Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WinFix infection-Critcal Hard Drive Error-Other warnings


  • This topic is locked This topic is locked
2 replies to this topic

#1 NScott

NScott

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 09 July 2011 - 08:19 PM

I am running windows XP with all updates installed. I was infected yesterday with a nasty bug that attemped to convince me to purchase software that would fix my machine. The infection resulted in my not being able to access any programs including my trend-micro security. A screen incluing the microsoft logo popped up and said I need to do a scan immediately and it ran without my authorizing it. After a few minutes it flashed a new window saying "not all threats are removed" with 2 buttons saying "purchase" and "continue unprotected". By then I knew this was a gaff so I shutdown the machine and rebooted. The same "multiple hard drive error" and "danger-private data loss" error windows came up. When I clicked on the start button I got the menu but all of my directories appeared empty. My desktop was emptied except the "my Documents" and "recycle bin" icons remained. My documents was empty. I could not get on line as I had no icons or programs that would allow me browsing access.

I went to your help forum on another machine and thought I had the answers in hand. I used a CD to run rkill and then the free version of superantispyware. The rkil stopped the malicious activity and it seemed like the spyware identified all the threats and removed them. I followed all of the prompts and ultimately rebooted. When I logged in I got a microsoft "serious error" message saying that the machine had recovered from a serious error. I sent the error report and got online. At microsofts recomendation I ran check disk which I accessed on my menu bar whee I have acces to MY Computer. In my computer I can access the control panel and most of what should be there but not all of it works. Without my program list I can't do a non-destructive system restore. I performed checkdisk and after having to reboot I got it to run. It says the volume is clean. All of the warnings are stopped but my desktop has nothing but the superanti spyware and rkill (along with a my documents folder that has the notepad copy of the superanitspyware scan) and those things I have loaded up per the instructions on your Preparation Guide. I also imported an icon form firefox to get online.

To make a long story longer: I think I got rid of the malware but it has left some of my boot routine damaged. I think my software is intact or at least the space on the C drive where it is is still full!

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_23
Run by Gail Stevens at 17:15:58 on 2011-07-09
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1326 [GMT -4:00]
.
AV: Trend Micro Internet Security *Enabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: Norton Internet Worm Protection *Disabled*
FW: Trend Micro Personal Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uWindow Title = Windows Internet Explorer provided by Yahoo!
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
mDefault_Page_URL = hxxp://www.yahoo.com
mSearch Page =
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://scottoffice/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: Webshots Toolbar: {c17590d2-ecb4-4b15-8820-f58798dcc118} - c:\program files\webshots\WSToolbar4IE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - No File
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
EB: iOpus Internet Macros: {0483894e-2422-45e0-8384-021aff1af3cd} - c:\program files\internetmacros\imacros.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [OE] c:\program files\trend micro\internet security\tmas_oe\TMAS_OEMon.exe
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] nwiz.exe /installquiet /nodetect
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [WildTangent CDA] "c:\program files\wildtangent\apps\cda\gamedrvr.exe" /startup "c:\program files\wildtangent\apps\cda\cdaEngine0500.dll"
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
dRun: [OE] c:\program files\trend micro\internet security\tmas_oe\TMAS_OEMon.exe
IE: &Webshots Photo Search - c:\program files\webshots\WSToolbar4IE.dll/MENUSEARCH.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0483894E-2422-45E0-8384-021AFF1AF3CD} - {0483894E-2422-45E0-8384-021AFF1AF3CD} - c:\program files\internetmacros\imacros.dll
Trusted Zone: apple.com\www
DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} - hxxp://h20278.www2.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1173585639582
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: DhcpNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{E846E330-B612-49DF-99DB-30CFEFCC4355} : DhcpNameServer = 65.32.5.111 65.32.5.112
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\gail stevens\application data\mozilla\firefox\profiles\oyfx11wi.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-4 98304]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-6 99328]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-4 118784]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-3-22 50256]
R2 TmPfw;Trend Micro Personal Firewall;c:\program files\trend micro\internet security\TmPfw.exe [2009-3-22 497008]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2009-3-22 36432]
R2 TmProxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2009-3-22 677128]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2009-3-22 335376]
S2 gupdate1ca7eaa9ce1b1b4;Google Update Service (gupdate1ca7eaa9ce1b1b4);c:\program files\google\update\GoogleUpdate.exe [2009-12-16 133104]
S2 navapsvc;Norton AntiVirus Auto-Protect Service;"c:\program files\norton internet security\norton antivirus\navapsvc.exe" --> c:\program files\norton internet security\norton antivirus\navapsvc.exe [?]
S3 MSHUSBVideo;NX6000/NX3000/VX7000 Filter Driver;c:\windows\system32\drivers\nx6000.sys [2011-1-2 34136]
S3 ZD1201U;ZyDAS ZD1201 IEEE 802.11b Wireless LAN Driver (USB);c:\windows\system32\drivers\zd1201u.sys --> c:\windows\system32\drivers\zd1201u.sys [?]
S3 ZDNDIS5;ZDNDIS5 NDIS Protocol Driver;\??\c:\windows\system32\zdndis5.sys --> c:\windows\system32\ZDNDIS5.SYS [?]
.
=============== Created Last 30 ================
.
2011-07-09 19:46:42 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-07-09 19:46:40 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-07-09 19:46:40 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-07-09 19:46:40 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-07-09 19:46:40 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2011-07-09 19:46:40 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2011-07-09 19:46:40 1850328 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-07-09 19:46:40 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-07-09 17:02:12 -------- d-----w- c:\documents and settings\gail stevens\application data\SUPERAntiSpyware.com
2011-07-09 17:02:12 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-07-09 17:02:00 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-07-09 16:50:20 139 ---ha-w- c:\documents and settings\gail stevens\application data\microsoft\gb_297796.bat
2011-07-08 20:20:34 538202 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-07-08 16:58:29 -------- d--h--w- c:\documents and settings\all users\application data\hM05500EmKlN05500
2011-06-19 15:49:22 -------- d--h--w- c:\program files\MecSoft Corporation
2011-06-19 00:20:54 -------- d--h--w- c:\documents and settings\gail stevens\application data\SharpReader
2011-06-19 00:20:44 -------- d--h--w- c:\program files\SharpReader
2011-06-18 23:56:19 -------- d--h--w- c:\documents and settings\gail stevens\uDig
2011-06-18 23:55:53 -------- d--h--w- c:\documents and settings\gail stevens\application data\udig
2011-06-18 23:53:06 -------- d--h--w- c:\program files\uDig
2011-06-17 23:52:24 -------- d--h--w- c:\documents and settings\gail stevens\application data\RobotSoft
2011-06-17 23:47:20 -------- d--h--w- c:\program files\RobotSoft
2011-06-17 21:51:01 51 ---ha-w- c:\windows\sysimx.dll
2011-06-17 21:51:01 38 ---ha-w- c:\windows\sysimx.dll.exe
2011-06-17 21:49:11 -------- d--h--w- c:\documents and settings\all users\application data\iOpus-i-M
2011-06-17 21:49:09 -------- d--h--w- c:\program files\InternetMacros
2011-06-17 00:08:24 105472 ---h--w- c:\windows\system32\dllcache\mup.sys
2011-06-12 17:34:10 25856 ---ha-w- c:\windows\system32\drivers\usbprint.sys
2011-06-12 17:34:10 25856 ---ha-w- c:\windows\system32\dllcache\usbprint.sys
2011-06-11 17:26:41 -------- d--h--w- c:\program files\Destiny
.
==================== Find3M ====================
.
2011-05-02 15:31:52 692736 ---ha-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25:27 151552 ---ha-w- c:\windows\system32\schannel.dll
2011-04-29 16:19:43 456320 ---ha-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 15:51:58 832512 ---ha-w- c:\windows\system32\wininet.dll
2011-04-25 15:51:57 78336 ---ha-w- c:\windows\system32\ieencode.dll
2011-04-25 15:51:57 1830912 ---ha-w- c:\windows\system32\inetcpl.cpl
2011-04-25 15:51:57 17408 ---ha-w- c:\windows\system32\corpol.dll
2011-04-25 12:01:21 389120 ---ha-w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ---ha-w- c:\windows\system32\drivers\mup.sys
2006-12-21 19:50:42 774144 ---ha-w- c:\program files\RngInterstitial.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
c:\windows\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8AB9DAB8]
3 CLASSPNP[0xF74E7FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\0000008e[0x8AB9E9E0]
5 ACPI[0xF735E620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IAAStorageDevice-0[0x8ABBD030]
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x7a; }
user != kernel MBR !!!
.
============= FINISH: 17:17:20.04 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/16/2006 8:26:22 AM
System Uptime: 7/9/2011 5:03:51 PM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 30A6
Processor: Genuine Intel® CPU T2250 @ 1.73GHz | U1 | 1729/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 60 GiB total, 16.814 GiB free.
D: is FIXED (FAT32) - 14 GiB total, 0.822 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP724: 5/1/2011 12:44:04 PM - System Checkpoint
RP725: 5/1/2011 9:37:13 PM - Software Distribution Service 3.0
RP726: 5/29/2011 3:03:11 PM - Software Distribution Service 3.0
RP727: 6/1/2011 9:10:29 PM - System Checkpoint
RP728: 6/2/2011 10:50:43 PM - System Checkpoint
RP729: 6/3/2011 11:46:38 PM - System Checkpoint
RP730: 6/5/2011 12:36:25 AM - System Checkpoint
RP731: 6/9/2011 6:53:08 PM - System Checkpoint
RP732: 6/10/2011 10:04:45 PM - System Checkpoint
RP733: 6/12/2011 2:14:18 PM - System Checkpoint
RP734: 6/17/2011 12:52:29 PM - System Checkpoint
RP735: 6/17/2011 6:03:57 PM - Removed QuickTime
RP736: 6/17/2011 7:19:41 PM - Removed SonicAC3Encoder
RP737: 6/19/2011 5:57:02 AM - System Checkpoint
RP738: 6/19/2011 11:49:21 AM - Installed FreeMILL
RP739: 6/21/2011 7:50:10 PM - Software Distribution Service 3.0
RP740: 6/26/2011 10:11:58 AM - System Checkpoint
RP741: 6/28/2011 8:52:12 PM - Software Distribution Service 3.0
RP742: 7/2/2011 5:44:46 PM - System Checkpoint
RP743: 7/5/2011 7:45:15 PM - Software Distribution Service 3.0
RP744: 7/8/2011 5:09:08 PM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 10 Plugin
Apple Mobile Device Support
Canon CanoScan Toolbox 4.8
Destiny Media Player
FreeMILL
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Update
iTunes
Java Auto Updater
Logitech Updater
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft LifeCam
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mouse Recorder 2.3.2.4
Mozilla Firefox 5.0 (x86 en-US)
MSXML 4.0 SP2 (KB973688)
RealPlayer
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SharpReader 0.9.7.0
Skype™ 3.8
SUPERAntiSpyware
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Windows Media Format 11 runtime
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB973768
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
7/9/2011 3:21:10 PM, error: System Error [1003] - Error code 000000f4, parameter1 00000003, parameter2 89f4fd50, parameter3 89f4fec4, parameter4 805d29b4.
7/9/2011 12:50:24 PM, error: System Error [1003] - Error code 000000f4, parameter1 00000003, parameter2 89fbd978, parameter3 89fbdaec, parameter4 805d29b4.
7/8/2011 6:34:04 PM, error: Service Control Manager [7034] - The IMAPI CD-Burning COM Service service terminated unexpectedly. It has done this 6 time(s).
7/8/2011 6:33:07 PM, error: Service Control Manager [7034] - The IMAPI CD-Burning COM Service service terminated unexpectedly. It has done this 5 time(s).
7/8/2011 6:32:44 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer GAIL-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{E846E330-B612-49DF-9. The master browser is stopping or an election is being forced.
7/8/2011 6:32:05 PM, error: Service Control Manager [7034] - The IMAPI CD-Burning COM Service service terminated unexpectedly. It has done this 4 time(s).
7/8/2011 6:30:48 PM, error: Service Control Manager [7034] - The IMAPI CD-Burning COM Service service terminated unexpectedly. It has done this 3 time(s).
7/8/2011 6:30:07 PM, error: Service Control Manager [7034] - The IMAPI CD-Burning COM Service service terminated unexpectedly. It has done this 2 time(s).
7/8/2011 6:08:02 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 6:03:03 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
7/8/2011 6:03:03 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/8/2011 6:02:55 PM, error: Service Control Manager [7034] - The IMAPI CD-Burning COM Service service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 6:02:03 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 26 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 6:00:03 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 24 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:52:23 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 25 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:50:33 PM, error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 4:50:33 PM, error: Service Control Manager [7022] - The Remote Procedure Call (RPC) service hung on starting.
7/8/2011 4:50:33 PM, error: Service Control Manager [7001] - The Remote Registry service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: After starting, the service hung in a start-pending state.
7/8/2011 4:48:09 PM, error: Service Control Manager [7031] - The Remote Procedure Call (RPC) service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
7/8/2011 4:48:00 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 4:47:54 PM, error: Service Control Manager [7034] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 4:47:54 PM, error: Service Control Manager [7031] - The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
7/8/2011 4:43:51 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 23 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:42:57 PM, error: Service Control Manager [7034] - The COM+ System Application service terminated unexpectedly. It has done this 3 time(s).
7/8/2011 4:42:52 PM, error: Service Control Manager [7031] - The COM+ System Application service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 4:42:51 PM, error: Service Control Manager [7034] - The Media Center Scheduler Service service terminated unexpectedly. It has done this 2 time(s).
7/8/2011 4:42:51 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 2 time(s).
7/8/2011 4:42:51 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 22 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:41:32 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 21 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:40:32 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 20 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:39:32 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 19 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:38:32 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 18 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:37:32 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 17 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:36:31 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 16 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:35:31 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 15 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:34:31 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 14 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:33:31 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 13 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:32:31 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 12 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:31:31 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 11 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:30:30 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 10 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:29:30 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 9 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:28:30 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 8 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 4:23:35 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Media Center Extender Service service to connect.
7/8/2011 4:23:35 PM, error: Service Control Manager [7000] - The Media Center Extender Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/8/2011 10:15:13 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
7/8/2011 10:13:50 AM, error: Service Control Manager [7000] - The Norton AntiVirus Auto-Protect Service service failed to start due to the following error: The system cannot find the file specified.
7/8/2011 10:11:43 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/8/2011 1:15:03 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 23 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:14:58 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 22 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:14:38 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 21 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:14:28 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 7 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 1:14:18 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 20 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:13:58 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 19 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:13:38 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 18 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:13:28 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 6 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 1:13:18 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 17 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:12:58 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 16 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:12:38 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 15 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:12:28 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 1:12:27 PM, error: Service Control Manager [7034] - The Trend Micro Central Control Component service terminated unexpectedly. It has done this 6 time(s).
7/8/2011 1:12:22 PM, error: Service Control Manager [7034] - The Trend Micro Central Control Component service terminated unexpectedly. It has done this 5 time(s).
7/8/2011 1:12:18 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 14 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:11:58 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 13 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:11:38 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 12 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:11:35 PM, error: Service Control Manager [7034] - The Trend Micro Central Control Component service terminated unexpectedly. It has done this 4 time(s).
7/8/2011 1:11:27 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 1:11:18 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 11 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:11:12 PM, error: Service Control Manager [7034] - The Trend Micro Central Control Component service terminated unexpectedly. It has done this 3 time(s).
7/8/2011 1:10:59 PM, error: Service Control Manager [7034] - The Trend Micro Central Control Component service terminated unexpectedly. It has done this 2 time(s).
7/8/2011 1:10:58 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 10 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:10:53 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 9 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:10:33 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 8 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:10:27 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 1:10:12 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 7 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:10:06 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Media Center Receiver Service service to connect.
7/8/2011 1:09:52 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 6 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:09:47 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:09:27 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:09:27 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/8/2011 1:09:07 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:08:53 PM, error: Service Control Manager [7031] - The Media Center Receiver Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:08:47 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:08:28 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the COM+ System Application service to connect.
7/8/2011 1:08:28 PM, error: Service Control Manager [7000] - The COM+ System Application service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Trend Micro Proxy Service service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Trend Micro Personal Firewall service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Trend Micro Central Control Component service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Process Monitor service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Photoshop Elements Device Connect service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The MSCamSvc service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Message Queuing Triggers service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Message Queuing service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Media Center Scheduler Service service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Distributed Transaction Coordinator service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7034] - The Adobe Active File Monitor service terminated unexpectedly. It has done this 1 time(s).
7/8/2011 1:08:27 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/8/2011 1:08:27 PM, error: Service Control Manager [7031] - The COM+ System Application service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
7/8/2011 1:08:27 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
.
==== End Of File ===========================

Attached Files



BC AdBot (Login to Remove)

 


#2 NScott

NScott
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 09 July 2011 - 09:17 PM

I'm Not sure if this is the right place to post this...I believe I have this thing licked so I don't think I need any one on one help...I re-read the instructions for removing the virus and realized that I missed the section on hidden files. I read this section carefully found unhide.exe and ran it EUREKA and praise The Lord my machine is back in action. I want to thank Grinler and all of the folks that contribute to this site. I never would have gotten this fixed and my local guys wanted to do a destructive restore or even a wipe and re load. That would have been Horrible on this machine. Thank you very much.

#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:35 AM

Posted 10 July 2011 - 05:40 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users