Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus removed, usb port not working now


  • This topic is locked This topic is locked
3 replies to this topic

#1 favorito

favorito

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 03 February 2012 - 01:55 PM

Hi. I am hoping someone can help me with this problem. I have a Sony Vaio laptop running Windows XP, Service Pack 3. I removed a virus with malwarebytes about a week ago. I now keep getting an error message on my usb ports and they only work intermittently. I have a mouse attached to one usb port which works fine all the time. The error message is:

USB Device not recognised

One of the USB devices attached to your computer has malfunctioned, and Windows does not recognize it

USB Root Hub (2 ports)
- Port not used
- Unknown Device

The following logs were asked for last time I had a problem with a virus so I am posting them again now. This is a laptop purchased in Spain hence the Spanish on some of the logs (sorry!). I hope someone can help me. Thank you.

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
avast! Free Antivirus
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
WinPatrol 2009 (Outdated! Latest version is WinPatrol 2011)
Malwarebytes' Anti-Malware
HijackThis 2.0.2
Java™ 6 Update 30
Java™ 6 Update 3
Java™ 6 Update 7
Out of date Java installed!
Adobe Flash Player 11.1.102.55
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
WinPatrol winpatrol.exe
Windows Defender MsMpEng.exe
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 avastUI.exe
BillP Studios WinPatrol winpatrol.exe
``````````End of Log````````````

Farbar Service Scanner Version: 18-01-2012 01
Ran by Celia (administrator) on 03-02-2012 at 17:24:25
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(9) aswTdi(11) Gpc(6) IPSec(4) NetBT(5) PSched(7) s24trans(8) Tcpip(3)
0x0D000000040000000100000002000000030000000B0000000A00000005000000060000000700000008000000090000000C0000000D000000
IpSec Tag value is correct.

**** End of log ****

MiniToolBox by Farbar Version: 18-01-2012
Ran by Celia (administrator) on 03-02-2012 at 17:25:40
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 82.33.30.15.:9090

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Conexiones de red inalámbricas (Connected)
1394 Net Adapter = Conexión 1394 (Connected)
Intel® PRO/100 VE Network Connection = Conexión de área local (Media disconnected)
Bluetooth Personal Area Network from TOSHIBA = Conexión de área local 2 (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Conexi¢n de  rea local"

set address name="Conexi¢n de  rea local" source=dhcp
set dns name="Conexi¢n de  rea local" source=dhcp register=PRIMARY
set wins name="Conexi¢n de  rea local" source=dhcp

# Interface IP Configuration for "Conexiones de red inal mbricas"

set address name="Conexiones de red inal mbricas" source=dhcp
set dns name="Conexiones de red inal mbricas" source=dhcp register=PRIMARY
set wins name="Conexiones de red inal mbricas" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : SonyLaptop

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Conexión de área local:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-13-A9-07-B3-02



Ethernet adapter Conexiones de red inalámbricas:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection

Physical Address. . . . . . . . . : 00-13-02-40-11-BA

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.100

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : 03 February 2012 17:06:56

Lease Expires . . . . . . . . . . : 03 February 2012 19:06:56

Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 209.85.229.103, 209.85.229.104, 209.85.229.105, 209.85.229.147
209.85.229.99



Haciendo ping a google.com [209.85.229.99] con 32 bytes de datos:



Respuesta desde 209.85.229.99: bytes=32 tiempo=52ms TTL=52

Respuesta desde 209.85.229.99: bytes=32 tiempo=51ms TTL=52



Estad¡sticas de ping para 209.85.229.99:

Paquetes: enviados = 2, recibidos = 2, perdidos = 0

(0% perdidos),

Tiempos aproximados de ida y vuelta en milisegundos:

M¡nimo = 51ms, M ximo = 52ms, Media = 51ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.2.43, 98.137.149.56, 98.139.180.149, 209.191.122.70



Haciendo ping a yahoo.com [209.191.122.70] con 32 bytes de datos:



Respuesta desde 209.191.122.70: bytes=32 tiempo=172ms TTL=45

Respuesta desde 209.191.122.70: bytes=32 tiempo=179ms TTL=45



Estad¡sticas de ping para 209.191.122.70:

Paquetes: enviados = 2, recibidos = 2, perdidos = 0

(0% perdidos),

Tiempos aproximados de ida y vuelta en milisegundos:

M¡nimo = 172ms, M ximo = 179ms, Media = 175ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Haciendo ping a bleepingcomputer.com [208.43.87.2] con 32 bytes de datos:



Respuesta desde 208.43.87.2: Host de destino inaccesible.

Respuesta desde 208.43.87.2: Host de destino inaccesible.



Estad¡sticas de ping para 208.43.87.2:

Paquetes: enviados = 2, recibidos = 2, perdidos = 0

(0% perdidos),

Tiempos aproximados de ida y vuelta en milisegundos:

M¡nimo = 0ms, M ximo = 0ms, Media = 0ms



Haciendo ping a 127.0.0.1 con 32 bytes de datos:



Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128

Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128



Estad¡sticas de ping para 127.0.0.1:

Paquetes: enviados = 2, recibidos = 2, perdidos = 0

(0% perdidos),

Tiempos aproximados de ida y vuelta en milisegundos:

M¡nimo = 0ms, M ximo = 0ms, Media = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 a9 07 b3 02 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
0x3 ...00 13 02 40 11 ba ...... Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25
65.54.51.251 255.255.255.255 192.168.1.1 192.168.1.100 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.100 192.168.1.100 25
192.168.1.100 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.100 192.168.1.100 25
217.163.21.36 255.255.255.255 192.168.1.1 192.168.1.100 25
217.163.21.39 255.255.255.255 192.168.1.1 192.168.1.100 25
217.163.21.40 255.255.255.255 192.168.1.1 192.168.1.100 25
224.0.0.0 240.0.0.0 192.168.1.100 192.168.1.100 25
255.255.255.255 255.255.255.255 192.168.1.100 2 1
255.255.255.255 255.255.255.255 192.168.1.100 192.168.1.100 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/27/2012 02:55:18 PM) (Source: LoadPerf) (User: )
Description: No se pudieron leer los contadores de rendimiento del identificador de idioma 00a.
El estado Win32 que devolvió la llamada es la
primera sección de Datos en DWORD.

Error: (01/25/2012 10:45:45 AM) (Source: Application Hang) (User: )
Description: Aplicación que no responde: firefox.exe, versión 8.0.0.4325, módulo que no responde hungapp, versión 0.0.0.0, dirección que no responde 0x00000000.

Error: (01/24/2012 03:47:58 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (01/22/2012 06:30:37 PM) (Source: crypt32) (User: )
Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> con el error: No existe esta conexión de red.

Error: (01/22/2012 06:30:34 PM) (Source: crypt32) (User: )
Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> con el error: No existe esta conexión de red.

Error: (01/22/2012 06:30:31 PM) (Source: crypt32) (User: )
Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> con el error: No existe esta conexión de red.

Error: (01/22/2012 06:30:30 PM) (Source: crypt32) (User: )
Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> con el error: No existe esta conexión de red.

Error: (01/22/2012 06:30:25 PM) (Source: crypt32) (User: )
Description: Error en la recuperación de actualización automática del número de secuencia de la lista raíz de terceros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> con el error: The connection with the server was terminated abnormally

Error: (01/20/2012 09:26:15 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/20/2012 09:08:28 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.


System errors:
=============
Error: (02/01/2012 05:04:15 PM) (Source: Dhcp) (User: )
Description: Su equipo ha perdido la concesión de su dirección IP 192.168.1.100 en la
tarjeta de red con dirección de red 0013024011BA.

Error: (02/01/2012 02:25:16 PM) (Source: Dhcp) (User: )
Description: Su equipo ha perdido la concesión de su dirección IP 192.168.1.100 en la
tarjeta de red con dirección de red 0013024011BA.

Error: (02/01/2012 09:05:21 AM) (Source: 0) (User: )
Description: \Device\ACPIEC

Error: (01/31/2012 11:36:11 PM) (Source: 0) (User: )
Description: {B0278608-9FA4-415C-91B0-F6521D6C364B}

Error: (01/31/2012 09:32:36 PM) (Source: 0) (User: )
Description: {B0278608-9FA4-415C-91B0-F6521D6C364B}

Error: (01/31/2012 02:12:26 PM) (Source: Dhcp) (User: )
Description: Su equipo ha perdido la concesión de su dirección IP 192.168.1.100 en la
tarjeta de red con dirección de red 0013024011BA.

Error: (01/31/2012 09:02:59 AM) (Source: Dhcp) (User: )
Description: Su equipo ha perdido la concesión de su dirección IP 192.168.1.100 en la
tarjeta de red con dirección de red 0013024011BA.

Error: (01/30/2012 02:58:28 PM) (Source: W32Time) (User: )
Description: El proveedor de tiempo NtpClient se ha configurado para adquirir la hora desde
uno o más recursos de hora, sin embargo, ninguno de los recursos está accesible
No se hará un intento de ponerse en contacto con un recurso durante 14 minutos.
NtpClient no tiene recurso de hora exacta.

Error: (01/30/2012 02:58:28 PM) (Source: W32Time) (User: )
Description: El proveedor de tiempo NtpClient: ocurrió un error durante la búsqueda DNS del homólogo configurado manualmente "time.windows.com,0x1". NtpClient volverá a intentar la búsqueda DNS en 15 minutos.
El error era: Se ha intentado una operación de socket en un host no accesible. (0x80072751)

Error: (01/30/2012 02:02:08 PM) (Source: 0) (User: )
Description: \Device\ACPIEC


Microsoft Office Sessions:
=========================
Error: (01/27/2012 02:55:18 PM) (Source: LoadPerf)(User: )
Description: 00a

Error: (01/25/2012 10:45:45 AM) (Source: Application Hang)(User: )
Description: firefox.exe8.0.0.4325hungapp0.0.0.000000000

Error: (01/24/2012 03:47:58 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (01/22/2012 06:30:37 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtNo existe esta conexión de red.

Error: (01/22/2012 06:30:34 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtNo existe esta conexión de red.

Error: (01/22/2012 06:30:31 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtNo existe esta conexión de red.

Error: (01/22/2012 06:30:30 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtNo existe esta conexión de red.

Error: (01/22/2012 06:30:25 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe connection with the server was terminated abnormally

Error: (01/20/2012 09:26:15 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL

Error: (01/20/2012 09:08:28 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.


=========================== Installed Programs ============================

7-Zip 9.22beta
AAC Decoder (Version: 7.1.0)
Ad-Aware (Version: 9.6.0)
Adobe Acrobat 7.0 Elements Español (Version: 7.0.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Common File Installer (Version: 1.00.002)
Adobe Community Help (Version: 3.2.1)
Adobe Community Help (Version: 3.2.1.650)
Adobe Download Manager (Version: 1.6.2.91)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader 7.0.9 - Español (Version: 7.0.9)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.11.3.0)
AutoUpdate (Version: 1.1)
avast! Free Antivirus (Version: 6.0.1367.0)
Bing Bar (Version: 7.0.850.0)
Bluetooth Stack for Windows by Toshiba (Version: v4.00.23(SO))
Canon Camera WIA Driver (Version: 5.6)
Canon EOS Kiss_N REBEL_XT 350D WIA Driver (Version: 5.6)
Click to DVD 2.0.03 Menu Data (Version: 2.0.03)
Click to DVD 2.5.20 (Version: 2.5.20)
DivX Codec (Version: 6.8.5)
DivX Converter (Version: 7.1.0)
DivX Player (Version: 7.2.0)
DivX Plus DirectShow Filters
DivX Version Checker (Version: 7.1.0.2)
DivX Web Player (Version: 1.5.0)
DSD Direct (Version: 1.0.02)
DSD Playback Plug-in 1.0
DVgate Plus
H.264 Decoder (Version: 1.1.0)
HDAUDIO SoftV92 Data Fax Modem with SmartCP
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HijackThis 2.0.2 (Version: 2.0.2)
Image Converter 2 Plus (Version: 2.2.04)
Intel® PRO Network Connections Drivers
InterActual Player
InterVideo WinDVD for VAIO (Version: 5.0-B11.784)
iPod for Windows 2006-06-28 (Version: 4.7.0)
iTunes (Version: 6.0.5.20)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ 6 Update 30 (Version: 6.0.300)
Java™ 6 Update 7 (Version: 1.6.0.70)
Junk Mail filter update (Version: 14.0.8117.416)
LAN Setting Utility
Localization Pack for Microsoft Windows XP Media Center Edition (Version: 1.0.0)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Map Button (Windows Live Toolbar) (Version: 03.01.0146)
mCore (Version: 5.40.0000)
mDriver (Version: 5.40.0000)
Memory Stick Formatter
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 1.1 Spanish Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money (Version: 12.0.120)
Microsoft Money System Pack (Version: 12.0.120)
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Desktop Engine (VAIO_VEDB) (Version: 8.00.761)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MKV Splitter (Version: 1.0.1)
mMHouse (Version: 5.40.0000)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
mPfMgr (Version: 5.40.0000)
mProSafe (Version: 9.00.0000)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (Version: 6.00.3883.8)
mWlsSafe (Version: 9.00.0000)
mXML (Version: 5.40.0000)
My Club VAIO MCE 1.0.0
NVIDIA Drivers
OpenMG Limited Patch 4.4-06-13-19-01
OpenMG Secure Module 4.4.00 (Version: 4.4.00.11241)
PCFriendly
Photodex Presenter
Picasa 2 (Version: 2.0)
QuickBooks Regular Edition 2006
QuickTime (Version: 7.71.80.42)
Registro en línea VAIO (Español) (Version: 4.6.0.0)
RoboForm 7-7-0 (All Users) (Version: 7-7-0)
Roxio DigitalMedia Audio (Version: 2.0.4)
Roxio DigitalMedia Copy (Version: 2.0.4)
Roxio DigitalMedia Data (Version: 2.0.4)
Segoe UI (Version: 14.0.4327.805)
Setting Utility Series
SigmaTel Audio (Version: 5.10.4700.0)
Skype Click to Call (Version: 5.7.8524)
Skype™ 5.5 (Version: 5.5.124)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)
SmartSound Common Data (Version: 1.1.0)
SmartSound Premiere Elements 10 Plugin (Version: 5.70.0001)
SmartSound Sonicfire Pro 5 (Version: 5.7.1)
Software Intel® PROSet/Wireless
Sony MP4 Shared Library (Version: 2.0)
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library (Version: 2.0.01)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware Free Edition (Version: 4.33.0.1000)
swMSM (Version: 12.0.0.1)
UnZip Me (Version: 2.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
VAIO Camera Utility
VAIO Control Center
VAIO Edit Components 6.0 (Version: 6.0)
VAIO Entertainment Platform (Version: 1.3.30.11290)
VAIO Event Service (Version: 2.2.01.11040)
VAIO Hardware Diagnostics
VAIO Media 5.0 (Version: 5.0.10)
VAIO Media AC3 Decoder 1.0
VAIO Media Integrated Server 5.0
VAIO Media Redistribution 5.0 (Version: 5.0.10)
VAIO Media Registration Tool 5.0 (Version: 5.0.00)
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
VAIO Power Management (Version: 1.8.00.12130)
VAIO Product Survey (Version: 1.1.2.1)
VAIO Sea Wallpaper
VAIO Starfish Wallpaper
VAIO Update 4 (Version: 4.0.0.08240)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VOR (Version: 4.6.0.0)
VPS (Version: 1.1.2.1)
WebFldrs XP (Version: 9.50.7523)
Windows Defender (Version: 1.1.1593.21)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20061027.150806)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Favorites for Windows Live Toolbar (Version: 03.01.0146)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format Runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB908250
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPatrol 2009 (Version: 16.1.2009.1)
Wireless LAN Starter
Wireless Switch Setting Utility
Wisdom-soft Set up ScreenHunter 5.1 Free
Wisdom-soft Toolbar (Version: 6.8.0.8)
YouTube Downloader 3.4
YouTube Downloader Toolbar v4.8 (Version: 4.8)

========================= Memory info: ===================================

Percentage of memory in use: 61%
Total physical RAM: 1022.11 MB
Available physical RAM: 398.18 MB
Total Pagefile: 2459.55 MB
Available Pagefile: 1705.27 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.66 MB

========================= Partitions: =====================================

1 Drive c: (VAIO) (Fixed) (Total:46.57 GB) (Free:11.01 GB) NTFS
2 Drive d: (VAIO) (Fixed) (Total:39.6 GB) (Free:2.08 GB) NTFS

========================= Users: ========================================

User accounts for \\SONYLAPTOP

Administrator Alex Asistente de ayuda
ASPNET Celia Guest
Photographer SUPPORT_388945a0 SUPPORT_cbf0f968


**** End of log ****

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.03.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.11
Celia :: SONYLAPTOP [administrator]

03/02/2012 17:31:39
mbam-log-2012-02-03 (17-31-39).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 270155
Time elapsed: 30 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\Celia\Desktop\MiniToolBox.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-03 18:10:52
-----------------------------
18:10:52.593 OS Version: Windows 5.1.2600 Service Pack 3
18:10:52.593 Number of processors: 2 586 0xE08
18:10:52.593 ComputerName: SONYLAPTOP UserName: Celia
18:11:10.843 Initialize success
18:11:19.375 AVAST engine defs: 12020300
18:13:04.093 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
18:13:04.109 Disk 0 Vendor: HTS541010G9SA00 MBZOC65D Size: 95396MB BusType: 3
18:13:04.109 Disk 1 \Device\Harddisk1\DR4 -> \Device\00000097
18:13:04.109 Disk 1 Vendor: ( Size: 95396MB BusType: 0
18:13:04.203 Disk 0 MBR read successfully
18:13:04.203 Disk 0 MBR scan
18:13:04.203 Disk 0 Windows XP default MBR code
18:13:04.250 Disk 0 Partition 1 00 12 Compaq diag NTFS 7153 MB offset 63
18:13:04.406 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 47685 MB offset 14651280
18:13:04.406 Disk 0 Partition - 00 0F Extended LBA 40554 MB offset 112310415
18:13:04.500 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 40554 MB offset 112310478
18:13:04.593 Disk 0 scanning sectors +195366465
18:13:05.000 Disk 0 scanning C:\WINDOWS\system32\drivers
18:15:01.531 Service scanning
18:15:03.703 Modules scanning
18:15:20.453 Disk 0 trace - called modules:
18:15:20.484 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
18:15:20.500 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87109ab8]
18:15:20.500 3 CLASSPNP.SYS[f7602fd7] -> nt!IofCallDriver -> \Device\00000087[0x8715e948]
18:15:20.515 5 ACPI.sys[f7469620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x8710bd98]
18:15:21.875 AVAST engine scan C:\WINDOWS
18:16:22.453 AVAST engine scan C:\WINDOWS\system32
18:21:59.250 AVAST engine scan C:\WINDOWS\system32\drivers
18:22:35.250 AVAST engine scan C:\Documents and Settings\Celia
19:03:19.656 AVAST engine scan C:\Documents and Settings\All Users
19:07:32.515 Scan finished successfully
19:11:52.625 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Celia\Desktop\MBR.dat"
19:11:52.640 The log file has been saved successfully to "C:\Documents and Settings\Celia\Desktop\aswMBR.txt"

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:44 PM

Posted 07 February 2012 - 08:20 PM

Sorry for the delay..
We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 favorito

favorito
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 08 February 2012 - 11:16 AM

Hi boopme, thank you for responding to my problem. I have done as you asked and posted a new topic in that forum. Both DDS and GMER ran successfully, although I had to turn off Avast temporarily because it wouldnt allow me to save the DDS logs.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:44 PM

Posted 08 February 2012 - 04:36 PM

Thank you..
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 2 days and ALL logs are answered.

To avoid confusion, I am closing this topic
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users