - Installed LogMeIn Hamachi
RP67: 18/05/2011 03:00:16 - Software Distribution Service 3.0
RP68: 18/05/2011 03:58:24 - Software Distribution Service 3.0
RP69: 19/05/2011 03:00:14 - Software Distribution Service 3.0
RP70: 19/05/2011 04:21:53 - Software Distribution Service 3.0
RP71: 20/05/2011 03:00:15 - Software Distribution Service 3.0
RP72: 20/05/2011 03:19:24 - Software Distribution Service 3.0
RP73: 21/05/2011 02:56:20 - Software Distribution Service 3.0
RP74: 22/05/2011 02:26:25 - Software Distribution Service 3.0
RP75: 23/05/2011 03:00:22 - Software Distribution Service 3.0
RP76: 23/05/2011 03:17:32 - Software Distribution Service 3.0
RP77: 24/05/2011 03:00:21 - Software Distribution Service 3.0
RP78: 24/05/2011 03:38:40 - Software Distribution Service 3.0
RP79: 24/05/2011 17:36:57 - Removed LogMeIn Hamachi
RP80: 24/05/2011 17:38:52 - Installed LogMeIn Hamachi
RP81: 24/05/2011 18:16:43 - Removed LogMeIn Hamachi
RP82: 25/05/2011 03:00:22 - Software Distribution Service 3.0
RP83: 25/05/2011 04:38:18 - Software Distribution Service 3.0
RP84: 26/05/2011 03:00:18 - Software Distribution Service 3.0
RP85: 26/05/2011 04:13:07 - Software Distribution Service 3.0
RP86: 26/05/2011 20:44:22 - Software Distribution Service 3.0
RP87: 27/05/2011 03:00:14 - Software Distribution Service 3.0
RP88: 27/05/2011 04:39:22 - Software Distribution Service 3.0
RP89: 28/05/2011 02:25:00 - Software Distribution Service 3.0
RP90: 28/05/2011 21:08:04 - Software Distribution Service 3.0
RP91: 29/05/2011 02:15:43 - Software Distribution Service 3.0
RP92: 29/05/2011 11:44:00 - Software Distribution Service 3.0
RP93: 30/05/2011 00:33:15 - Software Distribution Service 3.0
RP94: 30/05/2011 22:16:41 - Software Distribution Service 3.0
RP95: 31/05/2011 03:00:14 - Software Distribution Service 3.0
RP96: 31/05/2011 03:55:02 - Software Distribution Service 3.0
RP97: 01/06/2011 03:00:17 - Software Distribution Service 3.0
RP98: 01/06/2011 04:01:02 - Software Distribution Service 3.0
RP99: 01/06/2011 21:09:18 - Software Distribution Service 3.0
RP100: 02/06/2011 01:40:37 - Software Distribution Service 3.0
RP101: 03/06/2011 03:00:24 - Software Distribution Service 3.0
RP102: 03/06/2011 03:26:17 - Software Distribution Service 3.0
RP103: 03/06/2011 21:10:15 - Installed LogMeIn Hamachi
RP104: 04/06/2011 03:00:28 - Software Distribution Service 3.0
RP105: 04/06/2011 03:41:03 - Software Distribution Service 3.0
RP106: 05/06/2011 01:43:18 - Software Distribution Service 3.0
RP107: 06/06/2011 03:00:23 - Software Distribution Service 3.0
RP108: 06/06/2011 03:30:19 - Software Distribution Service 3.0
RP109: 06/06/2011 21:21:21 - Software Distribution Service 3.0
RP110: 07/06/2011 03:00:17 - Software Distribution Service 3.0
RP111: 07/06/2011 03:32:13 - Software Distribution Service 3.0
RP112: 07/06/2011 16:33:40 - Software Distribution Service 3.0
RP113: 08/06/2011 02:59:35 - Software Distribution Service 3.0
RP114: 09/06/2011 02:47:29 - Software Distribution Service 3.0
RP115: 10/06/2011 02:47:08 - Software Distribution Service 3.0
RP116: 11/06/2011 03:00:16 - Software Distribution Service 3.0
RP117: 11/06/2011 03:52:55 - Software Distribution Service 3.0
RP118: 11/06/2011 22:31:40 - Installed HiJackThis
RP119: 12/06/2011 03:00:24 - Software Distribution Service 3.0
RP120: 12/06/2011 03:13:19 - Software Distribution Service 3.0
RP121: 13/06/2011 03:00:19 - Software Distribution Service 3.0
RP122: 13/06/2011 03:21:27 - Software Distribution Service 3.0
RP123: 14/06/2011 03:01:09 - Software Distribution Service 3.0
RP124: 14/06/2011 03:43:08 - Software Distribution Service 3.0
RP125: 15/06/2011 03:00:26 - Software Distribution Service 3.0
RP126: 16/06/2011 01:26:59 - Removed Skype™ 4.2
RP127: 16/06/2011 01:28:56 - Removed Skype Toolbars
RP128: 17/06/2011 17:01:05 - System Checkpoint
RP129: 18/06/2011 19:54:56 - System Checkpoint
RP130: 20/06/2011 02:52:47 - Software Distribution Service 3.0
RP131: 21/06/2011 01:46:14 - Software Distribution Service 3.0
RP132: 21/06/2011 06:23:42 - Software Distribution Service 3.0
RP133: 22/06/2011 01:43:16 - Software Distribution Service 3.0
RP134: 23/06/2011 03:00:33 - Software Distribution Service 3.0
RP135: 23/06/2011 03:21:53 - Software Distribution Service 3.0
RP136: 24/06/2011 01:51:33 - Software Distribution Service 3.0
RP137: 24/06/2011 11:29:29 - Software Distribution Service 3.0
RP138: 25/06/2011 10:56:41 - Software Distribution Service 3.0
RP139: 26/06/2011 02:56:05 - Software Distribution Service 3.0
RP140: 26/06/2011 12:00:02 - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 10 Plugin
Adobe Reader 7.0.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
BufferChm
CCleaner
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
CueTour
Customer Experience Enhancement
Destinations
DeviceManagementQFolder
Dwarfs!?
Easy Internet Sign-up
Enhanced Multimedia Keyboard Solution
FullDPAppQFolder
GemMaster Mystic
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Heroes of Newerth
High Definition Audio Driver Package - KB888111
HiJackThis
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP DVD Play 2.1
HP Imaging Device Functions 7.0
HP Photosmart Premier Software 6.5
HP Software Update
HPPhotoSmartExpress
HpSdpAppCoreApp
InstantShareDevices
Intel® Matrix Storage Manager
Intel® PRO Network Connections Drivers
Intel® Quick Resume Technology Drivers
Intel® Viiv™ Software
Internet Services
iTunes
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java™ 6 Update 24
LightScribe 1.4.105.1
Logitech Webcam Software
Logitech Webcam Software Driver Package
LogMeIn Hamachi
Macromedia Flash Player 8
Malwarebytes' Anti-Malware version 1.51.0.1200
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Search Enhancement Pack
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Mozilla Firefox (3.6.18)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Norton Internet Security
Norton Utilities
NVIDIA Control Panel 270.61
NVIDIA Graphics Driver 270.61
NVIDIA Install Application
NVIDIA nView 135.70
NVIDIA nView Desktop Manager
OptionalContentQFolder
Otto
PC-Doctor 5 for Windows
PhotoGallery
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QuickTime
RandMap
RealPlayer
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981350)
Security Update for Windows XP (KB982381)
Segoe UI
SkinsHP1
Skype Toolbars
Skype™ 5.3
SlideShow
SlideShowMusic
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Sophos Anti-Rootkit 1.5.4
Spybot - Search & Destroy
SUPERAntiSpyware
Terraria
Unload
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB898461)
Update for Windows XP (KB912945)
Update for Windows XP (KB925720)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
WebFldrs XP
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format Runtime
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892050
Windows XP Hotfix - KB893066
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
26/06/2011 13:08:18, error: Dhcp [1002] - The IP address lease 86.174.17.75 for the Network Card with network address 0018F38815FD has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
26/06/2011 12:00:38, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP.
25/06/2011 13:02:48, error: Dhcp [1002] - The IP address lease 81.159.100.205 for the Network Card with network address 0018F38815FD has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
24/06/2011 13:39:00, error: Dhcp [1002] - The IP address lease 86.186.27.75 for the Network Card with network address 0018F38815FD has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
23/06/2011 12:22:59, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: atapi Cdrom Imapi IntelIde PCIIde redbook ViaIde
23/06/2011 12:20:31, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'SMR200.SYS' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
21/06/2011 06:00:11, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Cdrom Imapi redbook
21/06/2011 06:00:11, error: Service Control Manager [7022] - The Intel® Quick Resume technology service hung on starting.
21/06/2011 01:52:44, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.
20/06/2011 15:06:55, error: Dhcp [1002] - The IP address lease 86.183.93.227 for the Network Card with network address 0018F38815FD has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
20/06/2011 10:56:15, error: Dhcp [1002] - The IP address lease 192.168.1.64 for the Network Card with network address 0018F38815FD has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================

#7 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:46 AM

Posted 27 June 2011 - 02:59 AM

Hi,

Uninstall old Adobe Reader versions and get the latest one (Adobe Reader 10.1) here or get Foxit Reader here. Make sure you don't (unless you really want to) install toolbar if choose Foxit Reader! You may also check free readers introduced here.


Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 26.
  • Click the
    Download
    button to the right.
  • Select Windows on platform combobox and check the box that says:
    Accept License Agreement. Click continue.
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u26-windows-i586-p.exe to install the newest version. Uncheck Carbonite online backup trial if it's offered there.


* Go here to run an online scanner from ESET.
  • Note: You will need to use Internet explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is UNchecked and the option Scan unwanted applications is checkmarked.
  • Click Scan
  • Wait for the scan to finish. Copy paste results + fresh dds logs back here.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#8 Jaycat

Jaycat
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 27 June 2011 - 01:36 PM

the ESET scan didn't find anything (you said to copy/paste the results but no log opened and it just said nothing was found)




New DDS:



.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_26
Run by Compaq_Administrator at 19:31:47 on 2011-06-27
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.2046.1052 [GMT 1:00]
.
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Norton Utilities 14\nu.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\BT Home Hub\Help\bin\mpbtn.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\HP\KBD\KBD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
mDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
mSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_GB&c=64&bd=PRESARIO&pf=desktop
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\norton internet security\engine\18.6.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\norton internet security\engine\18.6.0.29\ips\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: CNavExtBho Class: {a8f38d8d-e480-4d52-b7a2-731bb6995fdd} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\norton internet security\engine\18.6.0.29\coIEPlg.dll
uRun: [NortonUtilities] c:\program files\norton utilities 14\nu.exe /H
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [PCDrProfiler]
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\btbroa~1.lnk - c:\program files\bt home hub\help\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: Interfaces\{6538C46C-1BBE-4EBA-BBD1-12A6B68572F0} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
TCP: Interfaces\{8BD30C18-6E3E-48E1-B43C-79C5BABA261F} : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1206000.01d\symds.sys [2011-5-10 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1206000.01d\symefa.sys [2011-5-10 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.5.0.125\definitions\bashdefs\20110616.003\BHDrvx86.sys [2011-6-16 810616]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1206000.01d\ironx86.sys [2011-5-10 136312]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2011-5-25 1336712]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-6-14 366640]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\norton internet security\engine\18.6.0.29\ccsvchst.exe [2011-5-10 130008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-5-10 105592]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.5.0.125\definitions\ipsdefs\20110624.050\IDSXpx86.sys [2011-6-25 355256]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-6-14 22712]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.5.0.125\definitions\virusdefs\20110627.004\NAVENG.SYS [2011-6-27 86008]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.5.0.125\definitions\virusdefs\20110627.004\NAVEX15.SYS [2011-6-27 1542392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-13 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-13 135664]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\29.tmp --> c:\windows\system32\29.tmp [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-06-27 12:05:41 -------- d-----w- c:\program files\ESET
2011-06-27 12:02:59 -------- d-----w- c:\program files\Sun
2011-06-27 12:02:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-16 12:29:10 -------- d-----w- c:\program files\Sophos
2011-06-14 17:21:40 -------- d-----w- c:\windows\system32\NtmsData
2011-06-14 00:38:38 -------- d-----w- c:\documents and settings\compaq_administrator\application data\Malwarebytes
2011-06-14 00:38:19 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-14 00:38:18 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-06-14 00:38:14 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-14 00:38:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-13 20:20:57 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-06-13 20:20:57 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-06-13 20:13:11 -------- d-----w- c:\documents and settings\compaq_administrator\application data\SUPERAntiSpyware.com
2011-06-13 20:13:11 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-06-13 20:12:59 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-06-13 20:08:51 -------- d-----w- c:\program files\CCleaner
2011-06-11 21:31:42 388096 ----a-r- c:\documents and settings\compaq_administrator\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-06-11 21:31:41 -------- d-----w- c:\program files\Hijack This
2011-06-09 13:48:34 -------- d-----w- c:\documents and settings\compaq_administrator\local settings\application data\NPE
2011-06-07 14:49:18 26176 ---ha-w- c:\windows\system32\hamachi.sys
2011-06-06 11:55:30 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-06-06 11:55:30 183696 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2011-06-27 12:02:32 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-10 02:20:32 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2011-05-10 02:20:32 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-04-30 16:34:54 259604 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-04-30 16:34:54 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-04-30 16:34:51 259604 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-04-25 14:00:37 94208 ----a-w- c:\windows\DUMP610b.tmp
2011-04-25 13:54:36 94208 ----a-w- c:\windows\DUMP6bba.tmp
2011-04-25 13:52:53 94208 ----a-w- c:\windows\DUMP6504.tmp
2011-04-25 13:51:34 94208 ----a-w- c:\windows\DUMP660d.tmp
2011-04-25 13:50:12 94208 ----a-w- c:\windows\DUMP6438.tmp
2011-04-25 13:48:35 94208 ----a-w- c:\windows\DUMP662c.tmp
2011-04-25 13:46:57 94208 ----a-w- c:\windows\DUMP6541.tmp
2011-04-25 13:45:19 94208 ----a-w- c:\windows\DUMP6707.tmp
2011-04-25 13:43:42 94208 ----a-w- c:\windows\DUMP64d4.tmp
2011-04-25 13:42:03 94208 ----a-w- c:\windows\DUMP6457.tmp
2011-04-25 13:40:26 94208 ----a-w- c:\windows\DUMP6570.tmp
2011-04-25 13:38:48 94208 ----a-w- c:\windows\DUMP6503.tmp
2011-04-25 13:37:10 94208 ----a-w- c:\windows\DUMP6793.tmp
2011-04-25 13:35:31 94208 ----a-w- c:\windows\DUMP9af7.tmp
2011-04-15 11:29:48 94208 ----a-w- c:\windows\DUMP473a.tmp
2011-04-15 11:28:17 94208 ----a-w- c:\windows\DUMP4a18.tmp
2011-04-15 11:26:46 94208 ----a-w- c:\windows\DUMP4c7a.tmp
2011-04-15 11:25:13 94208 ----a-w- c:\windows\DUMP539e.tmp
2011-04-08 05:14:00 944232 ----a-w- c:\windows\system32\nvdispco3220140.dll
2011-04-08 05:14:00 855656 ----a-w- c:\windows\system32\nvgenco322060.dll
2011-04-08 05:14:00 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-08 05:14:00 5210112 ----a-w- c:\windows\system32\nvcuda.dll
2011-04-08 05:14:00 4111232 ----a-w- c:\windows\system32\nv4_disp.dll
2011-04-08 05:14:00 2770536 ----a-w- c:\windows\system32\nvcuvid.dll
2011-04-08 05:14:00 2116894 ----a-w- c:\windows\system32\nvdata.bin
2011-04-08 05:14:00 2074216 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-04-08 05:14:00 2027008 ----a-w- c:\windows\system32\nvapi.dll
2011-04-08 05:14:00 14856192 ----a-w- c:\windows\system32\nvoglnt.dll
2011-04-08 05:14:00 13000704 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-08 05:14:00 12501600 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-04-07 21:15:38 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-04-07 21:15:38 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-04-07 21:15:34 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-04-07 21:15:34 13891176 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 21:15:34 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 21:15:32 155752 ----a-w- c:\windows\system32\nvsvc32.exe
2011-04-07 21:15:32 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-04-06 15:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 15:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 15:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 15:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-31 03:00:09 516216 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\srtsp.sys
2011-03-31 03:00:09 50168 ----a-w- c:\windows\system32\drivers\nis\1206000.01d\srtspx.sys
.
============= FINISH: 19:33:21.53 ===============

#9 Jaycat

Jaycat
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 27 June 2011 - 01:37 PM

New Attach:


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 25/04/2011 15:31:16
System Uptime: 27/06/2011 19:26:33 (0 hours ago)
.
Motherboard: ASUSTek Computer INC. | | Basswood
Processor: Intel® Core™2 CPU 6400 @ 2.13GHz | Socket 775 | 2133/266mhz
Processor: Intel® Core™2 CPU 6400 @ 2.13GHz | Socket 775 | 1599/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 226 GiB total, 56.84 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 0.689 GiB free.
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMTSSTCORP_CD/DVDW_TS-H653L_______________0414____\4&8C8DABA&0&0.1.0
Manufacturer: (Standard CD-ROM drives)
Name: TSSTcorp CD/DVDW TS-H653L
PNP Device ID: IDE\CDROMTSSTCORP_CD/DVDW_TS-H653L_______________0414____\4&8C8DABA&0&0.1.0
Service: cdrom
.
==== System Restore Points ===================
.
RP1: 25/04/2011 15:42:36 - Installed Microsoft Visual C++ 2005 Redistributable
RP2: 25/04/2011 15:42:52 - Installed DirectX
RP3: 25/04/2011 15:47:51 - Installed Windows XP WIC.
RP4: 25/04/2011 15:49:05 - Installed Windows XP KB954708.
RP5: 25/04/2011 15:49:17 - Installed DirectX
RP6: 25/04/2011 16:45:44 - Installed Java™ 6 Update 24
RP7: 25/04/2011 17:55:13 - Logitech Webcam Software v12.10.1110
RP8: 26/04/2011 20:54:41 - System Checkpoint
RP9: 27/04/2011 02:20:24 - Software Distribution Service 3.0
RP10: 27/04/2011 19:12:33 - Software Distribution Service 3.0
RP11: 27/04/2011 23:53:57 - Software Distribution Service 3.0
RP12: 28/04/2011 01:20:38 - Software Distribution Service 3.0
RP13: 28/04/2011 12:34:43 - Software Distribution Service 3.0
RP14: 29/04/2011 02:04:17 - Software Distribution Service 3.0
RP15: 29/04/2011 17:03:21 - Software Distribution Service 3.0
RP16: 30/04/2011 02:06:37 - Installed %1 %2.
RP17: 30/04/2011 02:06:46 - Printer Driver Microsoft XPS Document Writer Installed
RP18: 30/04/2011 02:14:25 - Installed Microsoft XNA Framework Redistributable 3.1
RP19: 30/04/2011 02:14:30 - Installed DirectX
RP20: 30/04/2011 02:22:02 - Installed Microsoft XNA Framework Redistributable 3.1
RP21: 30/04/2011 02:37:17 - Installed Microsoft XNA Framework Redistributable 4.0
RP22: 30/04/2011 02:42:47 - Installed Microsoft XNA Framework Redistributable 3.1
RP23: 30/04/2011 03:00:23 - Software Distribution Service 3.0
RP24: 30/04/2011 04:13:50 - Software Distribution Service 3.0
RP25: 01/05/2011 03:00:16 - Software Distribution Service 3.0
RP26: 01/05/2011 03:13:46 - Software Distribution Service 3.0
RP27: 02/05/2011 01:49:01 - Software Distribution Service 3.0
RP28: 02/05/2011 13:30:53 - Software Distribution Service 3.0
RP29: 02/05/2011 18:16:41 - Software Distribution Service 3.0
RP30: 03/05/2011 02:32:34 - Software Distribution Service 3.0
RP31: 04/05/2011 02:51:13 - Software Distribution Service 3.0
RP32: 05/05/2011 01:49:02 - Installed DirectX
RP33: 05/05/2011 01:49:22 - Installed DirectX
RP34: 05/05/2011 03:00:20 - Software Distribution Service 3.0
RP35: 05/05/2011 03:11:15 - Software Distribution Service 3.0
RP36: 06/05/2011 03:00:29 - Software Distribution Service 3.0
RP37: 06/05/2011 03:32:28 - Software Distribution Service 3.0
RP38: 06/05/2011 16:14:04 - Installed iTunes
RP39: 07/05/2011 02:24:52 - Software Distribution Service 3.0
RP40: 07/05/2011 15:44:34 - Software Distribution Service 3.0
RP41: 07/05/2011 17:30:25 - Removed iTunes
RP42: 08/05/2011 02:18:00 - Software Distribution Service 3.0
RP43: 08/05/2011 12:34:08 - Software Distribution Service 3.0
RP44: 09/05/2011 02:23:18 - Software Distribution Service 3.0
RP45: 09/05/2011 16:26:47 - Installed iTunes
RP46: 10/05/2011 03:00:28 - Software Distribution Service 3.0
RP47: 10/05/2011 03:16:16 - Software Distribution Service 3.0
RP48: 10/05/2011 13:51:16 - Unsigned driver install
RP49: 10/05/2011 13:54:18 - Removed iTunes
RP50: 10/05/2011 15:34:27 - Removed Apple Application Support
RP51: 10/05/2011 15:36:09 - Removed Apple Mobile Device Support
RP52: 10/05/2011 15:37:57 - Installed iTunes
RP53: 10/05/2011 23:33:43 - Software Distribution Service 3.0
RP54: 11/05/2011 23:38:08 - System Checkpoint
RP55: 12/05/2011 23:40:03 - System Checkpoint
RP56: 14/05/2011 03:00:14 - Software Distribution Service 3.0
RP57: 14/05/2011 04:00:50 - Software Distribution Service 3.0
RP58: 15/05/2011 03:00:15 - Software Distribution Service 3.0
RP59: 15/05/2011 03:57:17 - Software Distribution Service 3.0
RP60: 16/05/2011 03:00:15 - Software Distribution Service 3.0
RP61: 16/05/2011 21:00:02 - Removed Skype™ 4.2
RP62: 17/05/2011 03:00:17 - Software Distribution Service 3.0
RP63: 17/05/2011 03:54:10 - Software Distribution Service 3.0
RP64: 17/05/2011 22:26:11 - Installed LogMeIn Hamachi
RP65: 17/05/2011 23:02:15 - Removed LogMeIn Hamachi
RP66: 17/05/2011 23:02:50 - Installed LogMeIn Hamachi
RP67: 18/05/2011 03:00:16 - Software Distribution Service 3.0
RP68: 18/05/2011 03:58:24 - Software Distribution Service 3.0
RP69: 19/05/2011 03:00:14 - Software Distribution Service 3.0
RP70: 19/05/2011 04:21:53 - Software Distribution Service 3.0
RP71: 20/05/2011 03:00:15 - Software Distribution Service 3.0
RP72: 20/05/2011 03:19:24 - Software Distribution Service 3.0
RP73: 21/05/2011 02:56:20 - Software Distribution Service 3.0
RP74: 22/05/2011 02:26:25 - Software Distribution Service 3.0
RP75: 23/05/2011 03:00:22 - Software Distribution Service 3.0
RP76: 23/05/2011 03:17:32 - Software Distribution Service 3.0
RP77: 24/05/2011 03:00:21 - Software Distribution Service 3.0
RP78: 24/05/2011 03:38:40 - Software Distribution Service 3.0
RP79: 24/05/2011 17:36:57 - Removed LogMeIn Hamachi
RP80: 24/05/2011 17:38:52 - Installed LogMeIn Hamachi
RP81: 24/05/2011 18:16:43 - Removed LogMeIn Hamachi
RP82: 25/05/2011 03:00:22 - Software Distribution Service 3.0
RP83: 25/05/2011 04:38:18 - Software Distribution Service 3.0
RP84: 26/05/2011 03:00:18 - Software Distribution Service 3.0
RP85: 26/05/2011 04:13:07 - Software Distribution Service 3.0
RP86: 26/05/2011 20:44:22 - Software Distribution Service 3.0
RP87: 27/05/2011 03:00:14 - Software Distribution Service 3.0
RP88: 27/05/2011 04:39:22 - Software Distribution Service 3.0
RP89: 28/05/2011 02:25:00 - Software Distribution Service 3.0
RP90: 28/05/2011 21:08:04 - Software Distribution Service 3.0
RP91: 29/05/2011 02:15:43 - Software Distribution Service 3.0
RP92: 29/05/2011 11:44:00 - Software Distribution Service 3.0
RP93: 30/05/2011 00:33:15 - Software Distribution Service 3.0
RP94: 30/05/2011 22:16:41 - Software Distribution Service 3.0
RP95: 31/05/2011 03:00:14 - Software Distribution Service 3.0
RP96: 31/05/2011 03:55:02 - Software Distribution Service 3.0
RP97: 01/06/2011 03:00:17 - Software Distribution Service 3.0
RP98: 01/06/2011 04:01:02 - Software Distribution Service 3.0
RP99: 01/06/2011 21:09:18 - Software Distribution Service 3.0
RP100: 02/06/2011 01:40:37 - Software Distribution Service 3.0
RP101: 03/06/2011 03:00:24 - Software Distribution Service 3.0
RP102: 03/06/2011 03:26:17 - Software Distribution Service 3.0
RP103: 03/06/2011 21:10:15 - Installed LogMeIn Hamachi
RP104: 04/06/2011 03:00:28 - Software Distribution Service 3.0
RP105: 04/06/2011 03:41:03 - Software Distribution Service 3.0
RP106: 05/06/2011 01:43:18 - Software Distribution Service 3.0
RP107: 06/06/2011 03:00:23 - Software Distribution Service 3.0
RP108: 06/06/2011 03:30:19 - Software Distribution Service 3.0
RP109: 06/06/2011 21:21:21 - Software Distribution Service 3.0
RP110: 07/06/2011 03:00:17 - Software Distribution Service 3.0
RP111: 07/06/2011 03:32:13 - Software Distribution Service 3.0
RP112: 07/06/2011 16:33:40 - Software Distribution Service 3.0
RP113: 08/06/2011 02:59:35 - Software Distribution Service 3.0
RP114: 09/06/2011 02:47:29 - Software Distribution Service 3.0
RP115: 10/06/2011 02:47:08 - Software Distribution Service 3.0
RP116: 11/06/2011 03:00:16 - Software Distribution Service 3.0
RP117: 11/06/2011 03:52:55 - Software Distribution Service 3.0
RP118: 11/06/2011 22:31:40 - Installed HiJackThis
RP119: 12/06/2011 03:00:24 - Software Distribution Service 3.0
RP120: 12/06/2011 03:13:19 - Software Distribution Service 3.0
RP121: 13/06/2011 03:00:19 - Software Distribution Service 3.0
RP122: 13/06/2011 03:21:27 - Software Distribution Service 3.0
RP123: 14/06/2011 03:01:09 - Software Distribution Service 3.0
RP124: 14/06/2011 03:43:08 - Software Distribution Service 3.0
RP125: 15/06/2011 03:00:26 - Software Distribution Service 3.0
RP126: 16/06/2011 01:26:59 - Removed Skype™ 4.2
RP127: 16/06/2011 01:28:56 - Removed Skype Toolbars
RP128: 17/06/2011 17:01:05 - System Checkpoint
RP129: 18/06/2011 19:54:56 - System Checkpoint
RP130: 20/06/2011 02:52:47 - Software Distribution Service 3.0
RP131: 21/06/2011 01:46:14 - Software Distribution Service 3.0
RP132: 21/06/2011 06:23:42 - Software Distribution Service 3.0
RP133: 22/06/2011 01:43:16 - Software Distribution Service 3.0
RP134: 23/06/2011 03:00:33 - Software Distribution Service 3.0
RP135: 23/06/2011 03:21:53 - Software Distribution Service 3.0
RP136: 24/06/2011 01:51:33 - Software Distribution Service 3.0
RP137: 24/06/2011 11:29:29 - Software Distribution Service 3.0
RP138: 25/06/2011 10:56:41 - Software Distribution Service 3.0
RP139: 26/06/2011 02:56:05 - Software Distribution Service 3.0
RP140: 26/06/2011 12:00:02 - Software Distribution Service 3.0
RP141: 27/06/2011 02:14:49 - Software Distribution Service 3.0
RP142: 27/06/2011 11:54:07 - Removed Adobe Reader 7.0.5
RP143: 27/06/2011 11:55:47 - Removed J2SE Runtime Environment 5.0 Update 6
RP144: 27/06/2011 11:57:04 - Removed Java™ 6 Update 24
RP145: 27/06/2011 12:06:33 - Installed Adobe Reader X (10.1.0).
RP146: 27/06/2011 12:55:09 - Installed Java™ SE Development Kit 6 Update 26
RP147: 27/06/2011 12:58:01 - Removed Java™ SE Development Kit 6 Update 26
RP148: 27/06/2011 12:58:21 - Removed Java™ SE Development Kit 6 Update 26
RP149: 27/06/2011 12:59:53 - Installed Java™ SE Development Kit 6 Update 26
RP150: 27/06/2011 13:02:23 - Installed Java™ 6 Update 26
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Reader X (10.1.0)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
BufferChm
CCleaner
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
CueTour
Customer Experience Enhancement
Destinations
DeviceManagementQFolder
Dwarfs!?
Easy Internet Sign-up
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
FullDPAppQFolder
GemMaster Mystic
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Heroes of Newerth
High Definition Audio Driver Package - KB888111
HiJackThis
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP DVD Play 2.1
HP Imaging Device Functions 7.0
HP Photosmart Premier Software 6.5
HP Software Update
HPPhotoSmartExpress
HpSdpAppCoreApp
InstantShareDevices
Intel® Matrix Storage Manager
Intel® PRO Network Connections Drivers
Intel® Quick Resume Technology Drivers
Intel® Viiv™ Software
Internet Services
iTunes
Java DB 10.6.2.1
Java™ 6 Update 26
Java™ SE Development Kit 6 Update 26
LightScribe 1.4.105.1
Logitech Webcam Software
Logitech Webcam Software Driver Package
LogMeIn Hamachi
Macromedia Flash Player 8
Malwarebytes' Anti-Malware version 1.51.0.1200
McAfee Security Scan Plus
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Search Enhancement Pack
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Mozilla Firefox (3.6.18)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Norton Internet Security
Norton Utilities
NVIDIA Control Panel 270.61
NVIDIA Graphics Driver 270.61
NVIDIA Install Application
NVIDIA nView 135.70
NVIDIA nView Desktop Manager
OptionalContentQFolder
Otto
PC-Doctor 5 for Windows
PhotoGallery
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QuickTime
RandMap
RealPlayer
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981350)
Security Update for Windows XP (KB982381)
Segoe UI
SkinsHP1
Skype Toolbars
Skype™ 5.3
SlideShow
SlideShowMusic
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Sophos Anti-Rootkit 1.5.4
Spybot - Search & Destroy
SUPERAntiSpyware
Terraria
Unload
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB898461)
Update for Windows XP (KB912945)
Update for Windows XP (KB925720)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
WebFldrs XP
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format Runtime
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892050
Windows XP Hotfix - KB893066
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
26/06/2011 13:08:18, error: Dhcp [1002] - The IP address lease 86.174.17.75 for the Network Card with network address 0018F38815FD has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
26/06/2011 12:00:38, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP.
25/06/2011 13:02:48, error: Dhcp [1002] - The IP address lease 81.159.100.205 for the Network Card with network address 0018F38815FD has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
24/06/2011 13:39:00, error: Dhcp [1002] - The IP address lease 86.186.27.75 for the Network Card with network address 0018F38815FD has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
23/06/2011 12:22:59, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: atapi Cdrom Imapi IntelIde PCIIde redbook ViaIde
23/06/2011 12:20:31, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'SMR200.SYS' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
22/06/2011 11:38:43, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Cdrom Imapi redbook
22/06/2011 01:45:15, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.
21/06/2011 15:26:52, error: Service Control Manager [7022] - The Intel® Quick Resume technology service hung on starting.
20/06/2011 15:06:55, error: Dhcp [1002] - The IP address lease 86.183.93.227 for the Network Card with network address 0018F38815FD has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
20/06/2011 10:56:15, error: Dhcp [1002] - The IP address lease 192.168.1.64 for the Network Card with network address 0018F38815FD has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================

#10 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:46 AM

Posted 27 June 2011 - 02:49 PM

That looks ok. Were you able to get access to your Hotmail account back?

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#11 Jaycat

Jaycat
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 27 June 2011 - 07:50 PM

hey, I'm still waiting on a response for my account recovery so I'll let you know as soon as I get one though it could be a day or two, thanks for the help so far it's really appreciated.

#12 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:46 AM

Posted 28 June 2011 - 04:00 AM

:thumbup2:

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#13 Jaycat

Jaycat
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 29 June 2011 - 02:57 PM

Hey,

I got my account back today and so far there's been nothing unusual, thanks for all the help.


P.S I was wondering if there is anyway I can properly monitor emails being sent from my account as looking in my sent box it seems none of these e-mails were recorded.

#14 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:46 AM

Posted 29 June 2011 - 03:13 PM

Good to hear you got the account thing sorted out :) I don't know any other way to monitor email traffic than regularly checking sent items (of course that won't be much help if emails have been removed afterwards).

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#15 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:46 AM

Posted 06 July 2011 - 01:16 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users